Rapid7 integrates CounterTack’s behavioral-based memory analysis engine to improve detection of advanced malware and threat indicators
Waltham, MA – CounterTack, the exclusive provider of the one true memory analysis platform for the enterprise, announced today that Rapid7 has joined CounterTack’s Digital DNA® (DDNA) Ecosystem. The DDNA Ecosystem offers partners integration with the industry’s sole comprehensive behavior-based memory analysis intelligence engine, Digital DNA (DDNA). Rapid7 is the newest partner to join CounterTack’s DDNA ecosystem, integrating DDNA technology into its Rapid7 Insight platform. Rapid7 joins Symantec, Digital Guardian, and others who have joined the DDNA ecosystem since its inception earlier this year.
DDNA is the only patented memory analysis technology that automatically reverse-engineers memory images, examining code for potentially malicious behavioral traits & threats. DDNA leverages a cloud-enabled easy-to-deploy, memory-based endpoint threat scanning solution to assess endpoints for malware infections and other indicators of compromise. DDNA integrates seamlessly into products and services via API, driver and library, offering immediate value to improve threat detection and value for service offerings.
Rapid7’s Insight platform transforms security and IT data from across the enterprise into answers and actions that reduce risk and increase IT and security operations productivity. Processing more than 56 billion events and monitoring millions of assets daily, the Insight platform is the first to unify solutions for vulnerability management, user behavior analytics (UBA), SIEM, IT log analytics, and application security. To date, Rapid7 has integrated CounterTack’s memory forensics library into its managed detection and response (MDR) offering, which provides 24×7 incident detection and response on applications, endpoints, and assets within organizations, including those in the cloud.
“It is crucial for our MDR customers to know that their data is secure from increasingly advanced and malicious malware threats,” said Lee Weiner, chief product officer at Rapid7. “By leveraging CounterTack’s DDNA technology, we’re able to provide our customers with another layer of memory, behavioral threat detection and analysis that enhances confidence.”
Partners of CounterTack’s DDNA program can leverage the unparalleled memory forensics and behavioral analysis capabilities that detect zero-days, fileless malware, and other threat indicators that often go undetected by signature-based and threat-intel based detection methods. DDNA analyzes the binaries in-memory with a behavior-based algorithm to expose purpose-built, anti-forensic measures architected into the most advanced malware impacting organizations today.
“Our DDNA licensing program helps our partners better defend their customers against the worst malware,” said Neal Creighton, CEO, CounterTack. “DDNA adds another layer of threat detection, and it empowers organizations to add a radically different technique enabling comprehensive detection to better predict how threats might execute and proliferate.”
Key Capabilities of DDNA:
- Scans live physical memory or memory snapshots
- Identifies behaviors and techniques rather than patterns and signatures
- Calculates a module-level threat score based on identified behaviors
- Detects malicious software, APTs, zero-days, and rootkits that traditional anti-virus software can’t detect
Rapid7 (NASDAQ: RPD) is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,300 organizations across more than 120 countries, including 39% of the Fortune 1000. To learn more about Rapid7 or join our threat research, visit www.rapid7.com.
GoSecure is recognized as a leader and innovator in cybersecurity solutions. The company is the first and only to integrate endpoint, network, and email threat detection into a single Managed Detection and Response service. The GoSecure Titan platform delivers predictive multi-vector detection, prevention, and response by applying a unique combination of behavioral analysis, memory forensics, machine learning, and reputational techniques to counter the most advanced threats. GoSecure Titan MDR is designed to detect and respond in less than 15 minutes, delivering rapid response and active mitigation services that directly touch the customers’ network and endpoints. These capabilities provide the most effective response to the increased sophistication of continuously evolving malware and malicious insiders that target people, processes, and systems. With a focus on innovation, quality, integrity, and respect, GoSecure has become the trusted provider of cybersecurity products and services to organizations of all sizes across all industries globally.