The Internet is under Attack

Hackers are Working Together

What we once referred to as “Gangs” of cyber criminals are now better described as “Organisations”; Operating in a professional manner, taking feedback from clients, offering a range of services and even collaborating with other “Organisations” in order to achieve a higher goal.

  • Global ransomware costs are predicted to exceed $5 billion in 2017.
  • Higher Education accounts for 17% of all Data Breaches.
  • UK Government Breached Personal Data Security 9,000 Times in a year.
  • 42% of larger firms had been the victim of a cyber attack.

Anti-Virus Isn't an effective defence

Prevalent Anti-Virus solutions work in a REACTIVE manner, by searching files for KNOWN or suspicious code that may or may not be malicious. This is usually performed once new files are downloaded to the computer’s hard drive.

This is a flawed approach. In order for a piece of code to be KNOWN to anti-virus vendors, someone must first report the malicious code (The Malware). Invariably this individual or organisation has to fall victim in order to Identify it!

The entire methodology revolves around failure first. A lucky dip to see who gets hit and who’s saved?

This also means that every new (functioning) piece of malware gets somebody, somewhere. Potentially Millions of people effected before the anti-virus vendors catch up and release a patch containing the information needed to spot and remove the code.

Criminal “companies” now operate together, employing similar tactics as legitimate industries: selling packaged tools and platforms to their customers; providing malware-as-a-service; demonstrating innovation, usability and professional excellence; and offering outsourced capabilities with training and technical support.
For any legitimate businesses still thinking cybercrime doesn’t have industrial strength behind it, they will likely find themselves the next target. Which make this assessment more than just a wake up call.

A different Approach is needed.

A Hard Disk Firewall

Sitting within the kernel (The Core of the operating system), Abatis manages all access to the I/O Channel This channel, which is physical wiring on the main board and is the ONLY access to the storage devices such as hard drives, USB sticks etc. It's the Gateway to ALL computer data.

Abatis HDF methodology is simple, applications that are approved will run as usual. It embeds itself within the Windows Kernel enforcing security in the I/O Channel. Anything new in terms of program that is NOT recognised will be instantly stopped.

Put simply it’s a NO first system. By default all software is blocked!

There is a policy file that contains a list of allowed applications and their allowed functions(this is a simplified statement). Abatis parses this file and compares its contents to the code that is trying to run. Only if there is a match will it be given access to the I/O Channel and thus the hard drive / storage device it is trying to write to.

This is NOT White Listing…

Unlike traditional white-list systems Abatis HDF doesn’t allow malware that is masquerading as or embedded within approved applications!

Abatis HDF:

  • Stops 100% of Malware
  • Total Data Security
  • Zero-Day Safe
  • Flash Drives Secure
  • Works on Legacy Products
  • Rules Based Defence
  • Reduced Maintenance
  • Easy to Implement
  • Centrally Managed
  • Increased Performance

The Security Policy

By using the File name, File Path and Process Abatis HDF can easily differentiate between policy allowed applications and disallowed applications.

No new unauthorised programs are allowed including Angry Birds… which isn’t malicious in of itself, but may be undesired for other reasons.

Abatis HDF’s methodology, simply stopping everything that is undesired, including the manipulation of system processes, grants the highest level of security against attack. No other security product operates in this way.

Abatis HDF Protection

Worms

Trojans

Viruses

Ransomware

Polymorphic Malware

Botnet C&C

Zero Day Attacks

APTs

Additional Benefits

Logging

Abatis HDF doesn't just shut the gate and keep you safe, it keeps a log of all alowed and disallowed applications. Providing a complete global vision of the estate.

An extremely important part of Abatis HDF are its logs, which include NO False Positives. With the Upcoming GDPR the ability to report accurately on a breach within 72 hours is becoming a legal requirement.

Other security products are forced to rely on other methods such as Virus-Total to determine whether a breach has occurred, as their logs produce false positives. This can result in private company data becoming public domain as ALL data given to Virus-Total becomes public due to their terms and conditions.

CMC

The Abatis HDF Central Management Console allows for enterprise level estate management. Applying or changing policies with a single click for individual computers or groups.

  • Retrieve and analyse HDF logs
  • Define policy updates to HDF individually, in groups or globally depending on architectural requirement
  • Web based application
  • SIEM-like dashboard
  • Simple, clean and easy to use
  • SQL database back end allows sophisticated query, analysis and abstraction into higher level tools like Arcsight
  • CMC can be used to search for identified ‘rogue’ files such as blocked APT updates
  • Experience shows ‘clean-up’ of an infection can be reduced from 3 days to 2 hours (90% improvement)

Performance

Anti-Viruses are slow cumbersome pieces of bloatware, we’ve all been plagued by the ill-timed full system scan slowing us down. The load that can be put on large network servers performing these types of scans can be huge, especially as over 300,000 malware variants are written every day; lengthening the anti-virus policy files to such a level that they often have older malware signatures redacted off the bottom, or go to the cloud to analyse potential threats – sending potentially infected files (Company Information) to be tested – these often end up on virus-total and therefore become public domain.

By contrast Abatis HDF performs no scans, is less than 100kb, runs in real time with no delay and requires absolutely no updates or signatures. Nothing is sent anywhere and all company Data remains private and secure.

With Abatis HDF installed, staff computers can be configured to only allow work relevant applications and processes. Enforcing compliance, as staff will no longer be able to install and use unwanted software.

Watch Abatis HDF in Action

Abatis HDF -vs- ADS Attack
Alternate Data Stream

Abatis HDF -vs- Ransomware
Cryptolocker

Start Protecting your Data with Abatis HDF

Arrange a Free, No Obligation, Consultation: