AMS

Comprehensive inspection against APT

Keep your company secured From unknown, unexplainable APT

APT attacks are getting intelligent and persistent in changing their hacking paths or malicious code frequently, they get activated again even after they were removed. To protect company’s assets from such attacks, it is necessary to analyze malicious codes from multiple perspectives to prevent the spread of such attempts. Samsung SDS’s AMS solution keeps your company secured and well-prepared for sophisticated APT attacks systematically.

Major Services

Meet the most optimized integrated disinfection/quarantine solution to respond to APT

Visibility of file inspection via dashboard
- Collect and monitor a status of files exchanged in the company came from outside and shared in-house networks
- Understand the trend and flows of attack via intuitive dashboards
- Pre-process inspection files based on threat and inside information
- Combine the results of heterogeneous and dynamic analytics solutions to define malicious files.
Reliability with quick response to APT
- Block a potential negative impact or disruption due to the inflow and spread of malicious codes
- Inspection platforms to enhance system interface to share various types of files
Multi-dynamic analytics
- Analyze/store/share collected files suspicious of malicious codes from various sources
- Have solution-interfacing adapters for responding to major APT attacks (RSA Netwitness, FireEye AX, Ahnlab MDS, Secui MBAS, etc.)
Support for validated response process
- Share a situation by integrating with monitoring and related systems immediately upon APT attacking
- Adopt Samsung SDS’s process methodology and respond systematically and effectively, upon taking follow-up actions

01

04

Features

Optimal analytics process
File collecting, pre-processing, data standardization, analytics results are all automated under the APT analytics process to detect malicious codes. Analysts and relevant divisions can share and spread a situation to respond it immediately with APT response functions.
Flexible file collecting and multi-dynamic analytics
To minimize security threat, it collects files from multiple sources where external files are inflowing into such as Internet network, affiliates’ network, FAX network, website bulletin boards as well as file sharing network. Moreover, integration with multi-dynamic systems from collected files allows a more accurate and elaborate analytics.
Integrated monitoring and log management
Dashboard displays security status and major events, and checks analytics results of real-time malicious code inflow and their details. Moreover, event type, IP address, MD5 and other file information are checked, so they are aligned with sites to check reference from the 3rd party for a simple analytics and operation.

Use Cases

AMS use cases

Block and inspect attack intrusion into network-separated settings
AMS solution integrates with network-connected solutions under the network-separated settings, to collect all files flowing into in-house networks and to decide whether to send files according to analytics. That blocks APT attacks into in-house networks in advance and prevents any security incidents.
Analyze and block malicious codes inflowing to Internet
Extract and analyze traffic files on the top layer of business network to inspect a complete traffic coming in to customer’s network. Integration g with dynamic analytics solutions and cross-check enable a more accurate analytics on unknown APT attacks.
Analytics and attack prevention for uploaded files on websites
Recognize malicious codes attacking many visitors or attempting APT attacks by uploading files on website postings. So, it supports an integrated inspection setting to stop or block suspicious behaviors immediately.

Resources

Learn more about AMS

Related Offerings

Find out more about our offerings

SingleID

Enabling authorized users to access information assets more easily with one single authentication. Reinforcing account security through access management and abnormal authentication monitoring.

Learn more

Endpoint Security

Enhance your endpoint security posture by effectively managing and controlling endpoint security threats

Learn more

FPMS

With the work automation solution to operate firewalls, human errors will be prevented when operating firewalls of multiple vendors. Through rule optimization, policy-related errors can be prevented.

Learn more

SDBE

Database encryption service for enterprises to protect data with its verified security. Protect your personal information and important data from the data leaks and hacking that occur in many cloud servers and on-premise environment.

Learn more

SentinelOne

This is the security solution to protect the end point from various types of attacks in all stages of the life cycle of threats by utilizing AI technologies. Based on the learned insights, you can respond to threats more quickly but firmly.

Learn more

STORM AI for Web

Security service that detects website attacks by using AI. Protect your websites safely with up-to-date attack tactics.

Learn more

Monitoring an overuse of inside information

Detect the abuse of inside business information with big data-based scenarios and behavioral pattern analysis. It always monitors the use of proprietary information and sends warnings for any unusual activity. Prevent information leakage in advance.

Learn more

Let’s talk

Whether you’re looking for a specific business solution or just need some questions answered, we’re here to help