Comprehensive inspection against APT
- Collect and monitor a status of files exchanged in the company came from outside and shared in-house networks
- Understand the trend and flows of attack via intuitive dashboards
- Pre-process inspection files based on threat and inside information
- Combine the results of heterogeneous and dynamic analytics solutions to define malicious files.
- Block a potential negative impact or disruption due to the inflow and spread of malicious codes
- Inspection platforms to enhance system interface to share various types of files
- Analyze/store/share collected files suspicious of malicious codes from various sources
- Have solution-interfacing adapters for responding to major APT attacks (RSA Netwitness, FireEye AX, Ahnlab MDS, Secui MBAS, etc.)
- Share a situation by integrating with monitoring and related systems immediately upon APT attacking
- Adopt Samsung SDS’s process methodology and respond systematically and effectively, upon taking follow-up actions
File collecting, pre-processing, data standardization, analytics results are all automated under the APT analytics process to detect malicious codes. Analysts and relevant divisions can share and spread a situation to respond it immediately with APT response functions.
To minimize security threat, it collects files from multiple sources where external files are inflowing into such as Internet network, affiliates’ network, FAX network, website bulletin boards as well as file sharing network. Moreover, integration with multi-dynamic systems from collected files allows a more accurate and elaborate analytics.
Dashboard displays security status and major events, and checks analytics results of real-time malicious code inflow and their details. Moreover, event type, IP address, MD5 and other file information are checked, so they are aligned with sites to check reference from the 3rd party for a simple analytics and operation.
Detect the abuse of inside business information with big data-based scenarios and behavioral pattern analysis. It always monitors the use of proprietary information and sends warnings for any unusual activity. Prevent information leakage in advance.
Whether you’re looking for a specific business solution or just need some questions answered, we’re here to help