We are proud to announce the latest release of Vision version 3.1. This release adds substantial enhancements both on the server platform and the Vision agent. This includes new app whitelisting bypass detections (regasm, regsvsc, and more), System.Management.Automation.dll PowerShell bypass techniques, and improved process injection detection. In addition, the agent has been slimmed down both size wise as well as impact and performance to the system. Currently Vision takes 0.01 CPU usage and 32 megabytes of RAM. A newly designed dashboard user-interface allows simplistic ease of information and quick access to relevant information about the latest indicators.
For the server side, there is new functionality called “hunting” which now gives Vision customers the ability to perform rapid discovery and hunt teaming from the Vision interface. This includes the ability to query all Vision events and raw log data immediately. Vision maintains a substantial amount of information that may not be directly within alarms (such as PowerShell commands, md5’s, file paths, executables, etc.) which can be valuable for additional analysis.
With the new version, hunting exercises as well as additional analysis of indicators of compromise can be quickly performed within seconds. What makes these capabilities powerful is in the event of an indicator, you can quickly search the enterprise for other systems impacted within seconds.
Binary Defense continues to focus on improving the Vision platform at a rapid pace and being ahead of the market. We believe that with our combined detection, deception, prevention, and managed security operations center, we can truly make a difference in detecting attacks in the early stages. With the release of Vision 3.1, we continue to push the envelope on making the top product that is focused on detecting attacks in the early stages.
Interested in Binary Defense's Vision Platform? Contact us to get up and running within a few minutes (it really is that easy).
Interested in what Vision is all about?
Check out the video below: