The Comodo organization, a global innovator and developer of cybersecurity solutions, today launched the new Comodo Advanced Endpoint Protection solution, which protects against both known and unknown malware and prevents it from running across infrastructures with unfettered access.
The Comodo Advanced Endpoint Protection solution is built upon a next-generation, layered default-deny platform, which blocks and isolates unknown, zero day attacks of malware, spyware, Trojans and other harmful executables – and renders those attacks useless against endpoints and networks. Comodo has unified its endpoint security solution and enterprise class device management – including Comodo Endpoint Security Manager and Comodo Device Manager – into Comodo Advanced Endpoint Protection.
The foundation of Comodo Advanced Endpoint Protection is Comodo Client, which includes antivirus, firewall, Web URL filtering, host intrusion prevention, containment and file reputation, and Comodo ITSM, which allows for the configuration of the security policies and visibility into the security infrastructure of enterprise endpoints through solutions such as mobile device management and remote monitoring and management.Comodo Advanced Endpoint Protection ensures the highest usability, through two layers of Specialized Threat Analysis & Protection (STAP) from Comodo VirusScope (file analysis) on the endpoint and cloud-enabled Valkyrie (file verdict). Combined, this dual STAP layer ensures unknown processes and executables stay in containment the least amount of time for any solution on the market today.
“Traditional attempts to isolate malware at the endpoint use default-allow thinking, and sandboxing technologies leave the window open for patient zero to become infected,” said John Peterson, vice president of Enterprise Products at Comodo. “Comodo’s approach is completely different – applying its patent-pending containment technology to the malware problem, which allows for all executables – good, bad or unknown – to operate in a safe container. Comodo can then instantly analyze each executable and either allow it to pass (good file) or kill it (bad file), so performance is never impacted and most importantly, the endpoint and network always remain protected and secure.”
At RSA 2016, Comodo will be showcasing Comodo Advanced Endpoint Protection solution in the South Hall, Booth 1127.
How Comodo Solves the Malware Problem
Comodo is uniquely positioned in the security space with 85 million consumer endpoint users and a firm standing as theno. 1 certificate authority in the world (1). This combination allows Comodo’s default-deny platform to efficiently identify known good files (whitelist) based on the world’s largest repository of digitally signed applications, application publishers and even operating systems processes. In contrast, the 85 million consumer endpoint users ensure that the Comodo Threat Research Labs (CTRL) can provide the Comodo Client with the known bad files (blacklist). All unknown files are automatically run in containment, while an accelerated verdict is reached, both increasing usability and protecting the endpoint from being compromised.
The Engineering Behind Comodo Advanced Endpoint Protection
In contrast to virtualization or emulation – both very resource-heavy models – Comodo Advanced Endpoint Protection uses an efficient default-deny platform, which allows known good files, blocks known bad files and automatically contains the unknown file using Comodo’s patent pending containerization technology. The container model only contains the application or process that is unknown. For example, an unknown plugin, not the entire browser, might be ‘jailed’ from the operating system, memory and registry while the Comodo analysis happens.
ComodoVirusScope technology analyzes the unknown file at the endpoint for any malicious behavior and actions. The Comodo Client may also be configured to call Comodo Valkyrie for a cloud-based accelerated verdict, based on static, dynamic and even human analyst interaction. Comodo Valkyrie typically provides a verdict, on average, of just 45 seconds, faster than any competing solution today. The accelerated verdict ensures the Comodo Client can quickly convert the unknown file into a knownand take action to reset the container (if malicious) or automatically release (if not malicious). Battle tested against our 85 million endpoint installed base, Advanced Endpoint Protection provides complete coverage to more than99 percentof known and unknown malware used by today’s adversaries.
Comodo Advanced Endpoint Protection can be provisioned in approximately 1 minute and requires an endpoint footprint as little as 10MB, providing complete security throughthe enterprise market’s most usable solution for both physical and virtual endpoints in today’s large and small enterprises.
Features of Comodo Advanced Endpoint Protection
Some of the new and improved features in Comodo Advanced Endpoint Protection include:
• Cloud-based management that provisions in just over a minute
• Unified management of Android, iOS and Windows enabled devices
• Fully integrated device management, application management and device security
• Over-the-air enrollment and anti-theft features, such as find-my-phone and ‘sneak peek’
• Automated containerization, Comodo VirusScope behavior and action analysis
• Static, dynamic and human analyst (SLA) based analysis with Comodo Valkyrie
• Remote monitoring and management, with full device takeover
• Patch management
• Enterprise-wide visibility of all running unknown contained processes or executables
• Enterprise-wide, on-demand scanning for malware
• Host firewall, HIPS, Web URL filtering, file reputation, jailing protection, certificate-based whitelisting, persistent VPN and BYOD