RevBits announces that it has successfully deployed its endpoint
security solution in a true air-gapped environment for a federal
government entity.
RevBits Endpoint Security (RB/EPS) is a fully featured, robust
next-generation endpoint security solution. Its detection and blocking
capabilities are based on a three-phased analysis engine that utilizes
traditional AV signature scanning, a sophisticated machine learning
model, and an advanced behavioral analysis protocol. The solution's
Phoenix module monitors for common exploit methods to provide additional
protection.
The solution's EDR module enhances endpoint security and threat
mitigation, offering the market the most feature-rich forensics and
control capability imaginable. Malicious endpoint investigations are
limitless, with a forensics selection menu of over seventy different
artifacts collected on schedule or demand and partial and full memory
dumps. US Patented technology in the EDR module offers Windows
kernel-level security technology that prevents unauthorized drivers from
loading onto the operating system. All endpoint processes, registries,
and file structures are accessible through a full GUI or a command line
function.
Simply put, the solution's EDR module is an endpoint administrative and forensics game-changer.
Government entity PoC requirements for an EPS solution in an Air Gapped Environment:
A recent government-based entity PoC required an EPS solution deployment
in a true air-gapped environment. The entity had a primary concern
centered around workstations and the air-gapped network's vulnerability
to malware introduction via USB devices. The requirement mandated that
complete solution functionality on air-gapped workstations and all
administrative needs be without internet connectivity. Additionally, the
entity required deep forensics capacity and artifact collection on
schedule or demand.
Defining Air Gap:
Techopedia: "An air gap is a security measure that isolates a digital device component or private local area network (LAN) from other devices and networks, including the public internet. An air gap is also known as an air wall, and the strategy of using air gaps to protect critical data is also known as security by isolation.
Air gaps are used to protect critical computer systems and the data they store from malware, keyloggers,
ransomware, and other types of unauthorized access. This strategy seeks
to ensure the total isolation of a given system electromagnetically,
electronically, and physically."
RevBits Endpoint Security - our Air Gap capability:
RB/EPS was deployed in an on-premises configuration for the government
PoC, with complete user control of all solution capabilities. Every
product feature on the protection and detection side and the EDR
forensics and mitigation side is entirely functional without internet
access. The user assumes a higher level of responsibility in terms of
administration, but this aspect is already in place for an actual
air-gapped environment.
All solution functionality can run without external dependencies, such
as offline licensing, forensic extraction, malware detection, and
blocking, USB control, scanning, and analysis.
RB/EPS and all other RevBits cybersecurity solutions are deployable in an on-premises, hybrid-cloud, or SaaS configuration.