NPCore is a Korean company that was established in 2008. They are very experienced in APT defense and their solution, ZombieZero, provides much more than just the usual sandboxing technologies.
NPCore works on two levels, on network with ZombieZero Inspector and on endpoints with ZombieZero Agents. With the Inspector collecting incoming files through traffic analysis, and the Agents doing behavioral static and dynamic analysis on endpoints, you are able to defend infiltrating malware that bypasses a network and responds with lower false-positive rates quickly and accurately.
ZombieZero Agent works on your endpoints and protect them from breaches, especially ransomware :
- Detection of the DDoS attack generating malicious traffic and massive sessions in the user's PC
- Detection of the file exfiltration behavior done by the external attack without the user's recognition
- Detection of the command behavior after in the event of remotely accessing to the target PC by hacker
- Monitoring of PC Resource
- Providing the resource monitoring (CPU and details of network status)
- Providing the 5 stage PC threat level on the main UI in terms of malware infection
- 10 second installation time required
- Guarantee of secure system operation by preventing the conflict with other programs because it is installed at the Kernel driver layer where as others are installed at the application layer
ZombieZero Virtual Appliance works in your network, checking for zero-day attacks and issuing quarantine if there is a breach
- Accurate detection with minimal false-positive rates through interworking between agent-based and network-based analysis.
- Independent behavioral analysis on agent-based and network-based systems.
- Malware detection and blocking from bypassing the network security systems such as encrypted traffic, and other hiddent threats.
- Blocking harmful outbound traffic.
- Firstly, Network-based behavioral engines respond to the incoming files and secondly, agent-based behavioral engines respond to them at end-point.
- A Signature-based anti-virus engine detects known malware and behavior-based engines detect unknown malware.
ADVANTAGES & BENEFITS