Recognized leaders in cybersecurity

Black-hat hackers can go to great lengths to infiltrate a specific target.

Industroyer, with its destructive, targeted and highly advanced nature, was one of the recent examples of such behavior, going after crucial and unprotected industrial control systems (ICS). ESET technologies are able to detect and block similar threats before they can inflict harm.

ESET Endpoints include a market verified stack of multiple protection layers, which together effectively protect against all attack vectors.

ESET Enterprise Inspector constantly monitors what is happening in the network and allows security teams to define their own “safety net” criteria to identify attacks or suspicious behavior. When an alarm is triggered, it gives the team power to stop it. The team can define various criticality levels, and also trigger automatic generation of alert notification, to set your company at “high alert” in case of a pending attack.

Sednit, Turla, BlackEnergy, TeleBots & Lazarus.

These are only a few of the highly skilled and dangerous hacking groups ESET has been tracking during our 30 years of existence. Using this experience and intelligence, our experts built technologies that are able to identify and detect activity of these cybercriminals and thus protect clients from potential damage.

ESET Dynamic Threat Defense allows analysis of never before seen files in a secure and always up-to-date Cloud Sandboxing environment, where all ESET technologies (including our advanced Augur Machine Learning engine) are employed to determine the behavior of the sample, thus preventing suspicious files from entering the network.

ESET Enterprise Inspector is programmed by ESET experts to identify suspicious behavior and to enable security experts to tailor the detection to their specific needs. This unique approach makes ESET products stand out from the competition.

Many malware families are trying to avoid security solutions by never dropping a file on the targeted machine.

ESET is ready for such threats, as its Advanced Memory Scanner is designed to stop attackers precisely at the moment when they reveal their true malicious intentions – in the memory.

ESET Endpoints include a market verified stack of multiple protection layers, optimized against different attack vectors. Advanced Memory Scanner and UEFI scanner are the tools protecting you against file-less attacks.

ESET Enterprise Inspector gives visibility into all scripts executed in the network, helping you to identify when file-less attacks were conducted to further strengthen your security policies.

Nowadays, highly experienced attackers look for security vulnerabilities and craft specialized tools that help them push malware through such loopholes.

In 2017, an ESET research team detected an attack attempt by Sednit group that tried to use two zero-day exploits to infect one of the French election candidate’s campaign with their reconnaissance tool. Exploit Blocker technology mitigates similar risks by monitoring typically exploited applications for anomalies and blocking exploitation techniques.

ESET Endpoints include a market verified stack of multiple protection layers, optimized against different attack vectors. Exploit blocker, included in all ESET Windows Endpoint & Server security products, helps to detect exploitation techniques and protect against using them. It´s a generic approach which is also effective against not-publicly-disclosed exploits.

ESET Enterprise Inspector gives visibility into what happens in the network, helping to identify attacks against exploits, or commonly vulnerable applications. Our rule-based mechanism allows you to monitor critical assets (applications) in your network to clearly identify any suspicious activity.

As WannaCry was invading hundreds of thousands of businesses around the world, ESET clients had no reason to worry.

Their endpoints were protected thanks to ESET’s network attack protection module, which successfully blocked the EternalBlue exploit used to spread the malicious code.

ESET Endpoints include a market verified stack of multiple protection layers, optimized against different attack vectors. Although most ransomware infections are stopped by the use of ESET Live Grid, our DNA detections, we also have other layers that assist. Network attack blocker was the technology that stopped WannaCry infections before they entered machines. And ESET's newly added Ransomware Shield helps to identify ransomware-like behavior and stops it effectively.

ESET Enterprise Inspector helps to identify which files have been affected by ransomware, so it allows retrospective “back to the root analysis” helping to determine the root cause of the attack.

ESET Dynamic Threat Defense helps to stop ransomware attacks before they enter the environment. It allows automatic submission and replication of mail attachments to ESET Cloud Sandboxes, where we simulate the behavior to determine the true intentions of the file included.

Advances of technologies have also brought an increase in the number of large-scale cyber operations with destructive consequences. Most recently, Petya has shown that a supply chain ransomware put together from multiple malware families can use advanced tactics and put tens of thousands of business computers out of order for weeks. Thanks to ESET’s research, we came to understand the mechanisms of that infection as well as the zero-day exploit that was at the beginning of the widespread infection. Our multi-layered technology can detect such intrusions and help companies to stay more secure.

ESET Endpoints include a market verified stack of multiple protection layers, optimized against different attack vectors by technologies such as ESET Live Grid and Network Attack Protection.

ESET Dynamic Threat Defense helps to stop supply chain attacks before they enter the environment. It allows automatic submission and replication of mail attachments to ESET Cloud Sandboxes, where we simulate the behavior to determine the true intentions of the file included.

ESET Enterprise Inspector helps to identify which files have been affected by supply chain ransomware, so it allows retrospective “back to the root analysis” helping to determine the root cause of the attack.