Minerva Anti-Evasion Platform blocks unknown, evasive malware by controlling how it perceives its environment and ensuring it refrains from execution.
Advanced malware today uses evasion techniques to get past anti-virus products, sandboxes, and other security systems. Instead of infecting every machine they land on, they actually camouflage their malicious code, staying in a “sleep” state until they’re in the ideal environment for the attack. Only then do they unpack and execute the code. In this sleep state, the malicious code can’t run or cause any damage. This very malware evasion mechanism is what we take advantage of.
Minerva’s Environment Simulation Technology is situated between the malware and the operating system. Every time the malware tries to sense what conditions and defenses are present, Minerva simulates an environment that would be unideal for the malicious code to execute. As the malware believes the environment is not ideal, it stays asleep indefinitely, while the security professional is notified of the presence of suspicious code
Minerva prevents the deadliest unknown threats by creating an environment in which the malware refrains from execution, just before the installation phase (5th phase in the "Cyber Kill Chain") and before any damage has been done.
Minerva prevents targeted attacks without the need to detect them first and without other prior knowledge.
Offline operation mode
Fully standalone mode which keeps protecting endpoints even when disconnected from the organizational network.
As a super-thin agent, Minerva can be installed on thousands of machines in no time. No restart is required.
As there is no heavy client running in the background, and no active detection application scanning processes and files, Minerva does not use up any resources, and has no impact on the end user experience.
No false positives
With Minerva in place, there are no false-positive alerts. Once a notification appears, you know that a real threat was neutralized and prevented before any damage has been done.
No ongoing maintenance
Minerva does not need any ongoing upkeep to ensure it’s operating at its best. It even updates itself automatically with new simulations and artifacts on a regular basis.
Supports all Windows OS
Embedded systems, Point of Sale (PoS) and additional legacy systems, as well as physical and virtual environments (e.g. VDI Terminal Server).
Minerva increases the value of your entire defense ecosystem by notifying your other security tools of the existence of the unknown malware, so they can find and eradicate it even faster, adding incredible value to your existing security and defense applications. Minerva integrates with endpoint security solutions, network security solutions and cloud intelligence solutions:
Block unknown threats that are designed to evade your existing defensesDownload >>
Learn how to stop time on ransomware and avoid paying the ransomDownload >>
Learn more about evasive malware in our webinar co-hosted with SANS InstituteWatch >>