TXEcoSystem

Advanced protection for endpoints and datacenter servers against zero-day attacks, without requiring patches

OVERVIEW

TXEcosystem provides a real-time protection guard for datacenter servers and endpoint systems against known and zero-day attacks, either from hackers or malware, all without requiring rushed patch deployments.

It targets one of the major challenges in securing enterprise environments, how to reduce the asymmetric advantage enjoyed by attackers where they often only need to compromise one weakness, while defenders scramble to prioritize and fix scores of vulnerabilities.

TXEcosystem aggregates and analyzes millions of alerts and logs from IPS/FW/WAF/SIEM and endpoint systems, in order to protect against known attacks and automatically launch investigations on pre-attack reconnaissance and attacking incidences. It decodes the new attack method and conducts real-time penetration tests across the network to find any similar weaknesses in order to block a real attack, if such an attack is launched.

 

HIGHLIGHTS

  • Delivers advanced endpoint and server protection against malware, fileless threats and hacking
  • Provides early insights on new attack methods
  • Performs testing on other enterprise systems to identify which ones have similar weaknesses and then protects them
  • Mitigates attacks against those newly discovered unpatched or exposed systems
  • Detects and blocks APT and zero-day attacks without requiring patches
  • Reduces the number of false or irrelevant security alerts

DEPLOYMENT

TXEcosystem Analyzer Server

  • Physical/VM server with minimum of 16 cores, 32G RAM, 2T HD, 1x1G NIC, or
  • Physical/VM server with minimum of 4 cores, 16G RAM, 200G HD
  • Download iso image from TriagingX support
  • Install and configure the systems

TXEcosystem Client

  • Deliver installation package to each endpoint, workstation or server that will be protected within the TXEcosystem
  • Activate the installation package, msi, file to automatically complete the installation procedure
  • Launch the agent automatically without requiring a system reboot

OPERATIONS

  • TXEcosystem proactive agent installed on each business endpoint, workstation or server, constantly monitors suspicious behaviors and early indicators of attacks, sending this data to the analyzer server for correlation analysis.
  • Other inputs, such as syslog, SIEM, system events and third-party intelligence can also be sent to the analyzer server for integrated analysis.
  • TXEcosystem analyzer server automatically connects to multiple Sandboxes to perform behavior analysis on suspicious files and URLs
  • Using the web-based GUI interface the TXHunter can also acquire a snapshot from a remote endpoint system that is involved in the triage process

SPECIFICATIONS

Target System :                                 Windows 7, 8, 10, 2008R2
Analyzer Server :                               Physical or VMWare Server (ISO Image contains Centos 7.0)
3rd Party Intelligence :                     RestAPI (VT)
Report Format :                                 PDF