Shulou(Shulou.com)05/31 Report--

Sophos is how to use AI to help security, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

For today's enterprises, network security has become a topic that has to be faced. With the popularization and application of the enterprise network, gray and black products began to attack the enterprise network on a large scale, and various means of network attacks emerged one after another, among which the blackmail software represented by Wannacry caused serious losses and impact on enterprise network users. Not long ago, TSMC suffered a blackmail virus attack that caused a loss of more than one billion RMB is a very good case!

In the face of the arrogance of the gray and black industry, how should we carry out effective security protection? Is it possible to take security precautions through the application of new technologies? In order to meet the security needs of enterprise users, Sophos recently showed the industry a new generation of server protection solution based on deep learning-Sophos Intercept X for Server. According to introduction, the newly launched Sophos Intercept X for Server can provide evolving security measures against network threats. Sophos's deep learning neural network, based on hundreds of millions of sample training, can search for suspicious properties of malicious code and protect users from unprecedented malware attacks.

Sophos can be said to be an established security manufacturer, which is headquartered in the UK and has a history of more than 30 years. As a network power, China is also valued by Sophos. Zhong Minghui, general manager of Sophos China, said that as a network security company, it must constantly introduce new things in the market, so as to face the latest security threats in the network world.

On the importance of Server Security

In the product introduction, Zhong Minghui has always emphasized the network security of the server, he believes that the security of the server is very important. According to a survey conducted by Sophos, 2/3 of IT executives do not understand anti-vulnerability exploitation technology, thus putting the company at risk of data leakage.

Once a cyber criminal enters a corporate network, he will lock down and take over the server through continuous horizontal activities to obtain important data, such as personally identifiable information (PII), banks, taxes, payroll and other financial records, and even patent intellectual property rights and shared applications. These materials can be sold on the dark net, or used in other types of attacks and profit-making channels. Servers can also be compromised by blackmail software and general cyber attacks. Because the server has critical data, the server attack is more destructive than the endpoint attack.

In addition, the attacker will also use the hacked server as a proxy server to change the route to the malicious website with data traffic. Mining programs will even be installed in server groups and cloud accounts to steal the company's CPU, memory, power and other resources to develop encrypted digital currencies. Cyber criminals launch attacks based on the application of the target server, the data stored, and the resources that can be used for a variety of crimes, so enterprises need predictable security solutions designed specifically for the server. to help protect systems that have not been patched.

Push through the old and bring forth the new, interpretation of the bright spots of Sophos Intercept X for Server

In view of the importance of enterprise server security, Sophos hit hard and designed a complete security scheme for enterprise servers. Sophos Intercept X for Server launched this time has both server-side security protection.

The Sophos Intercept X for Server launched this time is a new version of Intercept X. You should know that Sophos Intercept X can be called a trump card product of Sophos in the global security market. It has been two or three years since the first generation of products were launched, and the main purpose of the launch at that time was to deal with blackmail software attacks. What are the new features of the newly launched Sophos Intercept X for Server compared with the previous version? Yang Fan, a Sophos sales engineer, introduced this. He mentioned that the latest features of Sophos Intercept X for Server mainly include the following aspects:

● deep learning neural network: the deep learning neural network using Intercept X can detect new malware and unwanted applications that have never been seen before. After deployment, the model is constantly updated and key attributes are identified to make a more accurate decision between benign and malware payloads.

● actively mitigates opponent attacks: it can block identified cyber criminals and common techniques used to evade traditional anti-virus protection cases. Credential theft protection prevents authentication passwords in memory, registry, and local storage from being stolen. In addition, Code Cave Utilization can detect malicious code implanted in legitimate applications.

● exploit protection: prevents attackers from exploiting known system vulnerabilities. Protect unpatched servers from attacks by browsers, plug-ins, and Java vulnerability packages.

● Master Boot record Protection: the WipeGuard function is extended to include Intercept X anti-blackmail software technology to intercept variants of ransomware and malicious program code targeting master boot records.

● root cause analysis: the event detection and response function of Sophos Intercept X for Server can provide detailed reports to analyze intrusion methods, attack whereabouts and levels of contact. Recommendations for action can also be made based on attack analysis.

● discovers cloud workload for servers: it can detect and protect servers running on public clouds such as Microsoft Azure and Amazon Web Services to prevent the risk of idle IT or forgotten assets.

According to the current development situation, it can be judged that the prospect of network security is still not optimistic, and all kinds of network security attacks will exist on the server, terminal and cloud in different forms. With the continuous increase of new network attacks, the traditional network defense system has become increasingly weak. Sophos Intercept X for Server can perfectly apply AI deep learning technology to network security protection, thus faster accurate identification and decision-making of malicious software, which is a big protective weapon for enterprises!

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.