Aug 23

Vision EDR Platform Disrupts Another Phishing Attack, Sorry Bad Guys

Binary Defense Vision EDR can easily detect macro malware leveraging Windows PowerShell and, in this case, helped a customer defend against the Emotet downloader Trojan.

read more →
Aug 22

Announcing Vision 4.0 Platform – Managed EDR Combined with EPP

Introducing Vision 4.0 Platform Managed Endpoint Detection and Response (EDR) with built-in Endpoint Platform Protection (EPP) by Binary Defense.

read more →
Jun 28

Binary Defense Acknowledged as a Representative Vendor in Gartner’s Market Guide for Managed Detection and Response Services

Binary Defense, a leading provider of Managed Detection and Response (MDR) and Managed Endpoint Detection and Response (EDR) services, is happy to announce it has been identified as a Representative Vendor in the Gartner "Market Guide for Managed Detection and Response Services" report.

read more →
Nov 15

Binary Defense in Gartner EDR Market Guide

Binary Defense is proud to be included in Gartner's most recent Market Guide for Endpoint Detection and Response Solutions.
read more →
Aug 17

Enhanced Endpoint Protection: FedEx Invoice Variation

Endpoint Protection Requires More than Just Anti-Virus

Binary Defense’s Vision Platform recently detected a new variant of the FedEx invoicing phishing campaign widely used for mass email campaigns. The FedEx campaigns are nothing new and have been around forever. Variants spawn quite frequently, but the techniques are continiously changing. Anytime you can elicit users for action on possible disruption of services (such as FedEx invoices, or missing packages), the success rate jumps up and is still effective today.

Since Vision works differently than other malware detection programs by focusing primarily on behavioral analysis to detect suspicious/abnormal patterns, it was successful in identifying this new variant. At the time, most anti-virus product lines were unable to detect this malicious code. 

read more →
Jul 13

The Vision Platform Adds Support for OS X and Linux

Binary Defense is excited to announce additional supported platforms for the managed endpoint detection and response (MDR) software called Vision. When we first released Vision, it was with the mindset of identifying early warning indicators of compromise (IoC) and to provide companies immediate visibility to threats happening real-time. With this release, we gain additional visibility and coverage on multiple platforms including macOS (OS X) and Linux. This release also adds continued enhanced detection capabilities ranging from more generic/commoditized attacks all the way to extremely advanced attack vectors and through the attack lifecycle. We have a newly designed dashboard, which helps with easy analysis of alarms, and rapid response and mitigation with containment mode.

read more →
Jun 14

Binary Defense's Vision Platform 3.1 Released

We are proud to announce the latest release of Vision version 3.1. This release adds substantial enhancements both on the server platform and the Vision agent. This includes new app whitelisting bypass detections (regasm, regsvsc, and more), System.Management.Automation.dll PowerShell bypass techniques, and improved process injection detection. In addition, the agent has been slimmed down both size wise as well as impact and performance to the system. Currently Vision takes 0.01 CPU usage and 32 megabytes of RAM. A newly designed dashboard user-interface allows simplistic ease of information and quick access to relevant information about the latest indicators.

read more →
May 16

New Video Explaining Binary Defense's Vision Platform

When it comes to what we’re doing here at Binary Defense, our greatest strength is our team and being an extension of the security team. With Binary Defense's Vision Platform, the ability to get insight into what's happening from an attacker’s perspective becomes simple. Our goal with Vision is to provide our attack intelligence and the visibility you need - from day one. Combined with our managed services, having a true extension of a security team becomes possible and maintainable.

read more →
May 02

PowerShell Injection with Fileless Payload Persistence and Bypass Techniques

PowerShell continues to be the tool of choice for defenders, IT administrators, and hackers. The extensibility, support, and ability to have a full-fledged programming language at your fingertips provides a whole new level of Microsoft’s operating system that was drastically missing in the past. We are huge advocates of PowerShell at Binary Defense, and it is our number one go to when it comes to performing everything from simplified administration, all the way to automation testing and complex programs. In addition, for legitimate use for defense and administration, many tools such as PowerShell Empire, PowerSploit, and more are used by the security research industry as well as hackers.

read more →
Apr 25

Binary Defense’s Vision Platform v3 Released – Welcome to Containment

When we started with Binary Defense’s Vision platform years ago, we knew it would be a long road and something to where we would continuously get better over time. Our motto is to always do things the right way, and build in the knowledge of attack intelligence through the industry to help the industry get better in defense.

read more →