Intelligent recognition of software and control of its integrity, security sensors, process execution  authorization.

 

Security Expert Pro

Security Expert Pro is built as a user interface for the core of the Cyberfort technology. It also has other components not directly related to the Cyberfort technology representing important tools to battle harmful programs. They include a built-in disassembler, tools for data processing in the hexadecimal format, components providing comprehensive information about the operating system and third-party software, search tools , etc.

Cyberfort Technology Core Components
 

System Process Control

Control of the processes running on your computer. Intelligent recognition of software and control of its integrity. No execution of unknown software without your authorization.  Automatic logging of all processes executed with detailed information about the timing of process execution, parent process, etc.The System Process Control is one of the key elements of the Cyberfort technology that allows to reliably protect the system from unauthorized start of a process, for example when you are surfing the Internet, protect your data and a privacy from hacker attacks, such as social engineering, drive-by-download, zero-day vulnerability exploitation, etc.

Security note
"Security Expert Pro" asks for your one-time authorization for the start of any unknown process.


Key Benefits

 In real-time displays the level compromise for each process
Full control of any process on your system
Simple and flexible network management system for every process
Advanced logging capabilities
Tracks changes in the operating system’s kernel and alerts of any suspicious activity
Three layers of execution protection
Unknown software alarm
Unknown software alarm
Fast security reporting
Fast security reporting
Keeps an easy to read register of security events taking place in the system
List of trusted processes for high level protection
Maintains a log of all network connections to simplify analysis of possible security incidents
Easy access to the virtual memory of any process
Communicates with the Windows firewall
Process snapshots for the comprehensive analysis of the internals

Process Compromising Control

Any process executed by the operating system can be compromised as a result of a hacker attack. Even in the absence of hacker attacks, the executing process can create potential "holes" in security, for example by opening unwanted ports, loading undesirable executable code into own context, etc. The Process Compromising Control helps the user evaluate a potential level of threat posed by the process.

Security note
"Security Expert Pro" indicates the compromise level for each process as green, orange or red in the main window of the Security Navigator.


Key Benefits

 In real-time displays the level compromise for each process
Keeps an easy to read register of security events taking place in the system
Simple and flexible network management system for every process
Uses more than 30 sensors detecting cybersecurity events
Tracks changes in the operating system’s kernel and alerts of any suspicious activity
Fast security engine. Provides maximum functionality using minimum system resources
Unknown software alarm
In real-time displays the level compromise for each process and helps you quickly and effectively address potential system

Process Network Control

Together with the System Process Control, creates an insuperable barrier on the way of any malware that may want to gain control over your computer system. Simple and flexible system of network rules providing an adjustable network barrier for any malware. It is well known that even legitimate software can spy against you sending your data out without your consent. The Process Network Control allows you to detect and prevent such events in order to protect your privacy.

Security note
"Security Expert Pro" asks for your authorization of network traffic if network rules for the relevant process were not defined earlier


Key Benefits

 In real-time displays the level compromise for each process
Simple and flexible network management system for every process
Simple and flexible network management system for every process
Allows to set network rules for different instances of the same root executable
Tracks changes in the operating system’s kernel and alerts of any suspicious activity
Maintains a log of all network connections to simplify analysis of possible security incidents
Tracks changes in the operating system’s kernel and alerts of any suspicious activity
Suspends and informs of any suspicious network activity
Tracks changes in the operating system’s kernel and alerts of any suspicious activity
Communicates with the Windows firewall

 


Rootkit Activity Control

Deals with the most dangerous type of threat that allows malware to remain invisible. The Rootkit Activity Control reports any suspicious activity in the kernel of the operating system, e.g., changes in the  System Descriptors Table, violation of integrity of core kernel components, etc.

Security note
Many antivirus software vendors use the SDT for their own purposes. Therefore, if you have an antivirus that intercepts SDT vectors, upon installing the Security Expert Pro you will receive a security alert due to the changes detected in the kernel of the operating system. Once this happens, check if all the SDT vectors intercepted are directed to the kernel module related to the antivirus software. If this is indeed the case, just approve them in the appropriate dialog


Key Benefits

 In real-time displays the level compromise for each process
Tracks changes in the operating system’s kernel and alerts of any suspicious activity. Allows to:
a) verify system components of the kernel at any moment
b) operate in the kernel’s virtual memory
c) restore the original vectors of the SDT
d) keep track on integrity of kernel components

 In real-time displays the level compromise for each process
Alert of suspicious activity in kernel level
 In real-time displays the level compromise for each process
Integrity control

Key Componets Control

Keeps track of changes in key components of the operating system, such as important parts of the system registry, file system and others, to prevent undesirable changes. Fulfills integrity check of system processes and user processes.


Key Benefits

 In real-time displays the level compromise for each process
Records changes in key components in the event log to provide for their subsequent recovery
 In real-time displays the level compromise for each process
Generates security events in case of integrity violation of a process or key components of the operating system