It can be argued that the root of most security problems stems from the pervasive use and deployment of Default Allow architectures and security postures. Maximum security typically dictates that nothing should be trusted, and everything be scrutinized before a user is allowed to execute or open a file. This has such huge impacts on productivity that implementing such a policy is simply too difficult to achieve in the real world.
Introducing Valkyrie, Comodo’s cloud-based, crowd-sourced threat intelligence and verdict-driven analysis platform that fully implements a Default Deny architecture and security posture.
For the first time, organizations can totally eliminate the window of threat exposure and achieve a “Zero Patient Zero” condition.
Valkyrie, Comodo’s cloud-based file analysis tool, correlates the local view of the file’s activity with a global view. This avoids false positives and false negatives while providing an accelerated verdict to identify malware at the endpoint. The result is that unknown files stay in containment for the shortest time of any containment solution on the market and are usable while in containment. Valkyrie combines static, dynamic and human expert analysis with machine learning techniques to deliver a verdict on more than 95% of the unknown files it sees in less than 45 seconds. Files needing more in-depth analysis will undergo human analysis by security experts within Comodo’s Threat Research Labs (CTRL)
With over 73 billion file queries and 300 million unique unknown files submitted annually, Valkyrie provides a verdict for over 200 million known and 1 million unique, unknown files each day, generating a huge knowledge base to allow for extensive file verdiction, which speeds up decision time and reduces compute resources.
Now, the malware problem can be declared “solved,” and there is no longer a “patient zero.” Comodo’s Default Deny platform incorporating Valkyrie ensures that there are no unknown files able to inflict damage on unsuspecting users while allowing maximum usability. The result is guaranteed protection without loss of time, money or user productivity.
Comodo’s position as the world’s largest certificate authority provides Valkyrie with unique insight into known good applications, publishers and even OS level processes. Unlike simple whitelisting, Comodo is directly involved in digitally signing and validating the “known good” and shares that intelligence with Comodo Advanced Endpoint Protection as well as with the Valkyrie File Analysis Platform. Inversely, Comodo Threat Research Labs (CTRL) leverages over 85 million endpoint installations across consumer and enterprise networks, providing excellent visibility into the “known bad.” This combination allows for a low compute way to quickly detect and defend against known threats, freeing up compute for advanced detection methods. When an unknown file or process is submitted to Valkyrie through the Valkyrie Portal or Comodo AEP, the resulting analysis – and Accelerated Verdict – provide global coverage and the elimination of patient-zero