
SNIPER APTX is the APT attack response solution that accurately detects and blocks the APT attack, which attempts the abnormal access, by session based network traffic analysis.
It guarantees the trust and stability for internal network resources by preventing the APT attack in advance, which detours the existing security solutions such as IPS, Anti-Virus, or Vaccine based Botnet PC Solutions, through the precisely distinction and blocking the abnormal behavior of the user who was infected by APT attack.
Overview
SNIPER APTX is the APT attack response solution that accurately detects and blocks the APT attack, which attempts the abnormal access, by session based network traffic analysis. For the previous APT solutions, reversed detection was difficult for unknown attacks or sandbox bypassing malware. However, SNIPER APTX provides rapid reversed connection detection/block with the “Reversed Connection Detection Technology by Analyzing the Delay Time between Zombie PC and C&C Server”. Moreover, the CVM of SNIPER APTX detects the malware not by signature basis but the behavior basis, so it provides accurate response for reversed connection and malware by collecting and saving the unknown malware and the malware which couldn’t be detected by the Zero-day Vulnerability and previous vaccine. Therefore, the user can prevent the APT attack which bypasses the previous security systems like IPS, Anti-Virus, and Vaccine Based Zombie PC Response System with SNIPER APTX, which accurately analyzes the abnormal user’s behavior.
Key Features
APTX (Detection) |
Real-time User Download File Extraction (URL, Mail, FTP, etc.) Detects Personal Information Leakage and Infected User Connection Collects and Analyzes User Session Interworking with SNIPER IPS Site Reliability Analysis Site Risk Level Analysis through Learning Blocks Malware Source and C&C Server |
---|---|
Manager (Optional) |
Various Statistics and Search Functions Monitoring and Policy Setting Treat Module and Monitoring User PC Malware Treat and Restore Malware Statistical Analysis Report |
CVM (Analysis) |
Malware Behavior Based Analysis (Sandbox) Analyzes MS Office, Word Processor, Compressed File, etc. Extracts Malware Source and C&C Server Comprehensive Analysis for Global Malware Pattern |
Encrypted Communication |
SSL Encrypted Interface for Safe Central Control by Remote Integrated Manager SSL Encrypted Communication Channel for Safe Control on SNIPER Client |
Agent |
Detects/Treats Infected PC Periodical Detection Policy Update Automatic/Manual Malware Treat Supports all Windows Series (32/64bit) |
Advantages
Malware Analysis
Sandbox Based Malware Analysis and Source Extraction
Malware Analysis for Various File Forms like MS Office, Word Processor, Compressed File, etc
Preventions
Preventing Actions for Malware Source and C&C Server Block
Privacy Detection
Real-time Privacy Leakage Detection for Card Number, ID Number, etc
Privacy Leakage Response by URL / Mail / File Leakage Detection
Local/Global Information Integration
Integrated Malware Detection by Vaccine Signature and WSEC Malware Information
Strong Analysis Report
Provides Malware Behavior and Original Malware File (Detailed Result for Process Cloning, System File Modulation, etc)
Analysis Report for Privacy·Malware
Risk Level Detecting by Self Learning
Traffic Characteristic Analysis and Risk Level Judgement by Self Learning
Automatic Applying for Information Gathering and Signature for Commonly Used Applications
Information Gathering and Risk Level Sorting for Commonly Access Site and External Server
DCI (Deep Contents Inspection)
Signature Based Application Awareness by DCI (Deep Contents Inspection)
Aware the Application on the Session by Sorting the Packet by Session and Analyzing the Packet Payload
Latest Vulnerability Applying by Own CERT (WSEC)
Malicious IP Information, C&C Server Information Anonymizer Information and Latest Signature Auto Update
Manual Analysis for the Unsorted Packet via Self Learning
High Speed Packet Processing
Session Based Multi-Threading Packet Processing Engine for Real-time Packet Analysis without Traffic Delay
Minimize the Performance Decrease by Session Based Packet Sorting on NIC
Perfect Defense for Complicated APT Attack
Configuration
Line Up