Proactive Threat Detection With ePASS Analytics
Maddrix ePASS has defined a new genre of incident response and proactive threat identification solution that identifies targeted attacks and malware where they live – on the endpoints.
Our patent pending Endpoint Analytics Security System (ePASS) solution is soon to inspire a new genre in proactive threat identification solutions. Signatureless proactive threat detection is now a must-have capability for all government, critical infrastructure, and private sector organizations. ePASS is available to U.S. government clients with no licensing costs on contracts that we support as a prime or subcontractor, or support via a purchase order.
Assess Your Organization’s Ability To Proactively Identify Targeted Intrusions
If your organization is unable to quickly answer these simple questions, you are not currently in a position to proactively identify targeted network intrusions or malware. Typical 10k node network statistics.
10 million active processes
20 million active DLLs
2.5 million installed services
1.5-3.5 million active network connections
- How many encrypted network sockets were started by statically linked PE files launched from hidden command shells?
- How many statically linked binaries using the CUI subsystem were installed minutes or hours after they were compiled?
- How many processes are running from critical directories with non-standard RIDs?
- How many services have been modified to run malicious code? Are the 120k svchost.exe Service Dlls legitimate? How do you know?
- How many unauthorized services, run keys, and other areas of persistence are installed?
- How many processes are running from alternate data streams? Using a known hostile mutent?
- How many network connections have bypassed your HTTP proxy server?
- How many active and non-active binaries are using commonly re-used shell code or other malware components?
- Can you concurrently bulk search your endpoints for thousands of indicators of compromise provided by external organizations?
- Have additional “features” been added to critical operating system files?
If you are interested in learning more about Proactive Threat Detection With ePASS Analytics, you can contact us at 855-MADDRIX or email firstname.lastname@example.org and we’ll provide additional information and discuss your specific requirements.