Active Malware Defense Techology (Active MDT)

Sana’s latest technology, Active MDT, examines the combination of potential malware behaviors to identify malicious threats. Examining each behavior individually (as other behavioral security products do) will not sufficiently determine if a program is malicious, since malware is not a single behavior or process. The only effective way to classify malware is to analyze the combination of behaviors—and this is accomplished through Active MDT.

Sana’s Active MDT is a new, innovative approach to preventing malware from infecting and causing havoc to PCs and end-users through behavioral heuristics. Unlike signatures that handle only known bad or single-bit rules that can identify known good or known bad, Active MDT can identify a process or program that appears to be behaving good but actually has a malicious intent- the known and unknown grey. Malware has innate characteristics of how it behaves, including stealth (the ability to hide from the end user or security tools to avoid detection), survival (the ability to survive system reboots and continue operating) and mission (action to perform an intended goal). Active MDT has numerous built-in detection mechanisms to determine if a program is truly malware. This includes (1) stealth detection- identifying hidden files and processes, (2) survival- multiple generic and advanced methods for detecting programs that start automatically and (3) payload analysis (key loggers detection, unusual network activity, unusual system activity).