[00:00:02.870]
Hi, I’m Alessandro Prest, CTO at VISUA. We are the Visual-AI people delivering enterprise grade computer vision solutions for a wide range of use cases and chosen by some of the world’s leading companies.
[00:00:15.090]
We were recently drawn into the world of cybersecurity because of the exponentially growing challenge in phishing, brand spoofing and the weaponization of graphics.
[00:00:24.990]
These graphical attack vectors have a dual purpose; to confuse and build trust in victims receiving them, and also to actively evade detection by the platforms seeking to block them. And they are working.
[00:00:39.130]
This short video highlights how Visual-AI technology adds an essential layer to your platform, allowing you to block these threats.
[00:00:47.750]
Traditional programmatic analysis, whether signature or AI based, simply cannot detect these types of attacks, and that’s where Visual-AI steps in. That’s why VISUA developed the simple and effective solution that is now in the field and helping phishing detection platforms to detect and block more malicious attacks than previously possible.
[00:01:12.060]
It’s important to note that our visual threat hunting stack doesn’t replace what you already do, but it is an essential enhancement to your existing threat analysis because it adds visual telemetry via a range of critical visual signals. The end result is that you gain a more complete threat scoring mechanism that will allow you to catch malicious content that you would normally miss.
[00:01:38.100]
In other words, our Visual-AI can be integrated into your existing workflow quickly and easily via API. It can be deployed in the cloud or on-premise within your own network to avoid latency issues and maximize compliance. Importantly, our Visual-AI doesn’t require any blacklists or existing knowledge of threats, so it’s ideally suited to help identify zero day threats in both malicious emails and web pages.
[00:02:08.270]
So what does it do and why is it so effective? This is the crucial part we don’t apply our Visual-AI programmatically. In fact, we don’t look at any of the code related to the email or web page because that’s where bad actors plant their traps and place their disguises. Instead, we apply a three step process as follows.
[00:02:30.990]
One, the email or web page is fully rendered to a flattened image and sent to our engine.
[00:02:37.890]
Two, the image is processed and the various potential risks are flagged.
[00:02:43.350]
Three, the results are collated and sent back to your threat analysis triage engine for final threat scoring.
[00:02:51.180]
This three step process is so effective because we see what the bad actor wants the victim to see, which means all their trickery is laid bare and fully visible, but it works at machine speed so we can handle massive volumes without causing a bottleneck.
[00:03:08.340]
But the effectiveness of our visual threat hunting is also thanks to a precise combination and configuration of specific technologies as follows.
[00:03:18.290]
Firstly, our logo detection module allows us to detect the broadest range of brand spoofing attempts thanks to having the only unlimited and largest library of brands in the industry. But as bad actors evolved to use less well known brands, our logo detection allows you to respond immediately thanks to our instant logo learning capabilities.
[00:03:42.930]
This means you can detect any logo including all variants plus skewed, distorted and modified versions of a logo. But importantly it can also detect icons and marks so it can see favicons and padlock symbols as well as safety badges.
[00:03:59.150]
We apply our object detection to identify key elements that could pose a risk like forms, buttons and links. This is important because these elements are being converted into graphics, which can’t be seen and interpreted programmatically. One of the more recent additions is the detection of QR codes, which pose a particular risk to mobile users.
[00:04:21.590]
Next, our text detection module analyzes the text looking for words and phrases determined to pose a potential risk. Take this case as an example where the bad actor has a word with random letters which are stripped using JavaScript during browser rendering. You don’t see the word ‘payment’ but we do. Finally, our visual search module compares the rendered email or web page with known good and bad images in our library. This allows us to flag pixel-perfect and close match copies of the most popular login pages, payment pages et cetera.
[00:05:00.190]
So, if you’re challenged by brand, spoofing and graphical attack vectors and are currently investigating computer vision as a potential solution, then I invite you to test ours. You’ll discover that our built-for-purpose visual threat detection is the only one that can deliver the accuracy required and handle any scale. Thanks for watching.
VIDEOS 
