Damballa helps companies take back command and control of their networks. The key to a botnet or APT's success is its ability to deliver a stealthy, stable platform for malicious activity. That’s why Damballa™ Failsafe is designed to detect Comand-and-Control (CnC) , rather than malware signatures and other elements that change often and are easily hidden. Damballa Failsafe isolates and terminates any online threat, such as a botnet or APT, that uses network-based CnC to link compromised systems together into a secret malicious network.
Damballa Failsafe identifies criminal communications in near real-time, then applies a unique set of advanced, automated techniques to confirm the specific nature of each compromise. This advanced protection works without requiring malware signatures. As a result, Damballa can stop Zero-Day threats for which no other protection exists.
The result is a powerful system that delivers:
Viruses and hacks are yesterday’s news. Cyberthreats such as botnets, next generation malware and APTs have introduced a fundamentally different platform for online crime, and older defenses simply aren’t designed to respond to it. Damballa Failsafe delivers an easily managed, cost-effective solution that prevents sensitive information from leaving the enterprise, keeps enterprise assets from being used for criminal activity and protects without impacting network management, security management or end user operations.
Damballa |
Benefit |
Competitors |
Focuses on CnC, the essential element in modern cyberthreat attacks |
Detects malicious activity, regardless of how many malware variants are involved or how fast malware updates itself |
Dependent on outmoded detection methods that must identify malware files and/or inspect network ports, packets or protocols |
Uses out-of-band technology and multiple analysis techniques for comprehensive, non-intrusive insight into targeted attack activity |
Enhances existing network security infrastructure without additional layers of performance overhead or managerial complexity |
Relies on inline devices that negatively impact network performance and represent a single point-of-failure that can inadvertently block an entire network or network segment |
Real-time, active threat termination prevents bots/malware from connecting with malicious CnC |
Enhances existing network security infrastructure without additional layers of performance overhead or managerial complexity |
Requires delays ranging from hours to weeks to find and apply signatures |
| Detailed forensics, including complete replay of each malicious CnC session | Comprehensive reporting for remediation and e-discovery simplifies efforts to understand what happened and how to prevent a recurrence | Can only identify isolated incidents of malware detection, which leaves the enterprise at risk for rapid reinfection |