TREND MICRO | CORETECH 101 2 | CORETECH 101 CORETECH 101 The Core Tech Content Centric Operaons Team is composed of three main reputaon services teams – FRS, WRS, and ERS - that work together to provide threat soluons to customers. By providing an innovave approach to le, URL, and email anal- yses, the teams help customers quickly and eciently resolve issues. Get to know the teams that make up Core Tech — their funcons, case channel links, and case service - level objecves (SLOs)/agreements (SLAs). Contact the right people, submit cas- es to the proper channels, and know the red - agged items that may need to be revisited. This is Core Tech! ERS The Email Reputaon Services (ERS) Team analyzes email and prevents spammed mes- sages from reaching users’ inboxes. While the bulk of spammed messages undergo auto- mated analyses in Taiwan, a certain percent- age of cases undergo manual analysis in the Philippines. Backed by the ERS Technology, the team validates IP addresses by checking these against a reputaon database of known spam sources in real me. The in - the - cloud technology meanwhile helps prevent threats such as zombies or botnets from reaching networks and/or users’ systems. FRS FRS - The File Reputaon Services (FRS) Team provides soluons to users through le anal- yses that result in eecve malware detec- on delivered through paern releases. File analysis is mainly handled through a proacve approach, which includes sourcing and vol- ume processing as well as research and holis- c soluon provision. Customer cases, on the other hand, are reacvely handled through incident management. WRS The Web Reputaon Services (WRS) Team protects users from Web threats and Internet fraud. While the bulk of malicious URLs un- dergo automated analyses in Taiwan, a cer- tain percentage of cases undergo manual analysis in the Philippines. The team scruniz- es and idenes discrepancies in sites by gathering facts, evidence, and background informaon. It also tests the eciency and accuracy of the soluons it delivers. It likewise helps disseminate the latest Internet fraud techniques through blog entries. Team Subgroup Case Submission Channel SLO/SLA ERS Email Reputaon Services HOTLINE: Piranha Team and Spam Invesgator (SI) Hotline: 24 x 7 operaons 63 917 574 9648 1.0 Piranha Team : Invesgates and analyzes email samples. Aer invesgaon, the team creates and tests an - spam rules for the idened spam email samples which will be included in the paern release process and im- plemented to all products using the Trend Micro An - Spam Engine (TMASE). 2.0 Spam Invesgator (SI) Team: Analyzes and invesgates large amounts of IP space and provides IP Reputaon soluon to all spamming stac IP addresses. The team also pro - acvely lists all dynamic IP addresses that can be exploited by spammers. 1.0 AISP (ATSS Internal Submis- sion Portal) Accepted Cases: Spam and false posive (FP) submissions limited to 5MB in size, com- pressed, and password pro- tected. 2.0 PH CS Piranha Query: Mail- box of the Piranha Team Accepted Cases: Quesons on TMASE - related, FP detec- on/submission, and spam detecon/submission con- cerns and sample requests/ inquiries for/on blogging/ Technical Markeng data, spam data, and stascs 3.0 ATSS Submission Tool: A standalone tool that can be used by Approved Pilot PSP customer’s submissions. Accepted Cases: Spam and False Posive submissions 3.1 Spam submissions from approved Pilot customers 3.2 FP submissions from approved Pilot custom- ers 4.0 PH ERS IP Reputaon Query: Mailbox of the SI Team Accepted Cases: Any inquiry about IP reputaon and inquiries from Support/TAM/Regional TrendLabs (RTL) about blocked IPs 1.0 AISP: P0 Cases (Most urgent "business crical" cas- es): 3 - 6 working hours (From AS paern upload to AU upload only) P1 Cases (Cases coming from ERS Pilot Custom- ers and any FP submis- sion based on case severity): 90% detecon rate in 24 working hours P2 Cases (Usual Spam sub- mission and also based on case severity): 80% case closure in 24 work- ing hours to 5 working days 2.0 PH CS Piranha Query: No SLA. 3.0 PH ERS IP Reputaon Query : 3 - hour inial response me aer the receipt of the inquiry.