1WWW.deepinstinct.com | @2018 Deep Instinct. All Rights Reserved

Deep instinct For MSSPs

Deep Instinct SolutionDeep Instinct is the first and only Endpoint & Mobile Cybersecurity solution that is based on a proprietary deep learning framework that was specifically designed for cybersecurity. Our solution provides detection and prevention, against any file-based or file-less attack, for every operating system, on any device, in one unified platform, delivering unmatched accuracy and efficiency.The result - unparalleled cybersecurity prowess in blocking and preventing even the most evasive unknown, first-seen malware, including Advanced Persistent Threats (APT), zero-day attacks, and ransomware.

Deep Instinct provides the best Advanced EndPoint Solution with Multi-Tenant Management specifically built for MSSPs – allowing you to extend your offering with minimal overhead to your team.

Why partner with us?AEP Security:

Offer your customers an easy to use Advanced Endpoint and Mobile Protection with the highest detection rates and lowest false positives for all their devices - Windows, Mac, Android and iOS

ManagementManage your customer’s deployed AEP product via a unified, scalable, simple to use, web-based management console that supports a totally segregated Multi-Tenant environment built specifically for MSSPs

Customer SLAs:Meet your customer’s strict SLA requirements for handling malwares & APTs through the autonomous Deep Instinct client’s immediate Prevention (or detection and response) with minimal overhead to your team

Go-to-Market:Get Deep Instinct expert assistance to set up the operation; receive training and materials to position & sell the new offering. Manage and support any support issue during business days or on 24x7 basis

Ease of Business:Low setup costs, flexible licenses scheme through quarterly billed license bundles with a single, all inclusive price per seat

2WWW.deepinstinct.com | @2018 Deep Instinct. All Rights Reserved

Deep instinct For MSSPs

Program Highlights:

Sign up to the MSSP program (through approaching your distributor or Deep Instinct representative) and get started within weeks

You will be able to offer your customers the Deep Instinct Advanced Endpoint and Mobile Protection Product on a cost per device quarterly fee basis.

• Get bulks of endpoint and mobile licenses anddistribute to your customers as needed

• Recurring revenue opportunity usingquarterly billing

Manage Deep Instinct deployments to multiple segregated customers from a single management infrastructure, using a unified management console built specifically for MSSPs.

• Connect the Deep Instinct environment toyour SIEM/syslog infrastructure

• We support another hierarchy level (i.e. “MSPof MSSPs”)

Deep Instinct will help you with the operation setup and provide the following resources to enable you to sell and continuously provide the service to your customers:

• Deployment of the dedicated Multi-Tenancyserver.

• Annual on-site training for the MSSPpersonnel on how to position, sell, manage and maintain the Deep Instinct product.

• Marketing and technical material on theDeep Instinct product.

• Backend technical support for any issue thatwill arise – two tiers:• Standard support, during business days• Premium support, 24x7 basis for an

additional fee

• A quarterly co-branded threat-analysisreport that includes all events detected and prevented for the customer that quarter – the MSSP can send the report to all their customers

3WWW.deepinstinct.com | @2018 Deep Instinct. All Rights Reserved

Deep instinct For MSSPs

Deep Instinct™ Architecture:

Continuous Deep Learning

D-Cloud Services (Optional)

managment

Management Server Management Console

Autonomous Analysis EntitiesD-Clients

Deep instinctTM neural network

Deployments, brain and policy updatesFile

Classi

ficat

ions

Prediction Model

4WWW.deepinstinct.com | @2018 Deep Instinct. All Rights Reserved

Deep instinct For MSSPs

Deep Instinct™ Protection Layers

PRE-EXECUTION On-Access Static file-based analysis - Real-time threat prevention using a lightweight prediction model based on deep learning (D-Brain) that autonomously prevents zero-day and APT cyber threats. Supports the broadest file types in the industry, including executable files (PEs), PDF, Office files, archive files and more.

D-Cloud services – Provides a fast and scalable file reputation infrastructure in the cloud (AWS) adding a second layer of validation & protection. The service is optional and can be disabled by policy.

Script control – Protects against fileless attacks that are based on scripts, including PowerShell, JavaScript, VBScript, HTML applications and more.

Macro control – Using the D-Brain, identifies files containing embedded macros and determines whether the macro is malicious or benign.

ON-EXECUTION Behavioral analysis – Provides an additional layer of protection for extended coverage of file-less attacks by monitoring and preventing on-execution malicious behavior, including Ransomware, code injection and shellcode attacks .

POST EXECUTION: Response and RemediationRemediation – Once a problem has been identified, it is resolved using Deep Instinct's response and remediation features, including file quarantine, file restore, file delete, terminate process, infographic of the process chain and more.

Deep Classification – Determines the malware family type of PE (Portable Executable) files. After a PE file is scanned by the D-Brain and detected as malicious, the file is scanned again by the Deep Classification brain providing results in milliseconds. Our classification model categorizes the malware into 7 different types: Ransomware, Backdoor, Dropper, Virus, Worm, Spyware and PUA.

Scanning – Performs a full file scan during the initial installation to identify pre-existing malware and new threats on the device. Scheduled periodic scans can be implemented, as defined by the administrator.

Autonomous on-device protection detecting and preventing threats in real- time without requiring any supplemental analysis.

No action

Prevention

Deep Classification

New File

5WWW.deepinstinct.com | @2018 Deep Instinct. All Rights Reserved

Deep instinct For MSSPs

Deep Instinct™ Management

Monitoring - Easy monitoring of the organization's security and deployment status.

Easily integrates to MSSPs SMTP and SIEM environments.

Group based Policy - Provides tools for configuring the organization's security policy. Manages different policies for groups or individual devices. Groups can be imported from the Active Directory tree, or pre-defined according to device name, OS version, D-Client version, IP range, tag, Tenant ID and more.

Intelligence - Provides an Advanced Threat Analysis feature that performs additional threat analysis for any malware file identified. Produces reports with a wide range of information for further analysis.

Logs and Reports - Provides advanced logging and reporting capabilities for security, deployment and threat analysis events. Integrates with lead SIEM products and SMTP servers for log forwarding.

Role Based Access Control - Ability to set different user roles to groups or individual users in the organization.

Simple Deployment and Registration Flow - Integrates with Windows deployment tools, such as SCCM or GPO. Upgrades directly from the management console. Does not require rebooting after installation or upgrade.

Flexible Licensing – Get bulks of licenses at the MSSP level and assign them as needed per tenant.

The management system uses a central cross-platform management and monitoring server, hosted in AWS for maximum scalability, manages all endpoints (desktop, server and mobile devices).

Multi-Tenancy - Provides MSSPs with the capabilities to manage all entities from the same instance and management console. It includes features to allow administrators and SOC teams to manage multi-MSP and multi-tenant environments. Using the Multi-Tenancy feature you can define a management instance per customer (tenant) that is fully segregated for the other tenants.

The regular Management Console allows the MSSP to manage multiple tenants. Each tenant has his own dedicated dashboard, policies, deployment monitor, and event management panel.

A new console, The MSP Hub, allows control over several MSPs and their relevant tenants

Integrator

MSP-1 MSP-2 MSP-3

Tenant 1.1

Tenant 1.2

Tenant 1.3

Tenant 2.1

Tenant 2.2

Tenant 3.1

Tenant 3.2

6WWW.deepinstinct.com | @2018 Deep Instinct. All Rights Reserved

Threat Analysis Report customer name 04/19/2018 - 05/19/2018

hightlightsintro

4 Ransomware attacks were detected and prevented

2 Spyware were detected and prevented

3 Worms were detected and prevented

Deep Instinct™ provides real-time detection and prevention of

malware, zero-day threats and advanced persistent threat (APT)

for endpoints and mobile devices. The proactive protection

provides unprecedented accuracy in detection and real-time

prevention, protecting the organization’s entire assets from

any threat (known and unknown). This threat analysis report

provides analysis for the events occurred during the dates

04/19/2018 - 05/19/2018.04/19/2018 - 05/19/2018.

27

3 3

15

Very High High LowModerate

Unique

Prevented

Unique

74

Open44

25

48 Unique

Open

0

25

Executive Summary

Top Risks devices

Top Risks Users

ADRMS2012 LAP-PC SM-T533 SM-T533LAP-PC

35 113541 11

adam.m john.d bill.k john.dadam.m

35 113541 11

Events Threat Severity File Events Script Events

1

Deep instinct For MSSPs

Deep Instinct™ Technical Support

Deep Instinct’s Technical Services Organization will handle any technical issue you may encounter– missing knowledge on how to use the product, errors or issues encountered by using the product, etc. as well as additional services to ensure high level of customer success using Deep Instinct from the get-go and throughout the lifecycle.

Standard Support Premium Support

Hot Fixes

New Versions

Unlimited Support

Support Availability Business Days: 9 x 5 All Days: 24 x 7

First time ResponseCritical: 2 HoursHigh: Next-Business-DayOther: Next-Business-Day

Critical: 30 MinutesHigh: 4 HoursOther: 8 Hours

Work on Fix Business Days Continuous

Follow-up FrequencyCritical: DailyHigh: DailyOther: twice a week

Critical: Every 8 HoursHigh: DailyOther: twice a week

Periodic ReportPeriodic Report of Threat Analysis findings at your customer’s environment – statistics, events, analysis of malicious files etc. (you can provide your customers quarterly to show the value)

Sample Periodic Threat AnalysisReport:

Threat Analysis Report customer name 04/19/2018 - 05/19/2018 event analysis

53

Files that were tagged mistakenly as malicious.

It is recommended to whitelist prevention or detection events.

Files that were recovered by the D-Cloud file reputation.

No action should be taken.

Not Available. Files that were not available for Deep Instinct’s analysis.

For further analysis recommendations, it is recommended to share the files with Deep Instinct.

Legitimate tools in its nature that are already installed in the victim’s environment, or admin, forensic or system tools

that are usually used by network administrators. Those tools can be abused maliciously.

It is recommended to keep prevention events as prevented and to blacklist any detection events as long as it

does not harm organizational functionalities.

Potentially Unwanted Application.

Any software that can compromise privacy, weaken the computer’s security, deceive the victim into scams or being used

to gain money by using ads. Legitimate software often bundle such unwanted applications with their original software to

gain money, and may not provide a clear option to not installing it.

It is recommended to keep prevention events as prevented and to blacklist any detection events as long as it

does not harm organizational functionalities.

Malicious software.

Any file/software created to disrupt a computer, gather sensitive information, or gain access to private data.

It is recommended to keep prevention events as prevented, and to blacklist any detection events.

PUA

Admin tool

False Positive

D-Cloud verified

n/a

Malware

2

False Positive

N/A

2014 14

4

17

D-Cloud verified

Admin ToolPUA

Malware

Ransom software. Malware that locks the usage of the computer, by encryption of files, locker screen or by damaging the hard disk.

Spying software. Malware that gathers information from the end user, such as passwords, keystrokes or cookies.

Malware that opens an access for an attacker to send additional commands (manually, or automatically as part of a bot/botnet system).

Ransomware

Spyware

Backdoor

Malware that has infection capabilities of other files in local the computer, to get persistence.Virus

A piece of malware that is usually the initial part of an attack, and then downloads the next stages.

Malware that has propagation capabilities. It tries to spread out to other computers using various methods, such as brute forcing

passwords, exploiting vulnerabilities in network protocols or sending an email to mailing lists.Worm

Dropper

Ransomware

Spyware

Backdoor

Virus

Worm

Dropper

25

30

20

10

8

7

Threat Analysis Report customer name 04/19/2018 - 05/19/2018 event analysis

3

PE

15

35

30

40

25

30

15

35

30

40

25

Mach-O

Office

Macros

PDF

rtf

SWF

TIFF

Fonts

JAR

Archive

7WWW.deepinstinct.com | @2018 Deep Instinct. All Rights Reserved

Deep instinct For MSSPs

Summary: Deep Instinct Differentiators

The Deep Learning neural network “Brain“

• Proprietary DL framework

• Raw data, 100% data

• Autonomous, no cyber expert is required

• Non-linear model: correlatioN and context within the data

Omni-cybersecurity platform

• Any file type; Any major OS

• Any endpoint, server and mobile device

• Against any file / fileless-based attack

• Full protection: Prevent, detect & response

• Unique malware classification

• On-prem or cloud native by design

Autonomous on-device prevention

• Lightweight: