Professional hacking attacks - such as Advanced Persistent Threats - often go undetected for months or even years, although indicators for such attacks usually become known after just a few weeks.
Using our continuous IoC detection service, our Cyber Defense Center monitors vulnerable IT systems and identifies evidence of malware and hacking attacks that have occurred over the past 6 months. Potentially compromised IT systems are analyzed, including for potential breakouts. Necessary defensive measures are initiated.
Become part of the 8com Advanced Threat Intelligence Network!
Our IoC detection service offers the highest possible transparency. Among other things, all connections - even internal ones - are stored, including the triggering processes and privileges.
Threat searches, suspicious activity detection, and OpenIOC analysis are performed, comparing billions of active and past system events to identify malware infections (Indicators of Compromise) and actions by potential attackers (Indicators of Activity).
Unlike traditional threat detection solutions, implementation can take place in a matter of hours. Threat detection starts immediately with full efficiency.
The following five types of Indicator of Compromise are monitored and reported by us for up to 6 months into the past. The data is collected on the monitored IT systems via Software Agent, meaning that manipulation by attackers is ruled out in most cases.
Of the monitored IT systems all network connections (including internal to internal) for running processes with local IP address and port, remote IP address and port, remote FQDN, protocol, status, process name, process ID, process arguments, image path, image MD5/SHA256 hash and many more are stored.
Of the monitored IT systems, all Mutex handle names and process names, process IDs, process arguments, image paths, image MD5/SHA256 hash, elevated status, running/terminated status, username, loaded modules, parent process name, parent process IDs and much more is saved.
For the monitored IT systems all registry keys, values, data, detection date, delete date, image details and much more are saved.
For the monitored IT systems file names, file paths, MD5/SHA256 hashes, file size, creation and deletion date, version and much more are stored.
8com monitors and protects the digital infrastructures of its clients in over 40 countries worldwide, from SMEs to global players. The company is one of Europe's leading providers of auditing and awareness services for information security. For more than 14 years, 8com's goal has been to provide its clients with the best possible service and to work together to achieve an economically viable, yet highest possible level of information security.
In principle the service is suitable for businesses with 50 IT systems and up to 15,000 IT systems.
Our IoC service can also detect infections with ransomware. However, the strength of IoC detection services lies in their ability to detect and combat medium to long-term hacking attacks and manipulations.
Mostly. Hackers or malware try to delete traces after a successful compromise. However, since the metadata of the indicators is transferred to our backend at short intervals, they can be deleted by hackers or malware.
Even if, for example, the IT system that was exploited for initial infection no longer exists, we can analyze all indicators of the IT system that no longer exists up to 6 months into the past.
Yes, our vulnerability management service is performed with the same software agent.
Once the exact scope has been defined, we provide you with a software agent that must be installed on the IT systems that are to be monitored. The software agent then begins collecting the defined metadata and transfers it to our Threat & Indicator Hunting backend. The first monitoring starts about two hours after installation.