CounterTack to unveil next generation version of the industry’s only commercially available security platform using virtual machine introspection at booth #845 during RSA Conference 2012
WALTHAM, Mass. (Feb. 21, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced three new solutions available on Event Horizon®, the world’s first commercially available security platform utilizing virtual machine introspection (VMI), to help enterprise and government organizations identify, disrupt and respond to advanced threats. CounterTack will preview these new solutions, along with an enhanced version of the Event Horizon platform, at the RSA Conference in San Francisco next week at Booth #845.
“As enterprise and government organizations adapt to changing cyber enemy skills and tactics, they need to arm themselves with superior intelligence, expert analysis and modern defenses,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Fueled by covert, high-speed virtual machine introspection technology, CounterTack is well positioned to provide a new class of intelligence and response solutions, helping organizations protect their critical assets from advanced persistent threats.”
Strategically positioned on the hypervisor, Event Horizon’s patent pending technology provides undetectable and omnipresent surveillance into guest operating systems and applications, providing real-time analysis of operating system-level functions that attempt to manipulate file, process and network behavior. CounterTack’s three new solutions complement the Event Horizon platform by continuously monitoring and covertly gathering forensics on an attacker’s lateral movements across three critical domain assets:
- CounterTack’s Continuous Network Monitoring to Detect Lateral Movement solution enables organizations to detect malicious, lateral movement from the initial host as the attacker conducts network discovery, credential collection and privilege escalation activities to find and access valuable data. Once detected, CounterTack provides a rich set of real-time file, process and network forensics information, enabling organizations to quickly disrupt the attack, harden its defenses and enable precise system remediation.
- CounterTack’s unique approach to active continuous monitoring at the CPU, memory and process level provides unprecedented protection against malicious behavior in Active Directory, the foundational piece of any organization’s security infrastructure. Holding a comprehensive database of user names, passwords and cryptographic keys, Active Directory provides both a “map” and the “keys” to virtually any resource on an organization’s network. CounterTack offers two solutions to protect an organization’s Active Directory environment.
- Active Directory Administrator Workstation Monitoring solution detects attacks and unauthorized actions on domain administrator workstations, including malicious software installation and establishment of backdoor connections to command and control servers.
- Active Directory Domain Controller Monitoring solution detects unauthorized user behavior in Active Directory, and protects against O/S and application-based attacks including attempts to escalate privileges.
At RSA Conference, CounterTack will also unveil its next-generation Event Horizon 3.1, now supporting Windows Server 2008 and the Windows 7 operating system to provide unsurpassed intelligence on in-progress attacks across these environments.
“CounterTack’s new solutions are built on our proven, innovative cyber security technology powered by virtual machine introspection for the enterprise and government markets,” said Neal Creighton, CEO of CounterTack. “The introduction of Event Horizon 3.1 expands our capabilities to complement our customers’ security infrastructures, adding significant value to existing investments and processes for in-progress incident response.”
CounterTack, the industry’s first and only in-progress attack intelligence and response solution was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $32 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.
Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ. Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors.