Provides Adaptive Banking Malware Detection without relying on signatures!
CSD for Web performs detection against Web based banking malware attacks such as Webinjects and Remote Access Trojan (RAT) sessions. CSD for Android is a security library that integrates into a native Android app and performs detection of rogue apps and Android Overlay Attacks such as Marcher and Slempo Android malware families.
Request a product demo
Apr 19, 2017 - Infosecurity magazine: Hundreds of Google Play Apps Infected with the BankBot Trojan
Apr 18, 2017 - Security.nl: Nederlandse banken doelwit van Androidmalware in Google Play
Apr 13, 2017 - The Hacker News: Android Trojan Targeting Over 420 Banking Apps Worldwide Found On Google Play Store
Feb 13, 2017 - Softpedia: Android Banking Trojan Marcher Targets Dozens of Apps, Bypasses Antivirus
Feb 13, 2017 - SecurityWeek: Thousands of Android Devices Infected by Marcher Trojan
Over the last decade we have tested hundreds of applications amongst a large number of industries such as banking, insurance, health, government, retail, telecom, gaming, software and postal. We known the common ground shared in web and mobile application security. We can tell you how your security level matches up against your industry peers. Are you doing worse, average or better?
The strongest part of the CSD dashboard is the configuration panel that allows malware experts to quickly change detection approaches, encryption keys or act on notification and trip wires that are triggered by malicious actors by switching between pretested detection configurations within one second.
Android overlay banking malware families are researched in our malware lab on a daily basis. The intel gathered from real life malware samples are used to improve detection of rogue apps. In addition, the known good approach is used in detection to build a proper intel base of potential rogue apps within the CSD Dashboard of a malware analyst.
CSD does not step outside the browser for security, privacy and maintenance reasons. Hence, it does not require the bank to deploy client-software on their user’s machine.
The portal is easy to use and tailored for different user roles. Malware experts have access to advanced configurations to change or disable detection approaches, signatures and detailed information about detections of malware. Functional maintenance and management have access to the dashboard and get statistics of the detections over time. The dashboard also includes geo-ip integration to show where detections are taking place. Technical maintenance can enable or disable parts of the system.
By collaborating with a large financial institution during the design of CSD we have put many efforts in easy integration in online banking and back-end fraud engines.
CSD integrates in custom and 3-party backend fraud engines that handle message formats such as JSON and XML without significant performance impact.