BluVector Debuts Security Industry First in Fileless Malware Detection

BluVector 3.0 is the Only Product to Deliver Real-Time Detection of Fileless and File-Based Threats on the Network


Arlington, VA (November 7, 2017) – Today BluVector, a leader in reinventing network intrusion detection, is now the first and only security vendor to offer fileless malware detection in real time on the network.

The proclamation comes as 2017 has seen a significant spike in “invisible” or “memory-based” cyber attacks on enterprises. This type of malware hides in the memory of a compromised machine and infects without leaving a trace on the machine’s file system, thus sidestepping traditional security and forensic tools.

BluVector’s new fileless malware detection capability, featured in the company’s new BluVector 3.0 release, is delivered by an advanced analytic called the Speculative Code Execution (SCE) engine. It is capable of emulating how code will behave when executed in memory, and flagging behaviors that are indicative of application vulnerability exploitation or shellcode misuse. Recent examples of threats that used such vectors of attack include Petya, NotPetya and WannaCry.

See how BluVector detects fileless malware threats in this video:

“Despite substantial investment in numerous security products, enterprises continue to be the victim of malware attacks and data breaches,” said Scott Crawford, research director for Information Security with 451 Research. “Fileless malware is an emerging tactic that attackers are increasingly adding to their repertoire to evade malware defenses. As evasive, fileless malware is extremely difficult to detect, security teams cannot rely on outdated tools. New solutions, such as BluVector’s 3.0, gives enterprise security teams a way to outsmart these more stealthy threats and significantly mitigate potential damage from a cyber attack.”

SCE runs in parallel with BluVector’s patented machine learning engine, which was trained and designed to detect file-based attacks, giving BluVector customers a complete suite to detect file-based, full fileless, and fileless attacks that become file-based further down the kill chain.

“Tackling the threat of fileless malware attacks can be daunting for even the most sophisticated organizations,” said Kris Lovejoy, CEO, BluVector. “While there are new endpoint technologies available which can help mitigate some of the risks, any security practitioner will tell you they simply can’t cover every network device, application, and mobile/IoT device. Our customers have been asking for fast, easy, and cost-effective ways to protect themselves against this vector of attack. We are proud to be the first to offer a solution.”

Available today, BluVector 3.0 addresses the growing threat of fileless in mid-sized and large organizations. In addition to fileless malware detection, BluVector 3.0 features include:

  • Virtual Appliance for ESXi: A software-only virtual appliance that customers can run on their VMware ESXi™-equipped hardware. By providing physical and virtual appliance options, BluVector enables a wider range of organizations to optimize their north-south and east-west security defenses while right-sizing their security investments.
  • Centralized Management: BluVector Central Manager enables Managed Service Providers and larger enterprises to manage, view data and configure an unlimited number of deployments from a single pane of glass.
  • Intelligent Decision Support System Enhancements: Targeted Logger allows analysts to dig deeper into security events by delivering highlighted network log entries, which have been pre-correlated to the events prioritized for analysis.
Team member
Micheal Mullen
Micheal Mullen currently serves as Senior Product Marketing Manager at BluVector. Previously, he’s authored or edited content on sites including Metalogix, ZD Net, Deltek, The Washington Post and L-3 Communications.

All Threat Reports