Javelin ZeroMove uses artificial intelligence to autonomously randomize the internal topology of organizations and expose cyber attacker movements, preventing them from further penetrating an organization. The Javelin solution is generally available to customers worldwide.
The new solution, according to the company, comes as a response to a pressing need for a proactive and autonomous, post-breach attack detection and prevention solution that automates attacker detection and stops their subsequent movement.
Nine out of ten companies have been compromised, whether by stolen remote access credentials, third party network connections, web and API vulnerability exploits or malware according to research. In order for the attacks to progress, attackers need knowledge of the organization’s internal topology: the critical servers, identities, applications and endpoints. Once they’re on a computer, they begin internal reconnaissance, collecting information and planning their next move based on what they’ve discovered. Javelin Networks approach makes what the attacker learns - useless.
More than that, regardless of how attackers have successfully penetrated a machine, whether an internal server or a user’s computer, they initiate two actions: initially they model the environment looking for assets, such as servers or desktops, where they can move or expand the breach. After that, they attempt to steal identities such as usernames, passwords and other credentials that will allow privileged access to servers, databases, security tools and other network-attached equipment without further detection.
To stop attackers, Javelin is applying a new approach to masking the attacker’s view of the internal topology. When attackers move within the masked topology they are detected immediately. Simultaneously all forensics evidence is collected before the attacker can delete it and the mitigation process is initiated, preventing the attacker from further movement.
Javelin ZeroMove detects attacker’s activities within the obfuscated environment and takes action to isolate the breached device. The solution doesn`t cause false positives, heavy network traffic, or operational overhead, claims the company.
Additionally, the solution autonomously builds and maintains a consistent, customized mask topology across all devices in the enterprise.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now