NPCore participated in 'ISEC 2017' ... 'ZombieZERO EDR for Server' was debuted and demonstrated
[Picture : NPCore participated in 'ISEC 2017' held in COEX from Sep. 5th ~ 6th to show 'ZombieZERO EDR for Server', new product for server security. NPCore's sales manager Lee, Gun-Woong was watching the demo video and explaining new products to VIPs composed of gov. officials.]
Recently in Korea, there was the biggest security incident that the servers of Korean hosting company were attacked by the variant Ransomware. So the sense of crisis for Ransomware has raised and security measures and security awareness of gov. agencies and enterprises have been further strengthened. As a result, NPCore(CEO Han, S.C.) first introduced its new server security product, 'ZombieZERO EDR for Server' at the '11th International Security Conference (ISEC 2017)' held on Sep. 5 ~ 6. The 11th annual ISEC is the largest cyber security conference event in Korea. In this event, NPCore showed and demonstrated 'ZombieZERO EDR for Server', which is the Whitelist-based APT / Ransomware response solution installed on the server and is aimed at the security manager of gov. agencies and enterprise along with Nicstech, Secucen and CoreInfra. NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior. Existing security solutions (signature-based Anti-virus) cannot respond against APT (targeting malware) and new / variant Ransomware such as WannaCry and Petya, and traditional Sandbox technology is vulnerable to malware bypassing virtual machine, new and variant Ransomware and attack through encryption section (SSL communication). To overcome these limitations, the importance of EDR (End Point Detection & Response) technology has been highlighted. In line with this, NPCore released 3 security products for endpoints (▲ ZombieZERO EDR for APT- Endpoint Security against APT, ▲ ZombieZERO EDR for Ransomware- Endpoint Security against Ransomware, ▲ ZombieZERO SECaaS (Security as a Service)- Cloud type Security) And NPCore recently released 'ZombieZERO EDR for Server' due to the biggest recent server's security incident and built it up in the OO Broadcasting Station. ZombieZERO EDR for Server is installed on the Windows server and blocks the execution of new/variant malwares in real time through the whitelist-based execution holding function. And it analyzes/detects known and unknown malwares through the central analyzer (ZombieZERO Inspector) to make the system execute only secure file. [Operation sequence of 'Zombie Zero EDR for Server'] 1) Server access → Blocking execution of processes not registered on the whitelist. 2) EXE file analysis : Malicious file is blacklisted and isolated. / Normal file is added to Whitelist. 3) If the analysis result proved to be normal, the file is executed normally and you can check it. / If malicious file, the EXE file is blocked by EDR.
[Picture: NPCore's director Kim, Mu-Jeong was giving a speech on 'APT and Ransomware Defense System centered on endpoint utilizing advantage of Sandbox' at conference room A of COEX on Sep. 5.]On the first day of the conference, NPCore's director Kim, Mu-Jeong gave a speech on 'APT and Ransomware Defense System centered on endpoint utilizing advantage of Sandbox'. Mr. Kim proposed the direction of Ransomware blocking technology and proceeded real time Q & A via Facebook. After the speech, many people came to the exhibition booth and asked many additional questions. WannaCry Ransomware blocking demo video and demonstration were also conducted at the booth and led the response. NPCore, CEO Han, Seung-chul said, "Many people from various companies including gov. agencies, military, media companies, and SI companies consulted and asked for a follow-up visit and proposal. So we were able to confirm positive responses to EDR products and achieve business results more than expected."