Near real time Out-of-Band In-Memory Threat detection.
Once an evasive and reactive remediation threat, CyBlu offers new approach and proactive way in detecting In-Memory attacks.
Working hand-in-hand with Nvidia, CyBlu offers you near real time out-of-band In-Memory threat detection and alert via Nvidia’s Bluefield Data Processing Unit (DPU) card.
Watching for threats such as process injection, memory injection and DLL injections, it sends alerts immediately when a malicious action was executed in-memory thus enabling the organisation to respond timely to prevent and mitigate the effects of the attack.
Detection vs Remediation. CyBlu, supported by CyRaptor, can detect the adversary’s malicious actions occurring In-Memory while he is preparing to do harm on your system.
Undetectable to adversary. A hardware based detection, it is able to detect stealthy threat actions that may mask itself from software-based detection agent.
Able to detect threat at VM level. Individual VM can hence be monitored. Currently the solution supports Hyper-V
As memory data are perishable, it is traditionally hard to perform investigation on these threats. CyBlu allows logging of such important information and thus aid you in future investigation.
Reliable and Trusted
How do you know if the adversary has performed malicious actions in-memory?
Currently CyBlu works with Nvidia DPU card for its memory data acquisition. CyBlu extracts significant events and pushes the information to a log collector or SIEM system. CyRaptor will then identify the adversary’s in-memory attack actions and raises and observation for the analyst to investigate further.
What will be the next course of action when CyRaptor raises the observation of possible in-memory attacks?
CyRaptor enables the security analyst to perform further queries and correlates the information with other log sources. The analyst will then see the adversary’s action end-to-end from the end-point, to the network and to the server with the processes running within the memory that is deemed malicious.
There are so much data in the memory, does CyBlu keep so much information ? What is the capacity needed for CyBlu
CyBlu extracts certain information that is of security relevance. It does not keep all the data from the memory.
Book a demo with our team of experts to know how we can help you secure your organization from all possible cyberattacks!