회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

Notice

Title Date
CEO Interview: Mr.Han, Seung-chul (NPCore)
NPCore will start 2019 as a strategy to strengthen its recognition as an APT defense specialist and further expand its position in the EDR and SECaaS markets. In addition, the company plans to expand to the Southeast Asian market based on domestic reference, and acquire international CC certification to make a full-fledged entry into the US procurement market. The following is the contents of the question and answer with Mr. Han, Seung-chul. thumb-3416275915_yHLlfh8S_ED959CEC8AB9ECB2A0_EB8C80ED919C_28EC9794ED94BCECBD94EC96B429_600x406Q. What is the greatest achievement in 2018? -A: In Korea, we won some large-scale anti-APT system construction projects from public institutions. As a representative example, a public institution has built a new network, introducing NPCore's anti-APT solution to external network, e-mail, and PC. Additionally, NPCore provided this institution with the control tower that can centrally monitor and manage all these solutions.  The cornerstone in overseas business is that exports exceeded 1 million dollars. We expect to see a rise in overseas sales in 2019 further more. Q. What is the flagship solution in 2019? -A:  Our flagship solution is 'ZombieZERO EDR'. Existing signature-based security solutions, such as anti-virus, are unable to respond to new and variant malware and Ransomware such as WannaCry or Pettya. In addition, traditional sandboxing techniques are also vulnerable to attacks using virtual machine bypassing malware, variant Ransomware, and SSL. To overcome these limitations, EDR (Endpoint Detection & Response) technology is becoming more important. The IOC (Indicators of Compromise) method is a post-coping method that collects traces of malware that have already been infiltrated and analyzes the patterns in the analysis system. On the other hand, NPCore's EDR responds immediately to malware before infection via execution-holding function. It also minimizes the impact of existing systems on agent operation and does not use techniques such as hooking and dll injection which are highly likely to collide. In addition, for some foreign products, the virtual analysis environment has become standardized, on the other hand, NPCore's EDR configures a virtual environment with applications that is mainly used in the local area, so its detection rate is high. Q. What are the prospects for the security market in 2019? -A: As the APT and Ransomware damages increase year by year, we expect the security market to grow in 2019. In addition, the market has been expanding from the form of purchasing and using security products to the form of easy to use security services (SECaaS -Security as a Service). Q. What is your strategy for 2019? -A: In addition to strengthening awareness and positioning as an APT specialty brand, we have established a strategy to expand our target market to the EDR and SECaaS markets. In addition, the company plans to expand its brand awareness and local network in Southeast Asia market and to advance into the US procurement market after acquiring international CC certification based on the reference delivered to domestic leading organizations. Q. What do you want to tell public or corporate security practitioners? -A: I think that there are quite a lot of people who have the idea of "I do not think our organization will become a target" even though I encountered frequent hacking incidents. This 'lack of awareness of cybersecurity' becomes the biggest vulnerability, causing hackers to take an intelligent approach and repeat the vicious cycle of finding solutions after the damage. It is time to introduce a security system that can prevent intelligent continuous attacks in advance.NPCore has developed APT-compatible solutions with its own technology and has continuously updated its products and services over the last 10 years in response to security trend changes and customer needs. We will always do our best to provide solutions that customers feel comfortable every day, and solutions that can be relieved by unexpected cyber attacks. *Original Article(KR): https://www.dailysecu.com/?mod=news&act=articleView&idxno=44610
2019.01.25

National Univ. Hospital Introduced Anti-APT Solution by NPCore

Author
admin
Date
2018-12-21 15:16
Views
586
  • Protect hospital’s network and endpoint from advanced cyberattacks


NPCore (CEO Seung-chul Han) announced that it provided the APT(Advanced Persistent Threat) attack response solution to the national university hospital to defend against recently increasing cyberattacks targeting hospitals and medical institutions.

This year, there were a lot of cybersecurity incidents where the weaknesses of information security of domestic medical institutions were revealed. In April, medical institutions including famous university hospital were attacked by Deface, and earlier in January, Cryptojacking (malware for cryptocurrency mining) was carried to the hospital.

Photo by rawpixel on Unsplash

Photo by rawpixel on Unsplash


On the other hand, APT attack and Ransomware solution 'ZombieZERO Inspector' delivered by NPCore to university hospital can cope with new and variant malware which is difficult to cope with vaccine and prevent damage due to intelligent attack.

ZombieZERO Inspector configures the same sandbox environment as user PC environment to provide detection results after malicious behavior monitoring and analysis. It collects packets on the network and performs analysis of four stages of signature and behavior based analysis. It supports analysis of various document formats such as PE file (DLL, EXE), compressed file, MS-Office, HWP and PDF. It also analyzes the outbound and inbound URLs and IP access patterns to double detect and block C&C server and malware access.

The malware detection rate can be further improved by additionally introducing ZombieZERO EDR(Endpoint Detection & Response), an endpoint APT attack defense solution. ZombieZERO products link and analyze network information with agent analysis information of endpoint. Last year, the National Hospital introduced 'ZombieZERO EDR for Server' to protect the server. It holds the execution of malware and detects it through a behavior-based engine in the sandbox, preventing infection in advance, and responding to encryption and latent malware attacks that bypass the network security system.

Interworking with new Ministry of Education Cyber Security Center (ECSC) is one of the main reasons why NPCore's APT solution has been adopted. ZombieZERO Inspector is an integrated hardware that passes the ECSC "MTM / ETM Standard Interoperability Specification" test.

"Through this project, we have blocked the influx of new malware into the university hospital system and established an active defense system that can detect and block zero-day attacks and existing security system bypass attacks in real time," said CEO of NPCore.