Proactive Defense

Proactive Defense

Accurate threat detection, expert SOC analysis, and intelligent response are all critical for cybersecurity. But what about stopping modern threats before they happen? Too many organizations rely on point products and outdated technology to defend against today’s advanced threats. Think of it this way – if most security products on the market were as effective as the vendors claim, why are there still so many successful ransomware attacks and data breaches?

StratoZen provides specially designed services to stop ransomware, active attackers, and known threats before they can cause any harm. The Proactive Defense services actively defend the most common attack points for any organization: the network and the endpoints.

Proactive Defense for Networks

StratoZen’s Proactive Defense for Networks service leverages our global threat intelligence network and SWAT Feed to continuously update blacklists on your firewalls and other network devices. Automatically block inbound and outbound traffic to known bad IPs, active attackers, and many other malicious sources. This subscription feed is highly curated and managed by StratoZen’s experts for an accurate block list that’s updated every hour.

Benefits and features include:

  • Our MSP partners and enterprise clients can subscribe their firewalls (or any device that supports it) to the Proactive Defense for Networks service
  • Feed includes active attackers against StratoZen’s honeypot network, TOR exit nodes, open proxies, command & control servers, malware hosts, and malicious external IPs detected on any of our global SIEM deployments
  • Automatically stops inbound traffic at the firewall and other network devices
  • Automatically stops outbound traffic trying to get to these known bad destinations
  • Updated every hour to ensure blacklist data never gets stale or cause false positives

Proactive Defense for Endpoints

StratoZen’s Proactive Defense for Endpoints service goes beyond point-in-time detection, delivering a lattice of detection capabilities combined with big data analytics, to continuously analyze files and traffic on endpoints to determine if advanced malware is present. Sophisticated machine-learning techniques evaluate more than 400 characteristics associated with each file to analyze and block advanced malware. This combination provides protection that goes beyond traditional point-in-time detection. Retrospective security, the ability to roll back time on attacks, can detect and alert you to files that become malicious after the initial point of entry.

Traditional anti-virus and anti-malware software can no longer protect your endpoints against modern threats. As we’ve seen in recent successful breaches, AV software based on signature files and point-in-time analysis can be completely bypassed by today’s malware. Evolving quickly, it can evade discovery after it has compromised a system while providing a launching pad for a persistent attacker to move throughout an organization. Sleep techniques, polymorphism, encryption, and use of unknown protocols are just some of the ways that malware can hide from view.

Using a threat intelligence cloud, the agent software can check for malicious software or detonate unknown files before they infect your system. If a system is infected, our solution can block, alert, and remediate in conjunction with our SOC experts. Proactive Defense for Endpoints stops ransomware cold, protects you against other advanced malware, and increases security intelligence across all endpoints – servers, PCs, Macs, mobile devices, and virtual systems. Its lightweight connector architecture uses big data analytics, which simplifies defense-in-requirements to address advanced malware. It eliminates the need for traditional anti-virus security layers that can add significant performance and resource constraints on endpoints.

Learn more about our SOC-as-a-Service.

Data Encryption