Asgent

Japanese

Public Relations

Asgent Announces SecurityPlus $B!H(BSecurityDoc$B!I(B, a New Service to Proactively Detect and Address Security Incidents and Damage

June 10, 2015
Asgent, Inc.
(JASDAQ: 4288)

Asgent, Inc. (President & CEO: Takahiro Sugimoto, located in Chuo-ku, Tokyo), a pioneer in network security and operations management solutions, announces the start of SecurityPlus$B"((B1 $B!H(BSecurityDoc$B!I(B service, a new spot service to proactively detect and address massive security incidents and damage in corporate and other organizations$B!G(B networks, before it becomes exposed.

$B!Z(BBackground$B![(B

Corporations and organizations have traditionally put a lot of effort into devising protective measures for their networks to prevent invasion by cyber security threats, using security devices such as firewalls, IDS/IPS and sandbox appliances etc., along with SOC (Security Operation Center) monitoring.

$B!Z(BA Well-known Fact$B![(B

While strengthening of preventative measures will continue to be essential in the future, it is a well-known fact globally that these measures alone cannot 100% prevent intrusions, as is known from the security incidents being reported on a daily basis. To take an example, even if a preventative measure could block one million attacks, all it takes is one intrusion to create massive damage.

$B!Z(BPeriod of Latency until Attack$B![(B

Today$B!G(Bs threats do not cause damage immediately after invading the network. The significance of the attack only becomes greater the longer the threat remains dormant.

In the US alone, the average latency from invasion until attack is seven months, and the number of cases where an invaded party was informed of their invasion by a third party rises to 69%, according to reports.

$B!Z(BEarly Detection/Coping Mechanism$B![(B

Therefore, the focus has shifted to deploying highly detailed systems to proactively detect and deal with hidden threats that passed through the preventative measures. By deploying such systems, it is possible to address security incidents and damage before they become exposed.

$B!Z(BSecurityPlus $B!H(BSecurityDoc$B!I(B Service$B![(B

In traditional security incidents (accidents), the corporation or organization would be faced with the task of determining the terminal involved the cause of the incident, extent of damage and initializing/recovering terminals or servers after they had already been hit with the attack.

The SecurityPlus $B!H(BSecurityDoc$B!I(B service provides an early detection and coping mechanism as a spot service. Using the highly detailed monitoring/analysis tool $B!H(BDAMBALLA Failsafe$B!I(B$B"((B2 to determine if there is a latent threat in the corporation or organization network, a diagnosis of the incident before it becomes exposed and a guideline on how to deal with the issue are provided.

Just as humans receive periodic health check-ups from a human $B!H(Bdoc$B!I(B, so this service has been named $B!H(BSecurityDoc$B!I(B in the same vein.

This service is ideal for the following situations.

- As a periodic health check for network systems

- As part of information security auditing process in a corporation or organization

- As part of initial investigation into potential infection

- As part of ongoing prognosis follow-up after an incident has occurred


$B!Z(BService Flow$B![(B

Asgent will deploy the DAMBALLA Failsafe appliance in the customer environment and receive and audit network traffic via a mirror port. Once suspicious activity has been detected, the activity on each terminal will be analyzed and an $B!H(Binvestigation$B!I(B will begin. As a result of the investigation, evidence to back up the determination (information on where was accessed, the access results and packet capture file etc.) will be collated and the terminal where the threat is hiding will be determined. Next, the infected content will be shown and guideline on how to deal with the issue will be provided.

The SecurityPlus $B!H(BSecurityDoc$B!I(B service will provide diagnostic results in one month of deployment. Because DAMBALLA Failsafe does not require a long period to learn the $B!H(Bbehavior$B!I(B, it is possible to detect dormant or latent threats immediately after beginning the service.

$B!Z(BComments from DAMBALLA$B![(B

Yasuyuki Shinmen, the country manager for DAMBALLA, has the following comment regarding this service.

$B!H(BWe welcome Asgent, who has lead the internet security market for many years and has proactively provided advanced security services for many years, as they begin this new service that recognizes the unique value provided by the $B!H(BDAMBALLA Assessment Service$B!I(B, which has had success with many business partners including auditing firms in the US.$B!I(B

$B"((B1 About SecurityPlus
The generic name for a group of services that provide the highest quality of security, including Asgent$B!G(Bs security knowhow gained over many years, at a reasonable price.
SecurityPlus provides all the necessary services that a company requires to maintain the highest level of security, including (1) Managed Security Services, (2) Security Diagnosis, (3) Forensic Security Investigations/Countermeasures, (4) ISMS and security audits, and countermeasures for (5) Social Engineering, which is common among all security breaches.


$B"((B2 About DAMBALLA Failsafe
An appliance product that uses eight highly advanced and detailed detection engines work to detect activity from latent threats and perform $B!H(Bprofiling investigations$B!I(B through correlation analysis to determine infected terminals. The detection capabilities are backed by constant analysis of passive DNS records that amount to almost thirty percent of global internet traffic and are continuously updated.
Also, the profiling investigative function that is the greatest characteristic of the product provides a high level of operability without over-detection or mis-detection. This functionality has resulted in DAMBALLA$B!!(BFailSafe receiving the $B!H(B2015 Red Herring 100$B!I(B award in the US and the $B!H(B2015 New Product Innovation Award$B!I(B from Frost & Sullivan in Europe.
Asgent is the primary distributor for DAMBALLA Failsafe in Japan.



$B!Z(BSales Target$B![(B

Start of Sales:
June 10th, 2015
Sales Price:
756,000 Yen$B!A!!(B($B!A(B500 Node environment/1 month of monitoring, tax excl.)
Sales Target:
500 Million Yen/Initial Year

$B!Z(BReference Material - Flow of Intrusion to Infection, Dormancy to Damage$B![(B

$B-!(B File with hidden infected file arrives at user terminal

$B-"(B User opens file and threat uses exploit to $B!H(Binfect$B!I(B the terminal

$B-#(B Threat uses preprogrammed method to contact external $B!H(BC&C Server$B!I(B

$B-$(B Infected terminal falls under attackers control

$B-%(B Attacker commands threat to begin search for target confidential data

$B-&(B Terminal continues periodic communication with C&C server and search activities within the network system

$B-'(B Attacker finds the targeted data

$B-((B Secondary malware is introduced to retrieve targeted data

$B-)(B Targeted data is retrieved

$B-*(B Evidence of threat activity is deleted (or modified)



* All company names or product names are registered trademarks of their respective companies.

Top Page
Products
Products
Publick Relations
Corporate Profile
Publick Relations
Investor Relations
Contact Us

IS 76150 / ISO (JIS Q) 27001
Check Point Distributer Partner

Top Page | Public Relations | Products | Corporate Profile | Investor Relations
Privacypolicy | Contact Us | Security Policy Alliance
Copyright (C) Asgent, Inc. All Rights Reserved.