Symantec to provide DOD with threat information


Adding a twist to the notion of "public private partnerships," a deal between Symantec Corp. and the U.S. Department of Defense (DOD) will provide the U.S. government with intelligence gathered from the Cupertino, California, company's DeepSight threat and vulnerability alert services.

The three-year deal will provide "actionable intelligence" from Symantec about computer vulnerabilities and developing computer attack activity to the DOD's Computer Emergency Response Team (CERT).

That information will then be used to create security recommendations for protecting IT assets within the DOD, Symantec said.

The CERT is run by the Defense Information Systems Agency (DISA), a combat support agency within the DOD.

DISA was not immediately available for comment and Symantec declined to say how much the DOD contract is worth.

The DOD is subscribing to both the DeepSight Threat Management and Alert Services, according to Symantec. DeepSight Threat Management uses a network of more than 19,000 sensors such as firewalls and intrusion detection sensors (IDS) worldwide to track evolving computer attacks.

DeepSight Alert Services track software vulnerabilities in 3,200 commonly used software products, sending vulnerability alerts to subscribers using a variety of electronic means such as e-mail, fax, and short message service (SMS).

Despite the sensitive nature of its work, the DOD will receive the same information as Symantec's other DeepSight subscribers, according to Tom Resau, a spokesman for Symantec.

While it might seem strange for a leading defense agency to contract with a private company to provide intelligence information, Resau said that DISA will not rely solely on DeepSight for cyber protection.

Instead, the DeepSight information will complement other, proprietary and off-the-shelf security systems that are already in place at the agency, Resau said.

"(The DOD) has a huge base of assets to preserve and protect. They're looking at every new technology that comes down the pipeline," he said.

The DeepSight services will give the DOD more timely information on emerging viruses and enable the agency to confirm whether attacks they're seeing are also affecting organizations in the private sector according to Brian Finan, director of strategic programs and homeland security at Symantec.

"DISA will receive information from DeepSight alert and notify (military departments) what they need to be aware of," Finan said.

In cases where vulnerabilities are actively being exploited, the DeepSight service will give the DOD a head start on protecting or patching vulnerable systems, Finan said.

The DOD was already a Symantec customer, tapping the company for antivirus technology and information from the Bugtraq software vulnerability discussion list, which Symantec acquired with its purchase of SecurityFocus Inc. in July, Finan said.

The new arrangement will tie those services together more closely while adding a managed security services component from Symantec's acquisition of Riptech Inc., also in July, Finan said.

Symantec worked through defense contractor Northrop Grumman Corp. to get the DOD contract. Symantec relied on that company's status as a DOD information assurance contract holder and extensive relationship with the agency to get Symantec's DeepSight technology evaluated for the program.

Despite the fact that DeepSight is not a "military grade" intelligence service, Symantec is hoping that its relationship with the DOD will open the door to similar contracts with other federal, state and local agencies that are looking for better vulnerability and attack alert information, Resau said.

After the DOD, the new Department of Homeland Security is a likely candidate for Symantec's DeepSight services, Finan said.

Like the DOD, some of the agencies that now make up the DHS are already Symantec customers for services such as antivirus protection or managed security services, Finan said.

"What we think we're going to see happen is the Department of Homeland Security taking look at how DOD does information security and looking at this (deal) to see if it has benefits," he said.

Free Course: JavaScript: The Good Parts
View Comments
You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies