Virtualization Technology News and Information
Article
RSS
BluVector Debuts Security Industry First in Fileless Malware Detection

Today BluVector, a leader in reinventing network intrusion detection, is now the first and only security vendor to offer fileless malware detection in real time on the network. The proclamation comes as 2017 has seen a significant spike in "invisible" or "memory-based" cyber attacks on enterprises. This type of malware hides in the memory of a compromised machine and infects without leaving a trace on the machine's file system, thus sidestepping traditional security and forensic tools.

BluVector's new fileless malware detection capability, featured in the company's new BluVector 3.0 release, is delivered by an advanced analytic called the Speculative Code Execution (SCE) engine. It is capable of emulating how code will behave when executed in memory, and flagging behaviors that are indicative of application vulnerability exploitation or shellcode misuse. Recent examples of threats that used such vectors of attack include Petya, NonPetya and WannaCry.

"Despite substantial investment in numerous security products, enterprises continue to be the victim of malware attacks and data breaches," said Scott Crawford, research director for Information Security with 451 Research. "Fileless malware is an emerging tactic that attackers are increasingly adding to their repertoire to evade malware defenses. As evasive, fileless malware is extremely difficult to detect, security teams cannot rely on outdated tools. New solutions, such as BluVector's 3.0, gives enterprise security teams a way to outsmart these more stealthy threats and significantly mitigate potential damage from a cyber attack."

SCE runs in parallel with BluVector's patented machine learning engine, which was trained and designed to detect file-based attacks, giving BluVector customers a complete suite to detect file-based, full fileless, and fileless attacks that become file-based further down the kill chain.

"Tackling the threat of fileless malware attacks can be daunting for even the most sophisticated organizations," said Kris Lovejoy, CEO, BluVector. "While there are new endpoint technologies available which can help mitigate some of the risks, any security practitioner will tell you they simply can't cover every network device, application, and mobile/IoT device. Our customers have been asking for fast, easy, and cost-effective ways to protect themselves against this vector of attack. We are proud to be the first to offer a solution."

Available today, BluVector 3.0 addresses the growing threat of fileless in mid-sized and large organizations. In addition to fileless malware detection, BluVector 3.0 features include:

  • Virtual Appliance for ESXi: A software-only virtual appliance that customers can run on their VMware ESXiTM-equipped hardware. By providing physical and virtual appliance options, BluVector enables a wider range of organizations to optimize their north-south and east-west security defenses while right-sizing their security investments.
  • Centralized Management: BluVector Central Manager enables Managed Service Providers and larger enterprises to manage, view data and configure an unlimited number of deployments from a single pane of glass.
  • Intelligent Decision Support System Enhancements: Targeted Logger allows analysts to dig deeper into security events by delivering highlighted network log entries, which have been pre-correlated to the events prioritized for analysis.

See how BluVector detects fileless malware threats in this video:

Published Tuesday, November 07, 2017 2:32 PM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2017>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789