IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING

CONTACT    SIGN IN    SIGN UP
    
EMA Impact Brief
BluVector Targets Growing Memory-Based Malware Threat With Real-Time Detection
Date: 08/18/2017 Length: 3 pages Cost: $25.00

            Linked In    

Abstract:
In July 2017, advanced threat detection startup BluVector augmented its machine learning-based analytics engine to detect memory-based attacks in real time. This means the BluVector Network Security Monitoring and Analytics platform leverages a new network emulation technique to identify a broader spectrum of attacks coming from both malicious files and embedded file attacks executed in memory. The release is timely, considering memory-based attacks increased dramatically over the last 12 to 18 months. 

BluVector, a recent spinoff from defense contractor Northrop Grumman, managed to generate a healthy buzz around its ability to reduce the amount of time it takes to detect zero-day malware on enterprise networks, using patented supervised machine learning techniques. But that capability, which the company claims produces far fewer false positives was, until recently, focused on malware using malicious files to infect its hosts. It did little to address the use of file-less, memory-based attacks increasingly deployed by cyber criminals. Recognizing the gap, the company implemented a technique called speculative code execution. This approach attempts to determine what an input can do, rather than observe what it does when it executes offline in a sandbox. Running in parallel with their already patented file-based detection, speculative code execution enables BluVector to detect malicious shellcode and JavaScript embedded in files, while at the same time adding delay for analysis and avoiding triggering sandbox evasion techniques increasingly used by malware to avoid detection.
Author:

Paula Musich


 




EMA Services

IT Professionals

EMA can help you:

  • Support your decisions
  • Succeed with key projects
  • Align IT with the business

Learn More!

IT Vendors

EMA can help you:

  • Build the right product
  • Reach the right prospects
  • Establish market credibility

Learn More!

EMA Advisory Notes Service

An Affordable Way to Stay on Top of Key Trends & Industry Events

Subscribe now

EMA Premium Research Service

In-Depth Insight into IT Management Benefits, Challenges & Best Practices in the Enterprise

Subscribe now




©1996-2017 Enterprise Management Associates, Inc. All rights reserved.
EMA™, ENTERPRISE MANAGEMENT ASSOCIATES®, and the mobius symbol are registered trademarks or common-law trademarks of Enterprise Management Associates, Inc.
Site Terms & Conditions | Integrity Policy | Site Map | My Account
Hide
Subscribe to EMA RSS Feed
Email
Show