Public Relations

Asgent Announces the Start of Free Targeted Attack Diagnostic Service

- Searching customers’ network traffic for symptoms of targeted attacks -

February 7, 2014
Asgent, Inc.
（JASDAQ：4288）

Asgent, Inc. (President & CEO: Takahiro Sugimoto, located in Chuo-ku, Tokyo), a pioneer in network security and operations management solutions, announces the start of a “Free Targeted Attack Diagnostic Service”, to diagnose symptoms of targeted attacks in corporate networks.

Targeted attacks are “cyber-attacks targeted against specific organizations or individuals with the primary aim of extracting confidential information from that organization or individual”. Many of these attacks use methodology such as (1) impersonating an organization or individuals with ties to the target and sending e-mails to the target, (2) the recipient of the e-mail opens an attached file or accesses a URL embedded within the e-mail and becomes infected by malicious programs such as malware, (3) the malicious program contacts back to the command and control (C&C) server and (4) information is extracted from the target and collected by the attacker. These attacks are difficult to detect because they hide themselves from detection and steal confidential information over a period of time.

Asgent’s “Free Targeted Attack Diagnostic Service” utilizes the Check Point Security Technologies Ltd. (Check Point) security inspection engine to analyze customers’ network traffic. Multi-hierarchical checks are performed from a network-layer point of view to determine if any malicious program such as malware has been sent, if there is any internal communication to command and control (C&C) servers, or if any applications such as file sharing software that could be linked to information leaks exist on the network. The results of these checks are provided as an easy to understand graphical report showing any detected security risks and countermeasures to them, and can be used as a guideline for future security countermeasure revisions.

【Free Targeted Attack Diagnostic Service】

This service diagnoses the real “current state” of the customer’s network. The diagnostic (Check Point) device is placed in the customer network and left for a specified period of time, during which it will monitor actual network traffic and collect log data. The collected log data is analyzed by Asgent security analysts from a “professional viewpoint” and is collated and presented to the customer as a report. This report covers both the current status of security threats and symptoms related to the network such as the presence of machines infected with bots or other malware, communication with suspicious external sources as well as recommended countermeasures. In addition, the diagnostic process utilizes mirror ports, meaning there is no configuration change required on the customer’s network.

【How to Apply】

Please complete the application form on Asgent’s website to apply for this service (http://www.asgent.co.jp/apt/diagnosis.html).

Process from application to analysis:

1. Application is processed
2. Asgent engineer visits customer site and places diagnostic device on network
   - Monitoring period (default: 1 week)
3. Diagnostic device is removed from customer network
4. Collected log data is analyzed
5. Report including result of analysis and recommended security countermeasures are presented to the customer

* All company names or product names are registered trademarks of their respective companies.