"Always-on" Malware Attack Remediation
LANVector installs on every Windows desktop and server in your managed environment. The agent connects to a real-time threat list, and simultaneously monitors egress network traffic from those Windows nodes, looking for suspect and know threats to your network. If high threat egress traffic is seen on that Windows node, LANVector kills the network traffic and the Window process creating the traffic.
All LANVector events are recorded to Windows events, and then forwarded to Vector Analyzer, or other SIEM platform as syslog. Most of today's high-threat malware are delivered as quiet code, and then updated over the Internet to full strength. LANVector stops the malware from communicating with the command and control server.
This software runs on any Windows desktop or server version supported by Microsoft, and can be delivered in bulk by automated software delivery platforms.
LANVector performs scanning of the host network packet destinations and reports AI cloud threat matches to Windows event logs, and syslog when using CyVectors EFA.
Easy installation, auto-runs on every reboot
Use case: One LANVector agent per remote office, install CyVectors event forwarding agent to send discovered paths to CyVectors Vector Analyzer or other SIEM platform
Discovers outbound (egress) network threats like malware command and control
Persistently kills any Windows process creating the outbound threat traffic
Find malicious traffic over trusted ports like 443 where malware likes to hide
Destroys command and control traffic before malware can fully deploy or execute exploits