Intezer Launches Cloud Security Product, Intezer Protect, Leveraging Genetic Malware Analysis TechnologyJanuary 14, 2020
Intezer Protect continuously monitors the binary code running inside an organization’s cloud servers, alerting the user on unauthorized or malicious software in real time. The product has no impact on business continuity or performance.
“During the last two years, we have observed a significant increase in the number of cyber attacks targeting Linux servers,” said Itai Tevet, CEO and co-founder of Intezer. “This is significant because nearly 90 percent of all cloud servers are Linux. Our technology is often the first to detect sophisticated cyber attacks-many of which are Linux threats-and we saw a real opportunity to help organizations address their cloud security concerns.”
“Security teams are becoming increasingly concerned with a lack of visibility and control into what’s running inside of their cloud servers,” said Tevet. “Intezer Protect addresses this concern by continuously identifying the genetic origins of all software code running in the cloud infrastructure, while taking into account modern, cloud-native needs such as scalability, performance, and low operational overhead.”
Unlike anomaly detection solutions which often flood security teams with vague and false positive alerts, Intezer Protect produces only actionable and high confidence alerts, with a clear risk classification for each threat. This requires minimal work from the security team and enables them to quickly prioritize and respond to threats in their cloud infrastructure.
Intezer believes the key to mitigating cyber attacks is detecting and responding to the malicious code running in memory. In order for an adversary to conduct a successful cyber attack and inflict damage, such as stealing data, installing a backdoor, or deleting sensitive materials, they must run malicious code or commands on a victim’s machine-whether within a container or a VM (e.g. AWS EC2). This is the reason why Intezer’s solution is focused on providing security teams with full visibility into all code executing in runtime on their infrastructure, and protecting against unauthorized and malicious software.
In 2019, Intezer publicly uncovered many previously undetected cyber threats, while observing an increase in the number of Linux and cloud-focused attacks in the wild. Among the company’s discoveries were large scale crypto-mining campaigns, botnets, ransomware, and nation-state sponsored threats, including HiddenWasp, QNAPCrypt, and PureLocker.