Automated scanning plus expert lead detection
We utilize a combination of static application security testing (SAST) and binary scanning, along with embedded machine learning (ML) algorithms to identify code that at first glance can look perfectly normal but is designed to damage your software system. Comprehensive scanning includes proprietary, open source, and commercial software components. The human element ensures that malicious code typically invisible to security tools because there are no vulnerability markers is also detected.
The process of identifying malicious code is broken down into two phases.
- Identify patterns of malicious code.
- Use ML to analyze frameworks/libraries to match the needed structures for the identified patterns.
The abnormal patterns are broken down into finer grained properties by creating a taxonomy or classification of malicious code components and, from this taxonomy, then generate an ontology to gain an understanding of how all the malicious components may interact to form a fully realized malicious code pattern.