Even modern preventive measures cannot avert all threats. The best way to protect yourself from attackers in a targeted manner is to operate at eye level from a technological point of view. You have to recognize when attackers want to bypass your system – and at an early stage. To do this, you need the appropriate technology.
With VT AIR Intrusion Protection Pro-Rules, your company always has an up-to-date and precise set of rules for detecting and blocking advanced threats. The VT AIR Intrusion Protection Pro Rules currently cover more than 40 different categories of network behavior, malware command and control, DoS attacks, botnets, information events, exploits, vulnerabilities, SCADA network protocols, exploit kit activities and much more.
Today, cyber attacks are carried out by a large number of criminals for various reasons, the spectrum ranges from theft and espionage to targeted blackmail. While the basic tools used to carry out these attacks share common elements and are often derived from fewer than 20 known exploit kits, each attack is unique in its use of botnets, proxies, attack vectors, and command and control systems. Given the dynamic nature of attacks, it has become almost impossible for organizations to keep up with the changing threat landscape. This is where VT AIR comes into play.
Security teams are often unhappy with their network intrusion protection and NGFW deployments as the number of false positives increases and they cannot be notified when an actual threat occurs. This is because standard intrusion protection signatures are designed to detect exploits against known vulnerabilities in hosts on the network – even if the systems are patched and not really vulnerable. Still, these security platforms are ideally positioned on the network to monitor malware activity, including communications to and from remote command and control locations.
VT AIR Intrusion Protection Pro features include:
- Emphasis on compromises that are overlooked in traditional prevention methods.
- Over 26,000 rules in over 40 categories.
- 10 to 30+ new rules are published every day.
- Very low false positives
While the VT AIR Intrusion Protection Pro Rules include full coverage for numerous threats, the rules offer unmatched network-based detection logic to prevent malware command and control communication, known bad landing pages, botnets, communication with Drive by Sites with their extended Identify threats. VT AIR Intrusion Protection Pro Rules help your network security by detecting advanced threats with high accuracy, including:
- All major malware families covered by command and control channel and protocol.
- Detection across all network-based threat vectors, from SCADA protocols, web servers to the latest client-side attacks provided by exploit kits.
- The most accurate malware recall, droppers, command and control, obfuscation, exploit kit and exfiltration signatures the industry can offer.
- Comprehensive rule set also includes regular mandatory CVE updates, including MS MAPP & Patch Tuesday updates.
Compatible with all VT AIR Appliances
Subscription
The subscription can be stopped in your shop account before the next renewal.
A purchased subscription cannot be terminated early or returned.
A transfer to another VT AIR Firewall is not possible.
Please contact us if you have any questions.