Filipi Pires
Security Researcher and Cyber Security Specialist
The purpose of these documents, it was to execute several efficiency and detection tests in some endpoint solutions, this document brings the result of the defensive security analysis with an offensive mindset performed in the execution many different Malwares in our lab environment.
Regarding the test performed, the first objective it was to simulate targeted attacks using known malware to obtain a panoramic view of the resilience presented by the solution, with regard to the efficiency in its detection by signatures, NGAV and Machine Learning, downloading these artifacts directly on the victim's machine. The second objective consisted of analyzing the detection of those same malwares (or those not detected yet) when they were changed directories, the idea here is to work with manipulation of samples (without execution).
With the final product, the front responsible for the product will have an instrument capable of guiding a process of mitigation and / or correction, as well as optimized improvement, based on the criticality of risks.