The "Kneber" BotNet - A ZeuS Discovery and Analysis White Paper

The "Kneber" BotNet - A ZeuS Discovery and Analysis White Paper

On Tuesday, January 26th, 2010, as part of routine analytic tasks related to an evaluation of an enterprise network, NetWitness discovered a 75+ gigabyte cache of stolen data - the result of the activities of an unknown miscreant using a large botnet to control and monitor more than 74,000 compromised PCs. This compromise was discovered by using NetWitness NextGen™ to identify and observe a known member of an existing botnet downloading a new executable. NetWitness provides a series of security analytic applications based on a patented network forensic engine. The use of network forensic methods enables analytic paths and detective capabilities which are specifically required to deal with advanced threats.

CLICK HERE to download white paper.

NetWitness Solution Categories

508 Compliance

Cyber Security

E-discovery

Intrusion Detection/Prevention

Metadata Modeling

Operational Security

Contact NetWitness

10700 Parkridge Blvd, 6th Floor
Reston, VA 20191

703.889.8950

http://www.netwitness.com

NetWitness White Papers

White Paper: A Real-Time Approach to Continuous Monitoring

White Paper: Can I Get A NetWitness? I Once Was Blind, But Now I See (Everything)

White Paper: IT-Harvest - Intelligent Analysis: The NetWitness Difference

White Paper: Growing Risk of Advanced Threats

White Paper: The "Kneber" BotNet - A ZeuS Discovery and Analysis White Paper

NetWitness Case Studies

Case Study: The Power of Investigator Freeware

Case Study: A United States Government Case Study

NetWitness Videos

NetWitness Interview - December 2010

NetWitness News

Coming Soon!

NetWitness Presentations

Coming soon!

NetWitness Press Releases

Press Release: RSA NetWitness Wins Best Live Demo Award at GTRA SecureGOV Council Meeting

Press Release: EMC Acquires NetWitness

Press Release: NetWitness Broadens Its Product Portfolio to Support Cloud and Virtualized IT Service Models

Press Release: NetWitness Introduces Revolution in Signature-Free Identification of Malware

Press Release: NetWitness Selected by AlwaysOn as a Venture Summit Mid-Atlantic 100 Winner

Press Release: NetWitness Named 3rd Fastest Growing Company in The Washington DC Area

Press Release: NetWitness Announces Massive Expansion of NetWitness Live

Press Release: 2nd Annual NetWitness User Conference -- October 25th and 26th, Washington, D.C.

Press Release: NetWitness Announces New Platform Options for the Award Winning NetWitness NextGen Solution

Press Release: Ponemon Institute Discovers Majority of Business Leaders Underestimate Risk of Advanced Cyber Threats

Press Release: NetWitness Announces Availability of Visualize – A New Paradigm in Network Visibility and Situational Awareness

Press Release: NetWitness Teams with RSA to Provide Real-Time Situational Awareness

Press Release: NetWitness Discovers Massive ZeuS Compromise

Press Release: NetWitness Receives U.S. Patent for Network Analysis

Press Release: Summit Partners Invests in NetWitness Corporation

Press Release: NetWitness Voted “Best Live Demonstration”

Press Release: NetWitness Announces Partnership with Targaid Trusted Systems