Explore The Stormshield Solutions

Our advanced threat prevention and data protection solutions enable users to do their work while blocking attacks that can bypass traditional protection technologies. Our goal is to keep your systems and data safe, even as your organization faces the most sophisticated, devious and targeted attacks, uses a variety of new and old computing devices or relies on legacy end-of-life operating systems that are no longer supported.

 

 
 

MIPS
Memory Intrusion Prevention System

The industry standard for malware protection
 

Can your existing network and endpoint security technologies protect you against fileless malware and other memory-based threats? Stormshield’s NGEPP Memory Intrusion Prevention System (MIPS) can!

 

Stormshield MIPS uses a set of security layers that work against attempts to compromise the computer system – detection of exploited vulnerabilities (e.g., corruption of the memory in order to execute malicious code), detection of malware installed on the computer, detection of malicious actions and all other known attack methods. Stormshield MIPS is the result of more than a decade of research and development and provides the recognition of unknown and sophisticated attacks without the need for signatures, whitelists and other “looking back” protection methods. The SES proactive protection virtually eliminates the zero-day risk exposure that is one of the most common vulnerabilities being exploited by cyber-criminals.

 

Stop unseen, difficult-to-detect, targeted attacks

Targeted malware attacks today are increasingly effective.  An example of the creative attack methods that cyber-criminals are using today is fileless malware.  Because fileless malware operates only in memory and doesn't use files on the computer's hard drive to infect it, they are extremely difficult to scan or detect using traditional malware protection technologies. Stormshield’s MIPS goes beyond signatures and sandbox technologies to identify and stop these new unknown, never-been-seen-before threats that have gotten past all of your other protection layers before they can do any damage – proactively without a need for signatures or updates.

Say "goodbye" to zero-day vulnerabilities

Patches are a great way to reduce the risk of compromise. But, what about those zero-day (or even zero-hour, zero-minute or zero-second) vulnerabilities? Even if you are patching the instant that an application vendor provides a patch, you already have had a zero-day exposure for days, weeks or, often, months.  StormShield MIPS doesn't rely on signatures or pre-defined behaviors, so it can block attacks that take advantage of un-patched and vulnerable operating systems and applications. Stormshield MIPS eliminates the zero-day threat so there is no exposure window – even without a patch.  We have the history and evidence to prove it.

 
 
 

NGEPP
Next Generation Endpoint Protection

Complete integrated suite of Next Generation Endpoint Protections for proactive endpoint security

Organizations across the world are frustrated with the ineffectiveness of traditional endpoint security products and their inability to stop the increasing in volume and increasingly sophisticated attacks.  As a result, a new generation of endpoint solutions has been created that can provide effective security.  In order to secure NGEPP effectiveness, these new technologies must be lightweight, work in the existing security ecosystem and work across new and legacy platforms independent of a real-time connection.

 

The core pillars of an effective NGEPP

 

Advanced Detection 
The endpoint defenses that are commonly used are based on trying to keep attacks out or analyzing an attack after it has been successful.  The core foundational pillar of an NGEPP is the capability to monitor memory to identify and stop malware that has slipped past other protection layers by using Memory Intrusion Prevention System technology (MIPS).  This MIPS protection must be able to operate without any reliance on signatures or similar “looking back” detection methods.

Risk Reduction 
Defenses like AV, whitelisting, HIPS and similar products have proven to do little to reduce the true threat risk presented by advanced targeted attacks and are nearly always using an approach of ON/OFF.   Risk Reduction in an NGEPP solution must reduce risk in the face of the advanced attacks that organizations are facing today and provide the granular tuning flexibility necessary to reduce risk while maintaining computer usability for the workers.  Instead of just “blocking” an application there should be options to control what that application can do.

Image-Placeholder.jpg

Malicious Process Defense 
No security product can effectively stop a user from falling for a spearphishing scheme but, unfortunately, traditional security products will not only fail to stop the initial malicious process introduction but will also fail to protect against the subsequent attack events.  The user clicking on an attachment kicks off a series of possible events – dll injections, elevation of privileges, rootkits, keylogging, etc.  An NGEPP will be able to monitor a range of actions that the malware will attempt and provide effective protections.  An NGEPP will manage all APIs that can do keylogging, protect against all techniques and methods of DLL injections, monitor any process that is inappropriately trying to gain privileges and stop it and monitor and prevent any dangerous behavior from drivers.

Data Protection 
An NGEPP must provide a comprehensive suite of device and data encryption protections so that data in any state, on any devices, shared with teams, etc. can be easily encrypted and managed – centrally or by empowered users.  A critical part of any NGEPP solution is to provide data encryption tools that will safeguard information, customer data, employee data, company confidential data and intellectual property, but be in alignment with the organizational workflow to ensure security without slowing down productivity.  Contemporary users require broader and unhindered access to organizational data and need to share that data with internal and external co-workers to optimize productivity but guarantee data safety and regulatory compliance.

Prevention 
Another key requirement of an NGEPP is to provide security while minimizing the administrative burden and optimizing the computer uptime for the end-user.  Most traditional endpoint protection solutions use their inherent methods to sense an attack and then, if it is against a process, they kill the process.  One of the advantages of an NGEPP is that it will use a variety of defenses like a honeypot, monitoring of kernels and malwares executed by a user, etc. to identify an attack and prevent it so that the process will still run.  The malware will be stopped and information will be logged about the malware but the end-user will be safe and will not even need to know that there was a security issue.

Remediation
An NGEPP must not only provide alerts and log data about a threat and/or attack but it should also automate the response – both in cleaning the infected computer and limiting the spread of the malware.  NGEPP requires automated remediation that reduces the risk and helps assure compliance with regulations and policies.  The NGEPP solution must be able to identify that a threat is present and immediately and automatically quarantine the affected computer with the limitations on functionality and connectivity correlated to the threat profile.  This must include preventing malware from spreading through network shares, limiting or stopping access to USB connected devices and blocking Internet connectivity.  After an attack has been identified the NGEPP solution must be able to quickly and completely clean the affected computer of all traces of the malware.

Threat Intelligence 
An NGEPP must be able to provide organizations with immediate and in-depth analysis of possible vulnerabilities and attacks across operating systems and applications.  The Stormshield NGEPP includes a monitoring and threat intelligence service: The Stormshield Security Research Center is comprised of the industry’s top endpoint security researchers tasked with identifying, testing and analyzing the latest vulnerabilities, attacks and threats targeting organizations worldwide.   Stormshield provides a secure portal that includes detailed reports that include all regular alert reports, analysis, trends and precautions related to all identified vulnerabilities and attacks across operating systems and a wide range of proven susceptible applications.   The Threat Intelligence service also provides for clients to be able to submit their own malware and attack issues for immediate analysis and intelligence.  The client receives an individualized detailed threat analysis that includes guidance for stopping, removing and preventing this and similar attacks.

Learn more about the NGEPP product features

 
 

Next Generation Enterprise-Wide Data Protection

Preserve the confidentiality and integrity of your business information

Use your existing business tools and data as they were meant to be used. Let Stormshield Data Security (SDS) protect your data as it’s shared both inside and outside the organization. Encryption isn’t only valuable for protecting data from unauthorized access by individuals outside of your organization. It is also essential for enabling secure collaboration and controlling files within it. SDS goes well beyond simple folder permissions and assures that the right people within and outside or your organization can access the right files.

Empower your users to create secure, encrypted collaboration workspaces

Leverage your existing data loss prevention (DLP) technologies while Stormshield Data Security enforces your centrally-defined policies as your users create virtual data rooms on the fly as they need to do their work. No longer are data-driven business activities gated by IT or security.  Stormshield's data protection technology has a 10+ year track record of being trusted by leading organizations – worldwide.

Apply content encryption policies at all levels across your enterprise

Sometimes your risk calls for file and folder encryption. Sometimes your business requires full disk encryption. In some instances, your encryption may need to move off the device to enable secure virtual data rooms for collaboration across multiple platforms, including the cloud. StormShield offers all of these capabilities - use them individually or collectively, as your data protection policies require and also empowers your users to apply encryption as needed.

 
 

Vulnerability Monitoring and Threat Intelligence Services

 

In partnership with the Stormshield Security Research Center, Matrix Global Partners offers unique real-time access to the latest threat intelligence about vulnerabilities and attacks (both in-the-wild and unseen) including deep analysis necessary to protect against potentially damaging attacks. 

 
tablet.jpg
Intel report lap top.png

Ongoing threat and vulnerability research

The Stormshield Security Research Center is comprised of the industry’s top endpoint security researchers tasked with identifying, testing, analyzing and reporting on the latest vulnerabilities and threats targeting organizations worldwide.
 

Learn more

Stormshield provides a secure portal that includes detailed reports that include all regular alert reports, analysis, trends and precautions related to all identified vulnerabilities and attacks across operating systems and a wide range of proven susceptible applications. The Threat Intelligence service also provides for clients to be able to submit their own malware and attack issues for immediate analysis and intelligence. The client receives an individualized detailed threat analysis that includes guidance for stopping, removing and preventing this and similar attacks.

Confirmation of protection against identified threats

One of the most valuable aspects of the Stormshield Vulnerability Monitoring and Threat Intelligence Services is the ongoing confirmation for Stormshield NGEPP users that they are safe at all times, regardless of the systems and applications they are using.

Learn more

When the word hits the street that there is a new vulnerability or In-The-Wild attack in a Windows OS or an application like Java, organizations across the world are understandably concerned – “Are we safe? Do we need to be concerned?” Stormshield clients can access their secure portal and immediately see the specific report created by the Research Team that, in addition to containing a great deal of technical data and analysis, in 99+% confirms to them that they are safe and that there is no risk. In the fraction where there may be some exposure, detailed guidance is provided for setting changes and other actions that need to be taken to minimize/eliminate the risk.

Real-time access to threat intelligence reports

Login to the threat research portal to see detailed reports that include all alerts, analysis, trends and precautions related to identified vulnerabilities and attacks across current and legacy operating systems plus a wide range of susceptible applications.

Learn more

The Threat Intelligence service also provides for clients to be able to submit their own malware and attack issues for immediate analysis and intelligence. The client receives an individualized detailed threat analysis that includes guidance for stopping, removing and preventing this and similar attacks.

 
 

Use Window XP and Server 2003 Securely After End Of Life

As a result you are faced with a Zero-Day Forever threat, you have no information about vulnerabilities and attacks and will lose regulatory compliance certification. Stormshield Extended Protection provides unique protection for systems running on Windows XP and Windows Server 2003 operating systems, even when Microsoft discontinues support.

 

The Stormshield Extended Protection solution provides for a longer migration runway and a more secure legacy path.
Migrate off of an unsupported Microsoft OS on your timeframe – not Microsoft’s.

Provable Protection
Without Patches from Microsoft

Replace the patches normally received from Microsoft with provable protection for Windows devices after Windows XP and Server 2003 support ends.  Stormshield also provides the information about vulnerabilities and attacks of your unsupported operating systems and applications that are no longer provided by Microsoft.  XP support from Microsoft has been gone for well over a year. With Stormshield, our customers have actually been more secure than when they were receiving patches from Microsoft – no zero-day or zero-hour or zero-minute exposure - and we can prove it.

Compensating Controls
for Legacy System Regulatory Compliance

Maintaining regulatory compliance is vital for most organizations.  Certification for PCI DSS, GLB, SOX, HIPAA, etc. are required in order to be in business.  Unless a blessed set of compensating controls are put into place, organizations running unsupported operating systems are de facto out of compliance.  Stormshield for XP and WS2003 are blessed as a compensating control across the range of regulations and Stormshield customers have already been certified using our security as their compensating control; be certified and migrate off of the EoL systems on their own timeline.