What is the layered detection model of Advanced EPDR/EDR?

What is the layered detection model of Advanced EPDR/EDR?

+34 900 840 407
support@cytomic.ai

What is the layered detection model of Advanced EPDR/EDR?

Related Products_
  • Advanced EPDR
  • Advanced EDR
Question

Malware attacks continue to be the order of the day for businesses. The adaptability of threats and the fact that new attack models spread almost daily mean they are still very much a concern. According to Gartner, by 2025, 45% of organizations worldwide will have experienced attacks on their software, which represents a staggering 300% growth since 2021.

How can you stay protected?

Answer

All Advanced products include a layered detection model that ensures endpoint protection against all types of attacks.

Layer 1: Heuristic and signature detection
The first level of defense consists of traditional or static technologies. The antivirus engine uses information stored in the signature file, as well as information available in Collective Intelligence (cloud) to perform the relevant analysis when receiving a document or accessing a compromised website and downloading malicious JS (Javascript). If traditional technology does not identify both files as malicious, the next layer of protection comes into play.

Layer 2: Zero-Trust Application Service
This layer of protection includes the Zero-Trust Application Service, which guarantees that all identified PEs (Portable Executable files) are classified by the Panda Security laboratory, resulting in a model in which only those elements classified by our laboratory as trustworthy are allowed to run, when Advanced Protection for computers is configured in Lock mode.

Layer 3: Contextual Engine
This layer contains dynamic detection technologies, i.e., those that are triggered when the element is executed. In this case, the detection method takes into account the execution context (contextual technologies) or its origin (hardening rules).

Layer 4: Anti-exploit technology
Additionally, anti-exploit technologies prevent manipulation of legitimate processes in memory, thus preventing the exploitation of vulnerabilities that could compromise the computer.

Layer 5: Threat Hunting Service
Lastly, the Threat Hunting Service proactively searches for cyber threats that are lurking undetected in the corporate network. Threat hunting digs deep to find malicious actors in your environment that have been able to bypass traditional defense measures