Ravi Raman, SVP & Head of Engineering at Paladion said, “RisqVU IST’s proprietary algorithms use IOCs, correlation of host interaction points, and situational awareness on cloud assets to predict and prevent attacks. Currently, IOCs are mainly used in forensics, and are used to articulate pieces of forensic data. IOCs are, however, important clues to spot the attacker or malware during its early stages. RisqVU IST leverages this information to serve early warnings that can prevent a breach.
Identifying IOCs early is one of the many RisqVU IST features. IST uses a host of other proprietary threat discovery mechanisms to build robust defences against current cyber threats. The platform has the capability to correlate various host interaction points like processes, services, and registry keys, across all servers to discover outliers. Suspicious events are converted to IOCs and feed in to its detection engine. The detection engine runs IOCs on the cloud infrastructure to find similar patterns. It also pushes the compromise likelihood higher if similar patterns are observed in other systems.
Antivirus solutions alone are not effective in detecting such outliers as they operate in individual machines. RisqVU IST operates from a central server and correlates data from all IT infrastructures to identify outlier patterns in host interaction points. This is a model that fits well for cloud computing or on-demand computing platforms.
