Paladion cloud security solution now on AWS Marketplace

RisqVU IST to generate early warning on malware attacks by analysing IOCs for cloud infrastructure on Amazon

Tags: Cyber crimePaladion (www.paladion.net/)United Arab Emirates
  • E-Mail
Paladion cloud security solution now on AWS Marketplace If malicious artefacts can be detected before reboot, then the exploitation can be prevented, says Raman.
By  David Ndichu Published  September 14, 2016

Cyber security brand Paladion has announced today that its RisqVU IST platform is now listed on the Amazon Web Services (AWS) Marketplace, the cloud computing platform by Amazon.com.

AWS customers will be able to subscribe to RisqVU IST on the AWS Marketplace to perform Indicators of Compromise (IOCs) based asset scans to detect signature-less malware on cloud assets.

Ravi Raman, SVP & Head of Engineering at Paladion said, “RisqVU IST’s proprietary algorithms use IOCs, correlation of host interaction points, and situational awareness on cloud assets to predict and prevent attacks. Currently, IOCs are mainly used in forensics, and are used to articulate pieces of forensic data. IOCs are, however, important clues to spot the attacker or malware during its early stages. RisqVU IST leverages this information to serve early warnings that can prevent a breach.

For example, some Ransomwares are staged in the start-up folder and gets loaded into memory on device reboot. If this malicious artefact can be detected before reboot then the exploitation can be prevented.”

Identifying IOCs early is one of the RisqVU IST features. IST uses a range of other proprietary threat discovery mechanisms to build robust defences against current cyber threats.

RisqVu IST has the capability to correlate various host interaction points like processes, services, and registry keys, across all servers to discover outliers. Suspicious events are converted to IOCs and fed in to its detection engine. The detection engine runs IOCs on the cloud infrastructure to find similar patterns. It also pushes the compromise likelihood higher if similar patterns are observed in other systems.

Antivirus solutions alone are not effective in detecting such outliers as they operate in individual machines. RisqVU IST operates from a central server and correlates data from all IT infrastructures to identify outlier patterns in host interaction points. This is a model that fits well for cloud computing or on-demand computing platforms.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code