Con esta herramienta te facilitamos un acceso a todas las ofertas y demandas de tecnología europeas y a búsquedas de socios para participar en propuestas europeas de I+D publicadas en la red Enterprise Europe Network, pudiendo filtrar los resultados para facilitar las búsquedas más acordes con tus necesidades.

¿Quieres recibir estos listados de oportunidades de colaboración en tu correo de forma periódica y personalizada? Date de alta en nuestro Boletín

Para optimizar los resultados de la búsqueda, se recomienda utilizar términos en inglés.

Empresa coreana especializada en soluciones de seguridad informática contra APT (amenaza persistente avanzada) y ataques ransomware busca un socio extranjero con el fin de establecer acuerdos de fabricación y comercialización con asistencia técnica

Resumen

Tipo:
Oferta Tecnológica
Referencia:
TOKR20171220002
Publicado:
04/01/2018
Caducidad:
04/01/2019
Resumen:
Una empresa coreana del sector de TI ha desarrollado una solución de seguridad informática que ofrece protección doble en la red y Endpoint (PC, ordenador/servidor personal) contra amenazas persistentes avanzadas (APT) y ataques ransomware. La solución de seguridad basada en comportamiento bloquea el malware desconocido en PCs y servidores. Otra ventaja es el precio competitivo en comparación con otros productos. La empresa ofrece su tecnología y producto al mercado europeo bajo acuerdos de comercialización con asistencia técnica y fabricación.

Details

Tittle:
A Korean IT company specialized in cyber security solution against APT (Advanced Persistent Threat) and ransomware attack and it´s looking for an overseas partner for manufacturing and commercial agreement with technical assistance
Summary:
A Korean IT company develops cyber security solution. The solution provides dual defense on network and Endpoint (PC, personal computer/server) against APT and ransomware attack. The company wishes to offer its technology and product to the European market under a commercial agreement with technical assistance and manufacturing agreement.
Description:
The company was established in 2008 to develop specialized malware detection/response solutions in the anti-virus centric security market. Eventually the company developed a product and provides the products to governments, universities, financial institutions, and enterprises. The company established a limited liability company and branch office in US and Vietnam in 2014 and has distributors in Japan, Indonesia, Taiwan, Malaysia, Thailand, Dubai. The company has achieved an export to Japan, US and Vietnam since 2015. Based on such achievement, the company aims to become a global security professional company that represents Korea in the future.

This company has 8 products and the 7 products can be largely divided into an APT solution for network security and EDR (Endpoint Detection -Y- Response) solution for endpoint security.

1) The APT solution is a hardware type and installed on network level. It has a built-in virtual machine, Sandbox. There are APT solutions for network security, email security and transferred file security in separate network environments.

The APT solutions for the network security is installed between firewall and network switch (Computer networking device that connects devices together on a computer network by using packet switching to receive, process, and forward data to the destination device) in mirroring way. The solution has built-in Sandbox (virtual machine), so it executes the downloaded file virtually in the Sandbox and monitors the happened behavior and determines if it is malicious, so it can defend against an unknown malware in advance.

3 steps analysis is proceeded in the product. First, it analyzes based on the signature of the malware. Next step is a static analysis based on behavior. The last step is a dynamic analysis based on behavior.

2) The second group is EDR solution which has been developed recently. This one is a software type and installed on the user´s PC or server. There are 4 types of products in the EDR group: an EDR product defending against APT on PC, EDR product defending against APT on server, EDR product defending against ransomware on PC, and SECaaS (Security as a Service), cloud type service of EDR product.

The main product in this group is EDR product defending against APT on PC. It is a software type and installed on PC to defend malware bypassing Sandbox (virtual machine) or attacking through encrypted communications such as SSL (Secure Sockets Layer).

If a user of a PC where the product is installed downloads a file, and if the file is registered on the Whitelist, the file is executed normally. If the file is not registered on Whitelist, the file´s execution is stopped and the file is sent to Inspector to be analyzed in the Sandbox. If the result is normal, the file is executed in the PC normally and added on Whitelist. If the result is malicious, the file is quarantined and blacklisted. This entire process is called ´Execution Holding function based on Whitelist´. The EDR product allows only the file registered on the Whitelist, so the Whitelist is more powerful at security than a Blacklist.

3) The company also provides a manager product, and it contains a web-based device and interface for central management and policy deployment and update of the company´s products.

In future, the company wants to offer its technology to the IT firms developing security software. OEM distribution under manufacturing contract and commercial agreement with technical assistance will be discussed. The company would also like to provide the technician training in the set-up stage.
Advantages and Innovations:
1) Behavior-based security solution saves PC and server from unknown malware

Existing security solutions such as anti-virus use signature-based technology; they can detect only known malware, so if unknown malwares attack the PC, Zero Day, a damaged period before generating vaccine, always occurs. A Sandbox (virtual machine), on the other hand, uses behavior-based technology, so it can respond against new and variant malware in advance without any damaged period.

But the traditional Sandbox (virtual machine) technology such as no.1 market share product is vulnerable to malware bypassing virtual machine and attacking through encrypted communication such as SSL (Secure Sockets Layer). To overcome these limitations, the company released EDR (Endpoint Detection -Y- Response) products recently. The endpoint is a PC or server and the EDR product provides endpoint security based on behaviors. (EDR is a term coined by a no.1 IT research company in the early of this year.)

2) Competitive price compared to other competitor products

The no. 1 market share product has their own Sandbox technology, so they´re strong at the network security, but week at endpoint security. However, this company´s product is strong at the network security as well as the endpoint security. In addition, this company´s product price is cheaper than global vendors such as no.1 market share product about 30%.
Stage of Development:
Already on the market
IPs:
Patents granted,Trade Marks

Partner sought

Type and Role of Partner Sought:
· Partner sought: IT company, System Integrator (SI), governments and educational institutions

· Specific area of activity of the partner: IT

· Task to be performed: contract or manufacture of the software

Client

Type and Size of Client:
Industry SME 11-49
Already Engaged in Trans-National Cooperation:
Si
Languages Spoken:
English

Keywords

Technology Keywords:
01006005 Network Technology, Network Security