Passionate about cybersecurity
Network Security team was the first specialized engineering team of Apriorit. For more than a decade, Apriorit developers, reversers, and researchers build challenging and fundamental technologies for threat detection, attack prevention, data protection, and monitoring systems.
system management in the core
There are two fundamental capabilities in the heart of each cybersecurity solution:
- in-depth system monitoring
(with drivers, hooks, and all around),
- system standard behavior change
(action blocking, redirections, data censorship, and many other variations).
With system programming and driver development in the skill profile, Apriorit has created a number of crucial system management technologies for all kinds of platforms, including Windows, Linux/UNIX, macOS, mobile OSs, and even firmware platforms.
System Management Technologies
- Hidden/Hooked Process Detection and Restore
- File Activity Monitoring, Permission Management
- Process Monitoring
- Registry Monitoring
- Network Activity Monitoring
- User login/logout monitoring
- System Event Monitoring
- Port Monitoring
- Desktop Video Capture
- System Sound Capture
- Print Management
- Silent Monitoring with Stealth Technologies
- Low-Level Bootloader Technologies
Data Exchange Management Technologies
- Device Security and Access Management
- Data at rest and data in motion encryption
- Smart file formats with embedded security
- Clipboard and Office Protection
- Email, Chat, Web Security
Next-gen Protection development
With the increasing number of advanced attacks, legacy monitoring and signature-based endpoint security systems become less efficient. At the same time, modern pattern-detection and behavior analysis based threat hunting platforms win the market.
Such products typically monitor system events and changes on the deepest levels incorporating advanced analytics and machine learning tools to detect anomalies and attack patterns. For example, an attack can be detected by a specific sequence of kernel function calls. Security solution needs to get access to this data and identify attack sequence whatever “noisy” the actual log is.
The more system data we can get, the more powerful platform we can build. Apriorit has developed a quite representative collection of such “detection points”.
Advanced Detection Technologies
- Various hook detection and restore (Splicing, EAT/IAT, SSDT and more)
- System component integrity check
- Hidden process detection (kernel and user level)
- Floating code detection
- Complete "hooked by" information retrieval
- Layer-by-layer inspection for multi-hooks
- Advanced process and memory dumps
- Kernel log inspection
Fundamental parts of a data protection system are access right management and encryption.
Apriorit has implemented a number of smart access management technologies from an additional level of virtual file system with corresponding representation restrictions to custom collections of permissions embedded directly into a document.
At the same time, encryption systems need to be built according to the strict set of modern security rules with corresponding architecture, exchange protocol, storage, and other requirements.
Apriorit constantly monitors modern best practices and algorithms to build both high performance and reliable solutions.