Protect your cloud infrastructureagainst the root cause of cyber attacks:

UNAUTHORIZED CODE

INDUSTRY LEADING THREAT DETECTION WITH NO MANUAL CONFIGURATION OR OVERHEAD FOR YOUR TEAM

Intezer Protect is a Cloud Workload Protection Platform (CWPP) that defends your cloud infrastructure against unauthorized and malicious code. Revealing the “genetic” origins of all applications running on your

systems, Intezer provides full visibility in runtime and enables you to adopt a Zero Trust Execution strategy without the operational overhead.

Zero Trust Execution Meets Low Overhead

AWS AZURE

GCP PROTECT YOUR AWS, AZURE, GCP OR PRIVATE CLOUD ENVIRONMENTS against the root cause of all cyber attacks: unauthorized and malicious code.

ADOPT A ZERO TRUST EXECUTION STRATEGY without the high maintenance, disrupting the agile CI/CD pipeline or downgrading your servers’ performance. Ensure all code running on your cloud infrastructure is under your control and solely from trusted origins.

ALLOW YOUR ORGANIZATION TO CONTINUOUSLY INNOVATEwhile knowing the entire spectrum of your workloads—including Virtual Machines, containers, Kubernetes and Open Shift instances, and more—is secure.

Cyber attacks on the cloud are diverse, meaning attackers can choose from a variety of attack vectors or vulnerabilities to exploit, for instance in Docker, Kubernetes, and Linux applications. However, cyber attacks on the cloud all have one factor in common. They all require an attacker to run unauthorized code or commands in the victim's runtime environment.

Exploit vulnerabilityin WAF

Capital One

Tesla

Kinsing Attack

UnprotectedKubernetes

console

Misconfigure Docker API

Create a Linuxcontainer with

running malware

Spread maliciouscode

Run malware in otherhosts and containers

Steal credentialsto AWS from

containerAsset discovery

Run cryptominers on allLinux servers

Run commands onEC2 instance

Steal credentialsfor S3 bucket Leak data

It doesn’t matter if you have an unknown vulnerability, a deadly misconfiguration, or if an adversary has stolen your credentials—nearly all cyber attacks require the attacker to run code in your systems. Regardless of the attack vector, monitoring the runtime environment is the key to preventing cyber attacks on your cloud infrastructure.

Unauthorized Code is the Root Cause of Cyber Attacks

Vulnerabilityexploitation

Informationstealing

Credentialscraping

Internalreconnaissance

Data breachAPTs

Lateralmovement

Code in Runtime

of organizations suffered at leastone cloud data breach in the past 18 months

of companies reported 10 or morecloud data breaches

According to an Ermetic report published on June 3, 2020

80% 43%

What Does a CloudCyber Attack Look Like?

Secure entire cloud-native stackBest ROI in the cloud security market

Full visibility Low overhead

Defend against modern and evolving attacks All recommended IaaS security controls

and Linux serversIntezer’s novel Genetic Software Mapping approach combines a best-in-class threat detection with low operational overhead and maintenance

and control over all code and applications running in your environment

Produce only high-confidence alerts with no manual configuration, rules, or policies required

Our in-memory Genetic Software Mapping capabilities defend against a wide scope of attack vectors

under one platform

Advantages

Vulnerability exploitation and

other fileless threats

Unauthorized or risky

software

Malicious code Suspicious shell commands and administrative

activity

App Control

Memory protection

EDR-like visibility

Anti-malware

System integrity

We create a genetic profile of your workloads and continuously monitor for new code running in memory. Any detected deviation from the baseline is genetically inspected which allows us to alert you only on deviations that present true risk, rather than natural deviations such as legitimate software upgrades that don't require a response.

1. Basline

2. Monitor

3. Inspect

4. Alert

5. Terminate

6. Enforce Clean

Generate a trusted genetic profile of all software in your infrastructure (your applications, third party applications, operating system)

Monitor in runtime for any deviations in memory across the entire cloud stack (IaaS, CaaS, PaaS) and layers (OS, K8s, containers), while providing full visibility over all software running on your system

Genetically inspect the deviation to determine if it's unauthorized code or just a natural and legitimate deviation

Alerts on unauthorized code and provides deep context for each threat

Terminate unauthorized code on demand

Ensure your systems are in a trusted state and run 100% trusted code

How it Works

Genetic Software Mapping

Unknown code Extracting genes

Code genome database containing billions of genes

Identify and classify unknown and reused code

Mirai malware

Red HatEnterprise Linux

Malicious

Trusted

Our core technology classifies unknown code and applications by identifying the code origins of these potential threats, regardless of behavioral indicators which can be designed by attackers to appear normal. Detecting code reuse between software, we identify the source of the attack itself, making it exponentially harder for attackers to launch a new attack in the future.

Deployment ArchitectureWith a lightweight sensor (< 0.5% CPU) seamlessly deployed on the Host/VM level or as a sidecar container, Intezer Protect secures the full cloud-native stack and legacy Linux servers, while protecting your infrastructure at the lowest layer: the operating system itself. This enables our customers to detect container-based attacks and defend against multiple attack vectors.

Lightweight sensor

(0.5% CPU, 5 MB/day)

Features and Benefits

Threat Protection

Cloud-Native

Visibility

Low Overhead During and After Onboarding

Detect and terminate any unauthorized and malicious code

Ultra-lightweight agent designed to work in modern production environments

Monitor and log any new software running on your cloud servers

Doesn’t require intrusive integrations into the CI/CD pipeline

Detect and terminate in-memory threats, including exploitation of known and unknown vulnerabilities

Designed to protect Linux systems (not a migration from a Windows Endpoint detection platform)

Visual dashboard showing high-level security status of all cloud servers

Simple deployment tailored for cloud environments. Quick onboarding process protects workloads against breaches in less than 24 hours

Extremely low false positive rate with flexible immutability

Actionable, automatic response for alerts

Contextual, prioritized alerts including origin of code and malware family

Detect suspicious shell commands and Living off the Land (LotL) attacks

Covers the entire cloud native stack: VMs, containers, and container orchestration platforms

In 2019, researchers at Intezer documented over 20 instances of previously undetected Linux threats. Those threats included large scale crypto-mining campaigns, botnets, ransomware, and nation-state sponsored attacks.

Revealing the "genetic" origins of software, Intezer introduces a new way to detect and respond to cyber threats. Intezer offers enterprises advanced solutions to detect modern cyber attacks, while providing deep context for effective response.

Proven Capabilities in the Cloud and Linux Domains

Intezer Overview

HQ IN NEW YORK CITY

CUSTOMERS INCLUDE FORTUNE 500 COMPANIES, GOVERNMENT AND FAST-GROWING TECH STARTUPS

INVESTORS INCLUDE

Partner with Intezer

HiddenWasp Kaiji QNAPCrypt