AhnLab About AhnLab


AhnLab Launches AhnLab MDS Agent Managed Service Equipped With Sandbox Analysis and File Execution Holding Features


May 22, 2023 – AhnLab, Inc., a leader in cybersecurity, has launched ‘AhnLab MDS Agent Managed Service’.

- AhnLab MDS Agent Managed Service: A service that analyzes and responds to suspicious files that are executed on customer PCs installed with MDS Agent without the need to set up separate devices


- How Service is Provided: Holds the execution of executable script files to prevent initial infection → Files are sent to AhnLab MDS built into AhnLab's infrastructure to be analyzed and determine whether they are malicious → If determined to be malware, the files are deleted and a report is provided in real-time


- △Enhanced response to new variant threats when used simultaneously with existing security solutions such as anti-malware △Reduced cost and manpower as additional devices are not required


As security threats that target corporate PCs via malicious files of various types are becoming more prevalent, AhnLab has presented a service that can enhance response capabilities against new variant threats while reducing the burden of management.


AhnLab revealed the launch of AhnLab MDS Agent Managed Service (shortened as MDS Agent Management) that analyzes and responds to suspicious files executed in the endpoints (e.g.: PCs) within an organization without the need to set up large-scale devices.


The newly released MDS Agent Management is an MDS Agent, the exclusive agent (*) for AhnLab MDS (a sandbox-based intelligent threat response solution; see reference). When a suspicious file is executed on a PC, this service temporarily stops the execution and checks if the file is malicious or not. MDS Agent is a lightweight agent capable of detecting suspicious files and sending them to AhnLab MDS. It is also equipped with the execution holding feature that stops the execution until the files have been analyzed.

* Agent: The software that automatically performs tasks that are typically carried out by a user

When a user executes an executable or script-based file (*) on a PC, the MDS Agent installed on the PC temporarily holds the file from being run. At the same time, it automatically sends the file to AhnLab MDS built into AhnLab's internal infrastructure to determine whether the file is malicious or not (first time only; if the same file is executed again, it is excluded from the scan). As the file is not executed until the analysis is complete, initial infection from malware such as ransomware can be prevented. If the file is found to be malicious, it is immediately deleted and a real-time response report is provided.

* Executable file (.exe, .tmp, .scr, etc.): a computer file that enables the activity of a task ordered by a coded command

* Script file (.js, .vb, .bat, etc.): a script of commands to be performed by the computer in a text format, saved as a file

You can enhance the security level of your PC by using MDS Agent Management with a basic security solution such as anti-malware: the two complement each other as the former prevents unknown and new malicious file variants while the latter can respond to known strains. In addition, you are instantly provided with the service just by installing MDS Agent on your PC without needing special devices. As such, small and medium-sized companies lacking in budget and security experts can readily increase their endpoint threat response capabilities without having to worry about setup costs and hiring personnel.


AhnLab's Product Service Planning Team Leader Chang Hee Kim stated that "many companies and organizations are facing difficulties responding to threats of ransomware and new malware variants that are becoming more advanced due to the cost and lack of manpower." He expected the newly launched AhnLab MDS Agent Managed Service "will reduce that burden of security management from enterprises of various sizes and enhance the corporate security system."

[Reference] AhnLab MDS

A sandbox-based intelligent threat (APT: Advanced Persistent Threat) response solution that provides optimized response measures to unknown variant threats including ransomware and new malware strains. Its features include: ▲extracting and collecting threats coming from various paths such as networks, email servers, and network links ▲sandbox-based behavior analysis of executable malware in various OS environments, ▲supporting interoperation with SSL/TLS decryption solutions and processing of HTTP/2 traffic ▲detecting non-executable malware such as documents using dynamic content analysis engine ▲execution holding for files that are yet to be determined malicious ▲categorizing malware severity and providing response prioritization.​ 


To learn more about AhnLab, visit www.ahnlab.com.


About AhnLab, Inc.

Founded in 1995, AhnLab, Inc., a leader in cyber threat analysis, delivers comprehensive protection for endpoints, networks, transactions, and essential services. AhnLab provides best-of-breed threat prevention that scales easily for high-speed networks by combining cloud analysis with endpoint and server resources. AhnLab’s multidimensional approach combines with exceptional service to create truly global protection against attacks that evade traditional security defenses. That’s why more than 25,000 organizations rely on AhnLab’s award-winning products and services to make the internet safe and reliable for their business operations.