회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

Notice

Title Date
CEO Interview: Mr.Han, Seung-chul (NPCore)
NPCore will start 2019 as a strategy to strengthen its recognition as an APT defense specialist and further expand its position in the EDR and SECaaS markets. In addition, the company plans to expand to the Southeast Asian market based on domestic reference, and acquire international CC certification to make a full-fledged entry into the US procurement market. The following is the contents of the question and answer with Mr. Han, Seung-chul. thumb-3416275915_yHLlfh8S_ED959CEC8AB9ECB2A0_EB8C80ED919C_28EC9794ED94BCECBD94EC96B429_600x406Q. What is the greatest achievement in 2018? -A: In Korea, we won some large-scale anti-APT system construction projects from public institutions. As a representative example, a public institution has built a new network, introducing NPCore's anti-APT solution to external network, e-mail, and PC. Additionally, NPCore provided this institution with the control tower that can centrally monitor and manage all these solutions.  The cornerstone in overseas business is that exports exceeded 1 million dollars. We expect to see a rise in overseas sales in 2019 further more. Q. What is the flagship solution in 2019? -A:  Our flagship solution is 'ZombieZERO EDR'. Existing signature-based security solutions, such as anti-virus, are unable to respond to new and variant malware and Ransomware such as WannaCry or Pettya. In addition, traditional sandboxing techniques are also vulnerable to attacks using virtual machine bypassing malware, variant Ransomware, and SSL. To overcome these limitations, EDR (Endpoint Detection & Response) technology is becoming more important. The IOC (Indicators of Compromise) method is a post-coping method that collects traces of malware that have already been infiltrated and analyzes the patterns in the analysis system. On the other hand, NPCore's EDR responds immediately to malware before infection via execution-holding function. It also minimizes the impact of existing systems on agent operation and does not use techniques such as hooking and dll injection which are highly likely to collide. In addition, for some foreign products, the virtual analysis environment has become standardized, on the other hand, NPCore's EDR configures a virtual environment with applications that is mainly used in the local area, so its detection rate is high. Q. What are the prospects for the security market in 2019? -A: As the APT and Ransomware damages increase year by year, we expect the security market to grow in 2019. In addition, the market has been expanding from the form of purchasing and using security products to the form of easy to use security services (SECaaS -Security as a Service). Q. What is your strategy for 2019? -A: In addition to strengthening awareness and positioning as an APT specialty brand, we have established a strategy to expand our target market to the EDR and SECaaS markets. In addition, the company plans to expand its brand awareness and local network in Southeast Asia market and to advance into the US procurement market after acquiring international CC certification based on the reference delivered to domestic leading organizations. Q. What do you want to tell public or corporate security practitioners? -A: I think that there are quite a lot of people who have the idea of "I do not think our organization will become a target" even though I encountered frequent hacking incidents. This 'lack of awareness of cybersecurity' becomes the biggest vulnerability, causing hackers to take an intelligent approach and repeat the vicious cycle of finding solutions after the damage. It is time to introduce a security system that can prevent intelligent continuous attacks in advance.NPCore has developed APT-compatible solutions with its own technology and has continuously updated its products and services over the last 10 years in response to security trend changes and customer needs. We will always do our best to provide solutions that customers feel comfortable every day, and solutions that can be relieved by unexpected cyber attacks. *Original Article(KR): https://www.dailysecu.com/?mod=news&act=articleView&idxno=44610
2019.01.25

A broadcasting station decided to install 'EDR for Server', security product for server of NPCore.

Author
admin
Date
2017-08-25 18:48
Views
1113

Korean broadcasting station A, a comprehensive programming channel, decided to adopt ZombieZERO EDR for Server, a cyber security product for server of NPCore (CEO. Han, Seung Chul) on August 14.


In June, Korean hosting company's servers were attacked by 'Erebus' Ransomware, so the company paid for the biggest damage in Korea, 1.3 billion won, to restore the encrypted data, but some data of the damaged hosting servers is not restored.

'Erebus' Ransomware is a variant malware that combines APT (targeting malware) and Ransomware attacking server.

Due to the large-scale incident that Ransomware attacked the server, the Korean companies operating the server had sense of crisis and and felt keenly the necessity of countermeasures.

The Korean broadcasting station A was considering this countermeasure, and recently its server was attacked by Ransomware. Fortunately they reponded properly in the early stages, so the damage did not spread, but they rushed to take measures to protect their servers from Ransomware in earnest.

The broadcasting station A proposed PoC (Proof of Concept, Pre-test of performance) to some companies that can perform the required function (whitelist-based cyber security solutions for server). Finally, three companies(NPCore, A and C company) participated in the first and second PoC. The first PoC was held on July 13 and the second PoC was held on August 2.

As a result, the performance of the "ZombieZERO EDR for Server" product of NPCore was selected as the top priority negotiator by winning the highest score in the first and second PoC.

"ZombieZERO EDR for Server" is installed on the Windows Server and blocks the execution of new/variant malwares in real time through the whitelist-based execution holding function. And it analyzes/detects known and unknown malwares through the central analyzer (ZombieZERO Inspector) to make the system execute only secure file.

Image : System Block Diagram of “ZombieZERO EDR for Server”