By Tobias Knecht, CEO at Abusix, Inc.
Abusix, based in Karlsruhe, Germany, allows service providers to have access to a workflow that manages abuse reports, identifies abuse by event type and subscriber, and can start a mitigation/remediation process––all from within our fully customizable and integratable abuse handling platform, AbuseHQ.
By allowing previously overrun network abuse teams classify abuse events and distinguish imminent threats, AbuseHQ enables teams to swiftly prioritize the most time-sensitive abuse events. This creates an environment where quickly taking appropriate action becomes the rule rather than the exception.
So, how does it work?
AbuseHQ actually does not detect abuse at all. Instead, AbuseHQ processes, correlates, and clusters abuse reports from a wide variety of reporters and systems. This creates a better picture of the origin of abuse across a wide variety of abuse vectors.
Customers of AbuseHQ are then able to apply their own policy rules against the system generated case classifications and underlying event statistics. These will trigger automated actions, such as: publishing case data to customer service systems, reconfiguring services within provisioning systems and notifying accounts. It’s about empowering the abuse teams with simple tools to do their job effectively.
AbuseHQ is capable of providing a variety of datafeeds based on spam messages, depending on the customer’s needs. Abusix also offers attachments file access, which is derived from our Black and Grey spam feeds. This provides a constant corpus of files for hunting and detonating suspicious attachments, as well as new malware and malware variants.
Furthermore, “special” aggregation file feeds and data streaming are features that are in development and coming soon. Customers can be assured that our data is evolving to meet the needs of the future.
We offer a free 30-day trial of AbuseHQ for companies to see how much of a difference it makes in their network security, even in a short amount of time. Over 70 reputable companies are already benefitting from these processes, including Sophos, Cyren, Kaspersky, McAfee, and Microsoft.
Abusix is also heavily involved in the network abuse community. We are recognized as an authority for our contribution of data to Virus Bulletin, the global benchmarking service for antispam and antivirus security providers (AS/AV). More than two thirds of the leading vendors utilize Abusix Data Services as a primary input into classification and training for their AS/AV products.
Additionally, Abusix hosts or participates in a few free projects such as:
- Abuse Contact DB: A proxy database that allows you to find the reporting address for any IP address to allow you to report network abuse directly to the network owner Global Reporting Project, which is a free reporting service currently in development.
- X-ARF (Extended Abuse Report Format): Started by Abusix and is now on its way to become a rfc standard with great support from Google, Microsoft, AWS, and organizations like MAAWG.
We are delighted to be a part of OX Summit 2017 and we are looking forward to meeting service providers that like to learn more about our solutions.