Partnering opportunity

A Korean IT company specialized in cyber security solution against APT (Advanced Persistent Threat) and ransomware attack and it’s looking for an overseas partner for manufacturing and commercial agreement with technical assistance

Summary

A Korean IT company develops cyber security solution. The solution provides dual defense on network and Endpoint (PC, personal computer/server) against APT and ransomware attack. The company wishes to offer its technology and product to the European market under a commercial agreement with technical assistance and manufacturing agreement.

Partner sought

• Partner sought: IT company, System Integrator (SI), governments and educational institutions • Specific area of activity of the partner: IT • Task to be performed: contract or manufacture of the software

Description

The company was established in 2008 to develop specialized malware detection/response solutions in the anti-virus centric security market. Eventually the company developed a product and provides the products to governments, universities, financial institutions, and enterprises. The company established a limited liability company and branch office in US and Vietnam in 2014 and has distributors in Japan, Indonesia, Taiwan, Malaysia, Thailand, Dubai. The company has achieved an export to Japan, US and Vietnam since 2015. Based on such achievement, the company aims to become a global security professional company that represents Korea in the future. This company has 8 products and the 7 products can be largely divided into an APT solution for network security and EDR (Endpoint Detection & Response) solution for endpoint security. 1) The APT solution is a hardware type and installed on network level. It has a built-in virtual machine, Sandbox. There are APT solutions for network security, email security and transferred file security in separate network environments. The APT solutions for the network security is installed between firewall and network switch (Computer networking device that connects devices together on a computer network by using packet switching to receive, process, and forward data to the destination device) in mirroring way. The solution has built-in Sandbox (virtual machine), so it executes the downloaded file virtually in the Sandbox and monitors the happened behavior and determines if it is malicious, so it can defend against an unknown malware in advance. 3 steps analysis is proceeded in the product. First, it analyzes based on the signature of the malware. Next step is a static analysis based on behavior. The last step is a dynamic analysis based on behavior. 2) The second group is EDR solution which has been developed recently. This one is a software type and installed on the user’s PC or server. There are 4 types of products in the EDR group: an EDR product defending against APT on PC, EDR product defending against APT on server, EDR product defending against ransomware on PC, and SECaaS (Security as a Service), cloud type service of EDR product. The main product in this group is EDR product defending against APT on PC. It is a software type and installed on PC to defend malware bypassing Sandbox (virtual machine) or attacking through encrypted communications such as SSL (Secure Sockets Layer). If a user of a PC where the product is installed downloads a file, and if the file is registered on the Whitelist, the file is executed normally. If the file is not registered on Whitelist, the file’s execution is stopped and the file is sent to Inspector to be analyzed in the Sandbox. If the result is normal, the file is executed in the PC normally and added on Whitelist. If the result is malicious, the file is quarantined and blacklisted. This entire process is called ‘Execution Holding function based on Whitelist’. The EDR product allows only the file registered on the Whitelist, so the Whitelist is more powerful at security than a Blacklist. 3) The company also provides a manager product, and it contains a web-based device and interface for central management and policy deployment and update of the company’s products. In future, the company wants to offer its technology to the IT firms developing security software. OEM distribution under manufacturing contract and commercial agreement with technical assistance will be discussed. The company would also like to provide the technician training in the set-up stage.

Advantages and innovations

1) Behavior-based security solution saves PC and server from unknown malware Existing security solutions such as anti-virus use signature-based technology; they can detect only known malware, so if unknown malwares attack the PC, Zero Day, a damaged period before generating vaccine, always occurs. A Sandbox (virtual machine), on the other hand, uses behavior-based technology, so it can respond against new and variant malware in advance without any damaged period. But the traditional Sandbox (virtual machine) technology such as no.1 market share product is vulnerable to malware bypassing virtual machine and attacking through encrypted communication such as SSL (Secure Sockets Layer). To overcome these limitations, the company released EDR (Endpoint Detection & Response) products recently. The endpoint is a PC or server and the EDR product provides endpoint security based on behaviors. (EDR is a term coined by a no.1 IT research company in the early of this year.) 2) Competitive price compared to other competitor products The no. 1 market share product has their own Sandbox technology, so they’re strong at the network security, but week at endpoint security. However, this company’s product is strong at the network security as well as the endpoint security. In addition, this company’s product price is cheaper than global vendors such as no.1 market share product about 30%.

Development stage

Already on the market

Intellectual Property Rights (IPR)

Patents granted,Trade Marks


Register your interest

How it works

  • Tell us about yourself
  • We’ll discuss with you
  • We put the right partners in touch

EEN help you find the right partner, rather than you going it alone.

Our role is to review and collate the most suitable submissions, and then send them to the client who posted the opportunity. We consult with you, and the client, to make the process professional and easy.

These are live opportunities. Your registration of interest on the site is just like a professional approach to a business at a networking event. To stand the best chance of success, make your submission really sing. Sell why the client who posted the opportunity should work with you. Excite them. Ask questions. Try and avoid copy and pasting words from elsewhere.

Once the client has chosen their partner, we'll introduce them over email and keep in touch with both parties to see how it's going. Sometimes things progress quickly. Sometimes because of changing priorities for either party, things progress slowly, but you never know - your next big business break could start right here.

?What value does EEN add?
This is your pitch: remember to include your unique selling points (USP) and why someone would want to do business with you
Tell us why you are a good fit for this opportunity, and why you think you're the right people for this partnership
If there's anything additional, or commercially sensitive you'd like to know about this opportunity, please let us know

When you entered your email address above, we emailed you a code to verify you're human and have access to that account.

?What's this?

What next?

To finish up, we just need some extra details about you and your company