AQUILAI Ajax FAQs

BitRater Functionality

What does BitRater do?

BitRater stops malware attacks before they can do any damage to computers or servers. Using innovative whitelisting technologies, BitRater stops malware by effectively using automated whitelisting of files and processes. BitRater considers all processes (old and new) as potentially malicious EVERY TIME they start up and it performs a security check EVERY TIME before they are allowed to start on the endpoint.

How does BitRater work?

BitRater will block and stop ALL malicious software every single time the software is due to be run (and before it executes). BitRater uses intelligent whitelisting to block malware at the point of execution. Known good files are allowed and known bad are blocked. Any time BitRater sees an unknown process on the endpoint, this process is automatically uploaded to the BitRater Cloud Service where it gets analysed by >50 anti-malware engines, compared to extensive databases of benign and malicious processes and finally analysed by advanced tools, when validated the proccess is allowed. 

What types of Malware attacks does BitRater protect against?

BitRater is a new and innovative technology that protects against malware, viruses, spyware, ransome ware, hacking and more.

Is BitRater a traditional anti-virus solution?

No, it is not reactive and does not require constant update procedures with the latest known malware. BitRater does not require a complex ‘normal behaviour mode’ setup, nor a detailed ongoing maintenance regime to maintain policies. BitRater's sole purpose is to stop malicious code before it can start on the endpoint, with no False Positives and no exceptions. This is Intelligent Whitelisting – ALL processes are checked before execution on physical and virtual Enterprise Endpoints.

Which Operating Systems does BitRater protect?

From Windows Xp and Windows 2003 Server up to the latest versions.

In IOT context, what endpoint types does BitRater protect, e.g POS, ATMs, etc? 

Any device that incorporates Windows as it's internal operating system.

How does BitRater determine the intelligent Whitelist? 

BitRater best practise. The customer goes through a process of audit to establish the customised intelligent whitelist. This process is in five steps of trial install, collect result , analyse the environment, create the intelligent whitelist(s), and deploy across the Enterprise . In the analysis phase BitRater establishes a file profile using many different key identifiers. Other whitelisting products use file name, file location, Digital Signatures etc. to identify an Executable. These are unsafe. BitRater is whitelisting of files at the process level in windows based on the file hash values (SHA256) being compared with our inteligence, in combination with other analysis actions. Every file must be on the BitRater whitelist to start as a windows process. Executables, Dynamic Link Libraries and drivers are all whitelisted by BitRater.

If Malware penetrates a recognised safe process, e.g. svchost.exe, how does BitRater prevent it from running?

Because BitRater checks every file before it is allowed to run, any file that had been penetrated would be identified as different to the version on the whitelist (due to cross checking of SHA numbers and key identifiers) and will be blocked by BitRater when it attempts to run.

Does BitRater use a Global Namespace that provides a Master List in the cloud across all sources?

BitRater Cloud Service maintains a complete Master list of all trusted files verified from the Global sources of known malware and certified HASH files. Any application will consist of many file process, and BitRater verifies at the lowest file level rather than the application level, such as .DLLs, and .sys files. If the process is unknown or suspected of being malicious, it is automatically blocked from executing on the endpoint plus all other endpoints connected to the BitRater Cloud Service.

What does the user see when a File is blocked or suspect?

BitRater can be customised for visibility at the endpoint user level, where a pop up will appear. The admininstrator can get an automatic notification via the BitRater Management Server, regardless of endpoint settings.

Can a user add a file without approval?

Endpoint users can only add good files that pass the BitRater endpoint verification process. Where a file is unidentified or unknown at the endpoint level, it is referred to the BitRater Cloud verification process which will define it as good and cleared. This higher level verification process can be short if the file is known at a global level. In the case of a new malicious file it is blocked at the endpoint. 

How does BitRater quarantine a file that is on the list that is found to be suspect?

It is not quarantined as such, it is blocked before any execution and it will not be started. It will remain on the computer until deleted.

How does BitRater maintain Endpoints whitelist protection when off-line?

The endpoint operates off-line with the last known intelligent whitelist stored locally at the endpoint. When the endpoint comes back on-line it will automatically sync with the latest version of the intelligent whitelist.

How does BiRater ensure the approvals at the Endpoint and the BitRater system are synced and up to date?

The frequency of synchronisation is totally customisable, and the balance can be struck between system performance and risk management. The default is typically every hour.

How does BitRater resolve suspect or blocked Apps?

Each suspect file is subject to the BitRater verification process which has several layers of analysis both internal at BitRater and by external databases.

How does BitRater treat an unknown App that is legitimate to test and clear it?

The HASH value of the process is checked against the local database on the endpoint. If unknown on the endpoint, the HASH will be checked on the BitRater Management Server. If still unknown on the local server, the file will be uploaded to the BitRater Cloud Solution and checked against the online BitRater database and with HASH look-ups on many global databases.

What is the extent of BitRater protection for web browsers?

The BitRater verification process applies to the browser in that all file elements of the application being initiated by the browser are verified at launch by the BitRater control process. BitRater does not protect against browser memory attacks but will block any subsequent launch of malware processes. As it does not handle the memory tampering that anti-virus (AV) technology provides, this gives BitRater a unique partnering positioning with AV and a layered approach to enterprise endpoint security.

How does BitRater protect the company network where connected endpoints don’t have BitRater endpoint protection, e.g. customers.

Computers that are protected by BitRater cannot launch rogue or malicious processes due to the inherent nature of the product and the way it protects. They are no longer weak points in the company as they now cannot be used for spreading malware across the network.

Does BitRater use global and local whitelists?

Yes, the local endpoint will inherit from it's parent’ whitelists (even optional from the BitRater Intelligent cloud service).

How much System Resource is used by BitRater?

Users do not experience any delays as BitRater typically requires less than 1% CPU usage, as no regular file scanning is needed. BitRater does not require a complex "normal behaviour mode" setup, nor a detailed maintenance regime to maintain policies.

Do I still need to install a regular Anti-Virus software?

Yes, we recommend having a regular Anti-Virus product installed to protect the endpoint from memory tampering and to remove bad files from the endpoint. BitRater will block bad files from running but does not remove them. BitRater is also compatible with all known AV and software patching products(if online access).

Can a user change the local database on the endpoint?

No, the local database is protected with strong encryption.

Can I get BitRater for other devices?

No, not yet, but you can expect to see new  exciting security products from the BitRater Road Map which we would be happy to share with you.

Can I use USB memory sticks without any risk?

Yes, with BitRater you can use USB sticks without risk even without internet connection or access to your company infrastructure. In an offline mode we also have a process to protect the end-point. 

Can BitRater connect to SIEM solutions?

Yes, API customisation is possible for other in-house or COTS threat sharing platforms.

Does BitRater connect into Private or Public Cloud Services?

Yes, you can decide only to use an on premise service (customisation might be needed for special needs) or you can connect to BitRater Intelligent Cloud Services.

Who are BitRater's competitors?

The Cyber Security market has many players and there are so many variants. We would be happy to position Bitrater for you in comparison with other products you are evaluating.

Why is BitRater better than other whitelisting cyber security products?

BitRater tackles cyber breaches on endpoints in a more fundamental way, demanding less resource and giving higher protection. 

BitRater Support

What is the BitRater licensing model?

12 month contract, paid up front or monthly with 3 months notice : longer terms available.

How is the software deployed in an organisation?

The BitRater MSI-file can be deployed using standard software deployment tool. In Q2 2018 a new module will be avaible to deploy without a SCCM system (for small or medium sized organisations).

How is the Software being updated? Automatically?

Yes, automatically. The central BitRater Management Server automatically sends an update command to all endpoints to update themselves. Standalone BitRater installations update themselves using the BitRater Cloud Service.

Where can I download a trial of the software?

You can download BitRater client software from www.BitRater.biz/trial or by contacting your chosen reseller.

How can I test the BitRater software?

You can have a 30 day free trial period. If you wish to purchase BitRater after thefree trial period, please visit www.bitrater.biz/trial or contact your chosen reseller. We recommend you conduct your trial with a reseller to take full advantage of the trial .

How do I install the BitRater trial?

The installation of BitRater is automatic, just follow the instructions.

Can I purchase the software on-line?

No. To purchase BitRater you should contact your chosen reseller. 

How do I receive a licence key?

If you decide to purchase, a licence key can be obtained from your chosen reseller.