Deep Instinct is revolutionizing cybersecurity with its unique Deep learning Software – harnessing the power of deep learning architecture and yielding unprecedented prediction models, designed to face next generation cyber threats.

Advanced Endpoint Security

Deep Instinct’s advanced endpoint security software applies deep learning algorithms to endpoint protection, offering a multi-layer prediction and prevention first approach, followed by detection and response, against known and unknown cyber threats.

This is Prevention, Unlimited.

endpoint protection
PRE-EXECUTION:
PRE-EXECUTION: Predict & Prevent
ON-EXECUTION:
ON-EXECUTION: Detect & Automatically Respond
POST-EXECUTION:
POST-EXECUTION: Automatically Analyze & Remediate
PRE-EXECUTION:
PRE-EXECUTION: Predict & Prevent

Deep Static Analysis

Uses deep learning, the most advanced AI technology. The Deep Static Analysis provides far greater accuracy than next-gen cyber security signature and heuristic solutions, and is more accurate than classical machine learning algorithms, which suffer from lower detection rates and higher false positives. The agnostic implementation of deep learning can be applied to over 100 file types, including executable files (PE, Mach-O), Office (OLE, OOXML, macro), PDF, RTF, Flash, JAR, images, fonts, archive files (ZIP, RAR, 7z, etc.) and others.

The endpoint platform predicts and prevents any malicious file upon the file’s initial access on the device, and can also perform a full file scan during the initial installation or on-demand.

Deep Static Analysis

D-Cloud File Reputation

An additional layer of system endpoint protection is provided based on file reputation, both for known malicious and benign files.

file reputation

Script Control

A compliance and policy infrastructure to eliminate the script-based attack surface, this includes PowerShell, JavaScript, VBScript, Macros, HTML applications HTA files & rundll32.

script control

Blacklist

The next-gen endpoint protection enables blacklisting files based on hashes and based on import IoC lists.

blacklist
ON-EXECUTION:
ON-EXECUTION: Detect & Automatically Respond

Deep Behavioral Analysis

Behavioral analysis capabilities that can provide endpoint detection and response to the malicious business logic of malware.

Anti-Ransomware: The encryption techniques and the methods to perform read/write operations to encrypt files, are all known. This module covers them all, with a near 100% detection rate and an industry-low false positive rate. This has been confirmed with over tens of thousands of tests performed by the Deep Instinct research team.

Remote Code Injection: Detects Remote Code Injection techniques used to move laterally between processes.

Known Shellcodes: Detects the execution of known payloads during their execution. Protects against shellcodes for many tools, including MSFvenom, Shellter and Veil.

Behavioral analysis

Automatic Hunting

Detect and Remediate Active Adversaries on the endpoint.

Adversaries on the endpoint.
POST-EXECUTION:
POST-EXECUTION: Automatically Analyze & Remediate

Automatic Analysis

Deep Classification: Rapid classification of malware (known & unknown) in real-time, with no human involvement, into seven different malware types, using our unique deep learning malware classification module.

Attack Chain: Root Cause Analysis to describe the process chain that led to the event.

Advanced Threat Analysis: A set of tools that perform advanced analysis on threats found within the organization. This includes static analysis, sandboxing analysis, screenshots and network dump of the threats.

Malware classification

Remediation

Whitelist & Restore : Provides the ability to whitelist files detected falsely as malicious based on hash, certificate and/or path. The ability to import a list of IoCs based on hashes is also available. Hashes that are added will be restored.

Delete files remotely: Detected files that were not prevented and quarantined can be deleted remotely from the endpoint.

Terminate the running process: Files that were detected as malicious and processes that were detected behaving maliciously can be terminated remotely.

Isolate device from the network: Devices that pose a risk to the organization can be isolated remotely.

endpoint remediation

Attack Vectors Covered

Spyware

Spyware

Endpoint protection software protects against any type of spyware, including banking trojans, keyloggers and credentials dumpers.

Fileless malware

Fileless Malware

Using this antivirus endpoint protection fileless attack vectors are prevented, including script-based attacks, dual-use tools and code injection techniques.

Ransomware

Ransomware

Ransomware is mitigated using advanced antivirus protection, that includes both static and behavioral analysis.

File based malware

File Based Malware

Executable and non-executable files are scanned to predict and prevent viruses, worms, backdoors, droppers, wipers, coin-miners, known shellcodes, PUA and more.

Learn more about Deep Instinct's
Advanced Endpoint Security Software
Windows OS Datasheet
Mac OS Datasheet
Chrome OS Datasheet

Learn a bit more. watch the demo

Advanced Endpoint Security Software FAQ
Q

Can I uninstall the endpoint security software remotely using the management console?

A

Yes, you can remotely uninstall the endpoint protection from the deployment screen in the management console. It can also be uninstalled locally from the device, however to uninstall endpoint protection agent locally, the administrator must use the uninstall password.

Q

Can the endpoint security software be installed without the user interface visible?

A

Yes, you can configure the policy from the management console not to display the user interface, which can later be displayed without reinstalling the endpoint protection agent.

Q

Does Deep Instinct use static or dynamic analysis?

A

Currently, Deep Instinct uses static analysis at the endpoint. Deep Instinct is currently developing the option to also perform a dynamic analysis in its endpoint security. In addition, every malicious file detected or prevented is uploaded to the D-Appliance (optional, as defined in the policy) in order to run additional static and dynamic analyses to provide additional forensic information.

Q

Can I run D-Client with my current endpoint security software solution?

A

Yes, Deep Instinct’s solution is designed to protect all endpoints in any environment. It is our aim to deploy our solution in augmentation to any software solution implemented in the customers’ environments. We believe that within a few months, once you see Deep Instinct’s capabilities, especially the detection and prevention of malicious activities that are not detected by your current antivirus solution, you will conclude that your current anti-virus endpoint solution is unnecessary.

Q

Can Deep Instinct’s advanced endpoint security software replace my existing anti-virus software?

 

A

Although Deep Instinct has been designed to work in parallel with existing products, Deep Instinct can replace many endpoint security platforms, including anti-virus, anti-malware, endpoint protection, and sandboxing solutions.

If the existing anti-virus includes other security features that you still want to keep, such as personal firewall, disk encryption, or application whitelisting, Deep Instinct may not address these features. However, you can find these features built into the operating system, such as Windows Firewall, BitLocker and AppControl, respectively.

Q

What type of mitigation actions can be performed after detecting malware?

A

For Windows & macOS endpoint security, Deep Instinct can prevent file execution, quarantine the file, kill malicious processes and isolate the network of the device.

For Android endpoint protection, Deep Instinct can kill the process associated with a malicious app and then send a notification to instruct the user to uninstall the app.

Generally, in cases of prevention events, no action is required as endpoint client has prevented the threat for you.

In case of a detection event, you may want to remove and quarantine the malware remotely, remediate the threat by using the kill process (in case it’s running) and isolate the machine from the network until further cleaning.

Q

Does Deep Instinct support grouping of endpoint devices for policy updates?

 

A

Yes, Deep Instinct supports user-defined device groups, which can be automatically populated by rules (such as Device Name, OUs within your domain, IP range, OS version) and/or by manually selecting devices. The policy for the Device Group can then be updated as a single task.

Q

Does each device need to be upgraded individually for advanced endpoint security?

 

A

No, our endpoint protection software includes an automatic upgrading system for Windows and macOS that is controlled by the policy configuration. Not only are individual upgrades not necessary, but upgrades can also be performed in stages.

Android devices can be updated using Google Play’s update mechanism.