What Is VectorN Detection Engine?

The VectorN Detection engine is a feature that searches for patterns within the blocks of Heimdal™'s DarkLayer Guard records. 

• It works across-the-board on any Windows™ device;
• It does not rely on scanning the code or auditing any system processes. Instead, the new technology uses Machine Learning Detection (MLD) to perform an in-depth analysis of all incoming and outgoing HTTP, HTTPS, and DNS traffic;
• It matches Machine Learning (MLD) insights with Indicators of compromise/attack (IOC/IOA) and network forensics, turning Heimdal™ Threat Prevention - Endpoint into a unique, proactive cybersecurity suite;
• It helps users discover even hidden, second-generation malware that tries to infect the endpoint or attempts to harvest data from the compromised system;
• By tracking device-to-infrastructure communication, this technology enables users to detect and block advanced malware, regardless of the attack vector.

Example: 

If Heimdal™ Threat Prevention - Endpoint 's Traffic Scanning is blocking a specific domain or multiple domains at a specific time of the day, VectorN Detection will consider this a pattern and will inform the user that there might be a possible threat. 

Patterns:

- A domain is blocked multiple times a day in a very short time period;

- A domain is blocked every day at a specific time;

- Multiple domains are blocked in a very short time period. 

NOTE!

When a pattern is found, that means something on the machine tries to reach the blocked domains but Heimdal™ Threat Prevention - Endpoint does not allow that. It's recommended to run the antivirus you have at your disposal, such as Heimdal™ Next-Gen Antivirus & MDM .