Insert title here

SNIPER APTX

Product Image

Product Logo

SNIPER APTX is the APT attack response solution that accurately detects and blocks the APT attack, which attempts the abnormal access, by session based network traffic analysis.

It guarantees the trust and stability for internal network resources by preventing the APT attack in advance, which detours the existing security solutions such as IPS, Anti-Virus, or Vaccine based Botnet PC Solutions, through the precisely distinction and blocking the abnormal behavior of the user who was infected by APT attack.

Overview

SNIPER APTX is the APT attack response solution that accurately detects and blocks the APT attack, which attempts the abnormal access, by session based network traffic analysis. For the previous APT solutions, reversed detection was difficult for unknown attacks or sandbox bypassing malware. However, SNIPER APTX provides rapid reversed connection detection/block with the “Reversed Connection Detection Technology by Analyzing the Delay Time between Zombie PC and C&C Server”. Moreover, the CVM of SNIPER APTX detects the malware not by signature basis but the behavior basis, so it provides accurate response for reversed connection and malware by collecting and saving the unknown malware and the malware which couldn’t be detected by the Zero-day Vulnerability and previous vaccine. Therefore, the user can prevent the APT attack which bypasses the previous security systems like IPS, Anti-Virus, and Vaccine Based Zombie PC Response System with SNIPER APTX, which accurately analyzes the abnormal user’s behavior. 

Key Features

Key Features
APTX (Detection)

 Real-time User Download File Extraction (URL, Mail, FTP, etc.)

Detects Personal Information Leakage and Infected User Connection

Collects and Analyzes User Session

Interworking with SNIPER IPS

Site Reliability Analysis

Site Risk Level Analysis through Learning

Blocks Malware Source and C&C Server 

Manager (Optional)

 Various Statistics and Search Functions

Monitoring and Policy Setting

Treat Module and Monitoring

User PC Malware Treat and Restore

Malware Statistical Analysis Report

CVM (Analysis)

 Malware Behavior Based Analysis (Sandbox)

Analyzes MS Office, Word Processor, Compressed File, etc.

Extracts Malware Source and C&C Server

Comprehensive Analysis for Global Malware Pattern

Encrypted Communication

 SSL Encrypted Interface for Safe Central Control by Remote Integrated Manager

SSL Encrypted Communication Channel for Safe Control on SNIPER Client

Agent

 Detects/Treats Infected PC

Periodical Detection Policy Update

Automatic/Manual Malware Treat

Supports all Windows Series (32/64bit)

 

Advantages

Malware Analysis

Sandbox Based Malware Analysis and Source Extraction

Malware Analysis for Various File Forms like MS Office, Word Processor, Compressed File, etc

Preventions

Preventing Actions for Malware Source and C&C Server Block

Privacy Detection

Real-time Privacy Leakage Detection for Card Number, ID Number, etc

Privacy Leakage Response by URL / Mail / File Leakage Detection

Local/Global Information Integration

Integrated Malware Detection by Vaccine Signature and WSEC Malware Information

Strong Analysis Report

Provides Malware Behavior and Original Malware File (Detailed Result for Process Cloning, System File Modulation, etc)

Analysis Report for Privacy·Malware

Risk Level Detecting by Self Learning

Traffic Characteristic Analysis and Risk Level Judgement by Self Learning

Automatic Applying for Information Gathering and Signature for Commonly Used Applications

Information Gathering and Risk Level Sorting for Commonly Access Site and External Server

DCI (Deep Contents Inspection)

Signature Based Application Awareness by DCI (Deep Contents Inspection)

Aware the Application on the Session by Sorting the Packet by Session and Analyzing the Packet Payload

Latest Vulnerability Applying by Own CERT (WSEC)

Malicious IP Information, C&C Server Information Anonymizer Information and Latest Signature Auto Update

Manual Analysis for the Unsorted Packet via Self Learning

High Speed Packet Processing

Session Based Multi-Threading Packet Processing Engine for Real-time Packet Analysis without Traffic Delay

Minimize the Performance Decrease by Session Based Packet Sorting on NIC

Perfect Defense for Complicated APT Attack

 

Configuration

Line Up