Veramine Advanced Endpoint Security, for SOC, MSSP and IT managers, can be On-premise or Cloud-based, and have handled several real-world cyber attacks, for important and big organizations in US and Asia, consists of the following:
– Veramine Endpoint Detection and Response (VEDR)
– Veramine Dynamic Deception System (VDDS)
– Veramine Insider Threat Prevention (VITP)
EFFICIENT, INTELLIGENT ENDPOINT COLLECTION
The strength of an endpoint product depends on the scope and integrity of its visibility into endpoint behavior. The Veramine sensor leverages user and kernel mode components to safely and reliably gather and pre-process security-relevant system events. It relies on techniques that minimize negative impact on system stability and limit the probability of other security products reporting false positives related to Veramine sensor.
The strength of the rule-based detection algorithms is continually increasing. Veramine aims to have the industry’s widest coverage of Mitre’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) matrix. You can see the current coverage of the ATT&CK matrix on the Veramine Detections wiki at https://github.com/veramine/Detections/wiki.
ACCELERATE INTRUSION RESPONSE
The Veramine platform provides control and response features to enable rapid, effective incident response from a central console. Analysts can send response actions to the Veramine sensor to interact with binaries and hosts as follows:
• Prevent a binary from being loaded by any process.
• After a binary has been loaded, prevent the loading process from making outbound network connections.
• Shutdown, Restart, or Hibernate the machine.
• Prevent the host from making outbound network connections to destinations other than the server.
• Uninstall the sensor.
KEY CUSTOMER BENEFITS:
• Gain complete visibility into all of your endpoints, regardless of whether they are currently on or off your network.
• Continuously monitor endpoints and receive prioritized alerts of anomalous behavior and attacks in real-time.
• Quickly install on any Windows host by simply executing the install binary, no configuration necessary on each host.
• Maintain local control of all collected data in your own data center (on prem), or store in Veramine’s Cloud (Azure).
• Efficiently store collected information long-term (effectively forever) to allow easy reference and replay in the future.
• Stores a copy of every binary ever loaded on any endpoint by any process.
• Search through memory of every running process using Yara expressions.
• One click access to individual process memory snapshot or full system dump.
• Respond to attacks by isolating an individual process or system from the network, disconnecting a user, or preventing a file from being loaded.
• Reduce cost of IR and forensics by collecting all security-relevant host information preemptively.
• Using Centralized Technologies for Security Analysis and Processing.
• Providing Closed UI/UX for Investigating Attacks, with an iterated process: Detection – Investigation – Response.
Veramine Dynamic Deception System (VDDS)
Dynamic Deception System (VDDS), a Platform of Traps, such as Deceptive services, processes, mutexes, credentials, network listeners, data shares…, as Active Defense to Detect and Prevent attacks
Veramine Insider Threat Prevention (VITP)
Insider Threat Prevention (VITP), combining Advanced Controls of Users, Data and Devices, such as Key loggers, Screenshots, USB Tracking and Permissions, Digital Forensics using Velociraptor…
