Minerva Anti-Evasion Platform

A comprehensive endpoint solution that prevents attacks
through trickery and deception

The Widest Coverage Of Evasive Techniques

Addressing the widest variety of attack scenarios, Minerva Anti-Evasion Platform includes multiple modules that reinforce each other to block unknown threats that employ different evasive techniques.

All modules are supported by our shared technology layer, Minerva VR™, forming a powerful approach to prevent unknown threats designed to evade your existing defenses.

Minerva Anti-Evasion Platform

Minerva VR™ Shared Technology>>

Integrates with and enhances THE DEFENSE ECOSYSTEM

NAC

ANTIVIRUS

FIREWALL

IPS

CLOUD SOLUTIONS

SANDBOX

Understanding Evasive Malware

Cybercriminals are constantly finding ways to outsmart today’s security defenses. Updating and releasing new malware versions of their code in the hopes that it will breach your defenses. Or simply purchasing a low cost packer from the darknet to hide their malicious creation.

There are hundreds to thousands of nuances to evasive malware techniques – from situation-aware to fileless techniques, hiding in legitimate applications and documents, silently waiting until they are safe to strike.

Security tools that rely on Indicators of Compromise (IOC), based on signatures, behavioral models or patterns, won’t catch evasive malware that has not yet revealed itself.

Prevention Before Detection

Evasion has become a key motif in current threats, yet today’s solutions fail at preventing evasive techniques.
Minerva Labs' Anti-Evasion Platform does not rely on previously seen patterns or signatures, which is the premise shared by all other endpoint security tools.

Using deception Minerva Labs will:

Deceive the malware’s perception of reality, prior to installation, to the point that it is certain to be in such a hostile environment and aborts the attack.

Stop in-memory attacks on the fly by preventing the code injection into legit processes.

Trick malware into believing the same malware is already running on the target when it’s not.

Deceive non-evasive ransomware into believing it had encrypted the files on an endpoint when in reality it had not.

Minerva Prevents the Stealthiest Attacks

Attackers take care to avoid being detected, so that their malware remains effective for as long as possible. This is why their creations check for sandboxes, forensics environments, virtual machines, debuggers and more to remain under the radar until they’re ready to strike.

Minerva uses the strength of such situation-aware malware against it. With Minerva, all endpoints now appear to have all the security tools that evasive threats aim to avoid, simulating an environment in which such malware refuses to run, keeping your endpoints safe.

Minerva Prevents the Stealthiest Attacks

In fileless attacks, adversaries aim to avoid detection by injecting malicious code into other processes, hiding within legitimate applications.

Fileless attacks take many forms, and often involve programs that appear benign, malicious document files, PowerShell scripts, and numerous other approaches.

Minerva Prevents the Stealthiest Attacks

Ransomware is becoming more sophisticated, avoiding detection with evasive techniques such as checking whether they’re in a safe environment to unpack, injecting malicious code into legitimate processes, hiding in macros and more.

The combined capabilities of the Minerva Anti-Evasion Platform, deliver reliable protection against ransomware.

Protect your endpoints with Minerva so you never pay the ransom and never lose your data.

Enhancing Your Existing Defense Ecosystem

Minerva enhances your defense ecosystem with threat intelligence so you get the most out of your existing investments.
 
Once an unknown attack is blocked, Minerva will update other security tools with the new attack pattern, to find and eradicate attacks faster.

Learn more >>

NAC

ANTIVIRUS

FIREWALL

CLOUD SOLUTIONS

IPS

SANDBOX

Complete Control And Visibility

Minerva Anti-Evasion Platform includes a single console to manage and oversee Minerva agents and Minerva-generated events.

The web-based console provides powerful event filtering and searching capabilities that allow administrators to view the threats that have been prevented by Minerva, together with event details.

Fully-Enabled VDI Protection

Evasive malware goes after your physical environment as well as your virtual environments. 

With the lightweight nature of the Minerva agent, the Anti-Evasion Platform enhances Virtual Desktop Infrastructure (VDI) security for end-to-end, fully-enabled anti-malware protection, without adding any performance overhead.

The platform is both VMware Ready and Citrix Ready certified.

Read Solution Brief >>

Unmatched Operational Value

Offline operation mode
Fully standalone mode which keeps protecting endpoints even when disconnected from the organizational network.

Easy Deployment
As a super-thin agent, Minerva can be installed on thousands of machines in no time. No restart is required.

Lightweight
As there is no heavy client running in the background, and no active detection application scanning processes and files, Minerva does not use up any resources, and has no impact on the end user experience.

No false positives
With Minerva in place, there are no false-positive alerts. Once a notification appears, you know that a real threat was neutralized and prevented before any damage has been done.

No ongoing maintenance
Minerva does not need any ongoing upkeep to ensure it’s operating at its best. It even updates itself automatically with new simulations and artifacts on a regular basis.

Supports all Windows OS
Embedded systems, Point of Sale (PoS) and additional legacy systems, as well as physical and virtual environments (e.g. VDI Terminal Server).

Fully standalone mode which keeps protecting endpoints even when disconnected from the organizational network.
Offline operation mode
Offline operation mode
As a super-thin agent, Minerva can be installed on thousands of machines in no time.
No restart is required.
Easy deployment
Easy deployment
As there is no heavy client running in the background, and no active detection application scanning processes and files, Minerva does not use up any resources, and has no impact on the end user experience.
Lightweight
Lightweight
With Minerva in place, there are no false-positive alerts. Once a notification appears, you know that a real threat was neutralized and prevented before any damage has been done.
No false positives
No false positives
Minerva does not need any ongoing upkeep to ensure it’s operating at its best. It even updates itself automatically with new simulations and artifacts on a regular basis.
No ongoing maintenance
No ongoing maintenance
Embedded systems, Point of Sale (PoS) and additional legacy systems, as well as physical and virtual environments (e.g. VDI Terminal Server).
Supports all Windows OS
Supports all Windows OS

Ready to see us in action?

Resources

SANS Webinar - Using Anti-Evasion to Block Stealth Attacks

This webcast will explain a unique approach to preventing evasive malware from infecting endpoints.

Watch >>

Minerva Labs Research Report: 2017 Year in Review

End of the year offers an opportunity to reflect upon the key events that have shaped 2017 and set the direction for 2018.

Download >>

A SANS Institute Product Review

See how Minerva Labs’ Anti-Evasion Platform performed in the SANS Institute test

Download >>

Brochure: Anti-Evasion Brochure

Block unknown threats that are designed to evade your existing defenses.

Download >>
See All Resources >>