The Defense Information Systems Agency (DISA), the U.S. military’s lead agency for communications and information technology, has selected Symantec’s DeepSight Threat Management System and DeepSight Alert Services to serve as key early warning security solutions delivering actionable to DISA’s Department of Defense Computer Emergency Response Team (DOD-CERT) on global cyber attack activity and vulnerability risks.
Under terms of a three-year agreement, DISA will utilize real-time threat and vulnerability intelligence reports generated by Symantec to issue security recommendations and protect extensive IT assets throughout the Department of Defense (DOD) from malicious code and intrusions. Financial terms of the deal were not disclosed.
The Symantec products were selected for use through Northrop Grumman Information Technology, an I-Assure contract holder with DISA.
“DISA’s holistic security strategy utilizes early warning notifications to complement existing security resources,” said Mark J. Bogart, chief of contracts, National Capital Region, DISA. “Incorporating worldwide attack intelligence and vulnerability discoveries into ongoing infrastructure protection effectively manages risks posed by novel and sophisticated threats.”
The agency receives custom intelligence updates from the DeepSight Threat Management System, which aggregates attack data from 19,000 sensors, including multiple vendors’ intrusion detection and firewall products, in more than 180 countries. The program complements DISA’s threat notifications by tracking vulnerabilities in more than 13,000 versions of 3,200 products from more than 1,600 vendors and by sending custom vulnerability alerts to DISA via email, fax, SMS or voice communication.
“Given the extensive base of IT assets DISA maintains and protects within the Defense Department, the combination of Symantec DeepSight Threat Management System and Symantec DeepSight Alert Services provides a comprehensive and prioritized view not only of immediate Internet attack data, but also vulnerabilities pertaining to specific network components,” said Brian J. Finan, Symantec’s director of strategic programs and homeland security.
The DeepSight Alert Services provides personalized vulnerability and malicious code alerts to bridge the gap between security awareness and action. By providing detailed notification of potential threats as they are identified, the service delivers actionable information that maximizes IT resources and helps users mitigate vulnerabilities before they can be exploited.
The Symantec DeepSight Threat Management System tracks security on a global basis, providing early warning of active attacks. With personalized notification triggers and expert analysis, the system enables enterprises to prioritize IT resources in order to better protect critical information assets against potential attacks.