Customer Profile: Manufacturing

Radwell is the world's largest supplier of new and used surplus equipment and the largest supplier of industrial electrical and electronic control equipment. Radwell provides specialized industrial electronic equipment to many manufacturing companies, including automakers, chemical plants, food processing plants, municipalities, government agencies, power plants, exporters, plastic molding, steel mills and many other business sectors. There are more than 900 employees around the world, all using the Windows 10 operating system and using Microsoft's own security guard for EDR (Endpoint Detection and Response).

challenge

John Janthor, vice president of information technology at Radwell, said the company pays close attention to news about cyberattacks. The company's founders and board focus primarily on the risk of undocumented and threat avoidance, and have made security a key component of their business continuity planning and risk management process.

Janthor also noted that Radwell, as a global company, needs to comply with GDPR and PCI standards when it comes to data security and privacy. These requirements forced Radwell to think carefully about their market and how to protect customers under a magnifying glass. Combined with their concerns about fileless threats, these privacy regulations made Radwell a strong need for a high-performance cybersecurity solution.

"For us, security is about business continuity, and our risk assessment revealed a vulnerability in our security posture: preventing unknown attacks from entering memory and using fileless techniques, we also needed instant visibility and security," Janthor said. Streamlined action."

Ultimately, Radwell wants to be proactive in cyber defense to mitigate the risk of fileless, evasive threats. They assessed the downtime and irreparable damage caused by cyberattacks and realized that these costs dwarf the cost of any cybersecurity solution.

solution

Radwell recently adopted Microsoft's overall security strategy and sought a solution that would be tightly integrated with their existing Microsoft Endpoint Defense license. As part of the evaluation process, Janthor said they tested all major endpoint protection vendors for protection against fileless attacks, evasive malware and memory exploits.

"Security is a never-ending journey for us. When you're content with what you've accomplished, the bad guys look for new and innovative ways to bypass the systems you've implemented. Plug Morphisec into a connection to Microsoft Endpoint Defense A major milestone in our security journey. For the first time, we have high confidence that zero-day, extreme advanced threats will be blocked by Morphisec and can seamlessly enter Endpoint Guard for full visibility, reporting and remediation steps."

– John Janthor, Vice President of Information Technology, Radwell International

Morphisec was selected after a rigorous evaluation for its ability to block threats for Radwell and its tight integration with Microsoft. Janthor said: “Morphisec integrated so well, it looked like they were using a solution from one vendor. We became really focused on stopping sophisticated memory attacks and fileless attacks before the actual crime happened. Only Morphisec was able to prevent us Seeing more and more common unknown memory attacks. For us, it's the best of the bunch and it feels like it was designed and implemented as a single package."

in conclusion

With Morphisec and Microsoft Defender for Endpoint, Radwell can now protect against unknown fileless attacks and in-memory threats with full visibility within the Microsoft Defender for Endpoint Security Center. Morphisec's Zero Trust Runtime solution is based on moving target defense technology that keeps attackers ignorant of the in-memory environment and quickly surface threats in Microsoft Defender for Endpoint Security Center. This enables analysts to quickly identify and remediate threats blocked by Morphisec.

Morhpisec – at the forefront of cybersecurity

Morphisec has proven the power of this technology as a leader in moving target defense. They have deployed MTD-powered vulnerability prevention solutions in over 5,000 enterprises, protecting over 8 million endpoints and servers daily from many of the most advanced attacks. In fact, Morphisec currently blocks 15,000 to 30,000 ransomware, malware and fileless attacks per day that NGAVs, EDR solutions and Endpoint Protection Platforms (EPPs) fail to detect and/or block. (e.g. Morphisec customer success stories, Gartner Peer Insight Review and PeerSpot Review) Examples of such attacks that are blocked on day zero where other NGAV and EDR solutions fail to block include, but are not limited to:

Ransomware (eg, Conti, Darkside, Lockbit)

Backdoors (eg, Cobalt Strike, other memory beacons)

Supply chain (eg, CCleaner, Asus, Kaseya payloads, iTunes)

Malware downloaders (eg, Emotet, QBot, Qakbot, Trickbot, IceDid)

Morphisec provides solutions for critical applications, windows and linux local and cloud servers, 2MB size for rapid deployment.

The free Guard Lite solution turns Microsoft's Defener AV into an enterprise-grade solution. Allows businesses to control all endpoints from a single location. Please contact us to get it for free!

Hongke is a provider of resource integration and technical services in various professional and technical fields. Hongke Network Visualization and Security Division, with profound industry experience and technical accumulation, has established close cooperative relations with top suppliers in the world, such as Apposite, LiveAction, Profitap, Cubro, Elproma, etc. in recent years. Our solutions include solutions for network traffic monitoring, network traffic collection and optimization, end-to-end network performance visualization, network emulation, network endpoint security (dynamic defense), IoT device vulnerability scanning, and secure network time synchronization. Hongke engineers actively participate in the activities of professional associations and alliances at home and abroad, and attach importance to technical training and accumulation.

In addition, we actively participate in the work of industry associations such as the Industrial Internet Industry Alliance and the China Communications Enterprise Association, and have made important contributions to the popularization of advanced technologies. We summarize sustainable and reliable solutions in continuous innovation and practice, insist on thinking together with customers, find and solve problems from the perspective of engineers, and provide customers with perfect solutions.

Original title: [Hongke Terminal Security Case] ​​How does Radwell effectively prevent fileless attacks and in-memory threats?

Article source: [WeChat public account: Guangzhou Hongke Electronic Technology Co., Ltd.] Welcome to add attention! Please indicate the source of the article reprint.

Reviewing Editor: Tang Zihong


Leave a Reply

Your email address will not be published. Required fields are marked *