Browse By

Calendar

May 2025
M T W T F S S
« Jan    
 1234
567891011
12131415161718
19202122232425
262728293031  

Malicious Threat Detection Solution (RedSocks )

 

RedSocks  Malicious Threat Detection Solution Security invented a unique concept for detecting and fighting malware, and has developed an innovative new Solution based on this innovative thinking. Traditional network security tools mainly only monitor inbound Internet traffic (Sandbox, Firewalls, Anti-Virus, etc). The RedSocks Malicious Threat Detection Solution (MTD) focuses on monitoring outbound traffic to detect malicious behavior and breaches.

The RedSocks Probe/MTD architecture is plug-and-play and detects breaches by checking network traffic in real-time for all malicious communication to the Internet.

For RedSocks, the security and privacy of our customers’ data is our primary concern. Our systems, the MTD, and the flow monitoring setups are designed with that principle in mind.

Respond to Advanced

Persistent Attacks

Detection by design without alert overload, the RedSocks solution is built with APTs in mind. The behavior of endpoints dramatically changes once they are infected by an APT. The RedSocks Malicious Threat Detector (MTD) raises an alert and informs the user about which end-point devices are probably infected and which ones are certainly infected. It verifies the “likely infected” devices and alerts about any suspected malware activity to watch out for.

By exclusively focusing on traffic meta-data (so-called flow data) it becomes possible to perform analysis over longer periods of time. This enables detection of the most sophisticated malware and APTs. The MTD only monitors traffic meta-data and not the content itself, thus preventing compromise of confidential corporate information.

There is no additional network burden either as the Probe/MTD architecture does not send additional traffic over the network and is not setup as a MitM. Using the appliance has no impact whatsoever on the performance and reliability of the IT-infrastructure. These features make the RedSocks Security portfolio a unique combination of solutions for a secure and privacy-conscious network.

Virtual MTD 

The RedSocks MTD can also be delivered as a virtual solution. The RedSocks vMTD is a virtual version of the RedSocks Malicious Threat Detector (MTD), an appliance for analyzing IPFIX traffic streams for the presence of malicious behavior and malware. It can be deployed in VMware-compatible environments and scaled up according to the needs of the target network. This document describes the RedSocks vMTD’s requirements, as well as its installation and configuration steps.