The five-step process to defeat zero-day APT attacks
TXShield is designed to detect an attacker's activities or behaviors, while they are searching for vulnerable targets. It detects the attack methods used by the attacker as it automatically launches investigations on the attack at the early exploit or delivery attack stage. It decodes the attacking methods used and conducts real-time penetration tests to find where the weakness that has been discovered by the attacker is located. It then prepares to block the real attack on those endpoints or provide instructions to the security team to seal the exposure across the rest of the network.
There are five major steps required to defeat zero-day attacks:
TXShield contains several different protection technologies including, but are not limited to, agent-based behavioral analytics & rules, server-based signature-based protection, and TriagingX’s dynamic and static sandbox analysis.
The system continually analyzes data that comes from sources such as the system File system Meta-Data, Windows prefetch Data, Event logs, Scheduled task Data, Registry Data, Other artifacts of interactive sessions such as Web History, Memory, Active Network Connections and Kernel Info: GDT, IDT, SSDT, Shadow SSDT, Hidden Process, Kernel Exports.
The solution consists of 5 components: