Digital DNA is the next generation of in-memory behavior detection and malware analysis technology. It detects suspicious behavior that evade other technologies. It is the only solution that predicts what these behaviors can do to eliminate false positives and respond proactively. Digital DNA is a critical technology for Active Threat Management.
THE FIRST THREAT DETECTION
Antivirus scans for malicious files using Signatures. However, hackers understand Antivirus techniques and continuously create new malware variants to bypass them. Antivirus is still relevant because it captures around 60% of today’s malware. However, they don't detect fileless attacks which accounts for 49% of today's threats.
NEXT GEN ANTIVIRUS
ADDING MACHINE LEARNING
Next Gen Antivirus extends threat coverage by applying machine learning. Vendors analyze malware samples and build models that scan and parse files, and then match features to detect new malware. Machine learning models need to be kept up to date. They are not very effective at detecting fileless attacks..
APPLICATION MONITORING IN A SANDBOX
Application containerization is a limited solution for browsers or applications like MS Office. It monitors applications in a sandbox. If it detects a malicious event it will remediate it. It works off of signatures and white listing. Application containerization effectivity is limited to what’s going on in the sandbox.
INCIDENTS OF COMPROMISE
Threat Intelligence is the staple of legacy EDR solutions. They rely primarily on Incidents of Compromise (IoCs), which are Signature-like. They look at OS events, filenames, CnC hosts and more to extrapolate a pattern indicating malicious activity. IoCs need to be continuously updated to be effective.
NO RELIANCE OF THREAT INTELLIGENCE
Legacy EDR solutions are evolving to behavior-based. They look for techniques that hackers use to carry out attacks. They look at processes, network connections, file and registry changes, and the pattern of those activities. Behavior-based solutions are effective because they don’t look at files or rely on threat intelligence.
IN-MEMORY THREAT DETECTION
THE FINAL FRONTIER
Advanced EDR solutions are predictive. In-memory behavior detection and analysis looks at processes running in-memory and reverse engineers them to identify malicious behaviors and what the attack is trying to do. It is the most reliable technology for detecting new malware variants and fileless attacks.
Partners can license Digital DNA to enhance threat detection. If you are interested, please contact Sales today.
ENDPOINT SECURITY VIDEO WHITEBOARD SERIES
REVERSE-ENGINEER THREATS IN MEMORY WITH RESPONDERPRO
ADVANCED THREATS VIDEO SERIES
ENDPOINT SECURITY FOR TODAY’S ENTERPRISE
Sign Up For Our Demo
Wednesday 2PM EST
20 Minute OverView
10 Minute Q & A
100 5th Avenue, First Floor Waltham, MA 02451-1208 (855) 893-5428
11171 Sun Center Drive, Suite 210 Rancho Cordova, CA 95670 (916) 459-4727
Singapore - APAC
Robinson Road #02-00 Singapore 068898
Montreal 630, Rene-Levesque Blvd West, Suite 2630 Montreal, Quebec H3B 1S6 firstname.lastname@example.org Tel: 514-287-7427 Fax: 514-287-9734
Toronto 120, Adelaide St W, Suite 2015 Toronto, Ontario M5H 1T1
Halifax 99, Wyse Rd, Suite 1225 Dartmouth, Nova Scotia B3A 4S5
Quebec 2875, Laurier Blvd, Suite 620 Quebec, Quebec G1V 2M2
Hibiya Central Building 14th Floor, 1-2-9, Nishishimbashi, Minato-ku, Tokyo 105-0003 +81-3-5532-8626