AD Protect defends the Active Directory while providing autonomous breach containment, incident response, and threat hunting capabilities. The platform will also show the defender and AD Admin the domain from the attacker’s perspective, allowing for immediate risk mitigation to reduce the attack surface. We combine technologies such as Native Language Processing, obfuscation, and advanced forensics methodologies at the point of a breach.
Using unique IR methodologies specifically designed for a corporate domain environment, AD|Protect effortlessly collects and analyzes forensic evidence from disk and memory, determining if the attack is a local incident or part of a bigger effort. The moment an attack is detected, an alert is triggered from the endpoint, and an on-demand scan of the memory gathers specific forensic information related to the attack.
By automating the forensic process and scanning for the right information only when an attack is detected, AD|Protect monitors the process and hunts it back to patient zero to identify where the attack originated. Then, autonomous features contain the breach in real- time. A variety of mitigation methods are available depending on corporate policy and objective.
CTR stops content threats without having to determine whether data is safe or unsafe. It extracts business information from incoming data and builds new safe data to deliver it. We transform Office, PDF, images and XML / JSON structured data. We also defeat steganography in images.
Deployed in application layer proxies, gateway sidecars or cloud services, CTR defeats sophisticated and zero-day attacks. It is built to withstand attacks directed at it, as all transformed data is verified by our High Speed Verifier – an FPGA based security device providing assured separation between networks.
We provide an autonomous tool works both online and offline to provide a complete prevention against malware and fileless attacks, and implements adversary technique detection and response. It also gives an automated investigation and threat hunting workflows eliminating the biggest barriers to immediate productivity for investigators, hunters, and IT operations along with forensic review feature to exceed adversary dwell time, providing a complete record of critical threat intelligence data. Total Attack Lookback ensures rapid and accurate assessment of the origin and extend of an attack, meets notification requirements, and minimizes exposure to compliance and regulatory violations.
Our offering is revolutionizing the way companies improve breach protection with technology that detects malware- and browser-based attacks and malicious network activity before suffering a costly data breach. And we enable you to do this with fewer resources and at a lower cost than existing malware detection tools.
Our solution has the most effective malware detection you can buy at any price. The foundation of the solution Breach Protection Platform is our network-based malware detection technology, Deep Content Inspection™. It simulates an entire host (including the CPU, system memory, and all devices) to provide a comprehensive analysis of malware.
Deep Content Inspection interacts with the malware and catalogs every action the malware takes. Alternative methods to malware detection, like OS emulation and virtualization, are fooled by sophisticated evasion techniques. They cannot interact with the malware and are easily bypassed, and therefore miss many advanced attacks.