SAN MATEO, Calif., April 6, 2015 – Norse, the leader in live attack intelligence, today introduced the Norse Appliance™ 10g, a new, high-bandwidth version of its revolutionary dedicated threat intelligence appliance. The new appliance actively monitors inbound and outbound network traffic at up to 10 gigabits-per-second to block advanced attacks. The Norse Appliance 10g’s intelligent threat blocking offloads more expensive enterprise security infrastructure, and can act as an ROI multiplier for existing security controls by blocking attacks these systems miss, and by allowing IT departments to cut costs associated with future hardware purchases and high security analyst caseloads.

“Norse Appliance 10g transforms the way enterprises use threat intelligence, and protects organizations from the fastest-growing class of threats: those from the darknets, including attacks from anonymous proxies like Tor, cloud vectors and compromised embedded devices,” said Tommy Stiansen, CTO and co-founder of Norse.  “Instead of just providing after-the-fact context for SIEM events, Norse real-time intelligence can be applied directly to make faster, better decisions about what to block.  Simultaneously, the Norse Appliance provides pre-enriched, pre-distilled intelligence data for existing enterprise firewalls and SIEMs.  That leads to better threat management overall.”

Until now, most enterprises have been forced to drastically ‘throttle back’ threat intelligence going into firewalls and SIEMs, because those systems don’t have the storage or processing capacity to handle big-data intelligence sources like Norse. This greatly increased risk, even as relevant intelligence about those risks was readily available. With its high-bandwidth, always-on connection to the entirety of the Norse Intelligence Network™ data stream, the Norse Appliance 10g solves this problem.

“Serious data breaches aren’t one-off events anymore. It’s becoming clear that virtually every large enterprise in the world is under sustained, serious attack,” said Wendy Nather, research director of the Information Security practice at 451 Research. “Live threat intelligence is the key to surviving the new digital siege. But in order to be useful, threat intelligence needs to be as complete and relevant as possible. New offerings like the Norse Appliance 10g are becoming must-have tools for defending modern organizations on the Internet.”

The Norse Appliance not only preemptively blocks risky connections, it also logs interactions with threat actors and analyzes network traffic, then sends distilled, pre-enriched events to the existing SIEM. The result is better, more actionable threat intelligence and much faster, more responsive SIEMs that aren’t burdened with processing the big datasets inherent in modern threat intelligence.

The Norse Appliance 10g can be deployed in-line “in front” to offload perimeter security devices or “in back” to catch malicious traffic that current systems miss.  It can also be deployed in a monitoring mode to audit and record interactions with bad actors and malicious web pages.  Installation and setup is even easier than before, and most customers can have their new Norse Appliance 10g up and running the day it arrives.

The new product also includes a premium version of the popular Norse Live Attack Map (  The map displays cyber attacks in real time, giving security operations centers up-to-the-second visualizations of threats all over the world, and provides the rich context today’s SOC professionals need to pre-empt attacks.


The new Norse Appliance 10g is available now as a rack-mounted 1U hardware appliance or virtual machine. The 1 Gbps Norse Appliance 1g (originally known as DarkWatch) is also available. To order, or for a demonstration or quote, please email [email protected]

Norse at RSA

Norse will be showcasing the new appliance alongside a full range of other Norse enterprise threat intelligence offerings in Moscone South Expo Hall booth 2145 during the upcoming RSA® Conference 2015 in San Francisco, April 20-24.

About Norse

Norse is the global leader in live attack intelligence, helping companies block the threats that other systems miss. Serving the world’s largest financial, government and technology organizations, Norse intelligence dramatically improves the performance, catch-rate, and return-on-investment of your existing security infrastructure. The Norse Intelligence Network, a globally-distributed “distant early warning” grid of millions of sensors, honeypots, crawlers, and agents, delivers unmatched visibility into difficult-to-penetrate geographies and darknets, where bad actors operate. Norse processes hundreds of terabytes daily against a seven-petabyte attack history database, and weighs over 1,500 variables to compute real-time risk scores for millions of IP addresses and URLs every day.  For more information, visit

Media and analyst contact:

Patrick Corman
Corman Communications, LLC

650-465-5973 (mobile)