Security platform uses virtual machine introspection
CounterTack announced three new solutions available on Event Horizon, a security platform utilizing virtual machine introspection (VMI), to help organizations identify, disrupt and respond to advanced threats.
Positioned on the hypervisor, Event Horizon’s patent pending technology provides undetectable and omnipresent surveillance into guest operating systems and applications, providing real-time analysis of operating system-level functions that attempt to manipulate file, process and network behavior.
CounterTack’s three new solutions complement the Event Horizon platform by continuously monitoring and covertly gathering forensics on an attacker’s lateral movements across critical domain assets.
CounterTack’s Continuous Network Monitoring to Detect Lateral Movement solution enables organizations to detect malicious, lateral movement from the initial host as the attacker conducts network discovery, credential collection and privilege escalation activities to find and access valuable data. Once detected, CounterTack provides a rich set of real-time file, process and network forensics information, enabling organizations to quickly disrupt the attack, harden its defenses and enable precise system remediation.
CounterTack’s unique approach to active continuous monitoring at the CPU, memory and process level provides unprecedented protection against malicious behavior in Active Directory, the foundational piece of any organization’s security infrastructure. Holding a comprehensive database of user names, passwords and cryptographic keys, Active Directory provides both a “map” and the “keys” to virtually any resource on an organization’s network. CounterTack offers two solutions to protect an organization’s Active Directory environment.
“CounterTack’s new solutions are built on our proven, innovative cyber security technology powered by virtual machine introspection for the enterprise and government markets,” said Neal Creighton, CEO of CounterTack. “The introduction of Event Horizon 3.2 expands our capabilities to complement our customers’ security infrastructures, adding significant value to existing investments and processes for in-progress incident response.”