The growing concern surrounding zero day and targeted attacks has warranted Metadigm’s attention.
There is a growing need for a technology that can detect and defend against these specialised threats. Metadigm has sought out a technology to best fufill this requirement and found Damballa to be the best fit; Damballa has proven to be the most functional and technologically advanced malware detection solution in the market today.
Dambala offers an intuative detection solution to shield against advanced malware, botnet breaches, targeted attacks and persistantnt threats. Damballa have demonstrated that they have a sophisticated and matchless approach in identifying the command-and-control framework used by hackers and data theives to extract data from malware infected devices and desktops. The signatureless solutions improve security both inside and outside the network perimeter and stop threats other technologies miss. Damballa identifies the severity and intent of these attacks even when the malware evades detection.
Damballa products and services provide a critical window for orderly remediation and integrate easily into existing infrastructure without requiring additional headcount or complexity.
Metadigm and Damballa
Damballa Failsafe uses a system of out-of-band sensors to monitor communications including firewall traffic, DNS queries, and HTTP requests. It looks for behaviors and unique indicators of suspicious files and C&C communication and correlates this information to identify the presence of malware and pinpoint infected devices.
Multiple deep packet inspection engines in Damballa Failsafe sensors detect threats utilizing:
- Automated Malware Analysis – detecting and capturing suspicious executables and PDFs, identifying if they are malicious, and analyzing them at Damballa Labs in real-time to proﬁle their C&C communication behavior and provide host forensic details.
- Behavioral Analysis – tracking the behavior of the asset’s communications – identifying if certain communications seem automated or act more like a human. Profiling Communications – analyzing network traffic to determine if the destination is suspicious, known to be C&C, has a low reputation, or is generally shady.
For more information or to sign up for a FREE demo of these products, please Click Here.