Protecting the data and access provided by endpoint systems and data center servers has become a very critical business issue. Companies everywhere are striving to form effective security umbrellas against crippling known and unknown threats. However, in too many real-world cases, the defenders are struggling with the wrong tools and too much complexity, in their attempts to block the most advanced malware attacks before the malware can affect their corporate networks. So, the question often arises, what can these organizations do to effectively protect their endpoints and data center servers from advanced malware, especially in the face of rapidly evolving zero-day and zero-footprint or fileless attacks?
In an interview with CIO Applications, Lixin Lu, CEO, and Founder of TriagingX gives useful insights about the current challenges in the cyber security space and explains how TriagingX targets both the active host and post-infection activities of a cyber-attack and nullifies its ill effects autonomously. Headquartered in Silicon Valley, TriagingX has the acumen of identifying an attack at the very earliest stage and then provide effective solutions that resolve the critical issues in real time.
The current challenges in the cyber security space and TriagingX’s acumen to address them
Over the last few years, companies have incorporated various security tools such as anti-malware software to mitigate ransomware, fileless (memory only) and zero-day attacks. However, year after year, we continue to witness multiple high severity breach events making international news. Industry data shows that the time to discovery of these events is getting longer each year. The security personnel are simply overwhelmed trying to manage the growing flood of security event data while also focusing on their core activities such as applying critical patches across the network. This is where TriagingX’s knowledge of the attacker’s strategy and tactics are used to identify the exposures and vulnerabilities targeted by the attacker in the corporate network. Once the key attack points of the vulnerability are identified, TriagingX applies the appropriate security action automatically to protect and contain the security exploit across the entire network.
An overview of TriagingX’s solutions portfolio and its unique proposition in the market
The firm’s solution portfolio includes TXSandbox, TXEcosystem, and TXHunter. TXSandbox renders behavior analysis on unknown files and URL objects to identify new attacks.
TriagingX renders complete protection for endpoint systems and data center servers against zero-day attacks
This next generation sandbox runs on Linux docker containers and can be deployed in either a private or a public cloud, or on premises. A key difference of this offering is that it can easily integrate with a running application such as email or web gateway and provides a dual-dynamic engine for URL analysis and threat detection.
With TXHunter, Incident Response teams and SOC threat hunters are able to detect hidden APTs in the corporate endpoint systems. The EDR advanced analysis solution helps automate the detection of the early stages of attacks on systems with the TXHunter client installed. In addition, it is also capable of carrying out real-time automated breach investigations, without having to send the incident response teams into the field to physically access those systems. Once the IP address for the suspect system is entered into the TriagingX dashboard, TXHunter remotely reaches out to conduct an in-depth analysis of the system to provide the incident response team with a detailed report about the breach. This enables them to fortify the rest of the corporate network.
Last but not least, TriagingX’s TXEcosystem leverages real-time automation to provide comprehensive protection for endpoint systems and data center servers against zero-day attacks, including fileless threats (also known as zero-footprint attacks), without requiring any security patches. It has a unique ability to detect the earliest stages of an attack on an endpoint vulnerability, and then seek out, identify and protect the same weakness in other networked host systems, ensuring that the attack does not spread across your networks. This differentiates it from other offerings available in the market.
The quintessential role TriagingX has played in assisting its customers
The firm recently assisted a telecommunication company that was facing the problem of dealing with high numbers of false positive alerts every day from URL’s embedded in emails. By implementing TriagingX’s solution, the telecommunication company was able to reduce the number of false positive alerts from 80 percent to 2 percent, which saves the company’s security team a significant amount of time and resources.
The unique proposition TriagingX renders in the cyber security sphere
Today, several companies leverage EDR systems to empower its security personnel in identifying, detecting, and preventing threats. Once they identify the malware, they try to find the ‘indicators of compromise’ (IOC) to form a defense line against those attacks. The major issue with this process is that they respond to the breaches only when they receive evidence in the form of a static IOC such as a File Hash or IP address, and too many of those are historical indicators which tell you what has happened but are not effective in predicting active or future attacks. To this end, TriagingX’s security tools focuses on identifying and protecting against the core vulnerabilities used in the attack, in an automated manner to ensure better protection across the entire network.
A brief overview of the firm’s history and the roadmap ahead
Prior to the launch of TriagingX, Lu served as the chief scientist in Intel’s McAfee/Intel Security group, leading advanced threat defense solutions. In 2016, he left Intel to form TriagingX. Since TriagingX’s inception,he has played a leading role in assisting many of its clients in the prevention zero-day attacks in data centers and endpoint systems all without requiring any software code patching. TriagingX has also established itself as an active Cisco security solution partner for PxGrid.