Automated Malware Analysis Central to Defense Strategies

"The most important security alerts we see."

That’s how one customer described the importance of Automated Malware Analysis technologies in their security workflow. After months of demonstrations, reference calls, and analysis we are thrilled that The Forrester Wave™: Automated Malware Analysis, Q2 2016 is live!

Many clients we talked to used multiple vendors to analyze malware in order to maximize analysis results.

The underlying mechanisms for automated malware analysis are fascinating for the technophile - combining content security, hypervisor-driven execution, behavioral analytics, and algorithmic API analysis. Incredibly sophisticated software engineering and statistical modeling adds another layer of intrigue. Mix those together with evasive adversaries attempting to bypass the technology and it's an intense discussion!

We used the importance of AMA solutions as the dominant element of detection and prevention in client environments to inform our assessment.

Here’s an overview of our approach:

Visibility is a cornerstone of detection and protection.

In order to detect it, you must see it in the first place.

Flexible deployment models are key to dynamic production environments.

If it is hardware or on premise only, then it only fits in environments that match the form factor.

Scalability avoids creating a problem as the environment grows.

Scalable infrastructure allows the business to orchestrate workloads based on need and priority, AMA solutions should offer the same capabilities to better align with technology needs.

Usability leading to better decisions is a key outcome.

Finding malware is important – but helping security teams understand if an attack tool is non-targeted ransomware or targeted to capture credentials is an important element in the efficacy of solutions.

We gauged deeply technical areas like anti-evasion capabilities, detection efficacy, and more.

Since you can obtain a Ph.D. in each of these areas – and many of the vendors that participated have dozens of them – we leaned toward more capability from a vendor leading to better results for a client.
Information-Management: http://bit.ly/1T2VWIr

 

« No Phone Is Safe from Hackers & Spies
Pentagon Wants to ‘Fingerprint’ The World’s Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ContentKeeper

ContentKeeper

ContentKeeper provides Web Threat Protection solutions to secure today’s Web 2.0 and mobile centric business environments.

INCIBE-CERT

INCIBE-CERT

INCIBE-CERT is the reference security incident response center for citizens and private law entities in Spain

Securitybulls

Securitybulls

Securitybulls is an information security firm offering an encyclopedic penetration testing & IT security assessment service for your organization.

Lumen Technologies

Lumen Technologies

Lumen is an enterprise technology platform that enables companies to capitalize on emerging applications and power the 4th Industrial Revolution (4IR).

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

CyberCyte

CyberCyte

CyberCyte provides a disruptive built-in integrated physical, network and perimeter security solution framework.

CyberNet Albania

CyberNet Albania

Cybernet Albania has been providing IT support and services to small businesses since 2016. We strive to eliminate your IT issues before they cause downtime and impact your operations.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

e5 Lab

e5 Lab

e5 Lab seeks to develop solutions to challenges faced by the shipping industry including digital transformation, autonomous technologies and big data in order to promote safe and efficient operations.

CUBE3 AI

CUBE3 AI

CUBE3.AI is a web3 security platform that provides real-time transaction protection for smart contracts, safeguarding against cyber exploits, fraud, and compliance risks.

One Step Secure IT

One Step Secure IT

One Step provide Managed IT Services, Cybersecurity Protections, and Compliance to businesses in the USA nationwide.

Identifid

Identifid

Identifid offers a suite of fraud prevention and identity authentication solutions to businesses and governments using the latest advances in AI, vision processing, and biometric recognition.