SparkCognition launched this week at Black Hat 2016 DeepArmor, an AI-powered anti-malware platform that promises to protect networks from many new and never-before-seen cyber security threats. This signifies a major industry advancement, of baking advanced artificial intelligence techniques, including neural networks and Natural Language Processing, into anti-virus (AV).
About 78 percent of security professionals no longer trust traditional antivirus because existing solutions cannot keep up with rapidly evolving malware. SparkCognition makes products that identify, analyze, learn, anticipate and adjust to impending and real time cyber security threats.
DeepArmor has trained on millions of malicious and benign files and has a proven track record of automatically detecting malicious files, such as ransomware, remote access trojans, banking and credit card trojans and malicious DLLs. With millions of new malware variants showing up each month, DeepArmor provides signature-free peace-of-mind without the need to constantly update anti-virus definitions.
DeepArmor is powered by critical technology that represents a quantum leap beyond
techniques used for malware generation or propagation. Pulling from proprietary SparkCognition automated model-building algorithms, DeepArmor, starts by looking at every unscanned file on a user’s desktop or laptop. It breaks each file into thousands of different pieces for initial review. It then elevates initially identified features using an advanced feature derivation algorithm to develop a comprehensive, multi-dimensional view of behaviors, workflows and techniques.
All of these individually analyzed components are then run through continuously evolving ensembles of neural networks to find patterns that may be malicious in nature. Because these neural networks are trained on a bevy of threat types, from worms to ransomware, many malevolent patterns present are unearthed and called out immediately, even if the file that contains them doesn’t have a known-bad signature.
DeepArmor takes a unique approach to endpoint protection by leveraging neural networks, advanced heuristics, and complex data science to find and remove malicious files. Instead of looking at static signatures, or even exploding files in a sandbox, DeepArmor looks at the DNA of every file to identify if any components are suspicious or malicious in nature.
DeepArmor uses cognitive algorithms to constantly learn new malware behaviors and recognize how polymorphic files may try to attack in the future. This keeps every endpoint safe from malware that leverages domain-generated algorithms, obfuscation, packing, minor code tweaks, and many other modern tools.