ISP network abuse teams are faced with network abuse attacks that are escalating on a daily basis. Akamai’s 2016 State of the Internet Security Report shows there has been a 125% increase in Distributed Denial of Server (DDoS) attacks, a 26% increase in web application attacks, and 50% of bot traffic was identified as malicious.
This increase in abuse is reflected in the flood of reports a network abuse team has to handle on a day-to-day basis, with teams managing to only get through 60% of their daily reports. Companies like Abusix have specialist products like AbuseHQ, which quickly reveals insights that are buried within your noisy network abuse reports and help to reduce your abuse and support ticket volume. It does this in a number of ways:
Threat Intelligence: Clarifying and providing insights
One of the biggest problems with a huge report load is that it is almost impossible to differentiate between priority reports and reports which can be dealt with later. AbuseHQ automatically classifies over 31 events to help your team understand the nature of the type of abuse event. The Abusix engine does this by performing continuous, integrated abuse and threat processing both in real-time and retrospectively, allowing your team to gain insights buried deep inside of your noisy network’s abuse data.
Functionality: Organizing and managing tickets
Instead of a constant flow of noisy incident messages streaming into your ticketing system, AbuseHQ can place a well-attributed case into your ticketing system triggered by a transition. Then either a webhook or email integration with your ticketing system can push the information upstream. The result is that your team ends up with fewer and clearer tickets and improved actionability.
Functionality features that improve managing abuse reports include:
- All network abuse statuses are presented in real-time, filtered by various time periods.
- Network reporting and customer search functionality automatically correlates and clusters events with real-time filtering and sorting.
- Your abuse team can view the network using 11 parameters, 14 filters and hundreds of other one-click sub-filters.
- It is also possible to view an individual customer’s IP resource usage and 31 different types of abuse event details in real-time.
- A mailbox feature also provides an overall view of all the messages and reports that AbuseHQ has received.
Workflows: Sorting event types
Case workflow management allows each AbuseHQ user to transition cases through different states manually or automatically. This enables administrators to configure actions for each case, thereby configuring escalated actions with each stepped increase in event volume or event type. Workflows enable abuse teams to handle customer abuse events singly, in bulk, by event type, source or infection type.
AbuseHQ: One platform for faster insights and better decisions
AbuseHQ from Abusix puts you back in control by helping to identify and shut down network abuse at its source. It does this by collecting and analyzing data related to network attacks and other abuse incidents. It then automatically extracts, compiles, and organizes event data into cases that can be accessed through Abusix’s Web Frontend and the Abusix Open API.
AbuseHQ gives you all the clarity you need to take action with:
- One easy-to-use platform which puts all your inbound network abuse, security reports, metrics, and actions in one place.
- Faster insight via intelligent notifications that provide you with the information that you need to make faster and smarter decisions.
- Improved data that ensures you quickly discover insights that would normally be buried inside your noisy network abuse reports and security alerts – allowing you to take real-time decisive action that improves your business service and customer safety.
- Smart flexible integration allows you to map existing processes with full integration and flexible handling policies – allowing you to resolve up to 99% of network abuse incidents.
To find out more about how you can proactively protect your ISP from network abuse, download this free e-book from Abusix: