Industry’s FIRST Real-Time Deep Learning Platform

Blue Hexagon not only uses deep learning, the most advanced subfield of machine learning, to detect network threats… but we do it in real-time. 

350,000
NEW malware samples created per day.

Signature
Based IPs

Signature creation cannot keep up with malware variants

Malware
Sandboxing

Sandboxes have delays, can be evaded and have file-size limitations

Anomaly/Behavioral
Detection

Anomaly detection requires baselining and delivers too many false positives

The Solution

.01
Identifies malware within subseconds, even zero days seen for the first time.

.02
No sandboxes. 
No signatures.
 No anomaly detection.
.03
Completely 
automated through
 deep learning.
 No human triage or baselining required.
.04
Automate prevention inline or orchestrate on firewall and endpoint

True Zero Day Attack Prevention

Combining HexNet™, our proprietary set of deep learning neural nets, with our pre-trained AI threat models, our real-time deep learning platform can detect known and unknown network threats in milliseconds. Unlike IPS and sandboxes with detection shortcomings and delays, Blue Hexagon delivers efficacy at wire speed without requiring any human triage.

User receives an email with a link to a Word document.

User downloads Word document with Macros. Macros contains code to launch a Powershell command.

The Powershell command fetches the Emotet malware, which gets installed on the user's endpoint.

Emotet reaches out to its command and control, uploads user information and retrieves further instructions from the attacker.

Emotet downloads additional malware, and spreads laterally. In one user, it began to send Spam email from the infected user.

Case Study: Detection of Emotet Zero-Day Malware

In one customer deployment, the Blue Hexagon real-time deep learning platform detected a multi-vector, polymorphic variant of the Emotet malware in subseconds. Emotet was a delivery vehicle for a secondary payload. Our deep learning models successfully provided malicious threat verdicts on the various phases of the Emotet kill chain. In contrast, the polymorphic nature of Emotet allowed it to evade several existing signature and sandboxing products that were deployed in the enterprise.

With Blue Hexagon