Positive Technologies: A complex for early identification of difficult threats

The complex for early identification of difficult threats is intended for identification and prevention of the target attacks. The solution allows to detect quickly presence of the malefactor at network and to recreate the broad picture of the attack for detailed investigation.

2018: Launching

The Positive Technologies company announced on November 27, 2018 replenishment of a line of the solutions a technology complex for early identification and prevention of the target attacks. The solution is intended for the large companies with the high level of a maturity of cybersecurity and allows to reveal difficult threats, including specific to Russia.

The solution combines technologies of the deep analysis of traffic and the transferred files, is added with service of retrospective monitoring from PT Expert Security Center. It reveals presence attacking not only on perimeter, but also in infrastructure. It significantly increases efficiency of identification of the difficult attacks at different stages and also reduces potential financial losses, developers emphasized.

The number of the companies which became the victims of the target attacks in 2017 grew twice: according to us, 9 of 10 victims do not even suspect about cracking. Existing solutions reveal the target attacks on perimeter, but are not capable to reveal threat if malefactors already got into infrastructure. It is possible to detect cracking not at once: as practice shows, before its detection on average takes place up to 197 days — Alexey Danilin, the head on Positive Technologies business development reported. — After overcoming perimeter about 60% of the attacks extend in infrastructure horizontally therefore they long remain unnoticed. That effectively and beforehand to detect the target attacks, it is necessary to monitor malicious activity both on perimeter, and in network, revealing the attacks in traffic. And of course, it is necessary to make the regular retrospective analysis. We tried to implement this approach in a new solution.

The complex allows to detect and localize in real time presence of the malefactor at network and also to recreate the broad picture of the attack for detailed investigation. The solution analyzes files in different data streams using several antiviruses, "sandbox" and own reputation lists and also reveals the attacks in traffic on the basis of a large amount of signs. So, for example, use of all popular hacker tools, operation of vulnerabilities of software and violation of security policies — what usually remains not noticed by other means of protecting automatically comes to light, told in Positive Technologies.

Thanks to the retrospective analysis finds the solution the facts of cracking of infrastructure which are not detected earlier that allows to reduce duration of the hidden presence of the malefactor to a minimum.

At the heart of a complex — the unique knowledge base which our experts constantly fill up according to the results of regular works on the analysis of security, investigations of difficult incidents and the analysis of security of the different systems — Evgenia Krasavina, the head of department of promotion and development of the products Positive Technologies told. — Thanks to it and deep examination of Positive Technologies in security of difficult infrastructures the solution reveals even the newest threats.