Deep Instinct’s deep learning endpoint security solution provides full protection based on multiple layers, including a prediction & prevention first approach, followed by detection & response, against known and unknown cyber threats.
This is Prevention, Unlimited.
Uses deep learning, the most advanced AI technology. The Deep Static Analysis provides far greater accuracy than signature and heuristic solutions, and is more accurate than classical machine learning algorithms, which suffer from lower detection rates and higher false positives. The agnostic implementation of deep learning can be applied to any file type and it supports PE, OLE, OOXML (embedded macros for OLE & OOXML), PDF, RTF, Adobe Flash, JAR, Font, Image, and Archive files.
The endpoint solution predicts and prevents any malicious file upon the file’s initial access on the device, and can also perform a full file scan during the initial installation or on-demand.
An additional layer of protection based on file reputation, both for known malicious and benign files.
Blacklist files based on hashes, based on IoCs, and based on import IoC lists.
Behavioral analysis capabilities that can detect and stop malicious business logic of malware, including ransomware, remote code injection and known payloads.
The encryption techniques and the methods to perform read/write operations to encrypt files, are all known. This module covers them all, with a near 100% detection rate and an industry-low false positive rate. This has been confirmed with over tens of thousands of tests performed by the Deep Instinct research team.
Detects Remote Code Injection techniques used to move laterally between processes.
Detects the execution of known payloads during their execution. Protects against shellcodes for many tools, including MSFvenom, Shellter and Veil.
Deep Classification: Rapid classification of malware (known & unknown) in real-time, with no human involvement, into seven different malware types, using our unique deep learning malware classification module.
Attack Chain: Root Cause Analysis to describe the process chain that led to the event.
Advanced Threat Analysis: A set of tools that perform advanced analysis on threats found within the organization. This includes static analysis, sandboxing analysis, screenshots and network dump of the threats.
Quarantine files: Quarantine malicious files during their prevention.
Whitelist: Whitelist files detected falsely as malicious based on hash, certificate and/or path. The ability to import a list of IoCs based on hashes is also available.
Delete files remotely: Detected files that were not prevented and quarantined can be deleted remotely from the endpoint.
Terminate running process: Files that were detected as malicious and processes that were detected behaving maliciously can be terminated remotely.
Isolate device from network: Devices that pose a risk to the organization can be isolated remotely.
Endpoint protection software protects against any type of spyware, including banking trojans, keyloggers and credentials dumpers.
Fileless attack vectors are prevented, including script-based attacks, dual-use tools and code injection techniques.
Ransomware is mitigated using advanced endpoint protection, that includes both static and behavioral analysis.
File Based Malware
Executable and non-executable files are scanned to predict and prevent viruses, worms, backdoors, droppers, wipers, coin-miners, known shellcodes, PUA and more.