A comprehensive endpoint solution that prevents attacks
through trickery and deception
Addressing the widest variety of attack scenarios, Minerva Anti-Evasion Platform includes multiple modules that reinforce each other to block unknown threats that employ different evasive techniques.
All modules are supported by our shared technology layer, Minerva VR™, forming a powerful approach to prevent unknown threats designed to evade your existing defenses.
Cybercriminals are constantly finding ways to outsmart today’s security defenses. Updating and releasing new malware versions of their code in the hopes that it will breach your defenses. Or simply purchasing a low cost packer from the darknet to hide their malicious creation.
There are hundreds to thousands of nuances to evasive malware techniques – from situation-aware to fileless techniques, hiding in legitimate applications and documents, silently waiting until they are safe to strike.
Security tools that rely on Indicators of Compromise (IOC), based on signatures, behavioral models or patterns, won’t catch evasive malware that has not yet revealed itself.
Evasion has become a key motif in current threats, yet today’s solutions fail at preventing evasive techniques.
Minerva Labs' Anti-Evasion Platform does not rely on previously seen patterns or signatures, which is the premise shared by all other endpoint security tools.
Using deception Minerva Labs will:
Deceive the malware’s perception of reality, prior to installation, to the point that it is certain to be in such a hostile environment and aborts the attack.
Stop in-memory attacks on the fly by preventing the code injection into legit processes.
Trick malware into believing the same malware is already running on the target when it’s not.
Deceive non-evasive ransomware into believing it had encrypted the files on an endpoint when in reality it had not.
Attackers take care to avoid being detected, so that their malware remains effective for as long as possible. This is why their creations check for sandboxes, forensics environments, virtual machines, debuggers and more to remain under the radar until they’re ready to strike.
Minerva uses the strength of such situation-aware malware against it. With Minerva, all endpoints now appear to have all the security tools that evasive threats aim to avoid, simulating an environment in which such malware refuses to run, keeping your endpoints safe.
In fileless attacks, adversaries aim to avoid detection by injecting malicious code into other processes, hiding within legitimate applications.
Fileless attacks take many forms, and often involve programs that appear benign, malicious document files, PowerShell scripts, and numerous other approaches.
Ransomware is becoming more sophisticated, avoiding detection with evasive techniques such as checking whether they’re in a safe environment to unpack, injecting malicious code into legitimate processes, hiding in macros and more.
The combined capabilities of the Minerva Anti-Evasion Platform, deliver reliable protection against ransomware.
Protect your endpoints with Minerva so you never pay the ransom and never lose your data.
Minerva enhances your defense ecosystem with threat intelligence so you get the most out of your existing investments.
Once an unknown attack is blocked, Minerva will update other security tools with the new attack pattern, to find and eradicate attacks faster.
Learn more >>
Minerva Anti-Evasion Platform includes a single console to manage and oversee Minerva agents and Minerva-generated events.
The web-based console provides powerful event filtering and searching capabilities that allow administrators to view the threats that have been prevented by Minerva, together with event details.
Evasive malware goes after your physical environment as well as your virtual environments.
With the lightweight nature of the Minerva agent, the Anti-Evasion Platform enhances Virtual Desktop Infrastructure (VDI) security for end-to-end, fully-enabled anti-malware protection, without adding any performance overhead.
The platform is both VMware Ready and Citrix Ready certified.
Read Solution Brief >>
Offline operation mode
Fully standalone mode which keeps protecting endpoints even when disconnected from the organizational network.
As a super-thin agent, Minerva can be installed on thousands of machines in no time. No restart is required.
As there is no heavy client running in the background, and no active detection application scanning processes and files, Minerva does not use up any resources, and has no impact on the end user experience.
No false positives
With Minerva in place, there are no false-positive alerts. Once a notification appears, you know that a real threat was neutralized and prevented before any damage has been done.
No ongoing maintenance
Minerva does not need any ongoing upkeep to ensure it’s operating at its best. It even updates itself automatically with new simulations and artifacts on a regular basis.
Supports all Windows OS
Embedded systems, Point of Sale (PoS) and additional legacy systems, as well as physical and virtual environments (e.g. VDI Terminal Server).
This webcast will explain a unique approach to preventing evasive malware from infecting endpoints.Watch >>
Discover the reasons why evasion techniques work, even with a layered defense approach and how to evolve your endpoint protection strategy, to cover the gap.Download >>
See how Minerva Labs’ Anti-Evasion Platform performed in the SANS Institute testDownload >>