APT PREVENTION

ADVANCED PERSISTENT THREAT PROTECTION

Non-intrusive monitoring and protection from Reputation, Financial & IP loss:

  • Exhaustive scan of global phishing and spamming databases to cross-check potential compromises of customer’s domain/s
  • Sandbox application to browse customer’s site/sand check if iframe, malware, java drive by can be downloaded to infect the machines of end users of a website or an e-commerce portal
  • Automated daily scan and report generation
  • Phishing complaints reporting system
  • Anti-Viruses check for web portal infections by crawling through all known paths
  • DNS Hijack Detection via cross checking with 450 odd DNS servers from across the world
  • Similarly named websites detection using
    • Advanced heuristics algorithm (even a 5 % match generates alert)
    • Automated “Electronic Eye”, a recognition and comparison engine to scan screen shots
  • AP 24 – Uses phishing feeds on24/7 basis to detect logo spoofing; image processing engine incorporates machine learning; Use of feeds from certificate transparency logs (CTL) for comparison and monitoring of logo misuse.

  • Security Scan of Web portals
  • Protect customers/clients, employees, suppliers, distributors
  • Automated scan and report generation
  • Advanced shell detector module to identify stealth shell-codes
  • Web reputation scan is non-intrusive testing while security scan is intrusive testing

  • Identification, quantification, and prioritization of vulnerabilities
  • Security scans of external IP addresses
  • Charts for easy human interpretations
  • Delta reporting of vulnerabilities (calculates difference in vulnerability reports)
  • Scanner finds vulnerabilities for CMS system
  • False positive & Ignore list for each device/server/web portal
  • Dedicated Monitoring – partner with customer to fix vulnerabilities proactively
  • Reports vetted by security researchers and cyber defense experts who are listed on Hall of Fame of firms such as Google, Microsoft, Apple and Facebook among others
  • In built Cyber Defense Access Point (allows Cyber Defense experts to manually & securely insert access point) for cloud scanning of vulnerabilities

  • DF24 monitors key homepage(s) for defacement and instantly raises a flag upon detection of defacements
  • Separate servers for monitoring defacements and scan of key homepage(s) every 2 hours.
  • Should DF24 detect a home page modification, an instant alert is transmitted – Windows app for SOC, Android app for CISO and IT team
  • Allows companies and organizations to detect defacements and take corrective measures before others such as the media and regulators discover it.
  • DF24 uses technology of word match algorithm and source code analysis. Calculating unique signature for main pages of URL, any change beyond 20% is immediately sent for review. The mobile app runs in two modes (review/CISO mode). Reviewer gets first level alert, once defacement is confirmed, an escalation to CISO follows for immediate action.

  • Maps organization’s network from outside and points out all entry routes for hackers
  • Scans all domains and sub-domains consistently, scans IP ranges, checks all web-interfaces, tom cat servers, web-services, login screens, struts, axis2, SSL certificates and DNS zones
  • In short scans all ‘Digital’ and ‘Physical’ surfaces. This optimizes application codes, removes unwanted OS and application services, secures network at all levels.

  • Very advanced Blacklist lookup and Sandbox. Blacklist lookup is of all IPs of Clients including websites, IP address of external interface and IP range
  • Advanced sandbox browses Client website like a customer and sees what files get dropped, if they are known viruses and also analyses for behavior of malware. Evaluates if any compromised waterhole hosts dropped files, connects to and finds where it’s blacklisted. This is useful to find unknown mass infection vector on Client websites