Malware – A pervasive threat

20

Malware or computer virus has long been a threat to every computer user. In fact, the threat is even bigger for organizations and businesses, as their important and sensitive data can be leaked or lost at any time.

1. Popular types of malware

In order to prevail, malware continuously changes their codes and uplevel their sophistication to avoid detection. This proves to be quite challenging to traditional malware prevention methods, which focus on the identification of known signatures or specific behaviors. In fact, at this very moment, various malicious codes are acting up without being detected by virus prevention software. Moreover, even when the malicious codes are identified, traditional antivirus programs respond by isolating/deleting the files, rather than finding the cause or providing preventative methods.

2. EDR solution

CyRadar EDR (CyRadar Endpoint Detection and Response) is a new generation and comprehensive antivirus program, which offers systematic supervision, predictive alarms, threat detection, and in-time responses. The software also stores and systematize all relevant data, then track and investigate those to find out how the virus got it.

Integrated in CyRadar EDR are new technologies, including Big Data, Machine Learning, Sandbox, and so on, with functions based on the client/server model and centralized management. CyRadar uses only one headquarter-based server, while clients with CyRadar EDR Endpoint are connected to this server.

CyRadar EDR Server

CyRadar EDR Server uses centralized management and data analysis to issue warnings, orders and responses to CyRadar EDR Endpoints. It will also give reports on the transmittance of malicious codes, possible methods as well as records, all in order to assist the net manager in gaining a comprehensive overview of the system’s condition.

CyRadar EDR Endpoint

Client’s CyRadar EDR Endpoint will Auto-Protect malicious codes like trojan, spyware, and adware as soon as it detects invasion. It will also fully counter malware transmittance via USBs, websites, file sharing, and software’s security holes. Then, it will report back to CyRadar EDR Server.

CyRadar EDR (CyRadar Endpoint Detection and Response) is a new generation and comprehensive antivirus program.

CyRadar EDR has outstanding advantages compared to various other security solutions on the market.

While traditional antivirus methods can only detect known malicious codes from Signature Files, new ones can protect computers using the isolation and deletion method. Another limit to traditional methods is that they only include separate data on malicious files and remain passive until detection.

In contrast, CyRadar EDR uses both Signatures and smart detection technology, enabling it to detect all kinds of malicious codes, including new ones, APTs, Fileless, and so on. Further, CyRadar EDR is an entire procedure, where it detects, prevents, and rectifies. It also stores and connects all data regarding the codes for future reference, as well as remains proactive for early detection.

3. How it works

CyRadar EDR is deployed on the basis of the centralized management model Client/Server, where CyRadar EDR Endpoint at Client will be connected to the centralized Server. Modules related to data storing and data analysis will be put on both the Clients and the Server, so data can be analyzed and generated for a general overview, thus assisting in detection.

Technologies used in data analysis modules.

Major parts to the system include:

Detection

A collection of smaller modules in supervision, prediction and early detection of threats.

CyRadar EDR uses both Signatures and smart detection technology in detection, and can detect all kinds of malicious codes, including new ones, APTs, Fileless…

Processing

Based on the data analysis’s results, the program will carry out a suitable and comprehensive process (alarm, prevention, isolation, deletion). In the final step, all traces of the malicious codes shall be erased by deleting files and installation, as well as clearing out registries.

Investigation

Collect and connect relevant information and events, give intuitive view regarding situations and assist users in finding the source and the time of malicious code transmittance.

The network scale of a centralized management server.

4. Special features

Aside from detecting and handling virus using signatures, CyRadar EDR also utilizes AI Malware Graph to for early detection of sophisticated attacks (like APTs). Aside from that, the integration of modern technologies including Machine learning and Sandboxing enables CyRadar EDR to display information from all terminal devices, thus provides quick responses to and detection of threats. The system can also collect and connect relevant information and events, give an intuitive view regarding situations and assist users in finding the source and the time of malicious code transmittance. Another advantage is easy to control in times of threats, especially with the customer service line and technical assistance available at all time. Periodic, circumstantial and specialized reports are also provided.

Periodic, circumstantial and specialized reports of the system.

CyRadar

Related posts: