Kaspersky Threat Attribution Engine
Prior knowledge as a strategic advantage
Identify the threat actor behind an attack
The Kaspersky Threat Attribution Engine incorporates a database of APT malware samples and clean files gathered by Kaspersky experts over 22 years. We track 600+ APT actors and campaigns with 120+ APT Intelligence Reports released every year. Ongoing research ensures the relevance of our APT collection that currently contains 60K+ files. Our unique proprietary method of comparing samples and searching for similarities ensures a high attribution rate and brings down false positives almost to zero.
Understand whether you’re a target – or a secondary victim
The average time from detection to response of highly sophisticated threats is usually too long, due to complex investigation and reverse engineering processes. In today’s digital era, organizations are obliged to instantly investigate and prioritize all alerts, and accelerate the time to response. Correct and timely attribution helps to shorten incident response times and also reduces the number of false positives, helping to prioritize incidents based on their risk level.
Set up proper containment and response procedures
The Kaspersky Threat Attribution Engine can be complemented with a subscription to Kaspersky’s APT Intelligence Reporting, which provides detailed information about related APT actors. As a subscriber to these unique reports, you receive ongoing access to our APT investigations and discoveries, including all those threats that will never be made public. Using this information, you can block advanced attacks via known vectors, minimize any potential damage and enhance your overall cybersecurity strategy.
Let’s start a conversation! To talk to one of our experts about how Kaspersky can inform your corporate security strategy, please get in touch.