Overview

Targeted attacks continue to grow at an exponential pace, with the majority of attacks using application-level vectors to gain the first intrusion to a network. Malware of this type shares a common denominator: code that is traveling in and out of the network. The code is hiding or encrypted deep in the data streams of common applications such as Microsoft Office and Adobe Acrobat, where no one is looking for it.

The code is then executed, launching the attack by exploiting vulnerabilities inside the applications. Most anti-malware solutions are based on dynamic analysis and focus on identifying suspicious behavior. This method requires actually opening the object to be analyzed in the exact target environment. Once opened, the malicious code takes control and evasion is just one step away.

SoleGATE is the only solution that provides real time prevention against unknown threats.
Detect any code, anywhere

Detect any code, anywhere

Whenever there are hidden codes, encrypted and polymorphic payloads, shellcodes or other commands buried in files, SoleGATE finds them. Every time. SoleGATE does not need to open or execute the files in order to identify the hidden code. It does not rely on any signatures or external sources (such as blacklists, external inputs etc.)

Not susceptible to evasion technics

Not susceptible to evasion technics

Traditional Sandbox solutions execute the inspected item thus gives the malicious code a chance to try and evade it. Examples of evasion techniques are Human Interaction reliance, abuse Sandbox constrains and environmental diagnosis. SoleGATE does not require execution of the code thus minimizes the possibilities to evade detection.

Implement & operate without cyber-experts

Implement & operate without cyber-experts

The system does not require cybersecurity experts to implement and operate the system. Once deployed, SoleGATE Platform does not require signature updates, connectivity to Internet or other data repositories.

Eliminate Guess Work

Eliminate Guess Work

SoleGATE does not attempt to deduce from the file’s behavior whether it is “malicious” or not – a method which often provides inconclusive results. If a stream or file includes code, SoleGATE keeps it out.

Rapid Deployment

Rapid Deployment

SoleGATE is a virtual appliance installed on premise or on the cloud, hence does not require dedicated hardware for installation. Since it is platform independent, no complicated configuration process is required and the system can be up and running within hours of installation.

Provide conslusive results only

Provide conslusive results only

SoleGATE uses the DvC static analysis method which returns only conclusive results (“Code detected” or “Clean”) and does so rapidly, thus enables the customer to achieve real prevention by blocking malicious files or streams without any impact on performance and user experience.

Provide Wide Coverage

Provide Wide Coverage

SoleGATE provides the widest coverage regardless of the customer’s Operating System (Windows, Linux), whether it is a 32bit or 64bit and no matter the type and version of the client side application.

Extremely fast

Extremely fast

SoleGATE handles multiple files per second, allowing organizations to process large volumes of data without latency and without causing human-related bottlenecks and queues.

SoleGATE Email Protector

SoleGATE Email Protector is a virtual appliance, installed on cloud or on-premises, that detects and prevents cyber-attacks over the email attack vector, before they even enter the organization’s internal networks. One of the SoleGATE Protection Platform modules, SoleGATE Email Protector powered is by Solebit DvC Engine, uses patent-pending static analysis technology to inspect the email traffic for hidden code inside data objects, providing a conclusive result for each scanned email.

Real time prevention

Real time prevention

Powered by DvC engine SoleGATE Email Protector provides real time prevention by inspecting every incoming email and blocking weaponized emails.

Deployment options

Deployment options

SoleGATE Email Protector can be deployed in Prevention mode as an MTA or in Detection-Only mode using Mirror Port or auto BCC. Typical deployment examples include: Deployment on premises or on cloud between Mail Relay (anti-spam) and Mail Server:

  • Deployment for Microsoft 365 Customers
  • Deployment for Google Apps Customers

Wide coverage

Wide coverage

SoleGATE Email Protector provides the widest coverage, regardless of the customer Operating System is (Windows, Linux) whether it is 32bit or 64bit and no matter what is the type and version of the client side application.

Ease of use

Ease of use

Once deployed SoleGATE scans all incoming emails. Results are conclusive and malicious files are detected and blocked automatically. With a false positive rate of less than 0.00002% SoleGATE requires practically no human intervention.

Fully customizable notifications

Fully customizable notifications

SoleGATE Email Protector integrates with SIEM solutions (using syslog based notification) and enables to send customized email-based notifications to the blocked email’s recipients and to the SOC personnel.

Quarantine

Quarantine

Detected emails are stored in a quarantine, enabling the SOC to download and further investigate (if required), and to release emails to the original recipients when necessary.

Intuitive user interface

Intuitive user interface

SoleGATE Email Protector dashboard contains the summary of events / alerts and allows to generate report in order to obtain to get useful and relevant insights.

SoleGATE Email Protector is the only solution that provides
real time prevention from unknown threats.