Integrated Management Solution in Connection with the APT Solution
ZombieZERO Inspector C
ZombieZEROInspector C performs control and management based on integrated analysis results from N/E/F and EDR products.
Based on the analysis results from the APT solution, the integrated management solution performs an association analysis and policy management to maximize convenience for the administrator.
Shares log information and management policies using SSL communication
·
Shares analysis results and patterns using the pattern management and communication policy
Association Analysis
·
Analyzes the correlation based on the analysis results from APT solutions
·
Can check the malicious behavior scenarios (attack flowchart) in relation to file collection, analysis, malicious behavior, blocking, etc. based on a correlation analysis
Integrated Management and Monitoring
·
Can check the status of all systems without having to log into each equipment
·
Can check the status of the CPU/RAM/disk and main services
·
Provides a report based on integrated log data
Characteristics
Association Analysis
-
Can check the analysis scenario for each malicious file through file collection, analysis and results (permission, blocking or isolation) based on the analysis results from ATP solutions
-
Enables intuitive analysis of behavioral information through a time-series graph
-
Provides a report by saving the analysis results as logs (Excel/CSV)
Interconnection with Integrated Management Systems from Other Solution Providers
-
Enable integrated management of data by sending them to SIEM, ESM, etc.
-
Delivers analysis results to the respective user through the personnel management database
Global Pattern Updates
-
Provides live domestic updates: interconnected with KISA C-TAS and Ministry of Education, Cyber Security Center (ECSC)
-
Global live update: Antivirus (Bitdefender), VirusSign, VirusTotal
Dedicated Malware Analysis Team
-
Provides more elaborate analysis results through correlation analysis and AI machine learning (supervised and unsupervised learning) using analytical data from each equipment
-
A dedicated malware analysis team makes an immediate response and provides a manual analysis report
Configuration
·
Association analysis and integrated management and monitoring in connection with an APT solution
※ Installed as software based on virtualization on the user’s existing system to be used as an APT solution