Endpoint

7/18/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Minerva Boosts Anti-Evasion Platform Capabilities

Expands deception-based approach for endpoint security to fight broader evasive malware techniques.

Petach Tikva, Israel– Minerva, a provider of endpoint security solutions, has added significant new capabilities to its Anti-Evasion Platform, which strengthens endpoint security to prevent unknown threats that get past existing defenses. The latest release is designed to fight previously-unseen malware across multiple categories of evasion techniques, spanning not only situation-aware malware, but also threats that bypass detection by employing a variety of memory injection methods and hiding within document files.

"Instead of relying on previously-known patterns, behaviors or signatures, our Anti-Evasion Platform deceives the threat regarding its ability to interact with various aspects of its environment. Our solution blocks the adversary from gaining a foothold on the endpoint, rendering evasive techniques ineffective," said Eddy Bobritsky, Co-Founder and CEO of Minerva. "Unlike other solutions, our deceptive approach to blocking unknown malware doesn’t rely on which attack vector it came through. Instead, it simulates an environment where malware would never be able to execute, significantly reducing the organization’s endpoint security efforts."

The Minerva Anti-Evasion Platform can be installed on both physical and virtual environments. With the lightweight nature of the Minerva agent, the Anti-Evasion Platform enhances Virtual Desktop Infrastructure (VDI) security for end-to-end, fully-enabled anti-malware protection, without adding any performance overhead. The platform is both VMware Ready and Citrix Ready certified.

The latest release includes:

  • Ransomware Protection – Blocks ransomware to provide full protection against data loss, ensuring that victims don’t have to pay ransom to recover any files.
  • Memory Injection Prevention – Organizations can now block attacks that use memory injection techniques to hide malicious code in legitimate processes to evade detection by anti-malware products. By deceiving malware, the Memory Injection Prevention module blocks fileless attacks, process hollowing attacks and other injection methods, rendering these evasive techniques ineffective.
  • Malicious Document Prevention – Blocks malicious actions initiated by document files, such as those that employ macros, PowerShell and other scripts. The new Malicious Document Prevention module allows enterprises to utilize full capabilities of productivity suites such as Microsoft Office, without the concern of human error.

A Chief Information Security Officer (CISO) at a leading worldwide shipping carrier said "Minerva’s latest release significantly improves our endpoint defense strategy. We were able to deploy the solution within less than a week and saw immediate results. The number of ransomware attacks on us reduced dramatically and relieved the SOC team from having to investigate numerous alerts that resulted in days wasted on incident handling."

"Malware is consistently evolving to evade existing defenses. The latest capabilities of our Anti-Evasion Platform delivers a solution that is comprehensive in preventing stealthy and elusive attacks, all without being intrusive on the endpoint," continued Bobritsky. "Every attack stopped by Minerva can be turned into threat intelligence that enriches the organization’s defense ecosystem where the attack may not be known to them as no signature, pattern or behavioral anomaly exists yet."

Minerva allows IT security teams to strengthen endpoint defenses without taking on the operational challenges often associated with deploying and maintaining security solutions. Customers can rapidly roll out Minerva’s Anti-Evasion Platform and benefit from an ultra-light agent that doesn’t require reboot or affect endpoint performance. With this approach, Minerva removes the burden from already scarce security resources that are overwhelmed with alerts and false positives. Minerva blocks the attack upfront without the need for any human intervention and without limiting day-to-day business activities.

Minerva will be hosting a webinar on Wednesday, July 19, at 1 p.m. (ET) titled “How to Beat Evasive Malware at Its Own Game” where its experts will discuss common evasive techniques used by malware authors and how organizations can enhance their endpoint security architecture to prevent these types of attacks. 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Number of Retailers Impacted by Breaches Doubles
Ericka Chickowski, Contributing Writer, Dark Reading,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19990
PUBLISHED: 2018-07-23
October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. This attack appear to be exploitable v...
CVE-2018-19990
PUBLISHED: 2018-07-23
October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information disclosure and remote code execution. This attack appear to be exploitable remotely if the /backend pat...
CVE-2018-19990
PUBLISHED: 2018-07-23
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fix...
CVE-2018-19990
PUBLISHED: 2018-07-23
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provide...
CVE-2018-19990
PUBLISHED: 2018-07-23
FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially c...