logo3

Host-Based Malware Protection Is Failing

We created the worlds best beaconing detection/visualization tool that anyone can use. Why?  Because we are seeing a steady year after year increase in the amount of malware being produced. Some studies indicate that we are now seeing close to 300,000 unique pieces of malware per day. Malware writers have figured out that by continually altering their code and techniques, they can thwart the host-based protection designed to stop it. Of course that assumes that host-based malware protection is even a possibility. 2017 saw a dramatic increase in Internet of Things (IoT) devices being compromised and turned into some of the largest bot armies ever seen.

So it’s no longer a matter of “if” you will get compromised, but “when”. The real question is, when your host-based protection fails, do you have a method of detecting the compromise? For most companies the answer is “no” which is why compromises go undetected for 200 days or more. This extremely long detection time has lead to 2017 seeing some of the worst compromises in history. This upward trend is expected to continue in 2018.

What can you do? Click here to find out more about AI-Hunter

Take the Fight to the Enemy

Today’s adversaries are getting better and better at hiding their backdoor command and control traffic, and the data they’re sneaking out of your network. The skills gap to ramp up new SOC personnel is getting more and more difficult to bridge. Active Countermeasures offers you tools almost any IT pro can use to detect these malicious backdoors.
 
We are passionate about creating simple to use tools that quickly solve complex security problems. We’ve automated and streamlined the techniques used by the best pentesters and threat hunters in the industry. The result is AI-Hunter, a toolkit that can identify compromised hosts on your network regardless of the operating system, hardware or network link speed. With AI-Hunter you can quickly analyze millions of connection requests and easily identify which systems or IoT devices have been compromised.

Who & Why

John Strand, Paul Asadoorian and Chris Brenton have been on a long term quest to make the Internet more secure.

John is a published author, Senior SANS Instructor, the owner of Black Hills Information Security, and arguably the most recognized name in the threat hunting industry. He has also created some of the best open source threat hunting tools that are available. As a frequent webcast and Black Hat presenter, John has always been passionate about sharing his security skillset with the masses. His focus has been on empowering others to take the steps needed to secure their network.

Paul is the host and producer of Security Weekly, which has won multiple awards over its eleven years on air and is the most popular security podcast in the world. He’s grown this into a series of shows that specialize in different aspects of security. Paul is also a published author, presenter, organizer of multiple security events, and a leading researcher on embedded device security. Like John, his focus has been on sharing what he knows so that others can lockdown their network.

Chris has been a leader in the IT and security industry for over 20 years. He’s a published author of multiple security books and the primary author of the Cloud Security Alliance’s online training material. As a Fellow Instructor, Chris developed and delivered multiple courses for the SANS Institute. As an alumni of Y-Combinator, Chris has assisted multiple startups, helping them to improve their product security through continuous development and identifying their product market fit.  

Active Countermeasures is an effort to dramatically scale John, Paul and Chris’s vision of a more secure Internet. By providing security tools that are effective, easy to use and capable of protecting all types of systems, they hope to assist an even larger audience to implement effective security measures. We’ve all seen the “click and shoot” attack tools that the adversaries have in their arsenal. It’s time that we, the network protectors, also have tools that are just powerful and easy to use.

John Strand

John Strand

Chris Brenton

Chris Brenton

Paul Asadoorian

Paul Asadoorian