Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/10/2014
11:01 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

HBGary Announces Advanced Endpoint Security, Incident Detection And Enhanced User Efficiency With Active Defense 1.4

Active Defense 1.4 includes enhanced filtering, customized Web-based dashboards

SACRAMENTO, Calif., March 10, 2014 /PRNewswire/ -- HBGary®, a part of ManTech International Corporation® (NASDAQ: MANT), today announced a major update to its award-winning endpoint protection platform Active Defense&trade. Active Defense 1.4, powered by HBGary's patented Digital DNA&trade technology, is the industry-leading threat detection system with powerful new information filtering and data visualization options that provide security teams with instant, deep visibility into all of their Windows®-based endpoints.

Active Defense enables incident responders to detect and validate a security incident and then quickly determine the scope of the breach across the enterprise. It identifies the custom-coded malware and other variants used by today's attackers that signature-based solutions and Indicators of Compromise (IOC) cannot detect – no prior knowledge of the threat is needed for Active Defense to be effective. New enhancements to Active Defense 1.4 enable users with the following:

Industry-First Safe Filtering of Running Software

Active Defense 1.4 includes enhanced filtering to significantly reduce noise and bring into focus suspicious modules to help incident responders rapidly zero in on new or unknown malware. This safe-filtering capability greatly enhances customers' responsiveness for discovery and remediation, and an important development in the fight against advanced threats.

Faster Action with Deeper, at-a-Glance Insight into Protected Systems

Web-based dashboards that help visualize Digital DNA scores can now be easily customized to fit the needs of a specific user. The dashboards help scan results and analyze statistical anomalies across all managed systems. Equipped with the right tools, users can now proactively hunt down advanced attackers with pinpoint accuracy.

Improved Productivity with a Smarter Interface, Tailored to Each User

Active Defense 1.4 remembers a user's most visited menus and systems, eliminating the need for continuous searching and filtering, so that data can be easily found and drilled into. Through the interface, users can quickly look into a system to detect malware and then quickly focus on eradicating it.

"Active Defense 1.4 is the industry's first automated safe filtering of running software. Solutions based on indicators of compromise lag behind attackers and create more work for security teams," said Ken Silva, president of ManTech Cyber Solutions International. "Active Defense acts like a force multiplier and is equipped with behavior-based analysis that transcends any particular threat. Never again will our customers have to wait to discover an attack or the release of an indicator."

HBGary Active Defense powered by Digital DNA does forensically sound host-level scans across the enterprise to gather critical intelligence, including discovery of additional infections. Digital DNA encompasses thousands of the traits commonly seen in advanced malware, such as code and browser injection, packing, obfuscation, surveillance, remote access, network communication, and many others. The analysis reveals the capabilities of all software running on any system, and is highly effective because it requires no prior knowledge of a specific piece of malware. The simple fact that code running in memory may carry out certain potentially malicious functions is sufficient to identify it as suspicious.

Active Defense 1.4 Availability

Active Defense 1.4 is available as of today to new and existing customers. For more information about Active Defense, please contact [email protected]

About HBGary

HBGary provides Enterprise Incident Response solutions and services to enable organizations to conduct key phases of incident response including detecting zero-days and other unknown malware, validating whether an actual incident has occurred, and responding to the incident. Customers include Fortune 50 corporations and U.S. government agencies. HBGary is located in Sacramento, CA and is part of ManTech International Corporation. For information, please visit www.hbgary.com or follow us on Facebook & Twitter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-1074
PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, R390 driver branch, contains a vulnerability in its installer where an attacker with local system access may replace an application resource with malicious files. Such an attack may lead to code execution, escalation of privileges, denial of service, or...
CVE-2021-1075
PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of se...
CVE-2021-1076
PUBLISHED: 2021-04-21
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.
CVE-2021-1077
PUBLISHED: 2021-04-21
NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.
CVE-2021-1078
PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.