Detection of Professional Hacking Attacks (APT Detection)

Indicator of Compromise (IoC) Detection

-

Detection of APTs

Professional hacking attacks - such as Advanced Persistent Threats - often go undetected for months or even years, although indicators for such attacks usually become known after just a few weeks.

Using our continuous IoC detection service, our Cyber Defense Center monitors vulnerable IT systems and identifies evidence of malware and hacking attacks that have occurred over the past 6 months. Potentially compromised IT systems are analyzed, including for potential breakouts. Necessary defensive measures are initiated.

Become part of the 8com Advanced Threat Intelligence Network!

listItemImage

Maximum Transparency

Our IoC detection service offers the highest possible transparency. Among other things, all connections - even internal ones - are stored, including the triggering processes and privileges.

listItemImage

Advanced Threat Hunting

Threat searches, suspicious activity detection, and OpenIOC analysis are performed, comparing billions of active and past system events to identify malware infections (Indicators of Compromise) and actions by potential attackers (Indicators of Activity).

listItemImage

Quick and Easy Implementation

Unlike traditional threat detection solutions, implementation can take place in a matter of hours. Threat detection starts immediately with full efficiency. 

listItemImage

Indicators of Compromise

The following five types of Indicator of Compromise are monitored and reported by us for up to 6 months into the past. The data is collected on the monitored IT systems via Software Agent, meaning that manipulation by attackers is ruled out in most cases.

Contact us

LP Request Contact

LP Request Contact

I am interested in

How did you learn about us?

Please enter the correct solution.

captcha

For information on data processing, please refer to our data protection policy

Network Connections

Of the monitored IT systems all network connections (including internal to internal) for running processes with local IP address and port, remote IP address and port, remote FQDN, protocol, status, process name, process ID, process arguments, image path, image MD5/SHA256 hash and many more are stored.

Mutex Handle + Processes

Of the monitored IT systems, all Mutex handle names and process names, process IDs, process arguments, image paths, image MD5/SHA256 hash, elevated status, running/terminated status, username, loaded modules, parent process name, parent process IDs and much more is saved.

Registry Keys

For the monitored IT systems all registry keys, values, data, detection date, delete date, image details and much more are saved.

Files

For the monitored IT systems file names, file paths, MD5/SHA256 hashes, file size, creation and deletion date, version and much more are stored.

Contact us and let us introduce our IoC services to you without obligation!

Your Contact for Indicator of Compromise (IoC) Detection

8com monitors and protects the digital infrastructures of its clients in over 40 countries worldwide, from SMEs to global players. The company is one of Europe's leading providers of auditing and awareness services for information security. For more than 14 years, 8com's goal has been to provide its clients with the best possible service and to work together to achieve an economically viable, yet highest possible level of information security.

Marcus Kühner

Telefon: +49 6321 48 446 - 2603
Telefax: +49 6321 48 446 - 29
E-Mail: marcus.kuehner@8com.de

8com GmbH & Co. KG
Europastraße 32
67433 Neustadt an der Weinstraße

LP Contact Form bottom

LP Contact Form bottom

I am interested in

How did you learn about us?

Please enter the correct solution.

captcha

For information on data processing, please refer to our data protection policy

Newsletter abonnieren

CTA Newsletter Englisch

CTA Newsletter Englisch

Mit Eingabe Ihrer E-Mail-Adresse willigen Sie ein, dass 8com Ihre E-Mail-Adresse verwenden darf, um Ihnen regelmäßig Newsletter mit Neuigkeiten zu unseren Produkten und Dienstleistungen zu schicken. Sie können Ihre Einwilligung jederzeit widerrufen. Weitere Hinweise zur Datenverarbeitung und Ihren Rechten finden Sie in unserer Datenschutzerklärung.

FAQ - Indicator of Compromise (IoC) Detection

For which business size is the Indicator of Compromise service suitable?

In principle the service is suitable for businesses with 50 IT systems and up to 15,000 IT systems.  

Does the Indicator of Compromise service protect against ransomware?

Our IoC service can also detect infections with ransomware. However, the strength of IoC detection services lies in their ability to detect and combat medium to long-term hacking attacks and manipulations.

Does the IoC detection service also find traces deleted by hackers?

Mostly. Hackers or malware try to delete traces after a successful compromise. However, since the metadata of the indicators is transferred to our backend at short intervals, they can be deleted by hackers or malware. 

Even if, for example, the IT system that was exploited for initial infection no longer exists, we can analyze all indicators of the IT system that no longer exists up to 6 months into the past. 

Can the IoC service be combined with a vulnerability management service?

Yes, our vulnerability management service is performed with the same software agent.

How does the deployment of the service work?

Once the exact scope has been defined, we provide you with a software agent that must be installed on the IT systems that are to be monitored. The software agent then begins collecting the defined metadata and transfers it to our Threat & Indicator Hunting backend. The first monitoring starts about two hours after installation.