For those of you who may have thought that the Triumfant 3 Minute Malware Challenge at RSA 2009 was hype, the video team from Infoweek/Dark reading came to our booth and recorded Dave Hooks, our CTO, doing the demo. Have a look at http://tinyurl.com/y94sgly
Dave’s set-up was live and he was careful to ensure that Triumfant Resolution Manager was free of any policies or controls that would have given it any prior knowledge of the malware. For this demo he is actually running the server and the client in two different virtual machines on his laptop – not exactly a configuration optimized for speed. Dave clicks on the malware and the date/time stamps on the screen tell the story: 3 minutes from introduction to remediation. He even takes the time to show the effects of the malware such as the disabling of Task Manager to show the machine was in fact infected.
Watch the video and step back for a second. Think of your endpoint machines being attacked. First, you hope that the traditional signature based antivirus on your machine will detect the attack, which if there is no signature Gartner says your chances are 50/50. If your defensive software does see the attack, your security people would get an alert and start to investigate. Before your security people likely open their first screen for analysis, Triumfant has analyzed the attack, built a custom yet completely comprehensive remediation on the fly, and is executing it on the machine to kill the attack and address all of the collateral damage of the attack.
Done. Fixed. No human interaction, no re-imaging.
You however still have to call your A/V vendor, hope that their “A” team is on deck, and get them to write you a new signature and a remediation script. At best, four hours later (I use that time because an AV vendor was positively giddy about a four hour turnaround on a recent web cast) you get back the signature and script. Now you get to send the signature out to the endpoints and then push the script out like a patch. And then you get to start the process of re-imaging any infected machines, because the remediation you received will likely miss changes to the machine that could result in new vulnerabilities. Think about that in the context of the demo.
There is a better way out there. While the established vendors are talking about innovation, an evolved way of detecting and remediating malware is here and it works – in 3 minutes! And now we have the video to prove it.
Click here to subscribe
[...] If customers perceive that there are no alternative to signature based tools (yes, there are viable alternatives) they remain reliant on signature based defensive software. With new signatures required every 20 [...]
[...] remediations that may or may not fit the situation, no need to re-image the infected machine. Three minutes – not four hours or, more likely, days or weeks. Not a promise, but a reality we are willing to [...]
[...] the video of the Triumfant 3 minute Malware Challenge, we show live the process of detecting, analyzing and remediating an actual malware attack in 3 [...]
[...] fly and send it to the infected machine, ending the attack. Elapsed time: three minutes (see the video that proves it). Since Triumfant sees all of the changes to the machine caused by the attack, the remediation [...]
[...] The Triumfant three minute malware challenge [...]
[...] of what it is doing and how it can detect and remediate an attack in three minutes. Dave’s “Three Minute Malware Challenge” demo he did at RSA has been captured on video and is available on YouTube so I invite you to [...]
[...] you to have a look at the Triumfant solution and get a feel for how it works via a video of our Three Minute Malware Challenge from RSA. Words don’t do the product justice, so the video will provide much deeper insight. [...]
[...] get pretty large when they see our ability to detect, analyze and remediate a malicious attack in three to five minutes without the need for prior knowledge of the attack or the need to write a script or re-image the [...]
[...] always set up our three minute malware challenge demo at shows where we release a rootkit on a victim VM machine and show our server detecting the [...]
[...] people see the product work in person. Such was the case at last year’s RSA when we did our three minute malware challenge – people were really impressed, but some looked to discount what they observed firsthand as a [...]