CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

PRODUCT

ArmorX APT Malicious Mail Forensics


Technological Adavantage

Sandbox malicious hyperlink download analysis.

APT attack connection counter Sandbox malware behavior analysis

Double authentication whitelist.

Instant traceback tracking of malicious threat communication behavior analysis

APT (Advanced Persistent Threat) is a common attack method that, after locking on its target, collects intelligence, designs bait, and performs various tasks. Some common baits include impersonating customers, government agencies, and other well-known service providers, such as Apple, Google, the State Administration of Taxation, the Health Insurance Bureau, and international express delivery agencies.

Such socially engineered mail are not suspected as advertisements due to the content of the email, and the exploitation of traditional email gateway weaknesses to set the email address of the current unit as a system or personal whitelist, thereby removing any barriers against such fraudulent commercial email.

Our system has the world's most cutting-edge fraudulent email identification technology, providing an exclusive dual-verification whitelisting mechanism, meaning that the sender's mailbox plus the sender's host must both be approved before the mail can be released; and our exclusive SMTP delay counter, prohibit the hacker from utilizing system resources for replies, forcing the hacker to respond.

Next-gen AI unknown malicious threat program behavior analysis 

A malicious program is a program that,from the perspective of a programmer, customizes the simulation program,recognizes and automatically classifies the language library, and defines the ratings of each type of project, including

 Attachment type:attachment encryption, forged subfile name, bomb compression (ZIP Bomb), decompression times.

 Characteristic database:complete (Md5), multi-segment (Ssdeep), loading (Imphash) sampling, original database.

 Program behavior:Antidebug Antivm, CVE Vulnerability, encryption calculus, Exploit Kits, Packers Hidden, Webshells , email identification, malicious files, malware, mobile malware, malicious URLs.

 Sandbox analysis (optional - independent dynamic sandbox simulation system):behavior analysis, network analysis.

Forensic Report

The schedule can be immediately sent, or sent on a specified month, week, day, and time;the content includes periods (starting with today, yesterday, this week, last week, this month, last month, this year, last year) and risk level;regular input comparison of sender, recipient, subject, source routing, message code;recipients can add their own, custom report format (supports webpage, text, PDF).

Advanced Threat Protection