AhnLab Unveils Anti-APT Solution With Innovative Threat Prevention Technology

TrusWatcher allows organizations to protect their IT systems and digital assets against APT attacks

February 28, 2012

3 Min Read


SAN FRANCISCO--(BUSINESS WIRE)--AhnLab, Inc. (www.ahnlab.com), a leading provider of integrated security solutions, unveiled TrusWatcher, a comprehensive solution which prevents confidential data loss through APT (Advanced Persistent Threat) at the RSA Conference 2012.

AhnLab TrusWatcher allows organizations to protect their IT systems and digital assets against APT attacks, employs an automated diagnostic feature that analyzes all executable files, and executes them on virtual machines to determine unknown malware and suspicious behaviors in real-time. The solution also analyzes non-executable files, including .doc and .pdf, by adopting the world’s first “Dynamic Intelligent Contents Analysis (DICA)” technology developed by AhnLab. By incorporating the vast anti-malware database and anti-malware technology of cloud computing based on AhnLab Smart Defense, TrusWatcher delivers accurate, instantaneous detection of attacks.

APT attacks are better planned, more persistent, and more targeted than any cyber threats we have experienced before. Increasingly sophisticated, next-generation threats use social engineering and other advanced techniques to install malicious executables onto user PCs and avoid detection. Recent APT attacks use malicious files to penetrate the targeted organization’s network as the vulnerabilities of various document readers/editors are reported. Attackers can easily avoid the detection of their malwares for the APT attack by hiding them in document files. From the social engineering perspective, users tend to open attached files without doubt, rather than click URLs or run executable files in the emails. According to studies, attackers used malicious non-executable files for recent threats including RSA OTP Algorithm Breach, Operation Shady RAT, Lurid Attack and Sykipot Malware cases.

Traditional malware detection is no longer sufficient to cope with these multistage attacks and advanced techniques. These challenges require a new breed of defense strategy. APT prevention must cover the entire context of an attack, including identifying unknown malware, detecting suspicious traffic, and effectively removing the detected threat.

AhnLab TrusWatcher monitors traffic transferred over the network and determines whether destination web pages contain malicious files. When suspicious traffic is detected, TrusWatcher resets the TCP connection to block access to the site. It also detects suspicious activities typically associated with zombie PCs.

Utilizing the industry-leading, cloud-based knowledge from AhnLab Smart Defense- AhnLab’s cyber threat analysis platform and embedded virtual machine which runs suspicious files to detect malicious behaviors, TrusWatcher ensures more accurate detection of unknown threats.

AhnLab also unveiled today the adoption of “Dynamic Intelligent Contents Analysis (DICA)” Technology, the world’s first technology examines non-executable format files including .doc, .pdf and script, independent from the types of readers or editors. It also prevents all kinds of variants that exploit the vulnerabilities of the readers or editor programs.

“To prevent the data loss through sophisticated APT attacks, analyzing the network traffic and the hidden content is essential,” said Hong-Sun Kim, CEO of AhnLab. “AhnLab TrusWatcher will help companies to keep their mission-critical systems and the digital assets safe with AhnLab’s combined cloud-based security and network security technology, as well as innovative DICA technology.”

About AhnLab, Inc.

Headquartered in South-Korea, AhnLab Inc. (KRX:053800) develops industry-leading security solutions and provides professional services that are designed to secure and protect critical business and personal information. As a leading innovator in the information security arena since 1988, AhnLab's cutting edge products and services have been fulfilling the stringent security requirements of both enterprises and individual users. AhnLab’s products and services include anti-virus solutions, network, mobile and online game security, security management and consulting services. Today, AhnLab boasts a network of sales and research operations in more than 20 countries worldwide.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights