Dark Cubed is a cyber-security solution that utilizes intelligent automations and smart integrations to help protect your business from online threats.  Firewalls are an important factor of any network security stack, and Dark Cubed works alongside your network security architecture by storing historical data about your network in a usable and understandable format about what is happening on your network.

The information your firewall collects alone isn’t enough to sufficiently protect your network infrastructure.  By using Dark Cubed tools alongside your network security gateway you can see and block incoming threats like Denial of Service attacks, network penetration attacks, potential malware or spyware, and a range of other online dangers.  These constant threats  are the reasons why the cyber threat intelligence market is projected to grow from around $5 billion in 2020 to over $20 billion by 2028.

Dark Cubed calculates a risk score for every device attempting to connect to your network on a scale of 1 to 9.  The most dangerous and obviously high-risk devices are ranked 9.  Over the past six months, the average number of 9s identified at each firewall Dark Cubed is protecting (over 1,000) was 89.  Since Dark Cubed is built for and used exclusively by small businesses, it can be eye-opening to know what an average of 3 very bad things are attempting to connect to the typical small business network each day.

But, what are those “9s”, actually?  Below, we provide some examples of 9-level devices blocked by the Dark Cubed platform on small business networks over the past few months.  Now, not every “9” is necessarily an immediate and existential threat, but as the old saying goes, the bad guys only have to be successful once.

Large enterprises spend hundreds of thousands of dollars on security operations centers with analysts, threat intelligence, SIEM tools, and security orchestration, automation, and response (SOAR) products.  These tools are out of reach for most mid-level and SMB based businesses, which is where Dark Cubed comes in, which enables these markets to also gain the security intelligence tools they need to protect their business!

Dark Cubed provides a scalable, affordable software as a service (SaaS) infrastructure that aggregates logs from your firewalls, distills those logs down into key elements, applies automated threat intelligence and risk scoring, enables notifications, and ultimately automatically blocks threats at your firewall.

By enabling these measures, this tool allows for a view into historical network traffic and a clearer picture of the threat environment your network faces.  By utilizing Dark Cubed tools, we can provide easy to understand reporting that can be delivered to customers and provide security and peace-of-mind.

If you’re interested in learning more about how Natural Networks and Dark Cubed tools can help protect your network infrastructure, give us a call today!

Examples of 9-Level Threats Blocked by the Dark Cubed Platform:

  • An Iranian Telecom company identified for exploiting SQL server vulnerabilities attacking a K-12 school district in the Southeast US
  • A Chinese device associated with brute force attacks (automated attempts to identify weak passwords) also attacking the K-12 school district’s offices
  • A German IP launching a Telnet open port scan and potential SNMP (Simple Network Management Protocol) attack was stopped attempting to connect to an animal hospital in the US
  • A Chinese host scanning for, and then potentially attacking, a web application vulnerability in the ThinkPHP attacking the offices of a specialty pharmacy chain
  • A known phishing site in Germany connecting to the network of a State Regulatory Agency office in the southern US
  • A host - located in the US - associated with brute force SSH attacks (the objective of which is to use the SSH protocol to execute commands on a remote computer) was blocked by Dark Cubed on the network of the offices of a small municipality in the southwest US
  • Servers running Shodan scanning software that catalogs internet-facing devices and software.  Shodan data is used primarily by pen testers and hackers to more efficiently identify their targets.
  • Command and control servers for the Mirai botnet, malware that hijacks target devices and uses them in DDoS attacks
  • A command and control server for Redline Stealer malware, which harvests sensitive information from infected machines