Proactive Threat Detection With ePASS Analytics

Maddrix ePASS has defined a new genre of incident response and proactive threat identification solution that identifies targeted attacks and malware where they live – on the endpoints.

Our patent pending Endpoint Analytics Security System (ePASS) solution is soon to inspire a new genre in proactive threat identification solutions. Signatureless proactive threat detection is now a must-have capability for all government, critical infrastructure, and private sector organizations. ePASS is available to U.S. government clients with no licensing costs on contracts that we support as a prime or subcontractor, or support via a purchase order.

Assess Your Organization’s Ability To Proactively Identify Targeted Intrusions
If your organization is unable to quickly answer these simple questions, you are not currently in a position to proactively identify targeted network intrusions or malware. Typical 10k node network statistics.

    10 million active processes
    20 million active DLLs
    2.5 million installed services
    1.5-3.5 million active network connections
  1. How many encrypted network sockets were started by statically linked PE files launched from hidden command shells?
  2. How many statically linked binaries using the CUI subsystem were installed minutes or hours after they were compiled?
  3. How many processes are running from critical directories with non-standard RIDs?
  4. How many services have been modified to run malicious code? Are the 120k svchost.exe Service Dlls legitimate? How do you know?
  5. How many unauthorized services, run keys, and other areas of persistence are installed?
  6. How many processes are running from alternate data streams? Using a known hostile mutent?
  7. How many network connections have bypassed your HTTP proxy server?
  8. How many active and non-active binaries are using commonly re-used shell code or other malware components?
  9. Can you concurrently bulk search your endpoints for thousands of indicators of compromise provided by external organizations?
  10. Have additional “features” been added to critical operating system files?

Additional Information

If you are interested in learning more about Proactive Threat Detection With ePASS Analytics, you can contact us at 855-MADDRIX or email and we’ll provide additional information and discuss your specific requirements.