회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

Notice

Title Date
NPCore participated in 'ISEC 2017' ... 'ZombieZERO EDR for Server' was debuted and demonstrated
[Picture : NPCore participated in 'ISEC 2017' held in COEX from Sep. 5th ~ 6th to show 'ZombieZERO EDR for Server', new product for server security. NPCore's sales manager Lee, Gun-Woong was watching the demo video and explaining new products to VIPs composed of gov. officials.]
Recently in Korea, there was the biggest security incident that the servers of Korean hosting company were attacked by the variant Ransomware. So the sense of crisis for Ransomware has raised and security measures and security awareness of gov. agencies and enterprises have been further strengthened. As a result, NPCore(CEO Han, S.C.) first introduced its new server security product, 'ZombieZERO EDR for Server' at the '11th International Security Conference (ISEC 2017)' held on Sep. 5 ~ 6. The 11th annual ISEC is the largest cyber security conference event in Korea. In this event, NPCore showed and demonstrated 'ZombieZERO EDR for Server', which is the Whitelist-based APT / Ransomware response solution installed on the server and is aimed at the security manager of gov. agencies and enterprise along with Nicstech, Secucen and CoreInfra. NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior. Existing security solutions (signature-based Anti-virus) cannot respond against APT (targeting malware) and new / variant Ransomware such as WannaCry and Petya, and traditional Sandbox technology is vulnerable to malware bypassing virtual machine, new and variant Ransomware and attack through encryption section (SSL communication). To overcome these limitations, the importance of EDR (End Point Detection & Response) technology has been highlighted. In line with this, NPCore released 3 security products for endpoints (▲ ZombieZERO EDR for APT- Endpoint Security against APT, ▲ ZombieZERO EDR for Ransomware- Endpoint Security against Ransomware, ▲ ZombieZERO SECaaS (Security as a Service)- Cloud type Security) And NPCore recently released 'ZombieZERO EDR for Server' due to the biggest recent server's security incident and built it up in the OO Broadcasting Station. ZombieZERO EDR for Server is installed on the Windows server and blocks the execution of new/variant malwares in real time through the whitelist-based execution holding function. And it analyzes/detects known and unknown malwares through the central analyzer (ZombieZERO Inspector) to make the system execute only secure file. [Operation sequence of 'Zombie Zero EDR for Server'] 1) Server access → Blocking execution of processes not registered on the whitelist. 2) EXE file analysis :  Malicious file is blacklisted and isolated. / Normal file is added to Whitelist. 3) If the analysis result proved to be normal, the file is executed normally and you can check it. / If malicious file, the EXE file is blocked by EDR.
[Picture: NPCore's director Kim, Mu-Jeong was giving a speech on 'APT and Ransomware Defense System centered on endpoint utilizing advantage of Sandbox' at conference room A of COEX on Sep. 5.]
On the first day of the conference, NPCore's director Kim, Mu-Jeong gave a speech on 'APT and Ransomware Defense System centered on endpoint utilizing advantage of Sandbox'. Mr. Kim proposed the direction of Ransomware blocking technology and proceeded real time Q & A via Facebook. After the speech, many people came to the exhibition booth and asked many additional questions. WannaCry Ransomware blocking demo video and demonstration were also conducted at the booth and led the response. NPCore, CEO Han, Seung-chul said, "Many people from various companies including gov. agencies, military, media companies, and SI companies consulted and asked for a follow-up visit and proposal. So we were able to confirm positive responses to EDR products and achieve business results more than expected."
2017.09.10

Daou Technology released the APT Defense Solution for email in partnership with NPCore

Author
admin
Date
2016-08-08 00:00
Views
192
54015_55875_3339.jpg

Daou Technology released the APT Defense Solution for email in partnership with NPCore
Daou Technology (CEO Kim, Yun Deok) said that it released an integrated email security product for the email's APT attack response in partnership with NPCore on 8th.
This product combined the sandbox-based malware detection technologies in the email security solutions-[TERRACE MAIL SECURITY]. TERRACE MAIL SECURITY integrated the functions of spam email block and APT attack defense, enterprise information exfiltration prevention, email backup. It can sort out malicious email by learning the history of the incoming email.



This product was released in partnership with NPCore, and combined the function of [ZombieZERO Inspector], NPCore's network-based APT response solution. So TERRACE MAIL SECURITY can detect unknown malware by behavior-based analysis and signature analysis inside of virtual system space.

This product sorts out the received attachments by type and detects unknown malware by dual analysis about the collected files. And it treats the infected PC by creating pattern of the detected malware. In addition, after executing the suspicious files on virtual system, the product proceeds behavior-based analysis consisting of dynamic analysis system that analyzes all files' behavior and static analysis system that analyzes document's source code and script.

Director Jung, Jong Chul who handles TERRACE MAIL SECURITY business in Daou Technology said that recently, the company's internal information exfiltration damage caused by various new malicious email is increasing.


TERRACE MAIL SECURITY is cheaper than the existing expensive foreign APT solution, but it provides high-performance and defends APT attacks more reasonably in case of small-medium and large enterprises and public institutions also.