AhnLab, Inc. has unveiled TrusWatcher, a comprehensive solution which prevents confidential data loss through APT (Advanced Persistent Threat) at the RSA Conference 2012. AhnLab TrusWatcher allows organizations to protect their IT systems and digital assets against APT attacks, employs an automated diagnostic feature that analyzes all executable files, and executes them on virtual machines to determine unknown malware and suspicious behaviors in real-time. The solution also analyzes non-executable files, including .doc and .pdf, by adopting the world's first "Dynamic Intelligent Contents Analysis (DICA)" technology developed by AhnLab. By incorporating the vast anti-malware database and anti-malware technology of cloud computing based on AhnLab Smart Defense, TrusWatcher delivers accurate, instantaneous detection of attacks. APT attacks are better planned, more persistent, and more targeted than any cyber threats have experienced before. Increasingly sophisticated, next-generation threats use social engineering and other advanced techniques to install malicious executables onto user PCs and avoid detection. Recent APT attacks use malicious files to penetrate the targeted organization's network as the vulnerabilities of various document readers/editors are reported. Attackers can easily avoid the detection of their malwares for the APT attack by hiding them in document files. From the social engineering perspective, users tend to open attached files without doubt, rather than click URLs or run executable files in the emails. AhnLab TrusWatcher monitors traffic transferred over the network and determines whether destination web pages contain malicious files. When suspicious traffic is detected, TrusWatcher resets the TCP connection to block access to the site. It also detects suspicious activities typically associated with zombie PCs.
Ahnlab. Inc. is a Korea-based company engaged in the development of integrated network security solutions and the provision of security consulting services. The Company focuses on endpoint security, network security, online security and online game security, as well as security management and security services businesses. The Companyâs security products consist of V3 series, such as V3net used to prevent codes from damaging server data, V3 Internet security 7.0 platinum used to protect user's system in real-time, V3 Internet security 8.0 used to protect windows server against the latest security threats, TrustGuard used to detect and block network-based attacks, and Absolute IPS used to block worms and denial-of-service (DoS) attacks, as well as mobile security 1.0 used to protect mobile devices from worms and viruses, among others.