Intezer Protect is our new runtime cloud security product. Powered by Genetic Malware Analysis technology, this solution continuously monitors the software code running in your cloud infrastructure, alerting you on unauthorized or malicious activity in real time, while making no impact on performance.
Continue reading below to discover how this product works, taking into account modern, cloud-native needs such as scalability, performance, and extremely low operational overhead.
Seamless Deployment
We provide a simple one-liner shell command or a configuration management (CM) tool script (e.g. Chef, Puppet, Ansible) to quickly install our sensor on your servers. Intezer Protect is designed to fit into your existing infrastructure, including different cloud providers, various versions of Linux, containerized or Kubernetes-powered environments, and more. After this seamless installation, users can login to our SaaS-based dashboard to immediately get started.
No Configuration Required
Leveraging Genetic Malware Analysis technology, we automatically create a genetic profile from the existing software and code running on your cloud workloads. Unlike other security solutions in the market, this method generates a powerful and flexible runtime baseline that doesn’t require configuration or learning from the user.
Continuous Monitoring and Protection
Intezer Protect monitors for any changes in the software, code, processes, or programs running on your cloud infrastructure. Any new code detected is automatically analyzed using Genetic Malware Analysis, to identify any small fragment of malicious code, or any substantial deviation from your existing runtime ecosystem. This granular type of in-memory monitoring enables you to detect extremely sophisticated cyber threats, such as exploitation of unknown vulnerabilities, injected code, fileless malware, and more.
Alerts
Once we have detected malicious or unauthorized code running on your system, we alert about the intrusion and provide you with rich context, such as the exact process and container of the attack, the type of threat (malware family), and connections to previous incidents. Focusing on code-driven detection rather than behavioral (anomaly-based) detection allows us to produce only high confidence alerts.
Mitigation
We provide a quick and automatic way to immediately terminate the malicious or unauthorized code running in your cloud infrastructure, without interrupting business continuity or the normal operation of your production environment.
Visibility
In addition to protecting your cloud workloads, by diagnosing the origins of all software running on your cloud environment you gain in-depth runtime visibility—so even during quiet times with no alerts, you have the peace of mind knowing that only trusted software is running in your systems.
Intezer protects your cloud infrastructure against data breaches, unauthorized code, exploitation of known and unknown vulnerabilities, cryptominers, fileless malware and APTs, and countless other cyber threats.
Download our brochure to learn about the features and benefits of Intezer Protect
Want to see the product in action? Join us on Tuesday, January 28 at 12:00 pm ET // 18:00 CET for a live demo. Register Here
The post Intezer Protect: How it Works appeared first on Intezer.
Article Link: https://intezer.com/blog-intezer-protect-how-it-works/