Professional Documents
Culture Documents
Cyber 2.0 - Capabilities
Cyber 2.0 - Capabilities
Cyber 2.0 - Capabilities
0 system Capab
Cyber 2.0
capability’s:
Creating a comprehensive inventory of every process or file that was active since the
system was installed, stored information compromise from the following:
o Files
o Versions
o Installed location
o And various other information
Storing every network transaction on installed system – default setting is for 45 days
(data can be stored indefinitely – depending on storage size)
Analyze every installed software, version or executable using the file Hash, and show
you every known malicious software on your organization
Allow you to create, edit and modify Cyber 2.0 Dynamic list
o Nothing will get blocked
o But you will see what would or should have gotten blocked
Advantages:
Full view of the system
A complete and comprehensive Inventory
Fully analyses of the network
Disadvantage:
No defense mechanism
Isolation mode and Leveraged malware protection
Description: Designed to allow organization a fast and powerful protection against
ransomware and similar forms of attack, while keeping all the benefits of Monitor mode.
Isolation mode only blocks and prevent access to the file system, any other protocol are not
blocked, only reported.
capability’s:
All the benefits of monitor mode
Example of Protected Protocols:
o UNC
o SMB
o And similar Network File System protocol
Protect and wanted software from accessing the network file system
o Program with admin privileges will be blocked
o Access to map drive will be blocked
Dynamic list automation is supported in Isolation, allowing for smooth and almost
zero maintenance
No other protocol is blocked or effected
Advantages:
Full view of the system
A complete and comprehensive Inventory
Fully analyses of the network
Light wight and easily mange
Powerful protection against the spread and effect of ransom virus and similar
malicious software
Disadvantage:
Only the network file system access is protected
The first computer will be infected – the network will be safe
Defense Mode using advance Defense mechanism and
whitelisting
Description: Internal Defense is designed to bring the most cutting-edge defense into your
organization, it creates an unpassable chaos barrier between the computer of a specific
network, and not allowing any unknown or unwanted application to traverse the network.
Any attempt by a malicious software to bypass or deactivate the mechanism will cause the
offending software to get locked on the original computer, while the allowed programs keep
working unhindered.
capability’s:
All the benefits of monitor mode
All the benefits of Isolation mode
All communication is scrambled
All network traffic is subject to the dynamic list rules
Dynamic list automation is supported in Defense mode, allowing for smooth and
almost zero maintenance
Advantages:
Full view of the system
A complete and comprehensive Inventory
Fully analyses of the network
Light wight and easily mange
Powerful protection against the spread and effect of known and unknown malicious
software
Disadvantage:
The first computer will be infected – the network will be safe
Forensic Capability and advance device management
Cyber 2.0 has a very powerful and comprehensive monitoring, inventory and forensic
capabilities.
These abilities are based on both the Chaos engine and the Reverse tracking mechanism.
Every packet that traverses the network in or out of the computer, passes through the Cyber
2.0 Chaos Engine, and is being logged and the logs are sent to a central controlling server
(local or cloud).
The information is organized and analyzed by the central server. the user can view the
following data:
In case of a file system access, instead of a port there will be the destination path
and accessed files or doc
Incoming Broadcasts
Any application that was part of the chain of activation of that network flow
The System has Specialized web base tools that enable the Administrator easy access and
analyzing capability of the information.
The Reverse Tracking as tool for leveraging cyber defense
The Reverse tracking mechanism works on the application layer:
Every time that an application is being opened or an application is using, accessing, sending
data, communicating or doing any sort of interaction with another app or process, it is being
registered and logged and sent to a central controlling server (local or cloud).
The information is organized and analyzed by the central server. the user can view the
following data:
Display name and True name of the process or file - (when applicable – not all
process and files have a true version)
The version of each file or process (when applicable – not all process and files have a
true version)
The #md5
The System has Specialized web base tools that enable the Administrator easy access and
analyzing capability of the information.