Cezurity Cloud

Cezurity Cloud is a cloud technology of antivirus protection.

The Cezurity company announced on June 6, 2013 completion of new development - Cezurity Cloud.

Properties

The analysis of properties of files which is performed on the server (in "cloud") by Cezurity is the cornerstone of Cezurity Cloud technology. From computers of users the wide range of properties of critical objects gathers and transferred to a cloud. Before transfer information is depersonalized and transformed to such type which does not assume availability of any data of which leak it is possible to be afraid.

Data are classified and located on the server in the special database. Information processing and pronouncement of decisions on degree of injuriousness of these or those objects leads to new classification which is automatic - i.e. Cezurity Cloud is a self-training system. At the same time, if data retrieveds appeared insufficiently for pronouncement of the exact decision on danger of this or that object, then the additional information is requested. In Cezurity Cloud more than 200 properties of each file - are analyzed including such characteristics as an area of distribution, the place where they meet in a system, behavior of files in case of their execution.

"It is no secret that traditional methods of detection of malware is a technology deadlock, - Alexey Chaley, the CEO of Cezurity company noted, - in 2008 signature bases of antiviruses contained more than 2 million records, and the last several years number of new malware grow exponential. Neither the heuristic, nor behavioural methods of detecting relying only on local checks are capable to solve a problem. The tasks facing the industry can be solved if to use advantages of clouds and methods of the intellectual analysis of big arrays of diverse data".

Flexibility

The Cezurity Cloud technology has necessary flexibility for application in different solutions.

On the server different information - depending on tasks which are defined by features of each product or the solution can arrive and be processed. Cezurity Cloud is used in work of free service for detection and treatment of infections of computers - the Virus Scanner. In the future the technology will become one of key as well for other products and Cezurity services.

Technology of dynamic detection of the purposeful attacks

Cezurity announced in the fall of 2013 completion of development of own technology of detection of the purposeful (targeted) attacks on information systems of the enterprises.

The nature of the attacks (Stuxnet, Duqu, transaction the Aurora, an attack to RSA Security company, etc.) says that computer threats changed. Though cyber crime exists many years, today it begins to purchase lines of the organized and well financed industry.

More and more widespread are so-called purposeful attacks (Advanced Persistent Threats, APT) which key feature consists that criminals are interested in specific purposes. As a rule, such purposes are information systems of the enterprises and even states. Using the attack the problems connected with cyber espionage or obtaining this or that benefit from a compromise of data are solved. At the same time, as data are always protected, the bypass of the existing protection becomes the main point of application of the efforts attacking. Traditional means of protecting, such as, for example, antiviruses, though continue to be used everywhere, today is not able to cope with the purposeful attacks.

The purposeful attacks are dragged usually out in time and poetapna. From the beginning of the attack until destruction of traces of presence there can pass years. At the same time malefactors use the most different methods of data collection and implementation in information systems. It can be social engineering, operation known and unknown (0day) vulnerabilities, malware and instruments of concealment of their presence at systems. Insiders – the assistants to malefactors working in the attacked organizations can participate in the attacks.

The technology of dynamic detection developed by Cezurity company is based that actions of malefactors inevitably lead to change of the attacked systems.

To detect the attack, changes of systems in time are estimated. Each of the computers making IT infrastructure is periodically scanned – information on a status of critical objects gathers. These are such characteristics as, for example, geometry of executable files, provision of objects in a system, their interrelation among themselves, behavioural portraits of applications. The acquired information is classified and compared to results of last scannings. In the happened changes search of anomalies is performed. The found anomalies are exposed machine, and if necessary and to the manual analysis.

Unlike traditional approaches, at dynamic detection not separate statuses of systems, and the happened changes are analyzed. Safety is ensured by the fact that protection, as well as the attack, represents permanent, extended process in time in which the central place is taken by detection of actions of malefactors.

'Dynamic detection can be compared to a game of chess when the protected party has a tool allowing to see the opponent's intention after each course on the basis of its previous actions, – the leading analyst of the company Kirill Presnyakov says, – the purposeful attacks are often well planned and hidden, separate events can not cause any suspicions'.

One of key advantages of the developed Cezurity of technology consists that the attack can be detected in time – at the earliest stage. Any of attempts and any of attack stages will be detected at the same time that will allow to reduce risk of a compromise of IT infrastructure considerably.

'The reverse side of high accuracy of detection is a need to process a huge number of information, – Kirill Presnyakov says, – are the cornerstone of our approach as cloud computing, first of all – the platform of the analysis Cezurity Cloud, and a number of methods of intellectual processing of data bulks developed by Cezurity. Because the main part of computation processes happens in a cloud, in the solution Cezurity it was succeeded to combine detecting accuracy with high stability of work and extremely low influence on client applications'