InstantCheck™ - Cloud Security Gateway
Existing web security solutions focus on filtering threats within http channels. However, more and more web sites redirect users to https-encrypted tunnels for privacy reasons so existing security solutions are bypassed. Such applications include Google Search / Map / Mail / Drive / Doc / Plus / Chat / Youtube, Twitter, Facebook, Facebook Chat, Dropbox, Yahoo Mail, Microsoft Outlook (hotmail) / OneDrive / Skype / Line...
As cloud services prevail, researchers had indicated that more than 90% of traffic will be encrypted in https by 2020. Auditing and filtering web contents becomes an uneasy job but everyone pretends to be unaware of this issue because no solution is available. It's time to face the truth.
Face The Truth: Threats Inside Https Tunnels
FILTERING INTERNAL/EXTERNAL THREATS WITHIN HTTPS
Bandwidth abuse &
Global threat intelligence to stop DGA botnets via BlacklistTotal
Data leakage prevention
Award-winning Cloud Forensics
InstantCheck® was awarded by Enterprise Security magzine as the Top 10 Digital Forensics Company because of its ability to audit contents inside the clouds.
Botnet C&C / APT
Gmail / Outlook / Yahoo Mail
Facebook / Twitter
/ Google Plus
Line / Google Chat
Skype / Facebook Chat
Filter threats inside https
InstantCheck® has built-in license from the famous blacklisttotal.com® to update blacklists from many global threat intelligence agencies.
Update every 4 hours with global threat intelligence to rapidly stop the communications between botnets and hackers.
Google Safe Browsing®
BlacklistTotal connects to global threat intelligence to catch botnets hidden inside your https
Lawful Compliance for Digital Forensics in Clouds
Many sectors have their own lawful compiiance to audit communications, including personal information identification (PII) such as GDPR. Other lawful compliance includes SOX, PCI-DSS, HIPAA, SEC, FINRA, FSA, IIROC, FERC, NERC, CFTC, NFA. They all require electronic communications to be logged for many years. Network and content forensics, especially auditing the contents in the cloud via https, are neccessary for lawful compliance because crime activities tend to hide themselves into https encrypted channels.
Rich set of Add-on Modules
Aside from two built-in modules, InstantCheck® can optionally add two more optional modules:
Built-in WebPulse® URL Database:
Cutting-edge URL database especially for always-changing URL like illegal drama/porn video sites
Optional InstantLock® DLP:
Stop leaking of confidential data from insiders via http(s)/smtp(s)
Built-in BlacklistTotal® Threat Intelligence:
Integrate many blacklists from global threat intelligence with 4-hour update periods to stop botnets
Optional InstantAudit® End-Point:
Audit messages/files of your client messenger apps or USB devices
Existing web security solutions focus on filtering threats within http channels. However, more and more web sites redirect users to https-encrypted tunnels for privacy reasons so existing security solutions are bypassed. Such applications include Google Search / Map / Mail / Drive / Doc / Plus / Chat / Youtube, Twitter, Facebook, Facebook Chat, Dropbox, Yahoo Mail, Microsoft Outlook (hotmail) / SkyDrive / Skype / Line... As cloud services prevail, researchers had indicated that more than 40% of traffic will be encrypted in https by 2015. Auditing and filtering web contents becomes an uneasy job but everyone pretends to be unaware of this issue because no solution is available. It¡¦s time to face the truth.
Auditing Https By Regulatory Compliance
APPLY HTTPS DECRYPTION TRANSPARENTLY
Famous regulatory compliance includes Sarbanes-Oxley, PCI-DSS, HIPAA, SEC, FINRA, FSA, IIROC, FERC, NERC, CFTC, NFA, ... in many sectors. All electronic communications of an organization should be logged, recorded, and archived for years. However, encrypted communications are difficult to be audited so criminals are prone to hide themselves inside https. Digital forensics inside https are required for organizations to conform to the above mentioned regulatory compliance to avoid liability issues.
Your Transparent Https Solution
DECRYPTION WITHOUT USERS' AWARENESS
Painless deployment is essential to make users unaware of the https solution. Without dispatching an agent running on users' PC, InstantCheck can transparently hook https transactions and issue valid certificates to users' browsers. No client installment. No client reconfiguration on proxy settings. No restructuring network architectures. Just simply put InstantCheck inline then everything gets done. With a Cavium ASIC chip to decrypt/encrypt data in https, network performance is guaranteed without degradation. Above mentioned https applications can be logged, recorded, and archived transparently.
Rich Apps For Best-In-Breed Security
OPTIONAL PLUG-IN MODULES
In addition to auditing https contents, InstantCheck platform has invited best-in-breed security solutions:
(1) Google® cloud-based URL database for malware / spyware
(2) AegisLab® cloud-based URL database for botnet / C&C / malware detection
(3) OCR Lab® data recognition engine for data loss prevention (DLP) on outgoing files / messages
(4) NetAuditor® Line / Skype / WeChat recorder engine for recording messages / file transfers