Walls Don’t Keep Bad Guys Out
Recent cyber-attacks largely bypassed existing security defenses including Anti-Viruses, IPS, MPS and Secure Gateways.
Existing systems try to build a wall around your network to keep the bad guys out. An Active Cyber Defense operates from the principle that the organization has already been compromised; that there is at least one computer within the walls that is infected and under the control of the enemy.
The SlashNext Active Cyber Defense System is a cyber-security breach detection and prevention technology that uses a completely new approach to detecting and preventing advanced persistent threats (APTs) and malware targeted at corporate networks.
No Sandboxes, No Signatures
The SlashNext Active Cyber Defense System is a Knowledge Base System (KBS) that uses high resolution classifiers to determine if network traffic is malicious. Unlike traditional sandbox or signature based detection solutions which are easily defeated by attackers, the KBS is not dependent on comparing network traffic to known threats but instead collects hundreds of clues from the network traffic, allowing it to produce a quick, clear and accurate malicious / not-malicious verdict, even when encountering never-before-seen zero-day attacks.
Engaged at all Stages of the Infection Lifecycle - Traditional sandbox and signature based detection systems only protect against some types of object based exploits. The Active Cyber Defense System protects against phishing attacks, both object and non-object based exploits, malicious EXEs, post-infection callbacks and data exfiltration.
Most systems report hundreds or thousands of possible threats with varying levels of confidence. Sifting through all of these alerts can be overwhelming for an incident response team. Breaking from this legacy model of presenting IT staff with many weak signals, the SlashNext Active Cyber Defense System introduces a new approach where staff is presented with only a single malicious / not-malicious verdict. This verdict accurately pin points an infected machine and provides forensic evidence for IT staff to take appropriate action.