ECAT

Hbgary Active Defense

Hbgary Responder Pro

Hbgary Digital DNA

Hbgary REcon

Active Defense

The first next-generation enterprise threat detection software solution to detect – within seconds advanced, unknown malware and exploitation tools without signatures or prior knowledge of the threat on disk or in all physical areas of memory.

Until today, HBGary’s Digital DNA™ patent-pending core technology, which detects malicious code by looking at software behavior, not checksums or signatures, was only available to enterprises as part of McAfee’s ePO™ solution. Now, Active Defense, with its breakthrough, powerful reporting and search capabilities, can deliver Digital DNA™ to any enterprise.

To better protect confidential data in today’s everchanging cybercrime landscape, organizations need faster, more accurate information about the advanced threat including its origin, operator and author. Leveraging HBGary’s patent pending, core technology Digital DNA™, Active Defense can scan thousands of end-nodes concurrently and provide critical threat intelligence such as:

  • The type of exploit tools used in the attack
  • Information on how the attacker moved laterally within the network
  • Credentials that have been compromised and potentially even what data has already been stolen

Armed with advanced enterprise threat intelligence provided by Active Defense, organizations can quickly gather critical evidence to contain the threat, locate compromised machines, and assess damage. For example, one can use its IDS to detect additional infected machines, data exfiltration can be blocked at the egress firewall, and malware can be cut off from Command and Control servers.

Active Defense Advantages

Active Defense was designed to make your existing security team smarter and your current infrastructure more effective. Its benefits include:

Advanced Searching

Scan enterprise-wide for indicators of compromise within physical memory, physical NTFS drive volumes and from live operating system and registry.

Performance

  • Can scan thousands of end-nodes concurrently with minimal impact on network
  • Scans for registry keys or a known file in seconds
  • Scans of raw physical disk, thousands of patterns at once, 250GB per hour (4GB per minute sustained)

Highly Accurate Threat Intelligence

Critical evidence can be extracted from the end node, revealing what tools were used, how the attacker moved laterally in the network, and what credentials have been compromised

Easy-to-use

Active Defense’s state-of-the-art analysis correlation engine provides reporting that can be easily used by your average IT team member. Your team doesn’t have to be expert at reverse engineering or incident response to get results