The home of tomorrow’s proactive Internet security solutions!
DayZero Systems Incorporated
DayZero SigFree Technologies -
A description of the major DayZero proprietary technologies that we use to varying degrees in each of our apps, depending on each apps’ particular purpose, in order to provide you with signature-free, zero day protection at a very reasonable price.
SIGFREE CODE ABSTRACTION
Checks whether an instruction sequence is part of a segment of an executable instruction sequence. Starting with a unique graphical representation of every possible transfer of control in a data stream, while avoiding duplications, useless instructions and dead ends are discarded, readying every viable code segment, from every possible starting address, for the Analysis module.
Stealth comprises several DayZero technologies that, together, defeat attempts to disguise the malware or avoid detection, such as polymorphism, encryption, metamorphism and self-modification. It also has the capability of making the malware vulnerable even though the authors have taken steps to protect it using anti-disassembly and anti-emulation techniques.
A set of methods that works to decrease the probability of losses by predicting the existence of malware and triggering actions that mitigate those losses while at the same time not causing ill effects should the prediction be incorrect. The actions that are triggered and the set of alarms available differ depending on the particular end user application provided by DayZero.
Typically following a SigFree Alarm, SigFree Confinement are methods used to proactively put a suspect process “on hold” to prevent damage while further analysis is conducted to determine whether the suspect is malicious. In SigFree Cerberus, this is part of a proprietary Contain and Relax system which forces worms to expose their self-mutation capabilities as well as filter out website requests that are not needed to display the web page content.
SIGFREE VULNERABILITY ANALYSIS
This technology is only applicable to network versions of DayZero Apps. Vulnerability Analysis is a method to predict the minimum time during which other devices on a network are safe from a potential malware object on a first device from the time an Alarm is sounded on the first device. This set of techniques is used to manage communications within the network and to determine action to be taken on other network devices.
SIGFREE MALWARE ANALYTICS
The set of methods which make a final determination of whether a suspect code sequence or process is malicious. The specific actions taken upon a determination that the suspect is malicious differ among the DayZero Apps. They vary from repetitive containments as a worm is allowed to expose its various modes of operation, to a quarantine, to informing the user of the degree of the threat and allowing the user to make a determination.