Products and Services :: Razor
Overview
Managed Services
Active Defense
Razor
Responder Pro
Responder Field
Inoculator
Free Security Tools
Request Evaluation Software

The RAZOR Difference

Other perimeter security and some behavior-based solutions are built on sandboxing and other outdated methodology that can’t detect all unknown threats.  Razor captures all executable code within the Windows® operating system and running programs that can be found in physical memory, including targeted attacks, rootkits, injected code and custom malware so you can provide near real-time response.

Built on HBGary’s innovative, proven technology to detect targeted attacks at the host, Razor provides both perimeter- and host-level threat information for the industry’s most comprehensive view and analysis of today’s unknown threats.

Perimeter devices alone can’t protect sensitive data. Today’s targeted threats circumvent existing security technologies and infect the most vulnerable point on your system — the host. Organizations need to have an integrated solution that protects both the perimeter and the host.

“Like AV products, perimeter devices work on signatures or some level of sandboxing,but most of today’s malware easily bypasses these defenses. Since 2003, we have been analyzing, attributing and creating a science to detect malicious behaviors at the host where all malware is executed. With the addition of Razor to our Digital DNA-family of products, HBGary now offers complete continuous protection at both the host- and perimeter-level against custom malware, botnets and other targeted attacks,” said Greg Hoglund, HBGary founder and CEO.

Razor leverages HBGary’s core technology, Digital DNA™, the proven, behavior-based method for detecting targeted,  non-signature-based malware using physical memory.

HBGary Digital DNA analyzes programmatic behaviors to assign each binary a threat severity score, along with human-readable behavioral traits so organizations can immediately assess and respond to each risk.

Razor Performs Behavioral Analysis at the Perimeter

  • Captures documents in real-time passively from the network.
  • ‘Detonates’ these captured files within a virtual machine and performs extremely low level tracing of all instructions.This data is then used to recover clear-text information and behaviors that reveal whether the document is malicious.
  • Makes captured information available at the console for the analyst and generates a real-time alert
  • Detects known malicious command and control using a combination of DNS intelligence, protocol patterns, netblock reputation, and country of origin. The ruleset is updated as part of the Digital DNA subscription and customers can also specify their own custom rules.
  • Automatically can block all further traffic associated with the malicious site and/or document. HBGary provides regular updates for the Digital DNA™ behavioral rule set.

Unparalleled Threat Intelligence

  • Command and control protocols, IP addresses, malicious URL’s and DNS
  • Host level information, MD5 checksums, malicious file paths and registry keys
  • Exploit details and execution traces
  • Full packet captures

Read the Razor Datasheet

About HBGary Digital DNA™

Without relying on the operating system which itself may be subverted, HBGary Digital DNA™ uses automated physical memory analysis to reveal all running software and their underlying behaviors to flag malware and suspicious binaries. Malware threats are automatically detected and displayed on the dashboard console. These malware behavioral traits provide quick threat metadata — critical threat intelligence needed to protect today’s enterprise systems against advanced targeted and unknown attacks. HBGary Digital DNA™ is currently deployed at Fortune 500 corporations and leading government agencies.

HBGary’s Continuous Protection Product Suite

HBGary’s Continuous Protection product suite provides host-level and perimeter-level protection critical to protect data, transactions and intellectual property.By monitoring physical memory, raw disk, and live operating system across the Enterprise, HBGary provides an unprecedented view of known and unknown threats. This threat intelligence can continuously be updated to your existing security infrastructure to mitigate risk -- eliminating need for expensive forensics and reducing cost/time required for incident response. HBGary’s Continuous Protection product suite includes Razor, Inoculator, Active Defense, HBGary Responder and Digital DNA.

Request Evaluation Software