Endpoint
7/18/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Minerva Boosts Anti-Evasion Platform Capabilities

Expands deception-based approach for endpoint security to fight broader evasive malware techniques.

Petach Tikva, Israel– Minerva, a provider of endpoint security solutions, has added significant new capabilities to its Anti-Evasion Platform, which strengthens endpoint security to prevent unknown threats that get past existing defenses. The latest release is designed to fight previously-unseen malware across multiple categories of evasion techniques, spanning not only situation-aware malware, but also threats that bypass detection by employing a variety of memory injection methods and hiding within document files.

"Instead of relying on previously-known patterns, behaviors or signatures, our Anti-Evasion Platform deceives the threat regarding its ability to interact with various aspects of its environment. Our solution blocks the adversary from gaining a foothold on the endpoint, rendering evasive techniques ineffective," said Eddy Bobritsky, Co-Founder and CEO of Minerva. "Unlike other solutions, our deceptive approach to blocking unknown malware doesn’t rely on which attack vector it came through. Instead, it simulates an environment where malware would never be able to execute, significantly reducing the organization’s endpoint security efforts."

The Minerva Anti-Evasion Platform can be installed on both physical and virtual environments. With the lightweight nature of the Minerva agent, the Anti-Evasion Platform enhances Virtual Desktop Infrastructure (VDI) security for end-to-end, fully-enabled anti-malware protection, without adding any performance overhead. The platform is both VMware Ready and Citrix Ready certified.

The latest release includes:

  • Ransomware Protection – Blocks ransomware to provide full protection against data loss, ensuring that victims don’t have to pay ransom to recover any files.
  • Memory Injection Prevention – Organizations can now block attacks that use memory injection techniques to hide malicious code in legitimate processes to evade detection by anti-malware products. By deceiving malware, the Memory Injection Prevention module blocks fileless attacks, process hollowing attacks and other injection methods, rendering these evasive techniques ineffective.
  • Malicious Document Prevention – Blocks malicious actions initiated by document files, such as those that employ macros, PowerShell and other scripts. The new Malicious Document Prevention module allows enterprises to utilize full capabilities of productivity suites such as Microsoft Office, without the concern of human error.

A Chief Information Security Officer (CISO) at a leading worldwide shipping carrier said "Minerva’s latest release significantly improves our endpoint defense strategy. We were able to deploy the solution within less than a week and saw immediate results. The number of ransomware attacks on us reduced dramatically and relieved the SOC team from having to investigate numerous alerts that resulted in days wasted on incident handling."

"Malware is consistently evolving to evade existing defenses. The latest capabilities of our Anti-Evasion Platform delivers a solution that is comprehensive in preventing stealthy and elusive attacks, all without being intrusive on the endpoint," continued Bobritsky. "Every attack stopped by Minerva can be turned into threat intelligence that enriches the organization’s defense ecosystem where the attack may not be known to them as no signature, pattern or behavioral anomaly exists yet."

Minerva allows IT security teams to strengthen endpoint defenses without taking on the operational challenges often associated with deploying and maintaining security solutions. Customers can rapidly roll out Minerva’s Anti-Evasion Platform and benefit from an ultra-light agent that doesn’t require reboot or affect endpoint performance. With this approach, Minerva removes the burden from already scarce security resources that are overwhelmed with alerts and false positives. Minerva blocks the attack upfront without the need for any human intervention and without limiting day-to-day business activities.

Minerva will be hosting a webinar on Wednesday, July 19, at 1 p.m. (ET) titled “How to Beat Evasive Malware at Its Own Game” where its experts will discuss common evasive techniques used by malware authors and how organizations can enhance their endpoint security architecture to prevent these types of attacks. 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Darn - typed UNICORN instead of UNICODE.  
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.