State of the Art Technology

Seculert is a pure cloud-based platform that combines several core technologies in order to study, profile, detect and block malware. Since advanced malware is persistent, networked, and constantly evolving, a new approach is needed in order to stop it.

Developed by experienced security and analytics experts, the Seculert Platform takes proven techniques to the next level by leveraging the power of the cloud. Let’s take a brief look at each of the core technologies. For a more in-depth explanation, download the white paper.

Synergy in the Cloud

Seculert fully leverages the power of the cloud to keep up with the constantly-changing threat landscape and provides enterprises with a cost-effective solution for detecting, stopping and protecting against advanced malware attacks throughout the organization. In one powerful yet simple platform, Seculert combines key detection and protection technologies that work together in synergy to stop malware in its tracks.

Cloud Diagram

Traffic Log Analysis

Since advanced threats are persistent, traffic log analysis is another effective way to detect them – but it is necessary to analyze a large amount of traffic, collected over a significant period of time. Using Big Data analytics and advanced machine learning algorithms, Seculert automatically analyzes traffic logs and identifies malware attacks – even malware that was previously unknown to any authority. The information from the Sandbox and Botnet Interception provides unique statistical “learning sets” that make Seculert’s log analysis extremely powerful, and the elastic nature of the cloud means that there is always enough processing power and storage space to analyze logs as far back as required.

Learn More

 

Elastic Sandbox

The Seculert Sandbox is an elastic cloud environment for studying and profiling malware. We run suspicious code and analyze its behavior over an extended period of time. This is critical to understanding advanced malware, which is designed to persist for as long as possible, and has the ability to evolve in order to avoid detection. When we identify the command and control servers, we start using Botnet Interception to identify infected users. At the same time, we use Big Data analytics to create a malware profile that is used for Traffic Log Analysis.

Learn More

 

Botnet Interception

A botnet is a network of malware-infected devices that is controlled by a series of command and control (C&C) servers. Simple botnet monitoring services provide a list of known C&C servers, so you can block them. Seculert goes one step further and actually identifies the endpoints that are infected. As soon as we identify a botnet, we infect our own machines and join the network.

Using methods such as Sinkholing and other proprietary techniques, we capture all of the traffic to and from the C&C servers and gradually identify every single user that is infected. We provide that information directly to you via a web dashboard, and to your firewalls and proxies through the Seculert API for immediate threat protection.

Learn More

 

Protection API

The Seculert Protection API transforms your existing perimeter security into a cloud-based automated breach detection platform. Based in the cloud, Seculert allows your proxies, firewalls and SIEM solutions to pull information about the command and control servers that must be blocked, the users and devices that have been compromised, as well as deep dive forensics information. The RESTful API is a simple web service interface that provides data in XML or CSV format. With Seculert, you can identify, block, and remediate advanced threats without replacing any of your on-premises traditional security infrastructure.

Learn More

White Papers

white paperDownload this white paper for in depth information on Seculert's technology.
> Download

white paper6 key factors to consider when choosing a solution to protect your network
> Download

© 2014 Seculert All Rights Reserved Privacy Policy Terms of Service