Baffin Bay Networks provides comprehensive mitigation against a range of severe and continually evolving threats, including malware and exploit code. We provide a unique combination of technical expertise and exceptional capacity and technology to ensure that our customers always maintain safe and efficient online functionality.
Constantly evolving threats
Although the threat picture is constantly changing, Baffin Bay Networks classifies threats under the following two broad categories: malware and exploit code. Malware, (malicious software), is an umbrella term that includes threats such as viruses, worms, Trojan Horses, and spyware. Exploit code is code or commands that exploit specific bugs or vulnerabilities in software or hardware.
How Baffin Bay Networks ensures comprehensive threat protection
Baffin Bay Networks ensures its customers are safe from currently known threats. Our Security Operation Center continuously monitors the dynamic threat landscape to offer the best possible protection for new attacks.
Our Threat Protection Center TM (TPC) operates a highly-sophisticated Threat Cloud, and executes all potential threats in a safe environment, (sandboxing). We extract files from the data stream, if the Threat Policy is configured to allow this, and send them to a caged operating system image platform – we support commonly used operating systems – where we emulate how files would be used on the endpoint.
We monitor everything that a potential threat does, for example whether it makes dependency calls to external files or Internet resources, or whether it attempts to retrieve other malicious software or exploit code.
Once a new threat has been identified, we automatically create a new signature that is pushed back to the data path of the TPC, where further mitigation is carried out in real-time.
We rely on advanced static and dynamic analysis of potential threats. Looking at the state of memory prior to, during and after a threat has been executed reveals potential heap spray-based attacks that seek to exploit potential vulnerabilities on the endpoint.
We provide customers with detailed information on all attempted attacks. Customers are also able to upload their own files to the Threat Protection Center TM (TPC) through an API to perform analysis of non-internet based threats that reach customers via external storage functions such as USB flash-drives.