The Foundation

In the past 18 months, both corporate and home users have been exposed to new types of malicious code in the form of advanced ransomware attacks on networks that hold your data for payment in bitcoin or similar e-currencies, and bitcoin miners that steal the processing power on your computer.  Malicious code writers are creating malware with more sophisticated and devastating payloads, than can be protected with traditional protection technologies, including many of the current anti-malware solutions.

All security programs should start with a strategy that ties multiple aspects of defense lifecycle, including:

  • Understand attacker motivations for the enterprise
  • Identify the key risk factors for theft, loss of service, reputation damage
  • Update the security architecture (physical to the cloud)
  • Minimize direct connections to critical assets and data
  • Use encryption, authentication and deception techniques
  • Use advanced endpoint security, including for remote and mobile devices

However, it is clear from the multiple security reports and industry surveys that companies are struggling and failing to adapt their defenses for the more advanced threats and campaigns that are directly targeting their industry segments, resulting in failed detection of data breach events and poor response times.

The TriagingX solution adopts a new approach to endpoint protection, emphasizing a small footprint, with minimal impact on the endpoint performance and augmented by automated adaptive learning as the foundation of the threat defense lifecycle. In order to protect against known attacks and automatically launch investigations on pre-attack reconnaissance and attacking incidents, it decodes the new attack methods and conducts real-time penetration tests across the network to find any similar weaknesses in order to block the next attack wave. By doing so, it harnesses the power of automation and machine learning to detect zero-day threats in near real-time and streamlines the ability to quickly expose and remediate advanced attacks.  It does not depend on known signatures or blacklists to detect and block the malicious actions discovered in any given attack.

It targets 3 major operational pain points

  • Helping teams which are overwhelmed by too many security alerts many of which are irrelevant or false positives
  • Whenever too many patches are needed frequently, leaving endpoints and servers unprotected until patches are applied
  • Ignorant of weaknesses in the network until an attack has already happened