Zerotect: PagerDuty and Polyverse detect and raise alerts on Zero-Day attacks
Detecting malicious scans can be the first indicator of a potential attack. Watching for things like port scans is commonplace in security circles, but how do you detect a BROP attack, or any other kind of buffer-overflow attack for that matter? Zerotect is a free and open-source agent that detects memory-based zero-day attacks and then raises incidents in PagerDuty, being the single-pane-of-glass for incident management. PagerDuty customers can thus be alerted to zero-day attacks in real time and manage remediations all other operational events.
View Documentation-
Detect zero-day attacks
Fileless or memory-based attack occurs when an attacker operates directly in memory, these attacks are often missed by traditional anti-malware solutions. Zerotect looks for the side-effects of these attacks rather than looking for the attack itself.
-
Single-pane incident management: Low cognitive load and tool proliferation.
Zerotect doesn’t add yet another monitoring/alerting solution to a customer’s portfolio. By integrating with PagerDuty, customers are alerted to zero-day attack incidents through a familiar and trusted tool they already use.
-
Free and Open Source: Zerotect is written in Safe Rust, open source and free of charge
Zerotect is free to download, use, modify and distribute (Open Source), written in Rust, it is small and efficient, and it is completely passive (i.e. it only observes a system and has no intercepting or interfering behavior.)
Learn More About Polyverse
Polyverse develops leading-edge cybersecurity technology to build diversity across multiple system dimensions, stopping attacks before they start. Its technology is used by government and security-conscious organizations to mitigate against zero-day memory exploits. It is also embedded into devices, hardware and security solutions to provide the ultimate protection against hackers.
LEARN MORE