Most Malware today use multiple types of evasion techniques to get past security systems. While somewhat varied, they are all built upon the same premise.
They hide in a packer to resemble a legit file
And stay hidden in it until they find a safe, ultimate environment to unpack in.
While the malware is investigating its environment for these running processes, it keeps any malicious code compressed in an encrypted state, where it cannot be detected. It only unpacks and executes this code when it can be sure none of the aforementioned security tools or compromising elements are in place.
Minerva’s Environment Simulation Technology is built upon a simple premise. As the malware does not unpack or run the code in an environment that appears unsuitable, we can simulate such an environment and prevent the malware from executing.
This is how evasive malware gets onto your endpoints...
The malware hides in packers, or seamlessly blends in with files and legit code.
It tries to conceal its true nature, often avoiding analysis tools, waiting for a safe opportunity to strike.
Evasive malware avoids executing in an environment it considers hostile to avoid being detected.
This is Where Minerva's
Anti-Evasion Platform Comes In
Minerva Labs outsmarts and deceives malware into remaining dormant by lying to the queries it sends out - simulating a hostile and inaccessible endpoint where the malware will not execute
Finally, Minerva Increases the value of your entire defense ecosystem by notifying your other tools of existence of the unknown malware.
Minerva Anti-Evasion Platform
A comprehensive endpoint solution that prevents
attacks designed to evade your existing defenses
This webcast will explain a unique approach to preventing evasive malware from infecting endpoints.Watch >>
Discover the reasons why evasion techniques work, even with a layered defense approach and how to evolve your endpoint protection strategy, to cover the gap.Download >>
See how Minerva Labs’ Anti-Evasion Platform performed in the SANS Institute testDownload >>