Coding Station

BEYOND EDR

As opposed to traditional EDR systems, we only allow what is approved,  everything else malicious or otherwise is blocked.

Cyber 2.0's implementation only needs to detect approved software, no definition updates, AI, or human intervention is needed.

Removal of Cyber 2.0 from a computer does not compromise the network.

WHY?

Cyber 2.0 works in reverse to all EDR systems. Instead of attempting to detect malicious software, Cyber 2.0 identifies allowed software.

Any software that is not approved will be blocked by the Cyber 2.0 systems.  In other words you do not need to detect malware.

Defeats attacks other systems are vulnerable to

BYPASSING CYBER 2.0 FAILS

Attempts to Bypass the Cyber 2.0 system will fail as any communication by software  not approved by Cyber 2.0 will not be scrambled. Other systems will discard the communication.

DEACTIVATING CYBER 2.0 FAILS

If for whatever reason Cyber 2.0 is deactivated, all communications from the computer to other computers will be discarded

ADDING SOFTWARE TO WHITELIST WILL FAIL

Any changes to the whitelist on an endpoint will break the chaos balance between computers, all communication from the affected endpoint will be discarded.

MALICIOUS SOFTWARE USING OTHER SOFTWARE WILL FAIL.

Utilising our patented Reverse Tracking Technology, Cyber 2.0 tracks every process, library and file that loads. Every access of a process by another process is recorded. Any unauthorised software in the process chain, will invalidate the communication.

WHY CYBER 2.0

Cyber 2.0 is an advanced cyber security product that protects against all threats — existing, new and emerging , including zero-day threats and advanced malware that evades traditional security solutions. We provide continuous protection against any type of threat so you never have to worry about another cyber attack again!

THE MOST ADVANCED CYBER PROTECTION AVAILABLE

Traditional endpoint security systems are ineffective against ransomware because they cannot detect all threats. Cyber 2.0 on the other hand uses chaos mathematics, proprietary algorithms and patented technology  to avoid this weakness protecting your network from lateral movement based attacks with 100% assurance

WEAKNESSES OF TRADITIONAL EDR

Why traditional EDR fails

BEHAVIOUR ANALYSIS

Identifying suspicious behaviour

Learning the behaviour of an organisation or user is not a hermetic thing. Routine is constantly changing and there are weekly, monthly, quarterly and yearly routines. Sometimes malicious activity that exists on a network before the introduction of an EDR system can be legitimised (because it's always been that way).

SIGNATURE SCANNING

Checking signatures of known malicious files.

There is a problem in identifying Zero Day-Attacks, a new and unknown attack is not detectable and therefore not blocked. Bad actors are constantly evolving their payloads to evade signature scanning.

PACKET SCANNING

Checking the packets and code contained therein to find malicious code particles.

This method takes up valuable system resources, detection will be via combination of methods with still no guarantee of success.

READS DATA

Scanning and reading data contained within files or packets.

Systems that scan and read data, sometimes submitting them to external services to analyse pose a compliance and privacy issue. Reading file data consumes valuable system and network resources.

UNKNOWN SOFTWARE

New or unknown software is not blocked.

There is no attempt to block any new or unkown software if the EDR system does not detect that software as malicious.

THE HORSE HAS BOLTED

Once malicious software is let loose on your network the clock is ticking.

From the moment unidentified malicious code is run you are now in a situation that the "horse has bolted" and you are now mitigating damage rather than preventing it. Even if you do catch the horse you must spend costly time analysing the extent of the damage.

NO EDR = NO PROTECTION

If EDR is removed either malicious or accidentally you have no protection.

Even if software is identified as malicious it is only blocked until attackers successfully remove cyber protection, or you have unprotected computers on the network. When this happens the organisation is not protected at all.