Guest blog: Threat intelligence – a unifying force of the future

Posted by    on   Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.


The advent of the Internet and Internet-enabled technologies not only ushered in the era of cyberattacks, but it also influenced the development of complex systems that are frustratingly and increasingly difficult to secure and protect against these attacks. Recent sobering statistics from Hashed Out attest to this trend: security breaches have increased by 67% in the past five years; cybercrime damages are predicted to reach US$6 trillion by 2021; one in 302 emails targeting public administration users are malicious; ransomware attacks are expected to see a fivefold increase by 2021; in 2019, 1.6 billion email addresses and passwords were exposed in a massive data breach called 'The Collection'; and the list goes on.

In response to these complex and continuously evolving cyber attacks, we have seen a substantial rise in the number of cybersecurity labs around the world, which speaks to the need for a well-established, world-class, 'industrial strength' research lab that is able to identify, detect and protect against malware in real time. Real-time threat detection is an efficient way to fight cybercrime proactively. With real-time protection, we can obtain intelligent, fresh, and actionable information that can be used to counter attacks and repel future attacks. Relentless, targeted, and disruptive cyber threats have become the new digital reality, and they require an equally relentless, directed, and innovative defence.



Against this backdrop of cybersecurity threats, challenges, developments and changes emerged cybersecurity labs, which create safe environments for learning about and engaging in cyber defence-related activities such as malware detection and remediation. These labs are designed to address the always evolving and always critical need for improved cyber threat intelligence, as well as the need for cybersecurity training and education.

Reason Labs is the threat research division of Reason Cybersecurity, a leading cybersecurity company focusing on endpoint privacy protection. Reason’s objective is to address a dynamic threat landscape with advanced and innovative technology and to encourage in-depth digital literacy about today’s cybersecurity issues.


From a private malware sample collection to global threat intelligence

Reason Labs’ massive data collection started 20 years ago when Andrew Newman, then a young cybersecurity researcher, started collecting and classifying malware samples. Those samples eventually became the basis of Reason Labs’ massive data collection and formed the foundation for Reason’s powerful AV engine and cloud detection technology.

Today, using a powerful, robust AV engine, Reason Cybersecurity protects over 100 million users across 180 countries. The engine classifies unknown malware threats and delivers immediate threat alerts by relying on deep intelligence and data analysis along with advanced technologies such as predictive threat determination and contextual reputation metrics.

Reason’s multi-dimensional intelligence is based on the reverse engineering and analysis of cyber attacks, our internal networks, real-time behavioural analysis, and machine learning models developed by some of the best minds in the industry, and provides its users with comprehensive, vigorous protection from both known and zero-day threats. Access to this powerful, multi-layered intelligence is enabled via Reason’s cloud-based API.


Paving the way to better cybersecurity

The intelligence community’s continued and expanding need to improve cyber threat surveillance and detection prompted Reason Labs to share its cyber intelligence, research, and technologies, including its constantly expanding library of cyber threats, and to develop a large network for updating and exchanging security information on an ongoing basis.

Today, sharing among anti-virus labs is becoming more commonplace and contributes to a unique synergy in the cybersecurity intelligence community. Cybersecurity companies are starting to actively collaborate towards a common goal: to develop a powerful and swift defence against a ‘Wild West’ landscape of cybersecurity threats that are increasingly potent and dangerous.


The future of threat intelligence

In spite of this unique synergy and collaboration, the future of threat intelligence is still a pressing issue. Cybersecurity defenders are in a perpetual race to stay one step ahead of threat actors, which means that the need to improve cyber threat detection methods remains both constant and urgent. As one of the leaders in that race, Reason uses cutting-edge technologies such as behavioural analysis, cloud-based security services, and predictive, reputation-based threat intelligence in order to classify, detect and neutralize cyber threats.

Reason is also committed to bolstering the capacity of the cyber intelligence community and devotes its considerable talent, expertise, and resources towards building a future cybersecurity that is stronger, faster, and better prepared to face coming cybersecurity threats.



Latest posts:

VB2019 paper: Spoofing in the reeds with Rietspoof

In a VB2019 paper Avast researchers Jan Sirmer, Luigino Camastra and Adolf Středa revealed full details of the Rietspoof malware. Today we publish their paper and the recording of the presentation given by Jan and Luigino in London.

New paper: Behind the scenes of GandCrab's operation

The GandCrab ransomware regularly updated itself to newer versions to stay ahead of decryptors released by security researchers, and regularly included taunts, jokes and references to security organizations in its code. In a new paper, the AhnLab…

VB2019 paper: King of the hill: nation-state counterintelligence for victim deconfliction

At VB2019 Juan Andres Guerrero-Saade looked at nation-state actors using threat intelligence for victim deconfliction. Today we publish both his paper and the recording of his presentation.

The VB2020 call for papers - how it works

With the VB2020 Call for Papers now open, we explain how the selection procedure works, which may help you during your abstract submission.

VB2019 presentation: Targeted attacks through ISPs

In 2019 we saw a rise in the number of targeted malware infections spread via ISPs and service providers. In a last-minute paper presented at VB2019 in London, Kaspersky researcher Denis Legezo discussed the details of a number of such cases. Today…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.