Navigator.Efficiency.Intelligent.Technology.Hope
Navigator
Efficiency
Intelligent
Technology
Hope
NEITHNET is composed of a group of experts passionate in information security who specialize in advanced insights into hidden cyber threats and are highly familiar with the offensive and defensive language of the future world. On a daily basis, our world-class information security laboratory (NEITHCyber Security Lab) processes huge amounts of information from all sources; just when you feel like you’re searching for clues like a needle in a haystack, we ‘ve already discovered the threat way ahead of time. NEITHNET's service scope is centered on cyber threat intelligence and extends to MDR real-time monitoring, network traffic analysis , dns security, information security diagnostics, and various information security incident processing and forensic services, etc., helping customers guard against ubiquitous cyber threats.
Careers

News
Webinar:【情資在地化 防禦更進化】線上講座
2022/08/08
★ 議程大綱 ★
威脅情資在資安防禦上是重要的一環,全球化的威脅情資是否適合於台灣?
沒有驗證過的威脅情資有助於提升資安防禦嗎?
此議程中將與你分享透過打造威脅情資驗證平台,除有效收集威脅情資外,
還能篩選出適用於台灣各產業的威脅情資,有助於提升防禦能量。
★ 議程內容 ★ 【情資在地化 防禦更進化】
想鎖定更多最新消息資訊,歡迎點選『NEITHNET 騰曜網路科技』Facebook粉絲專頁按讚!即可隨時獲得第一手消息唷~
NEITHViewer 透視駭客滲透足跡 強化企業內網安全
2022/07/28
當前企業IT環境的資安防禦皆由異質供應商的軟硬體所組成,就算建置SIEM平台蒐集日誌,其關聯分析仍著重於南北向網路傳輸行為,缺乏內網環境東西向活動的可視性,一旦企業網路遭受入侵,便難以察覺內網異常行為。為此,NEITHNET自主研發的「NEITHViewer網路惡意威脅鑑識軟體」可同步監控橫向擴散與縱向流量,一旦發現威脅入侵,NEITHViewer即可協助IT人員檢視端點環境惡意程式滲透入侵的漏洞、橫向擴散手法,釐清第一台被滲透的端點、攻擊程式、行為模式,精準追蹤可疑足跡,提高內網環境橫向流動的可視性與辨識度。
從近幾年企業爆發的重大資安事故可發現,攻擊者滲透成功取得灘頭堡後,下一步即是橫向移動,伺機竊取機敏資料並回傳到中繼站,等待時機進行勒索。因此,企業必須有能力及早偵查發現並從中阻斷攻擊,才能免於重大風險與損失。NEITHViewer整合Netflow與網路封包行為內容,並搭配精準即時的在地化情資,協助企業監控與判讀攻擊活動,一旦發現可疑數據或橫向移動行為,立即發出告警通知IT人員;並能透過回顧歷史資料,看到攻擊破口,及內部有那些對象受到影響,大幅降低釀成資安事故的風險。此外,NEITHViewer提供整合資訊可視化報表,讓IT人員一目了然,輕鬆掌握內網即時情況。
NEITHViewer同時採用Netflow與Traffic Mirroring,有效補足了其它資安設備欠缺的內網環境監控能力。相較Mirroring,部署NEITHViewer採用Netflow方式較為單純,把網路設備設置日誌拋送的位址指向NEITHViewer即可彙整所有資料。之後再與NEITHNET豐富、即時且精確的威脅情資(NEITHInsight)作分析比對,針對高風險指數再做進一步分析,逐步拆解找出那些外部惡意IP位址在攻擊企業內部,釐清感染範圍。此外,NEITHViewer具有機器學習演算模型實作分析引擎,可依據主機或網路流量行為,學習行為模式,有助於判讀Netflow資料,掌握網路連線細節,釐清擴散感染的行為。
NEITHViewer有效提供企業以更簡潔、快速、精確的方式,提早預警、搶先發現主機異常行為與流量,甚至在網路內進行的弱點攻擊、掃描等行為,確保重要主機資料安全與網路安全,協助企業大幅減輕資安管理上的負擔與壓力,讓企業IT人員心無旁騖衝刺重要業務,創造更大的IT價值。
新聞來源:資安人
NEITHNET’s total defense solution lends enterprises a hand fighting unknown network threats
2022/06/16
Increasing cybersecurity threats are
now looming over almost every country around the world. In addition to losses
claimed by ransomware everywhere, cyberattacks are intensified when enterprises
have to rely on “alternate office hours” and “work from home” to keep Covid-19
at bay. Soaring cybersecurity incidents due to phishing emails are wreaking
havoc on businesses. NEITHNET, one of the leading defense brands is launching
its own solutions including NEITHInsight for collecting data about network
threats, NEITHSeeker for Managed Detection and Response (MDR), NEITHViewer for
information security event management platform and NEITHDNS to help enterprises
in improving their information security resilience by focusing on the
vulnerability of the latter.
The NEITHInsight is excellent in combining global and huge amount of
localized information to identify attacks addressing the environment in Taiwan
and speed up the detection of ransomware and malwares. The NEITHInsight can
work with existing information security devices, including firewalls, Unified
Threat Management (UTM) and Intrusion Prevention System (IPS), in enterprises’
IT environment to better their capabilities in detecting and fending off
external attacks and threats timely by connecting to and feeding information in
NEITHInsight.
Regarding the enterprises’ lack of manpower to maintain information
security terminals, the MDR service model provided by NEITHSeeker, based on
self-developed technologies of NEITHNET has been designed to guide IT personnel
to react to alerts for high-risk and abnormal activities. Once alerted,
information security experts on 24x7 standby will prepare investigation reports
for IT personnel. The latter then accepts the report and selects options
provided to take steps to troubleshoot anomalies. This not only relieves the
burden suffered by administrators for safeguarding operating terminals’
security but also effectively reduces information security risks.
The highly appreciated NEITHViewer by enterprise users are aimed to
help IT personnel to track the entire route taken by cyberattacks and raise
their visibility of lateral movements in the intranet. The NEITHSeeker defeats
cyberattacks waged by hackers before the NEITHViewer can track the environment
vulnerability of the terminal environment exploited by malwares, learnt about
mechanism employed for lateral expansion and identified the very first device
being penetrated and profiled the attacking programs and behavior patterns.
Further, NEITHDNS is assisting enterprises to block fraud, phishing websites,
malicious links and other security issues from DNS at the first time and
sparing IT administrator's time and efforts on information security management
and training.
Faced by ever-changing information security and attack methods, enterprises must strive to improve their self-defense capabilities. Based on years of technologies and experiences by fighting cybersecurity battles, NEITHNET has built up a total network defense systems centered on the threat information cored NEITHInsight and supported by NEITHSeeker, NEITHViewer and ENITHDNS to enhance their information security resilience. It is the best choice against cyber threats.
NEITHNET 推出M+服務 解決企業資安人才缺乏弱點
2022/06/15
NEITHNET 全套式防禦 缺資安人力也能完美駕馭
2022/05/01
以Omicron變種為主的疫情正方興未艾,與此同時,以獲利為目的的網路攻擊卻趁著企業員工採取分流、異地、居家辦公期間,大舉利用社交工程手法發動釣魚郵件,依據台灣本土文化、習慣用語、熱門時事議題設計郵件主旨與內文,吸引用戶點選夾帶惡意程式的附加檔,抑或是內文中嵌入導向釣魚網站的連結,導致資安事故自疫情以來持續激增,讓企業損失慘重。
深耕台灣市場的NEITHNET騰曜網路科技,在島內部署大量誘捕系統(Honeypot)蒐集了豐富的在地化威脅情資,相當熟悉專門針對台灣所設計的本土社交工程手法。NEITHNET騰曜網路科技技術經理Peter指出,從近期資安實驗室(NEITHCyber Security Lab)掌握的惡意樣本發現,駭客攻擊通常會先利用晚上或假日離峰時段,透過掃描工具窺看系統,一旦發現資安設定配置不當的漏洞,隨即執行滲透。對於此類IT人力有限、未設立專屬資安人員的單位而言,正可藉由騰曜網路科技自主研發的解決方案,來輔助控管風險並最大程度降低營運傷害。
三大關鍵技術助企業增強資安韌性
NEITHNET騰曜網路科技自主研發的解決方案,涵蓋NEITHInsight網路威脅情資、NEITHSeeker託管式偵測及回應(MDR),以及NEITHViewer資安事件管理平台。Peter說明,主軸是以NEITHInsight為核心進行情資收集,經過資安實驗室(NEITHCyber Security Lab)整理轉換成入侵指標(IOC),再讓企業IT環境既有部署的防火牆、統一威脅管理(UTM)、入侵偵測系統(IPS)等資安設備,得以介接餵入NEITHInsight提供的情資,提升企業IT環境對於外部攻擊威脅滲透入侵的偵測與即時攔阻能力。例如,偵測發現DDoS攻擊活動的來源IP位址,防火牆設備可逕行阻斷,減少分析比對需耗用的運算資源。
在方案中最受企業用戶讚賞的當屬NEITHViewer。過去NEITHViewer管理平台主要蒐集騰曜自家解決方案的日誌,依照企業IT維運需求進行關聯分析並呈現狀態指標,近期則功能再提升,除了原有利用設備導入Netflow流量進行分析再納入了流量複製(Traffic Mirroring)深度封包解析,並且搭配NEITHSeeker回應機制,強化對內網擴散的阻斷能力。
集網路封包,並根據多數網路設備支援的Netflow流量內容取得連線相關內容,並同時透過NEITHNET情資比對,當下立即可判定端點的連線請求目的地是否為惡意網站,同時檢查東西向的連線活動,諸如由惡意程式所發起的端點間橫向連線請求,或者利用Windows內建遠端桌面(預設3389連接埠)接取其他端點,但不符合平時習慣性的活動模式,NEITHViewer可全程掌握攻擊活動行徑。
收到告警後,IT或資安人員可透過NEITHViewer查看細節,檢視端點環境惡意程式滲透入侵的漏洞、橫向擴散採用的手法,釐清第一台被滲透的端點、攻擊程式、行為模式,再運用NEITHSeeker執行回應,讓攻擊活動以失敗收場。