Guest blog: Threat intelligence – a unifying force of the future

Posted by    on   Oct 4, 2019

In a guest blog post VB2019 Platinum partner Reason Cybersecurity looks to the future of threat intelligence.


The advent of the Internet and Internet-enabled technologies not only ushered in the era of cyberattacks, but it also influenced the development of complex systems that are frustratingly and increasingly difficult to secure and protect against these attacks. Recent sobering statistics from Hashed Out attest to this trend: security breaches have increased by 67% in the past five years; cybercrime damages are predicted to reach US$6 trillion by 2021; one in 302 emails targeting public administration users are malicious; ransomware attacks are expected to see a fivefold increase by 2021; in 2019, 1.6 billion email addresses and passwords were exposed in a massive data breach called 'The Collection'; and the list goes on.

In response to these complex and continuously evolving cyber attacks, we have seen a substantial rise in the number of cybersecurity labs around the world, which speaks to the need for a well-established, world-class, 'industrial strength' research lab that is able to identify, detect and protect against malware in real time. Real-time threat detection is an efficient way to fight cybercrime proactively. With real-time protection, we can obtain intelligent, fresh, and actionable information that can be used to counter attacks and repel future attacks. Relentless, targeted, and disruptive cyber threats have become the new digital reality, and they require an equally relentless, directed, and innovative defence.



Against this backdrop of cybersecurity threats, challenges, developments and changes emerged cybersecurity labs, which create safe environments for learning about and engaging in cyber defence-related activities such as malware detection and remediation. These labs are designed to address the always evolving and always critical need for improved cyber threat intelligence, as well as the need for cybersecurity training and education.

Reason Labs is the threat research division of Reason Cybersecurity, a leading cybersecurity company focusing on endpoint privacy protection. Reason’s objective is to address a dynamic threat landscape with advanced and innovative technology and to encourage in-depth digital literacy about today’s cybersecurity issues.


From a private malware sample collection to global threat intelligence

Reason Labs’ massive data collection started 20 years ago when Andrew Newman, then a young cybersecurity researcher, started collecting and classifying malware samples. Those samples eventually became the basis of Reason Labs’ massive data collection and formed the foundation for Reason’s powerful AV engine and cloud detection technology.

Today, using a powerful, robust AV engine, Reason Cybersecurity protects over 100 million users across 180 countries. The engine classifies unknown malware threats and delivers immediate threat alerts by relying on deep intelligence and data analysis along with advanced technologies such as predictive threat determination and contextual reputation metrics.

Reason’s multi-dimensional intelligence is based on the reverse engineering and analysis of cyber attacks, our internal networks, real-time behavioural analysis, and machine learning models developed by some of the best minds in the industry, and provides its users with comprehensive, vigorous protection from both known and zero-day threats. Access to this powerful, multi-layered intelligence is enabled via Reason’s cloud-based API.


Paving the way to better cybersecurity

The intelligence community’s continued and expanding need to improve cyber threat surveillance and detection prompted Reason Labs to share its cyber intelligence, research, and technologies, including its constantly expanding library of cyber threats, and to develop a large network for updating and exchanging security information on an ongoing basis.

Today, sharing among anti-virus labs is becoming more commonplace and contributes to a unique synergy in the cybersecurity intelligence community. Cybersecurity companies are starting to actively collaborate towards a common goal: to develop a powerful and swift defence against a ‘Wild West’ landscape of cybersecurity threats that are increasingly potent and dangerous.


The future of threat intelligence

In spite of this unique synergy and collaboration, the future of threat intelligence is still a pressing issue. Cybersecurity defenders are in a perpetual race to stay one step ahead of threat actors, which means that the need to improve cyber threat detection methods remains both constant and urgent. As one of the leaders in that race, Reason uses cutting-edge technologies such as behavioural analysis, cloud-based security services, and predictive, reputation-based threat intelligence in order to classify, detect and neutralize cyber threats.

Reason is also committed to bolstering the capacity of the cyber intelligence community and devotes its considerable talent, expertise, and resources towards building a future cybersecurity that is stronger, faster, and better prepared to face coming cybersecurity threats.



Latest posts:

New paper: LokiBot: dissecting the C&C panel deployments

First advertised as an information stealer and keylogger when it appeared in underground forums in 2015, LokiBot has added various capabilities over the years and has affected many users worldwide. In a new paper researcher Aditya Sood analyses the…

VB2019 presentation: Building secure sharing systems that treat humans as features not bugs

In a presentation at VB2019 in London, Virtru's Andrea Limbago described how, by exploring data sharing challenges through a socio-technical lens, it is possible to make significant gains toward the secure sharing systems and processes that are vital…

VB2019 presentation: Attor: spy platform with curious GSM fingerprinting

Attor is a newly discovered cyber-espionage platform, use of which dates back to at least 2014 and which focuses on diplomatic missions and governmental institutions. Details of Attor were presented at VB2019 in London by ESET researcher Zuzana…

Why we encourage newcomers and seasoned presenters alike to submit a paper for VB2020

With the call for papers for VB2020 currently open, we explain why, whether you've never presented before or you're a conference circuit veteran, if you have some interesting research to share with the community we want to hear from you!

VB2019 paper: The cake is a lie! Uncovering the secret world of malware-like cheats in video games

At VB2019 in London, Kaspersky researcher Santiago Pontiroli presented a paper on the growing illegal economy around video game cheats and its parallels with the malware industry. Today we publish both Santiago's paper and the recording of his…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.