Securabit ECAT Podcast Feb 22nd: Old wine in a new bottle

Posted on February 16, 2012 by Chad Loeven

Our colleagues at Securabit will be hosting a live Podcast on February 22nd around 7:30PM with Pascal Longpre, our founder and CTO. It’s titled, Old wine in a new bottle: Why new variants of old malware keep slipping through. We’ll … Continue reading

ECAT now integrates Bit9′s GSR

Posted on February 15, 2012 by Chad Loeven

Silicium Security partners with Bit9 to provide the Bit9 Global Software Registry™ integrated in ECAT    By incorporating the Bit9 GSR, ECAT provides the broadest available software reputation service to its customers Montreal, QC, — February 15, 2012 — Silicium Security, … Continue reading

Introduction to ECAT – Video

Posted on February 13, 2012 by Chad Loeven

We’ve added a new video to our YouTube channel, Introduction to ECAT.  This short video shows where ECAT fits in to the enterprise security picture, and why rapid breach detection and compromise assessment are critical today. We cover how signature-less … Continue reading

RSA – your complementary expo pass

Posted on January 26, 2012 by Chad Loeven

If you’re planning on coming to RSA but haven’t signed up yet, we have complementary expo passes. Use code EC12SIL to register at https://ae.rsaconference.com/US12/portal/login.ww The full conference info is here and we’ll be at booth 340. There’s a handy floor … Continue reading

When being #1 means a 42% failure rate

Posted on January 16, 2012 by Chad Loeven

Recently Kaspersky was recognised as the top AV and Product of the Year by Av-Comparatives, a well known independent AV test lab.  This is a great accomplishment that the team at Kaspersky should be justifiably proud of, but for an enterprise … Continue reading

ECAT at RSA Conference 2012 – Feb 27

Posted on January 9, 2012 by Chad Loeven

We’re returning this year to San Francisco and the perennial crowd-favorite event, RSA Conference at the Moscone Center. The full conference info is here and we’ll be at booth 340. There’s a handy floor plan if you want to plan your route. … Continue reading

ZeroAccess – the movie

Posted on January 1, 2012 by Chad Loeven

Back in October we blogged about the recently uncovered (at the time) ZeroAccess kernel-mode rootkit and published some screenshots of how an infected machine looked when analysed by ECAT. We’ve gone back this time for another look at ZeroAccess and drilled down in more … Continue reading

How to bypass AV

Posted on November 25, 2011 by Chad Loeven

We came across this presentation given by Andrew King at this year’s Toorcon in San Diego and thought it was worth posting for some Thanksgiving reading. You’ll be able to follow along just fine if, like Andrew, you believe building polymorphic … Continue reading

Down and Dirty with Duqu – Analysis with ECAT

Posted on November 21, 2011 by Pascal Longpre

As part of our series looking at how ECAT V.3.2 detects and analyzes threats on compromised endpoints, we continue with one that has been getting a lot of attention in the media for some time now – Duqu. To recap … Continue reading

Poison Ivy (“Nitro”) and ECAT analysis

Posted on November 2, 2011 by Chad Loeven

In this blog post we continue in our series looking at how ECAT detects and analyses compromises that evade traditional detection This time, we’ve taken a look at a recent rev of Poison Ivy that was brought into the limelight by Symantec’s report … Continue reading