Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Invincea Enhances Endpoint Protection Solution

End Point Security Solution Integrates Cloud Analysis and Enterprise Response Capabilities

Endpoint threat prevention firm Invincea, Inc., this week enhanced its offerings with new threat identification and response capabilities added to its container-based endpoint protection solution.

End Point Security Solution Integrates Cloud Analysis and Enterprise Response Capabilities

Endpoint threat prevention firm Invincea, Inc., this week enhanced its offerings with new threat identification and response capabilities added to its container-based endpoint protection solution.

The latest version of the company’s flagship offering, Invincea Advanced Endpoint Protection 5, now combines containerization technology with advanced endpoint visibility, analysis, and control to provide compromise detection and elimination, the company said.

Invincea Logo

The common attack vectors leading to breaches is employees clicking on malicious links, visiting compromised websites or opening weaponized documents—all threats that Invincea aims to defeat via its endpoint security solution.

In a recent blog post debating the effectiveness of security awareness training, Anup Ghosh, founder and CEO of Invincea, explained that while educating employees on the risks of using email and the Web is important, relying on users to make the correct decision on every email link, attachment or web page they choose to click on is nearly impossible.

“If there is an attachment, someone will open it – no matter how much you have trained users,” Ghosh said. “It is not only human instinct you are trying to untrain, it is the way we do business. You can’t train an HR person not to open a resume sent in PDF – that’s his job. You can’t train an executive not to open a business proposal—that’s her job. In both cases, these are common spear-phishing tactics.”

The addition of new sensor technology, which works alonside its cloud-based cyber genome analysis technology, Cynomix, enables security teams to identify compromised devices.

Invincea Advanced Endpoint Protection now includes granular escalating controls that emable security teams to isolate suspect processes on endpoints, quarantine compromised devices, and eradicate threats across the enterprise.

Invincea Management, which runs cloud-hosted or on-premise, manages endpoints and allows security teams to selectively publish threats to trusted communities in standard STIX format.

Comprised of Invincea Endpoint (formerly Invincea FreeSpace), Invincea Management (formerly Invincea Management Server) and Cynomix, Invincea Advanced Endpoint Protection 5 includes capabilities:

Secure Virtual Container – Protects the most targeted and vulnerable applications (Web browsers, Java, Flash, PDF readers, Office applications) by running them in a secure virtual container. Attacks are isolated from the host operating system, preventing the adversary from accessing sensitive data or conducting lateral movement in the network. A control interface kills any suspicious processes in the container, while detailed forensic data is captured for analysis.

Endpoint Sensor to Identify Existing Breaches – The endpoint agent now includes an integrated sensor that identifies suspicious processes already existing on the machine. The sensor sends only anomalous events to Invincea Management for further analysis using cloud-based analytics.

Pluggable Framework for Threat Analysis Services – The solution now includes a framework for integrating third-party threat analysis services. Pre-built integrations are included for Cynomix, VirusTotal, Metascan and ReversingLabs; additional services can be added via an open API.

Cynomix – A DARPA-funded technology built by Invincea Labs, Cynomix uses machine learning techniques to analyze unknown executables and identify maliciousness through their genetic markers. Using a mapping of the cyber genome of millions of pieces of malware, Cynomix identifies new malware strains well before other solutions.

In June 2013, Invincea announced an OEM partnership with Dell under which the PC maker would ship systems with Invincea technology installed straight from the factory on all commercial systems including its Precision, Latitude and Optiplex machines.

Invincea Endpoint 5.0, Invincea Management 3.0, and Cynomix are available immediately.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Malware & Threats

A GitHub Codespaces feature meant to help with code development and collaboration can be abused for malware delivery.