![]() Continuously monitors processes running on those computers, active network connections, and files that are modified. Installed on workstations and servers of the corporate IT infrastructure that run the Microsoft Windows operating system. Solution designed for the protection of a corporate IT infrastructure and timely detection of threats such as zero-day attacks, targeted attacks, and complex targeted attacks known as advanced persistent threats (hereinafter also referred to as " APT"). The likelihood of an alert may increase if a scan detects exact matches between the data of an object and several IOC files. If the compared indicators match, the program considers the event to be an alert. IOC files contain a set of indicators that are compared to the indicators of an event. A set of data about a malicious object or malicious activity. Description of suspicious behavior of objects within a corporate IT infrastructure that may indicate a targeted attack on that organization. Scans the Internet traffic for signs of intrusions into the corporate IT infrastructure. Kaspersky Anti Targeted Attack Platform receives data from the proxy server of your organization after this data was processed on the ICAP server. The ICAP client is normally a proxy server that interacts with the ICAP server by the ICAP protocol. ![]() For example, it allows scanning data for viruses, blocking spam, and denying access to personal resources. This protocol allows filtering and modifying data of HTTP requests and HTTP responses. ICAP dataĭata received by the ICAP protocol (Internet Content Adaptation Protocol). End User License Agreementīinding agreement between you and AO Kaspersky Lab, stipulating the terms on which you may use the program. DumpĬontents of the working memory of a process or the entire RAM of the system at a specified moment of time. This hierarchy allocates a master control server (Primary Central Node (PCN)) and slave servers (Secondary Central Nodes (SCN)). Two-level hierarchy of servers with Central Node components installed. ![]() For example, under the guise of an authorized user of a vulnerable website, a hacker can covertly send a request to the server of an external payment system to transfer money to the hacker's account. The attack enables actions to be performed under the guise of an authorized user of a vulnerable website. Attack on website users by exploiting vulnerabilities of the HTTP protocol. CSRF attackĬross-Site Request Forgery (also referred to as an "XSRF attack"). The highest possible speed of information transfer in the specific communication channel. Scans data, analyzes the behavior of objects, and publishes analysis results in the web interface of the program. Backdoor programĪ program planted by hackers on a compromised computer in order to be able to access this computer in the future. Scans files and objects for viruses and other threats to the corporate IT infrastructure using anti-virus databases. Streams can be created, deleted, individually saved, renamed, and can even be run as a process.Īlternate streams can be used by hackers for concealed transmission or receipt of data from a computer. The other (alternate) streams are intended for metadata. ![]() The main stream contains the file contents. Alternate data streamĭata streams of the NTFS file system (alternate data streams) are intended for additional attributes or information on a file.Įach file in the NTFS file system consists of a set of streams. Glossary Advanced persistent threat (APT)Ī sophisticated targeted attack against the corporate IT infrastructure that simultaneously uses different methods to infiltrate the network, hide on the network, and gain unobstructed access to confidential data.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |