No need to open up your sensitive environment to the Internet for signature updates and send your valuable data to cloud. Cognore delivers Cyber Security technology and services equipped with advanced technique algorithms in a self-contained sensor that doesn’t need any signature updates or cloud connectivity for any AI and machine learning analytics.
The Cognore technology goes far beyond the basic application and process whitelisting approach, and uses advanced algorithms to conduct 360 degree analysis of Operating System and software at kernel level to detect kill chain attacks and links of suspicious activities. This fundamental paradigm protects against Advance Malware, Zero-day, Ransomware, Phishing attacks, Insider Threat, APT and Nation State sponsored attacks without the need of constantly patching the machines. The core focus of technology is to validate computer operations for good behaviour at kernel level and block everything else, which allows it to defend against new and unknown attacks without any material performance impact. Rest assured that attacks like buffer overflows, RCE, ROP chain attacks and hidden backdoors in genuine services or programs will no longer work with Cognore sensor. One more added advantage of this technology is security team need not worry about end users cyber security knowledge to combat from Targeted Spear phishing , Drive by Download , USB attacks, that job is done by Cognore Sensor.
Cognore follows sequence of detection mechanism to identify suspicious activities in milliseconds including 50+ AV checks, processes, files and network analysis that inputs in to behavioural algorithm with negligible impact on performance using a light footprint of 20-40MB RAM. The kernel level deep analysis produces logs of detailed computer activity that is valuable for forensics and intelligence purposes. The kernel level protection means that even the computer administrators cannot bypass the visibility and protection provided by the product resulting in strong protection from insider threats.
The protection can be provided using a cloud or on-premise architecture thus protecting the computers even when they are located outside the corporate IT infrastructure. The Cognore security platform and algorithms are fully customised according to organisation’s threat modelling, business needs and data sensitivity.