May 22, 2023 – AhnLab, Inc., a leader in cybersecurity, has launched ‘AhnLab MDS Agent Managed Service’.
- AhnLab MDS Agent Managed Service: A
service that analyzes and responds to suspicious files that are executed on
customer PCs installed with MDS Agent without the need to set up separate
devices
- How Service is Provided: Holds the
execution of executable script files to prevent initial infection → Files are
sent to AhnLab MDS built into AhnLab's infrastructure to be analyzed and
determine whether they are malicious → If determined to be malware, the files
are deleted and a report is provided in real-time
- △Enhanced response to new variant threats
when used simultaneously with existing security solutions such as anti-malware
△Reduced cost and manpower as additional devices are not required
As security threats that target corporate
PCs via malicious files of various types are becoming more prevalent, AhnLab
has presented a service that can enhance response capabilities against new
variant threats while reducing the burden of management.
AhnLab revealed the launch of AhnLab MDS Agent Managed Service (shortened as MDS Agent
Management) that analyzes and responds to suspicious files executed in the
endpoints (e.g.: PCs) within an organization without the need to set up
large-scale devices.
The newly released MDS Agent Management is
an MDS Agent, the exclusive agent (*) for AhnLab MDS (a sandbox-based
intelligent threat response solution; see reference). When a suspicious file is
executed on a PC, this service temporarily stops the execution and checks if
the file is malicious or not. MDS Agent is a lightweight agent capable of
detecting suspicious files and sending them to AhnLab MDS. It is also equipped
with the execution holding feature that stops the execution until the files
have been analyzed.
* Agent: The
software that automatically performs tasks that are typically carried out by a
user
When a user executes an executable or
script-based file (*) on a PC, the MDS Agent installed on the PC temporarily
holds the file from being run. At the same time, it automatically sends the
file to AhnLab MDS built into AhnLab's internal infrastructure to determine
whether the file is malicious or not (first time only; if the same file is
executed again, it is excluded from the scan). As the file is not executed
until the analysis is complete, initial infection from malware such as
ransomware can be prevented. If the file is found to be malicious, it is
immediately deleted and a real-time response report is provided.
* Executable
file (.exe, .tmp, .scr, etc.): a computer file that enables the activity of a
task ordered by a coded command
* Script
file (.js, .vb, .bat, etc.): a script of commands to be performed by the
computer in a text format, saved as a file
You can enhance the security level of your
PC by using MDS Agent Management with a basic security solution such as anti-malware:
the two complement each other as the former prevents unknown and new malicious
file variants while the latter can respond to known strains. In addition, you
are instantly provided with the service just by installing MDS Agent on your PC
without needing special devices. As such, small and medium-sized companies
lacking in budget and security experts can readily increase their endpoint
threat response capabilities without having to worry about setup costs and
hiring personnel.
AhnLab's Product Service Planning Team
Leader Chang Hee Kim stated that "many companies and organizations are
facing difficulties responding to threats of ransomware and new malware
variants that are becoming more advanced due to the cost and lack of
manpower." He expected the newly launched AhnLab MDS Agent Managed Service
"will reduce that burden of security management from enterprises of
various sizes and enhance the corporate security system."
[Reference]
AhnLab MDS
A sandbox-based intelligent threat (APT:
Advanced Persistent Threat) response solution that provides optimized response
measures to unknown variant threats including ransomware and new malware
strains. Its features include: ▲extracting and collecting threats coming from
various paths such as networks, email servers, and network links ▲sandbox-based
behavior analysis of executable malware in various OS environments, ▲supporting
interoperation with SSL/TLS decryption solutions and processing of HTTP/2
traffic ▲detecting non-executable malware such as documents using dynamic
content analysis engine ▲execution holding for files that are yet to be
determined malicious ▲categorizing malware severity and providing response
prioritization.
To learn more about AhnLab, visit www.ahnlab.com.
About AhnLab, Inc.
Founded in 1995, AhnLab, Inc.,
a leader in cyber threat analysis, delivers comprehensive protection for
endpoints, networks, transactions, and essential services. AhnLab provides
best-of-breed threat prevention that scales easily for high-speed networks by
combining cloud analysis with endpoint and server resources. AhnLab’s multidimensional
approach combines with exceptional service to create truly global protection
against attacks that evade traditional security defenses. That’s why more than
25,000 organizations rely on AhnLab’s award-winning products and services to
make the internet safe and reliable for their business operations.
