Tier-3
Microsoft Chairman, Bill Gates, amongst others, has previously envisioned a future where Adaptive Protective Technology(APT) would create networks that continually monitor network activity and respond in real-time to unexpected changes in behaviour.
Tier-3's next generation threat management system HUNTSMAN now delivers APT through the use of hybrid Behavioural Anomaly Detection (BAD). With a number of successful deployments within high volume, mission-critical enterprises the system is able to instantly identify and respond to unusual or unfamiliar system behaviour. BAD operates by first observing the enterprise network (including operating system and application activity) to establish a baseline of activity on the ICT infrastructure.
This non-deterministic system continually gathers data from multiple sources in the infrastructure and relays back to a quantitative decision engine for analysis and response. This response is based on measures of the relationships between events occurring at different OSI levels, on assessment of the threat severity and the priority of the assets under threat. This allows for automated monitoring of enterprise traffic and the instant detection of unusual or non-compliant events.
When internal misuse or an external breach is detected, the technology can instantly lock user accounts, stop and start processes, or execute any command line script or executable according to a predefined script. For example, if a Denial of Service (DoS) attack is detected, it can instantly reconfigure the firewall to block the source IP address or subnet.
BAD technology is equally adept at pinpointing other breaches such as fraud, buffer overflows, worms and reconnaissance.
This anomaly-based behavioural approach to IT system activity is unique in its ability to permit normal or familiar traffic to transit the network and yet be able to identify non-compliant behaviour. Unlike deterministic solutions this new approach is more effective at identifying and responding to potential threats before they become a problem.
Without BAD technology to respond to unusual traffic malicious behaviour may continue for minutes or hours, until an appropriate virus definition update has been sourced and the network patched. Conversely, using the BAD threat management system the enterprise can protect against catastrophic damage, loss of data, intellectual property or reputation, costly clean-ups or even a breach of the law.
BAD is a cornerstone of the Tier-3 HUNTSMAN Threat Management System.
Press Releases
- Internet Banking Authentication Systems Threatened By New Trojan
- Tier-3 Says Hackers Hijacking Power Grids To Extort Ransom Is Worrying Trend
- Tier-3 Warns Companies Of Trojan Loop Hole In Wake Of IKEA Spam Fiasco
Videos