The 2022 ATT&CK Evaluations for Managed Services Call for Participation is now open. Click here to learn how to participate.
Home  >  Enterprise  >  Participants  >  Ahnlab  > Carbanak+FIN7 Configuration


Ahnlab Configuration

The following product description and configuration information was provided by the vendor and has been included in its unedited form. Any MITRE Engenuity comments are included in italics.


Product Version

  • AhnLab EDR 1.0

Product Description

AhnLab EDR is an endpoint detection and response solution that provides actionable insights and holistic visibility for enhanced response. AhnLab EDR is an Endpoint Detection and Response (EDR) solution that continuously monitors endpoints for comprehensive threat detection, analysis, and response.

New and unknown malware, including ransomware, and malware variants are intensifying at an alarming pace - but organizations do not have adequate response measures in place and rely on traditional endpoint security measures. To mitigate the risks and strengthen your resiliency in security incidents, EDR technology is necessary. AhnLab EDR provides a total process of information detection, analysis, response, and prediction at endpoints. The response process enables holistic visibility into threats with continuous monitoring and recording of every activity in endpoints, analyzing the flow and enabling stronger response.

Product Configuration

  • The protection feature of TS Engine in the EDR product was turned off for detection test.
  • The auto updating for rules was turned off.