Overview
Cyber attacks on Government Agencies now far exceed the capabilities of commercial security offerings used to prevent them.
Cyber criminals and cyber terrorists are sufficiently funded and sophisticated to ensure malware is ever more capable of seeking out the 'next' weakness in PC security to evade cyber defenses.
With Prevx Strategic Software Command, Governments Agencies can utilize Prevx advanced technology to significantly boost cyber defense capabilities without replacing, disabling, or impairing current cyber warfare defenses.
The underlying model for cyber security, which underpins cyber defenses around the world, is fundamentally flawed. It has three principal weaknesses:
- A high dependency on prior knowledge of threats in order to mount a defense.
- A blind spot to new intrusions which are outside of its knowledge base.
- A lack of centralized cyber intelligence about new threats.
Current malware detection is designed to look for known threats it has seen; it is incapable of ever identifying one that has managed to get past its defenses. A lack of centralized intelligence about new threats means that criminals can continue to use the anti-malware model against itself and find even more ingenious approaches to evading detection. Consequently, more and more zero day attacks are being seen where malware is created that goes unnoticed for a significant period of time, allowing it to steal and leverage stolen information for days, weeks, or even longer.
The inadequacies of existing commercial security offerings are leaving Government Agencies vulnerable to attack at any time
The Solution
With Prevx Strategic Software Command, Governments Agencies can utilize Prevx advanced technology to significantly boost cyber defense capabilities.
Prevx Strategic Software Command has been designed to address the flaws present in current cyber warfare defenses. Prevx specializes in detecting zero day attacks in real-time, which significantly reduces exposure time to threats. This enables real time protection for Government Agencies and their user communities against the latest and most dangerous threats, including Trojans, rootkits, and information stealers, such as Zeus, thereby catching threats missed by traditional security software.
Prevx operates an entirely different approach to PC security, utilizing its PC security software to monitor and learn about the threat landscape, as well as provide protection against a very wide range of threats. This intelligence is fed in real time back to a powerful 'cloud based' architecture where the emergence, propagation, and behavior of ALL software applications and modules can be monitored, measured, and assessed automatically in real time.
Due to the sensitivity of information within Government Agencies, and the need for complete control and the highest possible levels of security, Prevx Strategic Software Command provides a complete replica of the Prevx in-house malware operation, including software surveillance at the end point, centralized intelligence and automated malware research. This runs as a private community solution, with additional inbound threat feeds from the Prevx public threat database. This delivers an unparalleled level of capability in cyber intelligence and defense, enabling Government Agencies to monitor in real time, any new executable anywhere in its environment and, if required, control, prevent, limit, and monitor its execution, or delete the object.
Technical Detail
Prevx Strategic Software Command includes a full anti-malware and secure browsing component, and can be used alongside any other security solution providing a 'defense in depth' approach to cyber security:
- Software surveillance at the endpoint Prevx has the smallest, fastest, lightest, and most powerful anti-malware agent technology in the world. The Prevx agent is under 1MB, installs in less than 10 seconds and is able to scan a PC in under 2 minutes. The Prevx agent will monitor the PC security landscape within the government community, and will check the security state of a PC and its core functions, reporting this state centrally. This information can be recorded and used to recall the security state of any PC at any specific time.
- Integrated secure browser technology, Prevx SafeOnline Provides a secure browsing environment to all government users even if the PC is infected. By hardening the operating system, the SafeOnline technology will block any attempts to steal or access government data and private information. Its anti-phishing technology, along with credential protection, will ensure that users only input sensitive data in the intended web site and will lock down passwords and other network access credentials.
- Endpoint authentication The Prevx agent deployed on the endpoint can, in real time, obtain and pass endpoint specific information to the Prevx solution and Government Agency applications. This information, for example machine ID, IP address, operating system, browser type, and any infection details, can then be used by the Prevx solution and Government Agency applications to make a risk based and interactive decision on whether to allow the endpoint access to agency systems and data.
- Centralized intelligence Threat information is aggregated and assessed in real time, learning about 250k new unique executable programs daily. With 100m+ programs already in the database, Prevx sees all new software, so can see all new malware.
- Private or interagency communities Allows for a number of peer level communities to individually or collectively assess all new executable pieces of code base that enter the environment, determining function, and allow, inhibit, or control their use. This is further supported by a one way threat feed from the Prevx public community database.
- Automated malware analysis Prevx has engineered its solution around security intelligence and automated malware research, enabling Prevx to monitor all new executable objects, as opposed to watching just known bad programs.
- Centralized sand-boxing This process includes aggregating and correlating intelligence gathered from a combination of 'in the wild' execution, sand-box analysis, forensics, and data interchanges from other vendors and security aggregators.
- Powerful reactive and proactive defense hardening Prevx has a proven track record for early life threat detection, being the fastest to spot new malware and develop remediation, demonstrated by Prevx responses to MBR rootkit and all Zeus variants.
- Incremental/interoperable with existing end-point protection The Prevx agent has been developed with speed, efficiency, and interoperability firmly in focus. The agent is tested for compatibility and interoperability with more than 50 mainstream antivirus and security applications and will run alongside an existing antivirus solution, picking up the threats it misses.
- Defending against malware The Prevx solution has powerful in-built self-defense measures to protect itself from attack by malware, both at the agent and infrastructure level.
The Prevx Strategic Software Command provides Government Agencies with an in-house level of security intelligence and automated malware research capability that has a solid foundation for boosting cyber warfare defense, as well as counterintelligence
