This site uses cookies to enhance your experience.  By continuing to visit this website, you consent to the use of these cookies. Click here to learn more about our privacy policy.

Introduction 

Why you need continuous threat detection


350,000 new malware strains everyday
  • Your existing security controls can only block 99.5% of them.
  • That means 1750 new malware attacks every day can bypass your security devices
New malware and virus variants are produced every day. According to AV-TEST institute, there are over 350,000 new malware samples registered every day. So, you can imagine that if your existing security controls can block 99.5% of the new malware every day, there are still more than 1750 malware threats that can bypass your security controls and get into your network.  Even worse, studies show most organizations' security controls are unable to prevent 50% of the new malwares.

AI Weaponization increases Sophistication

  • AI-Powered Concealment
  • DGA Botnets
  • AI Triggers

Artificial intelligence (AI) has become an integral technology to hackers.  They have figured out how to weaponize AI making malware more sophisticated. AI-powered concealment allows malware to conceal their malicious payload and bypass security detection. Domain Generation Algorithm (DGA) botnets can dynamically generate new and one-time domain names to connect to Command & Control servers. And AI triggers can now use verification techniques such as facial recognition to identify and attack targets.

Sandbox Evasion Techniques

Hackers have developed mature technologies to bypass anti-virus and anti-malware sandboxes.  Sandbox evasion technologies such as
  • Delaying Execution
  • Hardware Detection
  • CPU Detection
  • User Detection
  • Environment Detection

are all too common techniques being employed by hackers today. Any of these methods can easily make malicious payloads invisible, fooling the sandbox and evading detection. Of course, more than one technique is usually built into malware

Security Teams Need to Shift Mindset

Continuous Detection no1

Prevention alone cannot stop attacks. Security teams must recognize that new threats require new paradigms to defend against them.  Changing their mindset from keeping all attackers out of their network to assuming the hackers are already in their network will help develop more robust strategies to identify and stop attacks before they cause damage. 

Understanding mean-time-to-identify (MTTI) and mean-time-to-Response (MTTR) is important. Security events can become breaches if they have months to spread throughout a network.  Security teams need to find and fix any security gaps to reduce MTTI and MTTR; the faster thy can find and respond, the less damage a breach will have. 


Continuous Detection no2

Artificial Intelligence

  • Dynamic Behavior Modeling
  • Abnormal User Behavior (UEBA)
  • Sangfor Neural-X integration
Continuous Detection no3

Complete Network Coverage

  • North-South traffic
  • East-West traffic
  • Network Gateway logs
  • Endpoint logs
  • User Authentication
Continuous Detection no4

Detects Much More

  • Known and unknown threats/attacks
  • Known, unknown and rogue assets
  • Attacks that quietly bypassed existing controls
  • Insider threats

Success Case