Advanced Persistent Threats
Advanced Persistent Threats (APT) are targeted cyber attacks on selected institutions and facilities in which an attacker obtains persistent access to a network and subsequently extends it to other systems. The attacks are characterized by a very high use of resources, as well as considerable technical capabilities on the part of the attackers; they are usually difficult to detect.
An attack vector is a combination of attack path and technique used by an attacker to gain access to IT systems.
An application, or app for short, is a piece of software dedicated for end users. The term app is often used in connection with applications for smartphones or tablets.
A botnet is a network of computers (systems) that are infected by a remotely controllable malicious program (bot). The affected systems are monitored and controlled by the botnet operator using a command and control server (C&C server).
Cloud computing refers to the dynamic provision, use and billing of IT services via a network, adapted to demand. These services are offered and used exclusively via defined technical interfaces and protocols. The services offered as part of cloud computing cover the entire spectrum of information technology and include infrastructures (computing power, storage space), platforms and software.
Digital privacy protection
Digital privacy protection is the protection of the activities of important personalities in digital space. In addition to protecting private e-mail accounts, this also includes measures such as verification of Twitter and Facebook accounts.
The Domain Name System (DNS) assigns the corresponding IP address to the addresses and names used on the Internet, such as www.veronym.com, for example.
Denial-of-Service (DoS) attacks are directed against the availability of services, websites, individual systems or entire networks. If such an attack is executed in parallel by several systems, it is referred to as Distributed Denial of Service (DDoS) attack. A very large number of computers or servers is often used in DDoS attacks.
Drive-by exploits describe the automated exploitation of security gaps on a PC. When viewing a website without further user interaction, vulnerabilities in the web browser, in additional programs of the browser (plug-ins) or in the operating system are exploited in order to install malware on the PC unnoticed.
An exploit is a method or code that can be used to execute unintended commands or functions via a vulnerability in hardware or software. Depending on the nature of the vulnerability, an exploit can be used, for example, to crash a program, extend user rights, or execute arbitrary program code.
Exploit kits are tools for cyber attacks and are placed on legitimate websites. Various exploits automatically attempt to find a vulnerability in the web browser or its plug-ins and use it to install malware.
Firmware is software that is embedded in electronic devices. Depending on the device, firmware can contain the functional scope of e.g. BIOS, operating system or application software. Firmware is specially tailored to the respective hardware and cannot be exchanged at will.
Malware is a word derived from "malicious software" and refers to software developed with the aim of performing undesirable and mostly harmful functions. Examples are computer viruses, worms and Trojan horses. Malware is usually designed for a specific operating system variant and is therefore mostly written for common systems and applications.
Padding is used in cryptography in encryption procedures to fill data areas. With a block cipher, for example, the data to be encrypted is stored in blocks of fixed size. Padding can be used to fill the last bytes so that the last block also becomes "full".
A patch is a software package used by software vendors to close security holes in their programs or integrate other improvements. Many programs facilitate the installation of these updates through automatic update functions. Patch management is the term used to describe processes and procedures that help to obtain, manage and install available patches for the IT environment as quickly as possible.
The word consists of "password" and "fishing", which means "fishing for passwords". The attacker uses fake websites, e-mails or short messages in attempt to gain access to the personal data of an Internet user and to misuse it for his own purposes, usually at the victim's expense.
A plug-in is an additional software or a software module that can be integrated into a computer program to extend its functionality.
Ransomware is a malware that restricts or prevents access to data and systems; and only releases these resources after a ransom has been paid. This is an attack on the security objective of availability and a form of digital blackmail.
A sinkhole is a computer system to which requests from botnet infected systems are redirected. Sinkhole systems are typically operated by security researchers to detect botnet infections and inform affected users.
In cyber attacks through social engineering, criminals try to trick their victims into disclosing data, bypassing protective measures or installing malware on their own systems. Both in the area of cybercrime and espionage, the perpetrators proceed cleverly to exploit human weaknesses such as curiosity or fear and thus gain access to sensitive data and information.
Spam is the term used to describe unwanted messages that are sent in bulk via e-mail or other communication services. In the harmless variant, spam messages usually contain unwanted advertising. However, spam often also contains malware attachments, links to infected websites or is used for phishing attacks (so-called malware spam).
TLS stands for Transport Layer Security and is an encryption protocol for the secure transmission of data on the Internet. The previous version SSL (Secure Sockets Layer) is also known.
Advanced device protection against exploits
Advanced protection of endpoint devices against attacks that exploit vulnerabilities in applications. Secures against incidents, in which attackers try to take control of your system or steal data stored on your network.
Advanced device protection against malware
Advanced protection on the device layer against zero-day malware attacks, which may lead to theft of personal data, passwords and funds, as well as blocking access to devices.
Application visibility and control
Full visibility and control - applications are enabled through policies, based on users and groups. Attacks that try to evade detection are seen and stopped.
Cloud application security and visibility
Blocks known malware, identifies and blocks unknown malware, with advanced threat protection of cloud applications.
Command and control prevention
Stops malware outbound communications, as well as passively analyzes DNS queries, and identifies the unique patterns of botnets. This reveals infected users, prevents secondary downloads and company data breaches.
Device-based threat prevention with machine learning algorithm
Advanced protection against exploit and malware attacks, as well as dangerous content at the level of the endpoint device.
Device behavioral analytics
The service effectively and automatically recognizes unusual activity on the device, stops it and then isolates the threat before it can cause damage.
Endpoint Detection and Response
Continuous monitoring of endpoint devices activity. Automatically detects suspicious activity and helps investigate and respond to attacks.
IPSec encrypted VPN
Secure network protocol suite that authenticates and encrypts the packets of data sent over the Internet. It uses cryptographic security services to protect your communications.
Network-based Protocol Anomaly detection
The service effectively and automatically recognizes unusual network protocol usage, at the same time providing accurate information that allows quick estimation of the potential threats; then isolates and removes these threats from your network before they can cause damage.
Network-based threat prevention with machine learning algorithm
Controlling threat vectors through the management of all application types to reduce the network attack surface. Allowed traffic is analysed for exploits, malware, malicious URLs, dangerous or restricted files and content.
Network-based zero-day attacks prevention and analysis
Online cloud analysis and prevention of zero-day malware attacks at the network layer level. Recognizes and blocks unknown malware and exploits, as well as automatically creates and shares new protection policies.
Offline device protection
Protection for devices, which is active even when they are not connected to the Internet. A necessary element in the case when malware or exploit is delivered by other methods than through the network.
Prevention of various attack vectors on devices (other than network connection)
Recognition and prevention at the device level of threats originated from different than network connection sources.
Remote access / SD-Wan
Secure site to site (branch to branch) connection for accessing customer internal resources and/or remote users' access.
An elite team of security experts who proactively hunt, investigate and advise on threat activity in your environment.
USB Device Management
Monitoring and control required for safe usage of USB devices across your organization - visibility into kinds of USB devices and how they are used.
A secure Internet gateway to connect to company local resources, assets or streaming.
Fully integrated URL filtering powered by market-leading URL database to enforce policies for Web browsing and reduce malware incidents by blocking access to known phishing and malware download sites.
Veronym Customer Portal
Amount of data scanned
Amount of data sent to/received from the Internet by the users and scanned by Veronym for traces of malicious/dangerous codes.
Average number of applications used per user
Knowledge about applications utilized by each user in the company - important especially for GDPR compliance.
Blocked application layer attacks
Blocked attempts of attacks against vulnerable applications (or applications containing security bugs).
Incidents of suspected exploits
Veronym inspects all your connections to Internet resources for traces of non-legitimate activity.
Number of applications used
Information about the use of distinct applications in the company. Knowledge about applications and their risk scores is vital for making informed decisions about their use inside any organization.
Number of scanned files
All files accessed in the company are inspected for malicious traces. At the same time, Veronym doesn't have insight into the file contents.
Each visited website is checked against always up-to-date database of website addresses, to prevent users from entering malicious, low-reputation pages, as well as those blocked according to the company's policies.
Unauthorized access attempts blocked
Attempts of accessing company resources and network by unauthorized entities are blocked, as well as unauthorized outgoing connections from the company network.
URL categories detected
Information about categories of websites accessed in the company - giving insight into network use and possible threat vectors.