Endpoint threat hunting can't be easier

Endpoint threat hunting can't be easier

TXHunter provides a better and easier threat hunting tool for post incidence and protactive investigation. No need for 10 plus years experience, anyone can hunt for threats. No need to wait for alerts, anyone can investigate the system proactively for potential threats, vulnerabilities and mis configurations. 

TXHunter is very light and fast, offers agentless and offline hunting flexiability. TXHunter has built in sandbox, vulnerability scanner, AV scanner, auditing, IOC query, IOD investigation, network analysis, and many other capabilities. When it hunts, it searches system data, email inbox, memory, deleted files, running process, wmi hooks, dns cache, browser history, network connections, past running processes, configurations, windows events, firewall rules, etc. It digs out the most hidden threats and weakness in a matter of a couple of minutes.

Patent pending unavoidable ransomware trap

Patent pending unavoidable ransomware trap

Unavoidable ransomware trap makes ransomware impossilbe to fulfill its business logic without being caught. This patent pending technology is a recent addition to our powerful EDR. It can precisely detect and stop ransomware at run time, and restore user data files after encrypted. It is implemented as a Windows kernel module, runs at the lowest level of the system with the privilidge to take down ransomware attacks during run time. After it stops ransomware program, it cleans up ransomwam remains and restores user data files back to its original content, even the file content is encrypted.

This advanced feature has made TXShield (EDR) successfully detected and stopped the most recent ransomwares, such as Petya, BlackMatter, Matryoshka, and many others. With TXShield, user never need to worry about ransomware attacks.

Advanced EDR solution

Advanced EDR solution

TriagingX EDR (TXShield) provides better real time detection, protection and faster response to all kinds of endpoint threats.

TXShield has built-in advanced sandbox, AV engine, IOC query, IOD investigation, B/W list, vulnerability scanning, email born malware scanning, post run program investigation, WMI hooks validation, FW rules changing monitoring, AI/DL and Yara rule based detection, malicious network activites moniting, SOC automation, deleted file searching, USB protection, network isolation, auditing, and its most recent patent pending technology against ransomware attacks to protect and restore user data files after encryption.

TXShield has all needed capability to provide full protection for endpoint system against all kinds of attacks. It can also be used for proactive threat hunting, auditing, security posture measurement, customized security policy enforcement, as well as IT trouble shooting and supporting. It helps IT help desk to quickly identify what has been changed since yesterday or baseline.  

Detect unknown malware file by its behavior

Detect unknown malware file by its behavior

TXSandbox can easily detect unknown malware program through its behavior. What makes it outstanding is that it can detect unknown malware file even if it is encrypted or packed by the toughest packers, such as Thermida, Armadillo, VMprotect, etc. It is also specially deisgned to defeat malware's sandbox evasion technics, precisely expose its behavior for high detection rate. TXSandbox also has cloud awareness built in, it detects unknown malware program that particularly targets cloud applications. This is why it has been used to analyze and verify cloud based application's security posture.

TXSandbox can be deployed on premise, in private cloud or public cloud. Its restful API set provides easy way for integration. It resides in the same appliance along with FW/IPS or with remote link. TXSandbox can also be easily customized with its execution evironment, makes it ideal choice for large enterprises to detect targetted attacks.

Stopping Ransomware

Our patent pending technology, unavoidable ransomware trap, directly targets ransomware's core business logic, makes it impossible to fulfill its goal for ransom demanding. The design and implementation goes into Windows system kernel, watching for ransomware's behavior, stops it at run time and restores encrypted user data file. It precisely detect all kinds of ransomware at run time without needing update.  

More...
Stopping Ransomware
Detecting Malware

Detecting Malware

A malware is a malicious program file. It typically contains at least 2 main ligic parts, replicating(spreading/infecting) part, and payload (business logic) part. Some malware may contain some additional logic parts, such as hiding part to cover its trace, anti-scanning, self protection, etc. Each method of detection has some pros and cons. TXShield has all known methods built-in, to reach the highest possible detection rate. 

More...

Scanning Vulnerabilities

Vulnerability exists in system or application, which is the main vector for advanced targe attacks. Many high profile security breaches and 0day attacks are associated with vulnerability exploitation. It is very important to find the existing vulnerability and get the system or application patched before the actual exploitation.

More...
Scanning Vulnerabilities
Hunting Threats

Hunting Threats

More...

Preventing Zero-Day Attacks

We need to move beyond our current ‘whack a mole’ security model to constantly learn the attack methods used and adapt the overall security posture by finding and fixing the weakness in other connected systems before the attacker can act……

More...
Preventing Zero-Day Attacks