Targeted Attack Protection – (TAP)

Protect your business against advanced threats in email with malicious attachments and URLs – even zero-day, polymorphic malware, weaponized documents, and credential phish.

Dynamically analyze and block in real-time the malicious URLs and attachments that can evade antivirus and reputation filters to deliver banking Trojans, ransomware, and other malware.

Detect sophisticated malware attacks, including:

• Polymorphic and zero-day malware
• Malicious attachments
• Other advanced exploits

In order to detect such advanced malware effectively—whether malware spread via spear-phishing emails containing a malicious attachment, watering hole URLs over email or longline phishing campaigns — our malware analysis system technology uses a combination of sophisticated techniques to evaluate advance threats, including:

• Real-time checks against emerging campaigns and new malicious websites that are being detected across organizations
• Static code analysis that looks for suspicious behavior, obfuscated scripts, malicious code snippets, and redirects to other malicious sites
• Dynamic malware analysis that sandboxes the destination URL or suspicious attachments to simulate a real user on a machine, with the goal of observing any changes made to the system

Our anti-evasion technology, in the dynamic analysis, tricks malware into revealing itself by creating virtual environments that accurately reproduce real systems and real-user behavior and interactions. This process provides comprehensive detection analysis that determines whether the destination URL or an attachment under suspicion is malicious, even finding malware that is sophisticated enough to conceal itself from detection leveraging techniques, e.g., IP rotation, mouse movement simulation, real browser sessions, time-delayed analysis.

Spambrella leverage cloud-based Big Data analytics to predictively detect malicious URLs in unsolicited emails and block user clicks before they can lead to a compromise.

Spambrella applies machine-learning heuristics to model email flow at a per-user level, and at a cloud-level across all traffic within Targeted Attack Protection, in order to block URLs even before they host active malware, using a cloud-based process that incorporates Big Data techniques and a real-time scoring engine, including:

• Anomalytics Service
• Kill Chain Analysis and Preemptive Sandboxing

Together, these technologies provide the ability to predictively determine what could likely be malicious—and take preemptive steps before any user has a chance to click and have their machine compromised

Sandboxing URLs and Attachments

CEO Fraud & Anti-Spoof Detection