identify vulnerability in the target infrastructure
Use the vulnerability to gain privileged access.
Deploy persistent malicious payload using privileged access.
With malware installed, attackers now own both sides of the connection.
Attackers goal: data exfiltration, destruction and extortion.
A major SaaS hosting service was compromised by an external consultant working on site. While working on an upgrade, they created a backdoor for external hackers to take advantage of after they left.
The system randomly began to set system files bits to different values and the ERP solution started to progressively exhibit abnormal behaviour. No-one was able to find the root cause until the hackers demanded a ransom to provide the key to fixing the system.
Previous experience in setting up Business critical ERP systems showed us that no Cybersecurity vendors were able to detect weak signals of intrusion such as internal attacks. When the attack was conducted from the inside, the only telling sign was that the application was starting to fundamentally malfunction.Try Now for Free
OwlyDetect is an Intrusion Detection solution with full behavioural detection abilities that include unknown ransomware, polymorphic malwares and viruses. Crucially, no other product shares its ability to detect applications compromised by insider attacks.
The probe monitors around 100 metrics related to the behaviour of binaries on the host machine.
Although it does have some on-board intelligence, most of the data collected is sent to the SaaS platform for real-time analysis.
Analysis performed by our SaaS environment features mostly supervised and auto-supervised machine learning.
If any anomalous behaviour is detected, an alert is raised.
It is a "blackbox" solution that collects and analyses the data points it needs and notifies the user with the insights.The only thing to do is to deploy the probe and make the network communications possible between it and the SaaS analyser.Try now for free
OwlyDetect is deployed to secure heavy-duty applications (packages like ERP, DB servers, Financial Services Engines, Infrastructure Middleware such as ESX, or even Application Development environments).
Talk to the experts and how they can use this Open source tool to improve security
Talk to our experts and find how to use this tool to improve security.Speak to an expert