Monday, August 31, 2015

EDR technology – present and future of IT Security – PresseBox (Pressemitteilung)

         Traditional viruses that are defined as executables and are sent en masse to cause infection on a large scale can be controlled for many years successfully Endpoint Protection Platforms (EPPs). These are commonly known antivirus programs that protect end users’ terminals. However, cybercriminals have evolved considerably in recent years as well as their methods of attack. Change

Modern Hacker daily their goals, advanced persistent threats (Advanced Persistent Threats) are now the main focus of their activities. Targeted attacks, ransomware (as encrypted as Crypto Locker, the information on infected computers and requests for data for a ransom), zero-day attacks … – they all spread out in our digital lives. Businesses and home users are equally at risk, not only of data theft, but thus also of the economic damage it.

Meanwhile, the IT security industry has begun to respond and many big players in this field have posted platforms that goes far beyond the simple protection of a digital system go – they can detect advanced threats and react simultaneously to possible incidents. We speak of the “Endpoint Detection and Response Technology” or short. EDR technology

Minted was this concept since 2013 by the Gartner Security Analyst Anton Chuvakin. EDR defines to discover and investigate a category of methods and solutions that aim, suspicious activities and events on servers and endpoints. This emerging technology has Panda Security apprehended with his Managed Service Adaptive Defense 360 ​​and transformed by combining with Pandas classic terminal protection in a currently unique security solution.

“offer the protection, the EPP-solutions today is no longer sufficient for many companies, “explains Eduardo Fernández Canga, Global Marketing Manager at Panda Security in Spain. “Antivirus programs are still important. They protect against known threats and block a majority of the outstanding malware. But the problem is that it create some new malware generations yet to penetrate into the protected systems. Therefore just need medium and large companies, which are increasingly in the focus of hacker attacks, tools and technologies that detect the latest threats and able to respond to this, “he adds

Adaptive Defense 360:.. modern, customized security solution

Pandas response to the recent developments in the field of cyber attacks is Adaptive Defense 360. Over a period of about five years, Panda experts this modern and currently unique IT security solution developed. It is based on the latest developments in the field of EDR technology, is compatible with all Windows operating systems and will also soon be available for Android devices.

But what is so special about Adaptive Defense 360? Eduardo Fernández Canga explained. “IT protection solutions that detect a threat, always generate an identifier and put this on a blacklist problematic it however is this: If an executable file is not on this blacklist, then the solution considers this as goodware and undertakes nothing against them. Adaptive Defense 360 ​​relies on the other hand not only on such a blacklist. It is against all applications running on the endpoint processes fundamentally suspicious. “

How does Adaptive Defense 360 ​​then? First, an agent is installed on the user’s device. This controls and collects information about the behavior of each application running on the system. The generated performance information is sent to the Panda Collective Intelligence. With the help of Big Data and data mining tools Panda can classify 99.6 percent of all this information automatically, including goodware and malware. The remaining 0.4 percent are analyzed by a group of experienced analysts in the PandaLabs and classified.

An important difference between Adaptive Defense 360 ​​and other currently available security solutions that “Adaptive Defense 360 ​​a whitelist created for the customer, which we use for the analysis of executables, “says Fernández. In addition, the platform the executables not only, but also monitors classified that their behavior does not change. “Normally whitelist solutions are not able to detect a change if they have classified an executable program once as goodware. Adaptive Defense 360 ​​generates, however, a behavior pattern for each executable file. When this leaves the pattern, an alarm is triggered and the corresponding process is automatically blocked, “adds the Panda Security expert.

The operation of Adaptive Defense 360 ​​described enables Panda customers, with applications at risk, such as older versions of Java, Chrome or Internet Explorer to work, and to be still protected against IT threats. “Many companies still work with old software or old operating systems, such as Windows XP that are no longer supported by the manufacturers with the latest security updates. However, even with the use of current software often arises the problem that safety Updates can not be imported more quickly. Companies can therefore now only be absolutely reliable protection against hacker attacks if they are using a system like Adaptive Defense 360 ​​as an IT security solution, “said Fernández.

Absolute control of the data flow within the organization

Another advantage of Adaptive Defense 360 ​​is that the system administrator can see exactly which way the data flow has taken on the computers of a network. So the administrators can always see and check which process attempted to modify data

Eduardo Fernández Canga. “Adaptive Defense 360 ​​a currently unique, powerful and customized for each client tool that allows you within both the flow of information can analyze precisely the organization as well as the incoming and outgoing traffic, understand and visualize. With Adaptive Defense 360 ​​the administrator knows exactly what process as and when accessing data and thus has absolute control over the entire flow of information within his organization. ”


No comments:

Post a Comment