회사소개

제품

안내

고객지원

Company Overview

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

Zombie ZERO

Interworking Analysis between Agent-based and Network-based systems

Zombie ZERO

Zombie ZEROIntroduction

APT(Advanced Persistent Threat) is a new hacking technique used by cyber criminals to persistently attack target victims using various methods(email, web, etc.) until an objective is achieved.
Zombie ZERO consists of a behavior-based defense solution installed on a user PC (Agent) and a behavior-based defense solution, installed on network, which analyzes files from packets (Inspector).
It is an accurate information security solution which designed to defend against new APT attacks and detect malware and prevent security incidents such as ransomware, data exfiltration and network failures.

npcoreNetwork-based Detection and Analysis
npcore
npcoreAgent-based Detection and Quarantine
npcore
npcoreTWO-LEVEL Defense System

Zombie ZEROTWO-LEVEL Defense System

Zombie ZERO The two-level defense system of Zombie ZERO, which interworks between an agent-based behavioral defense system and a network-based behavioral detection system, can defend the infiltrating malware that bypasses a network and responds with lower false-positive rates quickly and accurately.

npcore

Accurate detection with minimal false-positive rates

Robust two-level defense / Immediate response to security threats

Detection / blocking for network-bypassing malware

Zombie ZEROFeatures

Interworking Analysis between Agent-based and Network-based systems
  • Accurate detection with minimal false-positive rates through interworking between agent-based and network-based analysis.
  • Independent behavioral analysis on agent-based and network-based systems.
  • Malware detection and blocking from bypassing the network security systems such as encrypted traffic, and other hidden threats.
  • Blocking harmful outbound traffic.
TWO-LEVEL Defense
  • Firstly, network-based behavioral engines respond to the incoming files and secondly, agent-based behavioral engines respond to them at end-point.
Multiple Analysis
  • A signature-based anti-virus engine detects known malware and behavior-based engines detect unknown malware.

ZombieZERO Diagram

npcorenpcore

Network-based Detection and Analysis ZombieZERO Inspector
Zombie ZERO Inspector

  • Behavior-based analysis by virtual system
  • Detection/block of illegal traffic and C&C server access
  • Pattern generation for detected malware

Agent-based Analysis and Quarantine ZombieZERO Agent
Zombie ZERO Agent

  • The malicious behaviors block by behavior-based engine
  • Process management and it’s modulation detection/block
  • Detection/block of ransomware and data exfiltration

System Management and Monitoring ZombieZERO ESM
Zombie ZERO ESM

  • System operation and monitoring
  • Generation of detailed logs and reports
  • Centralized and policy-based management
  • System operation & monitoring with dashboard