Malware detection platform

ManTech upgrades enterprise malware defense platform

Government IT managers are always looking for ways to stay ahead of cybersecurity threats. To address the increasing need for enterprise threat detection tools, ManTech updated its Active Defense endpoint malware protection platform to better streamline detection and incident response.

Active Defense 2.0 identifies specific behavioral traits of processes running in memory and helps security teams detect new malware, including zero-days, rootkits and targeted attacks.

Active Defense's collection and analysis tool helps incident responders determine points of infection, identify lingering malicious files and system changes and generate threat intelligence to harden endpoints against future attacks, ManTech Cyber Solutions International said in its announcement.

By streamlining the detection and incident response lifecycle, Active Defense allows security teams to rapidly scale investigative efforts to tens of thousands of endpoints without the expensive help of highly skilled analysts.

Active Defense detects malware using ManTech’s Digital DNA behavioral analysis to score traits that recognize breach indicators and identify new malware. It collects and analyzes critical digital artifacts from physical memory and disk with a single click and displays aggregated status.

New enhancements to Active Defense 2.0 include:

A scalable infrastructure that lets incident responders apportion various functions of the Active Defense server onto multiple pieces of hardware. IT teams can also deploy Active Defense across geographically dispersed teams and multiple servers and still have enterprise-level malware analysis.

On-demand scanning of a host, without permanently installing an agent. Active Defense can automatically deploy the scanner, perform the scan and then remove it when complete.

Streamlined agent deployment.  Because Active Defense keeps count of deployed agents without licensing each individual, IT managers can adjust the number of deployed agents based on need.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected