Enterprises recognize the need for the deployment of technologies that will provide protection through the signature less - detection and subsequent identification of breaches. While intrusion detection systems (IDS) provide alerts only for attempts against the corporate network by known attacks (and a security team must still verify whether the attack was successful), advanced malware protection systems provide alerts for network compromise incidents from both known and unknown attacks. Whether through the use of host agents or through inline network monitors.
A breach occurs when a downloaded file is executed and the workstation performs the activity intended by the malware. This activity may include the workstation sending communications to a command & control (C&C) server, or even polling the Domain Name System (DNS) in an attempt to contact the C&C. However, an attempted breach occurs when the “drop” contains a payload that is not compatible with the workstation.
Advanced Persistent Threats (APTs) are a cybercrime category directed at business and political targets. APTs require a high degree of stealithiness over a prolonged duration of operation in order to be successful. The attack objectives therefore typically extend beyond immediate financial gain, and compromised systems continue to be of service even after key systems have been breached and initial goals reached.
BTS is partnering with the most revolutionary solutions for providing a signature-less approach in detecting Malware by testing downloaded executables in a known virtual environment in real time.