Dietzenbach, 13.02.2024 – Nextron Systems, a leading provider of innovative IT security solutions, continues its pioneering mission to combat and detect cybercrime at an early stage. As an emerging industry thought leader, Nextron is taking decisive action to protect organizations worldwide from the growing threats in the digital world.

According to industry association Bitkom, nine out of ten companies have experienced some kind of cyberattack in the past twelve months. Although increasingly overshadowed by state-sponsored espionage, ransomware still poses the greatest threat. Although the number of ransom payments here has fallen significantly, which is partly due to companies taking more precautionary measures, the average ransom paid in 2023 was still twice as high as in the previous year at around 1.54 million US dollars.

The threat of cyber attacks therefore remains omnipresent. However, conventional security tools repeatedly fail to detect them at an early stage, which is crucial for successfully fending off ransomware attacks. If attackers have been able to spread for days or even weeks after an undetected intrusion into a system environment, infiltrate more and more systems, set up new backdoors against sustainable removal, identify worthwhile targets in the network and set up channels for the transfer of large amounts of data, it becomes increasingly difficult to counter the attack and the costs for damage analysis and recovery of all affected systems increase disproportionately with the duration and depth of an attack.

Protection against hackers is primarily the responsibility of the company management

Given the significant challenges posed by cyber threats, it is crucial to be alerted as early as possible, ideally at the very onset of a potential attack. While only a limited number of tools possess the capability to offer such timely warnings, even fewer are equipped with the advanced technology necessary to identify the latest threats effectively. Among these, Nextron’s APT Scanner THOR stands out by employing a comprehensive set of generic rules designed to detect unknown threats. This innovative approach enables it to uncover even the most sophisticated attacks early on, thereby significantly reducing the associated risks and potential damages.

Compromise assessments and threat detection with innovative solutions such as those offered by Nextron are therefore not only essential for IT security managers, but also for company management in particular. As early warning systems, they enable companies to detect hacker attacks and initiate countermeasures before data is stolen, systems are encrypted or reputations are damaged, which can lead to significant destruction of company value.

Nextron – from hidden champion to thought leader in cybersecurity

Nextron’s THOR scanner is designed to complement traditional AV software and EDR agents by focusing on the subtle traces that Advanced Persistent Threats (APTs) leave behind, which other systems might miss. THOR aims to bridge the security gaps by detecting the remnants of sophisticated cyber attacks. This capability is critical because it enhances an organization’s ability to identify and respond to APTs that evade conventional detection. Additionally, when an EDR agent generates an alert, THOR can be utilized to verify the alert’s validity and assess the scope of the active threat, thereby offering a nuanced approach to cybersecurity.

The THOR Scanner, compatible with Windows, Linux, macOS, and AIX, employs a vast array of approximately 30,000 open-source YARA and 2,000 Sigma detection rules and signatures. This comprehensive set enables THOR to identify even the most subtle anomalies with high reliability. Nextron CTO Florian Roth notes that while THOR was initially designed to meticulously analyze indicators of compromise (IoCs) across various end devices within company networks, its capabilities have significantly evolved. Nowadays, this extensive set of detection rules provides much broader detection coverage than the IoC-based approach of the early days, ensuring a more robust and comprehensive security posture across diverse IT environments.

Reflecting on the state of digital forensics in 2012, Roth highlights the limited capabilities for automated analysis prior to the advent of THOR. While forensic tools available at the time did offer some assistance in organising investigations—such as creating timelines to focus searches within specific time frames on suspicious filenames and registry keys—the process was notably inefficient. Analysing a single disk image could consume several hours, significantly slowing down the pace of an investigation. This inefficiency underscored the pressing need for more sophisticated solutions like THOR, which would later transform the landscape of forensic analysis by enhancing speed, coverage, and the ability to detect nuanced anomalies.

 “To improve our forensic analysis tools, we had to develop new rule formats that allowed us to turn a detection idea into a rule that could be automatically applied in scanners or monitoring systems and shared with others as easily as a list of IoCs,” says Roth. And they have succeeded. In just a few years, Nextron Systems has positioned itself as a leading provider of Automated and Continuous Compromise Assessment software, driving the mission to effectively protect organizations of all industries and sizes from threats that other security solutions overlook.

Bad guys don’t stand a chance – We detect hackers

“We founded Nextron to constantly create new and advanced innovations in the field of early detection technology. Our goal is to set new standards and develop tools that extend the capabilities of traditional detection software, with a focus on early identification of previously unknown threats. My drive is to ensure that the bad guys don’t succeed with what they do.”

Fundamental parts of the product family are the ASGARD Management Center, which orchestrates the individual scans and makes them scalable millions of times over, and the ASGARD Analysis Cockpit, in which the scan results (events) converge centrally. The products are available both on-premises and as cloud solutions. Nextron also offers its Compromise Assessment as a managed service and provides recommendations in the area of incident response, giving B2B customers the best possible protection.

For more information about Nextron Systems and the leading technologies to combat cybercrime, please visit the official website: https://www.nextron-systems.com