BEYOND EDR
As opposed to traditional EDR systems, we only allow what is approved, everything else malicious or otherwise is blocked.
Cyber 2.0's implementation only needs to detect approved software, no definition updates, AI, or human intervention is needed.
Removal of Cyber 2.0 from a computer does not compromise the network.
WHY?
Cyber 2.0 works in reverse to all EDR systems. Instead of attempting to detect malicious software, Cyber 2.0 identifies allowed software.
Any software that is not approved will be blocked by the Cyber 2.0 systems. In other words you do not need to detect malware.
Defeats attacks other systems are vulnerable to
BYPASSING CYBER 2.0 FAILS
Attempts to Bypass the Cyber 2.0 system will fail as any communication by software not approved by Cyber 2.0 will not be scrambled. Other systems will discard the communication.
DEACTIVATING CYBER 2.0 FAILS
If for whatever reason Cyber 2.0 is deactivated, all communications from the computer to other computers will be discarded
ADDING SOFTWARE TO WHITELIST WILL FAIL
Any changes to the whitelist on an endpoint will break the chaos balance between computers, all communication from the affected endpoint will be discarded.
MALICIOUS SOFTWARE USING OTHER SOFTWARE WILL FAIL.
Utilising our patented Reverse Tracking Technology, Cyber 2.0 tracks every process, library and file that loads. Every access of a process by another process is recorded. Any unauthorised software in the process chain, will invalidate the communication.
WHY CYBER 2.0
Cyber 2.0 is an advanced cyber security product that protects against all threats — existing, new and emerging , including zero-day threats and advanced malware that evades traditional security solutions. We provide continuous protection against any type of threat so you never have to worry about another cyber attack again!
THE MOST ADVANCED CYBER PROTECTION AVAILABLE
Traditional endpoint security systems are ineffective against ransomware because they cannot detect all threats. Cyber 2.0 on the other hand uses chaos mathematics, proprietary algorithms and patented technology to avoid this weakness protecting your network from lateral movement based attacks with 100% assurance
WEAKNESSES OF TRADITIONAL EDR
Why traditional EDR fails
BEHAVIOUR ANALYSIS
Identifying suspicious behaviour
Learning the behaviour of an organisation or user is not a hermetic thing. Routine is constantly changing and there are weekly, monthly, quarterly and yearly routines. Sometimes malicious activity that exists on a network before the introduction of an EDR system can be legitimised (because it's always been that way).
SIGNATURE SCANNING
Checking signatures of known malicious files.
There is a problem in identifying Zero Day-Attacks, a new and unknown attack is not detectable and therefore not blocked. Bad actors are constantly evolving their payloads to evade signature scanning.
PACKET SCANNING
Checking the packets and code contained therein to find malicious code particles.
This method takes up valuable system resources, detection will be via combination of methods with still no guarantee of success.
READS DATA
Scanning and reading data contained within files or packets.
Systems that scan and read data, sometimes submitting them to external services to analyse pose a compliance and privacy issue. Reading file data consumes valuable system and network resources.
UNKNOWN SOFTWARE
New or unknown software is not blocked.
There is no attempt to block any new or unkown software if the EDR system does not detect that software as malicious.
THE HORSE HAS BOLTED
Once malicious software is let loose on your network the clock is ticking.
From the moment unidentified malicious code is run you are now in a situation that the "horse has bolted" and you are now mitigating damage rather than preventing it. Even if you do catch the horse you must spend costly time analysing the extent of the damage.
NO EDR = NO PROTECTION
If EDR is removed either malicious or accidentally you have no protection.
Even if software is identified as malicious it is only blocked until attackers successfully remove cyber protection, or you have unprotected computers on the network. When this happens the organisation is not protected at all.