Cyber attacks are increasing at an alarming rate and can expose mission critical data and inflict serious damage
As cyber security threats evolve and adapt to circumvent security countermeasures, the speed with which targeted and zero-day attacks are identified, isolated, and remediated has enormous impact on the health and continuity of businesses and governments. Targeted threats can lead to exposure of mission critical business data or customer sensitive data and inflict serious damage to corporate reputation. Non-adherence to data security standards and regulations can result in sanctions, fines and civil liability if a targeted attack is successful.
Stop targeted and zero-day attacks in seconds before widespread damage occurs
CounterStorm™ is an advanced network security solution specifically designed to stop zero-day, and targeted attacks in seconds. CounterStorm employs an integrated suite of sophisticated engines that are uniquely correlated to provide accuracy and speed in identifying and automatically stopping increasingly destructive cyber attacks and quarantining compromised machines, preventing wide-spread, costly damage. CounterStorm technology is based upon extensive research on the viability of machine learning as a potentially effective tool to protect computer networks from non-signature-based attacks, also referred to as zero-day attacks.
Signature-based detection tools only catch threats that have previously identified. It’s the developing threats that can be the most detrimental. Today, attackers are smart. To make their jobs easier, they engage polymorphism - changing a single byte in an existing threat to make it undetectable. That is why signature-based solutions today are only catching 47% of known threats. CounterStorm has successfully detected zero-day worms, botnets, and root kit hacking for Fortune 1000 companies, across multiple industries, including Media, Communications & Publishing, Law Enforcement, Financial Institutions, Healthcare, and Government.
Statistical and anomaly based behavioral analysis
You can protect against zero-day and targeted attacks by identifying anomalous behavior on the network. Using statistical- and anomaly-based behavioral analysis, you can detect zero-day attacks in near real time.
CounterStorm’s integrated suite of detection engines includes:
The Statistical Payload Analysis (SPA) detection engine builds models of normal network traffic content through deep packet inspection technology. SPA detects atypical data being transferred across the network finding botnets, data exfiltration, and other malicious activity where flow-, signature-, and standards-based solutions cannot.
CounterStorm’s Volumetric Anomaly detector finds clients or servers that are producing unusually high levels of network activity or are targeted victims. This detection engine identifies the characteristics of insider activities and actively exploited compromised systems.
The Rogue detection engine searches for botnets or exfiltration behavior by looking for clients communicating with servers that they do not normally access. Additionally, it can detect hosts that suddenly begin offering new services, such as a workstation that begins responding to DNS requests.
Real-time Detection and Quarantine
CounterStorm aggregates and validates all attack activity from multiple detection components in real-time providing instant, accurate, and actionable data without disrupting normal business functions. This eliminates radical remediation measures, lessens costs, and allows faster response.
Low False Positives
CounterStorm’s multi-engine solution, using advanced anomaly detections, ensures an unparalleled low rate of false positives. CounterStorm has sustained as high as 97% detection accuracy over a six-month period.
© 2011 Raytheon Trusted Computer Solutions 12950 Worldgate Drive, Suite 600 Herndon,VA 20170-6024