Cyphort, a San Jose, CA, based security firm, this week said it has emerged from stealth mode with the official launch of its advanced threat detection (ATD) platform, which is able to detect malware variants used in the recent Target attack.
Here’s my notes from a conversation with Anthony James, VP of marketing and product at Cyphort:
- Advanced Threat Detection (ATD) is based on behaviors rather than signatures because those change all the time. We can detect malware without needing a signature. By then its too late.
- We use different types of sandboxing to isolate the threats because advanced malware knows how to protect itself from generic sandboxing.
- There is a much higher risk from malware today because of rising use of the cloud, the large number of devices people use in the enterprise, and the increased sophistication of malware developers.
- We are able to classify malware into the serious and the less important. Our customers can focus getting rid of the serious malware first.
- We also share information with other customers if we find malware and we provide the tools on how to get rid of it.
- We can tell where the malware is within its life cycle.
- We ran some tests and we would have been able to have detected the malware used in the Target data theft, and its variants.