The World has yet to see...
The performance and quality time tested by the quality sensitive enterprise customers in Japan
The AI power to the end point security and optimal user experience
Analytical power that both end users and managed service providers benefit from
Our mission is to BLOCK any unknown cyber attacks to your system and business

Features

Protects against endpoint APT
Reduces the risk of damage and increased costs for reactive measures.
Uses proactive technology to counter unknown threats
Uses "behavioral protection" for attacks on unknown vulnerabilities and unknown malware.
Boasts expansive track record of protection through proactive technology
Expansive protection track record using versions released before the attack occurred.

Points effective against APT

Endpoint protection that uses proactive technology is effective
For various reasons including system configuration and response policies at organizations that carry out APT(Advanced Persistent Threat) protection, the optimal solution for each organization varies. However, you could say that endpoint protection measure is one of the most effective measures for successfully minimizing risk and reducing costs for reactive measures.
Confirming endpoint effectiveness from 3 perspectives
What kind of measures are there against APT?
Threat "visualization" and "protection"
~Using protection measures to reduce costs for reactive measures~
There are numerous products that offer APT protection solutions. Measures against external threats can generally be separated into two categories. These are "visualization" and "protection." In recent years, sandbox products placed on the network gateway are common as measures for external threats. These are basically considered "visualization measures." Let's look at how this is different from "protection measures" of FFRI yarai, which is introduced at the endpoint.
Visualization measures
Advantages for gateway products include low introduction (installation) cost. By analyzing mirrored network traffic, the impact on the existing system can be minimized. However, as this is basically a detection solution that visualizes the attack, it cannot eliminate the risk of infection at the endpoint. In other words, there is a disadvantage in that reactive measures are necessary when a suspicious file is detected (when an incident occurs) and the cost of response is increased.
Protection measures
Disadvantages for an endpoint product like FFRI yarai include the considerable cost during introduction, as the product must be installed on each computer terminal. However, it also has the advantage that, as it can protect against the attack itself, it can prevent damages from occurring and reduce costs for reactive measures.
Why are endpoint measures effective?
Reduces damages and costs for reactive measures
~Endpoint protection measures prevent the attack from succeeding before reactive measures~
Reactive measures pitfall
Recently, due to the belief that it is difficult to protect against APT, there have been more organizations structured under the assumption that damages would occur, and more reactive measure solutions being introduced. However, if you focus too heavily on reactive measures and give up on protection, an attack will succeed which, of course, causes actual damage. Actual damages include not only primary damages such as information leaks, but also secondary damages such as a damaged reputation for publicizing facts, such as the information leak. A damaged reputation could even affect the company's profits. Furthermore, more successful attacks naturally lead to more cost for reactive measures.
Preventive measures
If, to avoid this kind of situation, endpoint measures that enable real-time protection could be improved to minimize threats, then risks such as damage and increased cost for reactive measures could be reduced. It is important to not only examine reactive measures, but to first take thorough measures for parts, in other words, endpoints, that need protection.
Why is "proactive technology" necessary?
Conventional "reactive technology" can't do the job
~Predicts the attacker's thoughts to counter threats in real-time~
Proactive technology counters unknown threats in real-time
APT always make use of the latest types of malware and vulnerability attacks (unknown threats). To counter these threats in real-time, it is necessary to stop relying on reactive technology based on pattern matching bases, such as signatures (pattern files) for past threats or cloud reputation services, and to apprehend unknown threats. If protection cannot be done in real-time, damages will occur. FFRI yarai does not rely on signatures or cloud reputation services, but uses proactive technology that detects the attacker's "malice" to protect against unknown threats.
To give a comparison for proactive technology...
We can compare the difference in threat detection methods between "behavior protection" that uses FFRI yarai's proactive technology and the threat detection method of "pattern matching" which is reactive technology to methods for arresting criminals. Important points in countering a APT include measures for unknown threats; however, a big issue here is preventing crimes by first offenders. In other words, the reactive technology of "pattern matching" is like an arrest that uses a wanted poster for a fugitive. Without a picture of the criminal who committed a crime in the past, there can be no arrest. On the other hand, FFRI yarai's proactive technology, "behavior protection," is like a police officer who recognizes characteristics, like suspicious behavior unique to criminals, and prevents a crime by a first-time offender before it occurs.

Five Behavioral Detection Engines of FFRI yarai

We protect your business

De facto standard for Anti-APT solution in Japan
No.1 choice by major Japanese global players
We block uncontrollable attacks
We protect your business

Track Record of FFRI yarai Protection

Elimination of Malware Threats and Vulnerability Attacks with Version Released before Damage Occurred!!

Protection Engine Release Date Occurrence/Report Date Unknown Threat (at the time)and Targeted Attack
July 2015 April 2016 Malware to obstruct automatic analysis
July 2015 April 2016 "PETYA" ransomware
July 2015 February 2016 "Locky" ransomware
July 2015 February 2016 "URLZone" malware
May 2009, June 2015 December 2015 "TeslaCrypt (vvv virus)" ransomware
June 2015 October 2015 "SHIFU" banking malware
November 2013 July 2015 Adobe Flash Player Vulnerability (CVE-2015-5122)
November 2013 July 2015 Adobe Flash Player Vulnerability (CVE-2015-5119)
August 2014 June 2015 "Emdivi" malware targeting the Japan Pension Service
December 2014 March 2015 "DRIDEX" banking malware
December 2014 February 2015 HDD firmware infection malware
November 2013 January 2015 Adobe Flash Player Vulnerability (CVE-2015-0311)
August 2014 December 2014 "System Destruction Malware" identified by FBI
August 2014 November 2014 "Emdivi" malware disguised as medical expense notification
August 2014 November 2014 Darkhotel malware
August 2014 November 2014 Ichitaro Zero-Day Vulnerability (CVE-2014-7247)
August 2014 October 2014 POS malware
March 2014 March 2014 Word Zero-Day Vulnerability(CVE-2014-1761)
November 2013 February 2014 IE Zero-Day Vulnerability (CVE-2014-0322)
January 2013 March 2013 Malware in cyber attack against South Korea

Operating Environments

FFRI yarai English Version
OS
(32bit)
Windows XP: Home, Professional, Media Center, Tablet PC * Service Pack 2 or later
Windows Vista: Home Basic, Home Premium, Business, Enterprise, Ultimate
Windows 7: Starter, Home Premium, Professional, Enterprise, Ultimate
Windows 8/8.1: Core, Pro, Enterprise
Windows 10: Home, Pro, Enterprise, Education
Windows Server 2003/2003 R2: Standard, Enterprise, Datacenter * Service Pack 2 or later
Windows Server 2008: Standard, Enterprise, Datacenter
OS
(64bit)
Windows 7: Home Premium, Professional, Enterprise, Ultimate
Windows 8/8.1: Core, Pro, Enterprise
Windows 10: Home, Pro, Enterprise, Education
Windows Server 2008/2008 R2: Standard, Enterprise, Datacenter
Windows Server 2012/2012 R2: Standard, Datacenter
Hardware
Environment
CPU: x86/x64-compatible processor of Intel Core 2 Duo or later
Memory: Windows XP, Windows Server 2003/2003 R2: 768 MB or more
Windows Vista, 7, 8/8.1, 10
Windows Server 2008/2008 R2, 2012/2012 R2: 2 GB or more
Hard disk:1 GB or more capacity available
File system: System and installation drives require NTFS
Virtual environment:The English version cannot be used in a virtual environment.
For more information about using a virtual environment, please contact FRRI.
Antivirus Software
that can be used
in Combination
Symantec Endpoint Protection (11 - 12)
McAfee Virus Scan Enterprise (8.7.0i - 8.8)
McAfee SaaS Endpoint Protection (5.2.0 - 6.0)
Windows Defender (Windows 8 or later)

■v2.7 or later only
F-Secure client security 12
McAfee Endpoint Security 10
*・・・The McAfee Exploit Prevention function must be disabled.
FFRI Enterprise Management Console English Version
OS
(64bit)
Windows Server 2008 R2: Standard, Enterprise
Windows Server 2012 Standard, Datacenter
Windows Server 2012 R2: Standard, Datacenter
Environment CPU: x86-compatible processor of Intel Pentium 4 or later
Memory: 2 GB or more
Hard disk: 100 GB or more capacity available
Internet Information Services (only supports operation using 32-bit mode)
SQL Server 2008, SQL Server 2008 Express
SQL Server 2008 R2, SQL Server 2008 R2 Express
SQL Server 2012, SQL Server 2012 Express
SQL Server 2014, SQL Server 2014 Express
SQL Server 2016, SQL Server 2016 Express
Microsoft .NET Framework 3.5 Service Pack 1
Microsoft .NET Framework 4.6.1(For SQL Server 2016.)