際際滷

際際滷Share a Scribd company logo

Zero Day Plus Anti Malware LTD 2016 sales pdf

A
Alexander Rogan

This document summarizes a new cyber protection technology called Abatis HDF. It blocks malware from writing to devices with 100% certainty, including stopping zero-day attacks. It has a small footprint, improves performance and battery life. The technology can identify existing infections and reduce clean-up time by 90%. It protects both new and legacy systems, including critical infrastructure, SCADA systems, and mobile/IoT devices.

1 of 14
Downloaded 14 times
Cyber Protection requires new thinking Stops Zero-Days Stops Malware Stops RansomWare 息2016
Kinetic Attacks Attack Defence Type of Endpoint Clubs & Pointed Sticks Stretched Animal Skin Shields Endpoint (E) Spears with iron tips Hard Shields iron clad E Swords, Bows & Arrows Wooden Forts and Stone Castles Perimeter (P) Longbows Castles with high walls P Gunpowder Muskets & Cannons Stone Castles and Moats P Repeating rifles & Machine guns Tripwire, Trenches, Barbed Wire P Tanks & Naval bombardment Landmines & Bunkers P Aircraft & dropped bombs Anti-Aircraft Guns P & E Rockets & Guided Missiles SAM P & E Ballistic Nuclear Weapons Interceptor Missiles & Bunkers P & E
Cyber Attacks Attack Defence Type E/P Viruses and Worms Signature Based AV E Polymorphic Malware Signature Based AV with heuristics E Botnet Command and Control Firewalls, IDS, IPS, AV P DOS, DDOS Firewalls, IDS, IPS, AV P Ransomware Firewalls, IDS, IPS, AV P & E IP Theft Firewalls, IDS, IPS, AV P & E APTs F, I, I, A, plus White Listing P & E Zero Day Attacks F, I, I, A, W, Behavioural Sandboxing P & E Phishing, Spear Phishing, Whaling ? E SCADA Process Control, ICS attacks ? E
Whats Wrong with Security Tools? 1. Traditional AV is slow bloatware and cant stop zero-days even with heuristic analysis Kaspersky found > 121m unique malware samples in 2015 2. Whitelisting Cumbersome, cant stop DLL injection, ADS attacks or rootkits (have to whitelist WinLogon & svchost favourite hacker targets) 3. Reputation based like an MOT. No standard. False +/- 4. Behavioural analysis and sandboxing like a VW emissions test (it knows!). Out of band reporting of suspicious behaviour can help to a degree 5. Probabilistic analysis in general will flag but false +/- and requires infections 6. Firewalls have to have open ports which can be abused (encrypted channels etc) 7. IDS/IPS again probabilistic so false +/- and malware is aware 8. Micro VM encapsulation of processes and monitoring for errant behaviour is processor intensive, (currently only available for latest Intel architectures and cannot be used in a safety or mission critical application)
The Abatis HDF Solution o HDF is a kernel level filter driver of less than 100 KB o Prevention rather than detectionfollowed by clean-up o Prevents all attempts to write malware to the permanent storage of the device regardless of system privilege o Uses fundamental characteristic of malware plus ring-based architecture of OS to block new binaries with 100% certainty o Stops ZERO DAY attacks - no performance penalty & no false +ve/ve o Log files stored locally for transfer to CMC or any existing SIEM product used by the customer o Deterministic and proven safe in Safety-Critical, SCADA, etc. o No signature file/white-list updates reduces maintenance cost/time o Works with all known existing security products Radically Different
Central Management Console (CMC) o Central Management Console (CMC) provides facilities for SMEs and Cos. without SIEMs to: o Monitor HDF on an estate o Retrieve and analyse logs o Craft policy updates for HDF individually, in groups or globally as required o CMC and/or Your Enterprise SIEM can: o Identify existing infections such as blocked APT updates o Clean-up existing infection (proven reduction from 3 days to 2 hours (90% improvement) o Road map for enterprise APIs for logs and policy management
Energy Saving Capability o Imperceptible performance impact o Up to 40% performance (speed) improvement compared to traditional AV o Massive improvement in laptop battery duration o Saves 7% of the electricity consumed by server = 贈35/$60 per server per annum o Servers run 8属C (15属F) cooler Evaluation & Report Completed by Download the management summary report at www.abatis-hdf.com
Protecting New and Legacy Equipment Windows Version Mainstream Support Ends Extended Support Ends Market Share % Windows NT4 Ended 2001 Ended 2004 0.05 Windows 2000 Ended 2005 Ended 2010 0.06 Windows XP Ended 2009 Ended April 2014 19.15 Windows XP Embedded Ended 2011 Ended January 2016 Included above Windows Vista Ended 2012 Ends April 2017 1.93 Windows 7 Ended January 2015 Ends January 2020 53.01 ** Windows 2003 Server Ended 2010 Ended July 2015 47.9 * Windows 2008 Web Server Ended July 2013 Ends January 2020 14 Windows 2008 Server Ended January 2015 Ends January 2020 Included above Windows 8/8.1 Ends 9 January 2018 Ends 10 January 2023 17.81 Windows 10 Ends 13 Oct 2020 Ends 14 Oct 2025 5.38 Windows Server 2012 Ends 9 January 2018 Ends 10 January 2023 31
Abatis The Company o Established 2005 at Royal Holloway University of London o Award winning, innovative, proven and patented software technology for Windows and Linux o 10 years development; third-party testing by Lockheed Martin, BAE, ATOS, GSK, NHS and others to establish TRUST (claims made are validated and verified by organisations who have conducted evals) o Now in evaluation with SPAWAR, Major Banks, BT, NHS, etc. o Recognised by Forrester Research as Company to Watch o US Patent Granted in May 2015, European Patent Pending o Low profile until patent grant restricted sales to Critical National Infrastructure, High Integrity Nuclear and Transport
Some Customer Case Studies Abatis acknowledges all logos are the property of their respective owners PROSPECTS / IN TESTINGSCADACRITICAL INFRASTRUCTURECOMMERCIAL Web Site Defacement Protection E-Tendering Protection IP Protection Air Traffic Control CNI Rail Network Production System SCADA & CCTV Protection Nuclear Power Malware Protection Mega US Bank Major European Bank Military Nuclear Defence
Abatis Roadmap Phase One Mobile Devices o Android Mazar malware can 'wipe phones' spread via SMS o 500,000,000 Android devices affected by malware that uses "clickjacking" to access the device o Criminals will target mobile phones with RansomWare
Abatis Roadmap Phase Two Internet of Things (IOT) o Over 5 billion connected things now o Some predict that by 2020, the number of Internet-connected things will reach or even exceed 50 billion o Abatis can already protect some but will have a much broader capability soon to protect internet connected things
Summary o NEW, Innovative/Disruptive, Patented and Award-Winning Technology o Stops known and unknown malware in a unique, proactive way o Provides strong zero -day and targeted attack protection plus benefits of: Legacy Preservation (Buys You Time) SCADA systems protection proven, credible technical defence Saves Money (90% lower maintenance & clean-up cost and 7% lower electricity consumption ~$60 per server per annum) Zero performance degradation - can be performance enhancing (up to 40% recovery vs. traditional AV) Tiny footprint (<100KB) works everywhere ideal for Mobile and IoT devices APT Hunter-Killer can uncover existing infections when used with Central Management Console (CMC) Risk-free roll-out using LEARN mode in a try-before-you-buy approach (works with your existing security products in defence-in-depth approach)
Questions and Contact Details Alexander Rogan +44 2081237330 Managing Director ar@zerodayplus.com Vlad Georgescu +49 21077155 Director vg@zerodayplus.com Authorized Reseller: Zero Day Plus anti-malware Ltd. 35-37 Ludgate Hill, Office 7 London EC4M 7JN United Kingdom

More Related Content

Zero Day Plus Anti Malware LTD 2016 sales pdf

  • 1. Cyber Protection requires new thinking Stops Zero-Days Stops Malware Stops RansomWare 息2016
  • 2. Kinetic Attacks Attack Defence Type of Endpoint Clubs & Pointed Sticks Stretched Animal Skin Shields Endpoint (E) Spears with iron tips Hard Shields iron clad E Swords, Bows & Arrows Wooden Forts and Stone Castles Perimeter (P) Longbows Castles with high walls P Gunpowder Muskets & Cannons Stone Castles and Moats P Repeating rifles & Machine guns Tripwire, Trenches, Barbed Wire P Tanks & Naval bombardment Landmines & Bunkers P Aircraft & dropped bombs Anti-Aircraft Guns P & E Rockets & Guided Missiles SAM P & E Ballistic Nuclear Weapons Interceptor Missiles & Bunkers P & E
  • 3. Cyber Attacks Attack Defence Type E/P Viruses and Worms Signature Based AV E Polymorphic Malware Signature Based AV with heuristics E Botnet Command and Control Firewalls, IDS, IPS, AV P DOS, DDOS Firewalls, IDS, IPS, AV P Ransomware Firewalls, IDS, IPS, AV P & E IP Theft Firewalls, IDS, IPS, AV P & E APTs F, I, I, A, plus White Listing P & E Zero Day Attacks F, I, I, A, W, Behavioural Sandboxing P & E Phishing, Spear Phishing, Whaling ? E SCADA Process Control, ICS attacks ? E
  • 4. Whats Wrong with Security Tools? 1. Traditional AV is slow bloatware and cant stop zero-days even with heuristic analysis Kaspersky found > 121m unique malware samples in 2015 2. Whitelisting Cumbersome, cant stop DLL injection, ADS attacks or rootkits (have to whitelist WinLogon & svchost favourite hacker targets) 3. Reputation based like an MOT. No standard. False +/- 4. Behavioural analysis and sandboxing like a VW emissions test (it knows!). Out of band reporting of suspicious behaviour can help to a degree 5. Probabilistic analysis in general will flag but false +/- and requires infections 6. Firewalls have to have open ports which can be abused (encrypted channels etc) 7. IDS/IPS again probabilistic so false +/- and malware is aware 8. Micro VM encapsulation of processes and monitoring for errant behaviour is processor intensive, (currently only available for latest Intel architectures and cannot be used in a safety or mission critical application)
  • 5. The Abatis HDF Solution o HDF is a kernel level filter driver of less than 100 KB o Prevention rather than detectionfollowed by clean-up o Prevents all attempts to write malware to the permanent storage of the device regardless of system privilege o Uses fundamental characteristic of malware plus ring-based architecture of OS to block new binaries with 100% certainty o Stops ZERO DAY attacks - no performance penalty & no false +ve/ve o Log files stored locally for transfer to CMC or any existing SIEM product used by the customer o Deterministic and proven safe in Safety-Critical, SCADA, etc. o No signature file/white-list updates reduces maintenance cost/time o Works with all known existing security products Radically Different
  • 6. Central Management Console (CMC) o Central Management Console (CMC) provides facilities for SMEs and Cos. without SIEMs to: o Monitor HDF on an estate o Retrieve and analyse logs o Craft policy updates for HDF individually, in groups or globally as required o CMC and/or Your Enterprise SIEM can: o Identify existing infections such as blocked APT updates o Clean-up existing infection (proven reduction from 3 days to 2 hours (90% improvement) o Road map for enterprise APIs for logs and policy management
  • 7. Energy Saving Capability o Imperceptible performance impact o Up to 40% performance (speed) improvement compared to traditional AV o Massive improvement in laptop battery duration o Saves 7% of the electricity consumed by server = 贈35/$60 per server per annum o Servers run 8属C (15属F) cooler Evaluation & Report Completed by Download the management summary report at www.abatis-hdf.com
  • 8. Protecting New and Legacy Equipment Windows Version Mainstream Support Ends Extended Support Ends Market Share % Windows NT4 Ended 2001 Ended 2004 0.05 Windows 2000 Ended 2005 Ended 2010 0.06 Windows XP Ended 2009 Ended April 2014 19.15 Windows XP Embedded Ended 2011 Ended January 2016 Included above Windows Vista Ended 2012 Ends April 2017 1.93 Windows 7 Ended January 2015 Ends January 2020 53.01 ** Windows 2003 Server Ended 2010 Ended July 2015 47.9 * Windows 2008 Web Server Ended July 2013 Ends January 2020 14 Windows 2008 Server Ended January 2015 Ends January 2020 Included above Windows 8/8.1 Ends 9 January 2018 Ends 10 January 2023 17.81 Windows 10 Ends 13 Oct 2020 Ends 14 Oct 2025 5.38 Windows Server 2012 Ends 9 January 2018 Ends 10 January 2023 31
  • 9. Abatis The Company o Established 2005 at Royal Holloway University of London o Award winning, innovative, proven and patented software technology for Windows and Linux o 10 years development; third-party testing by Lockheed Martin, BAE, ATOS, GSK, NHS and others to establish TRUST (claims made are validated and verified by organisations who have conducted evals) o Now in evaluation with SPAWAR, Major Banks, BT, NHS, etc. o Recognised by Forrester Research as Company to Watch o US Patent Granted in May 2015, European Patent Pending o Low profile until patent grant restricted sales to Critical National Infrastructure, High Integrity Nuclear and Transport
  • 10. Some Customer Case Studies Abatis acknowledges all logos are the property of their respective owners PROSPECTS / IN TESTINGSCADACRITICAL INFRASTRUCTURECOMMERCIAL Web Site Defacement Protection E-Tendering Protection IP Protection Air Traffic Control CNI Rail Network Production System SCADA & CCTV Protection Nuclear Power Malware Protection Mega US Bank Major European Bank Military Nuclear Defence
  • 11. Abatis Roadmap Phase One Mobile Devices o Android Mazar malware can 'wipe phones' spread via SMS o 500,000,000 Android devices affected by malware that uses "clickjacking" to access the device o Criminals will target mobile phones with RansomWare
  • 12. Abatis Roadmap Phase Two Internet of Things (IOT) o Over 5 billion connected things now o Some predict that by 2020, the number of Internet-connected things will reach or even exceed 50 billion o Abatis can already protect some but will have a much broader capability soon to protect internet connected things
  • 13. Summary o NEW, Innovative/Disruptive, Patented and Award-Winning Technology o Stops known and unknown malware in a unique, proactive way o Provides strong zero -day and targeted attack protection plus benefits of: Legacy Preservation (Buys You Time) SCADA systems protection proven, credible technical defence Saves Money (90% lower maintenance & clean-up cost and 7% lower electricity consumption ~$60 per server per annum) Zero performance degradation - can be performance enhancing (up to 40% recovery vs. traditional AV) Tiny footprint (<100KB) works everywhere ideal for Mobile and IoT devices APT Hunter-Killer can uncover existing infections when used with Central Management Console (CMC) Risk-free roll-out using LEARN mode in a try-before-you-buy approach (works with your existing security products in defence-in-depth approach)
  • 14. Questions and Contact Details Alexander Rogan +44 2081237330 Managing Director ar@zerodayplus.com Vlad Georgescu +49 21077155 Director vg@zerodayplus.com Authorized Reseller: Zero Day Plus anti-malware Ltd. 35-37 Ludgate Hill, Office 7 London EC4M 7JN United Kingdom