Advanced Malware Protection
Host Integrity Technology (HDF) 
The Challenge

Chief Information Security Officers today face a formidable challenge with increasing cyber threats.

Best security practice requires ‘’defence in depth’’. In practice, the options open are limited to security at the network level or at the end point.

 

This decision is made difficult because the network boundary is difficult to define, due to modern cloud computing and bring your own device trends. Where there is a boundary, protecting the network can be very expensive in terms of both hardware and ongoing operational costs.

 

Furthermore, the technology to defend the network is not robust enough to thwart all attacks and solutions need to cover all operating systems which require constant updates and patching.

 

End point security software solutions can be problematic for the user and eventually will be very expensive to support. Abatis HDF takes a different approach to end point security that is highly effective, simple and reduces operational costs to a minimum. 

Windows
Workstations

Windows
Servers

Linux

SCADA
Systems

Process
Control

CCTV
Systems

What is Abatis Host Integrity Technology (HDF)?

MALWARE

Abatis Host Integrity Technology (HDF) is an advanced technology that enforces system integrity and proactively protects against infection of computer systems by viruses, worms, key-loggers, root-kits, Trojan-horses and all manner of other malware.

ZERO DAY

This non signature-based technology defeats zero day and targeted attacks and uses a revolutionary new, patent protected method which does not use signature file updates, white-listing, heuristic analysis or sandboxing and therefore offers excellent zero day defence, very low maintenance overhead and no false positive or false negative results.

HACKERS

When deployed on supported Windows or Red Hat Linux platforms, Abatis HDF blocks malware infection in a simple but effective way. The same Abatis HDF technology has been proven to protect web servers against many hackers’ attacks. Denying any unauthorised modifications to the system, hackers are prevented from achieving their goals, such as web defacement and malware insertion thus effectively neutralizing any hacking activity

How Abatis HDF Works

Abatis HDF is a host based software only solution that is implemented as a kernel driver on Windows platforms.

 

It intercepts and mediates file write access to the computer’s permanent storage e.g. local hard disk, network shares and removable storage devices such as USB stick and external disk. It is designed to help enforce system and file integrity without complex management overheads.

It achieves this security objective by exercising robust access control over the writing of executable files and user-defined files (protected files) to a computer.

It protects against unauthorised modification and denies unauthorised write operations. While HDF blocks unwanted executables by default, the HDF system administration can define files for integrity protection according to the computer’s roles.

Abatis assumes that all systems it is about to be installed on are already infected. Once installed Abatis will identify any attempts by malware, morphing into a new variant (to avoid detection by old-fashioned signature-based AV) and will prevent this from happening. Abatis blocks the morphing attempt, alerts the CMC and records the activity in the local log and centrally.

ADS File Injection Demo

Abatis HDF provides rigorous cyber defence for organisations that are concerned about their privacy, Intellectual Property, financial data and reputational damage.

Abatis HDF allows organisations to enforce an ‘authorised software only’ policy on their company’s computers and protect against known and unknown threats.

For most corporate environments, Abatis HDF is rolled out in stages and there may be extant undetected infections on systems – often referred to as Advanced Persistent Threats (APTs). Abatis HDF’s unique operation and extensive audit log allows the malware to be identified. Abatis HDF can also reveal rootkit infections and facilitates the subsequent removal of such programs.

Abatis HDF is deployed on end point workstations and servers to enforce corporate security policy and provides detailed analysis and audit information. Abatis HDF stops malware infection and defends against hacker attacks.

Defeats zero-day malware, rootkits, Trojans, APTs and viruses/worms
Protects legacy and new operating systems from Windows NT4 to to the latest 32 and 64 bit Windows Operating Systems in REAL, VIRTUAL and EMBEDDED forms
Has a tiny software footprint (less than 100KB) (Core Module) that requires no ongoing updates
Prevents exploitation of Alternate Data Streams (ADS)
Is a non-signature-based protection for Windows and Linux
OUTBOARD GEAR
Is extremely fast in operation
Protects all permanent storage on the device, thereby ensuring no threats can penetrate
Provides anti-malware and anti-hacker protection

DEMO

SDBOT with HDF turned OFF 
(part 1)

An attempt to infect a Windows System with a virus called SDBOT with HDF turned OFF

DEMO

SDBOT with HDF turned ON (part 2)

An attempt to infect a windows system with a virus called SDBOT with HDF turned ON 

Abatis (UK) Ltd. 

The Woodstock

12 Kestrel Close

Ewshot, Farnham

Surrey GU10 5TW 

England 

Co. No: 05555919