Integration Partners

Damballa Network Security Integration Partners

Advanced malware attacks have become the weapon of choice for criminal organizations seeking both automated and directed platforms for cyber threats. In fact, almost every enterprise network is already compromised by hidden malware that enables unauthorized criminal remote control.
Every one of these breaches is another hidden avenue for industrial espionage, identity theft, access to financial systems and more. That's why leading companies, ISPs and telecommunications service providers rely on Damballa to enhance their existing network and security solutions.

Damballa delivers critical detection and threat termination for botnets, APTS and advanced malware threats that rely on network-based Command-and-Control (CnC) communications. Specifically designed for simple, transparent integration, Damballa delivers advanced threat monitoring and network forensics that can provide alerts and critical threat detail to existing security infrastructure solutions. As a result, it improves overall security and remediation workflow without impacting normal network operations.

Damballa is proud to have partnered with leading network security solution providers to deliver a seamlessly integrated advanced cyber threat solution.

ArcSight® - SIEM Integration

As a member of the ArcSight® Common Event Format (CEF) program, Damballa Failsafe is ArcSight CEF Certified and integrates with the ArcSight Security Information and Event Management platform. The Damballa CnC detection and termination technology compliments the unique abilities of the ArcSight solution to manage advanced persistent threats, by providing critical forensic details associated with which hosts have been compromised and the related CnC activity.

Blue Coat® - Secure Web Gateway

Founded in 1996, Blue Coat provides the Application Delivery Network (ADN) infrastructure to more than 15,000 customers worldwide, including 81% of the Fortune® Global 500. We also maintain support centers in Sunnyvale, London, Tokyo, Kuala Lumpur, Waterloo and Dubai. Our experience, backed by a worldwide support team, means we can provide the application-level availability, security and acceleration with comprehensive visibility and user control our customers need. We have approximately 1,500 employees in locations worldwide.

Lancope® - Network Behavior Integration

Damballa identifies botnet, APT and next generation malware activity that has compromised hosts within an enterprise network and presents these alerts to the Lancope® StealthWatch netflow analysis system. Lancope customers then benefit from the ability to pinpoint the netflow activities that led to the compromise for each infected host, and can track the potential spread of the attack by examining additional netflows related to the breach.

PerfTech® - Subscriber Notification Integration

PerfTech, the leading supplier of in-browser subscriber communications, enables Internet Service Providers (ISPs) to proactively alert targeted subscribers to time-sensitive issues regarding their service. Damballa CSP identifies and reports subscribers' cyber threat activity including threat type and risk, then suggests removal options to PerfTech's Bulletin System. Based on this input, PerfTech formulates an in-browser alert for the subscriber that contains personalized, detailed information on the appropriate remediation process for the respective threat. Combining the rapid threat detection capability of Damballa CSP with the automated subscriber notification features of PerfTech's patented Bulletin System provides carriers with a powerful weapon in the fight against cyber crime. PerfTech is headquartered in San Antonio, Texas.

Q1 Labs® - SIEM Integration

As a certified partner in Q1 Labs Security Intelligence Partner Program, Damballa integrates with Q1 Labs' open protocols, including LEEF (Log Event Enhanced Format) – the primary protocol utilized in security information and event management (SIEM) and log management deployments. This integration allows for more powerful correlation of security and application layer event data, including the ability to leverage the full extent of Damballa solutions that detect threats. Customers benefit from this partnership by correlating alerts generated by Damballa Failsafe with other activity in Q1 Labs’ Security Intelligence Platform.