CyberSight: Security

Security Information

CyberSight's Unique Security Engine Hacking, Zero-Day Exploits Security FAQ's What Security Companies Don't Want you to Know Fact Attack:
A Few Facts About Security Fill the Large Gaps Stop Industrial Espionage Urban Myths

CyberSight's unique security engine

The underlying technology in CyberSight's unique framework is the virtual image. This contains a real time image of each machine in the network stored on the server. As files or processes are created or modified, CyberSight agents inform the central repository to keep the virtual image up to date. This means that up to the second information is held on the central server.

It enables it not only to detect millions of threats but it gives it the ability to report on all installed software in real time.

One of the most impressive abilities of this approach is that if a new threat has been added to the central threat repository the server can then detect the threat on remote machines instantly without the need to generate 1 byte of network traffic, in fact the monitored machines don't even have to be switched on.

Advantages of a virtual image

The advantages are obvious

Central repository of all known and unknown files in your network
Ability to detect any file without even generating network traffic
Ability to report on system usage by file size, type and distribution
Ability to search in seconds for any file anywhere
Understand in real time what software you have, its version and who has it
Ability to see hardware changes e.g. memory being stolen or processors being swapped
Find and backup important files
Identify the movement of restricted documents even in encrypted zip files
Identify unpatched software in seconds
Search all files against a massive threat repository
Threat detection undertaken on a dedicated server, not by slowing down client machines

Agent Security

Security products must be able to protect themselves, too many of them are being hijacked or turned off by malicious code. The agent does not even have a listener which means it cannot be scanned and controlled like other security technologies. Any direct tampering with our agent results in an instant message to the administrators.The CyberSight agent does not start a listener on the machine being monitored. This has 2 significant advantages over legacy security products -

The agent cannot be spoofed
It cannot be port scanned.