Cyber Security Solution - ZombieZERO Series(Pd No. : 3082462)

(Updated : Aug/23/2017)
product information
Model Nm ZombieZERO Series
HS CODE 852380
M.O.Q 1
Keywords APT, Malware, Ransomware, Hacking, Cyber security, Zombie PC
Seller ID npcore1


Advanced Persistent Threat (APT) is a new hacking technique used by cyber criminals to persistently attack target victims using various methods (e-mail, web, etc.) until their objectives are achieved. Ransomware: A type of malware that encrypts all images and document files on a PC and restricts access and requires money for decryption. Zombie ZERO is a new security solution designed to detect and defend against unknown APT and Ransomware attacks. It provides robust information security to prevent ransomware, data exfiltration and network damages. It is composed of the behavior-based defense product on Endpoint (EDR) and the packet analysis product based on behavior on Network (Inspector) and interworking with each other. So it minimizes the false positive rate and enables accurate judgment and prompt response, and detects/blocks malware that bypasses the network and infiltrates. It can be operated as a cloud type.

1) ZombieZERO EDR for APT

EDR (EndPoint Detection & Response) is a system that detects / responds to new / variant malware (APT, Ransomware) based on behavior on endpoint.

‘EDR for APT’ applies behavior-based engines to endpoints to detect / block / detect unknown malware in real-time without patterns, and responds to threats that bypass the virtual machine (SandBox) and infiltrate. 

※ ‘EDR for APT’ should be configured with ‘ZombieZERO Inspector’(HW or VA type; VA=Virtual Appliance) to operate. 

In the case of a PC with EDR for APT installed, if the executable is downloaded, the execution is stopped and the executable is sent to the Inspector at the IDC to be analyzed by the behavior-based technology of the virtual machine (SandBox) and only normal executable is executed based on Whitelist. This feature, called 'Execution Holding function', can respond to malware (including SSL, various APT and Ransomware) bypassing the SandBox without any victim file.

1) Holding off the execution of the executable downloaded from web on PC.

2) Transfering the file to the ZombieZERO Inspector [APT analysis equipment with virtual machine (SandBox)]. 

3) Inspector analyzes it. 

4) Only if it's normal file, it’s added to the Whitelist and executed on the PC.

2) ZombieZERO EDR for Ransomware

EDR for Ransomware is Ransomware-only product that pre-detects and blocks Ransomware based on behavior, and backup PC’s data to Central storage server to protect whole data of organization. 

※ EDR for Ransomware can be operated with ZombieZERO Manager (Central management server, Cloud type is available).

Ransomware Response Method 1) Detects the increase of malicious entropy

1)Detecting the increase of malicious entropy by classifying with Behavior Detection Category 

2)When higher figures of entropy appear, it judges the process as Ransomware.

3)Quarantining the process and transmitting the process pattern to ZombieZERO Manager

4)Sharing the pattern data with other EDR PCs to prevent infection

Ransomware Response Method 2) Unauthorized program

  - Detecting / blocking unauthorized program manipulates the files.

  - Installed on I/O driver level to prevent conflicts with other programs, so stable and minimizes PC's resource usage.

Data Backup Method (2 types) : A type that stores backup data in each local drive and B type that stores in the central storage server.

3) ZombieZERO SECaaS (Security as a Service)

Ransomware & APT response solution through EDR. Cloud version of EDR. 

This product specializes for telecom company due to the monthly fee billing system. 

Endpoints send the detected or blocked security log to the security server (ZombieZERO Manager) in IDC.

Case Study : We developed in cooperation with KT and are providing the services to SMEs in the form of SECaaS with the brand name 'KT securegate'. Central management is provided on the web. (Website : securegate.olleh.com / KT securegate is a cloud version of EDR for Ransomware.) 

4) ZombieZERO EDR for Server
ZombieZERO EDR for Server is installed on the server and blocks the execution of new/variant malwares in real time through the whitelist-based execution holding function. And it analyzes/detects known and unknown malwares through the central analyzer (ZombieZERO Inspector) to implement the system to run only secure files.



05. - Signed a distributor contract with BlueZebra in Thailand

01. - Registered at US Federal Procurement Vendor (SAM)


11. - Won the prize of Meritorious Enterprise for Information Security Industry Development by
Minister of Science, ICT and Future Planning
      - Won the prize of Excellent R&D Meritorious Enterprise by Seoul Mayor and SBA
10. Won the prize of ‘Fourth Export First Step’ by KITA
08. - Released ‘Virtual Appliance’ of ZombieZERO Inspector, SW ver. for APT and ransomware
      - Released ‘RansomZERO’, combines behavior-based and backup technologies in partnership with Innotium
      - Released ‘TERRACE MAIL SECURITY’, the APT Defense Solution for email in partnership with Daou Technology
03. Signed a distributor contract with TechLab Security in Malaysia
01. Signed a distributor contract with Phitech in Taiwan

2015. 12. Won the Excellence prize by at Creative Technology Award
11. Made the first export $73 thousand in Japan with the distributor Daou Japan
10. Established LLC. in Rockville, MD, US
03. Registered ‘APT INSPECTOR'(Two-Level APT Defense Solution) as trademark in Japan. (Domestic name : ‘Zombie ZERO’)
01. Signed a distributor contract with Daou Japan

2014. 11. Launched a Beta version of ‘ZombieZERO Personal’ in Korea and US
08. Established a branch office in Hanoi, Vietnam
06. Attracted $1.5M from JAFCO Investment ASIA
02. Established a local liaison office in San Jose, California, US

2013. 08. Obtained a GS certification with ‘ZombieZERO v2.0’ by TTA
03. APT Network Security Solution, ‘ZombieZERO Inspector v2.0’ CC Certification / IT Security
Certification Center of NIS
02. Registered a patent with ‘Abnormal traffic control device and method’ in Korea

2012. 12. Registered ZombieZERO and other 2 products as trademarks in Korea
10. Registered a patent with ‘LAN card system for server security’ in Korea
07. Obtained a Green Technology certification with NPU-based server platform by the Ministry of
Knowledge & Economy
06. Launched a performance enhanced and acceleration multi-core ‘SmartNIC’
05. Certified with ISO 90001:2008 (Quality Management System), ICR
02. Attracted $300,000 as a growth sharing by SBC / Certified as a InnoBiz

2011. 11. Registered in Korea ON-Line E-Procurement System
06. APT Endpoint Detection, Quarantine Solution ‘Zombie ZERO v2.0’ EAL2 Certification / IT Security
Certification Center of NIS
05. Registered a patent with ‘Zombie behavior blocking system and method’ in Korea
02. Registered a patent with ‘Network intrusion blocking system and method’ in Korea
2010. 08. Certified as a venture company
2009. 07. Established ‘NP R&D center’
2008. 11. Established NPCore 

NPCore is a professional company for APT and ransomware defense solution and provides network and
end-point security. NPCore established in 2008 for developing specialized malware detection/response
solutions in the anti-virus centric security market and has developed “Zombie ZERO” for the TWO-LEVEL
defense on APT attack and provided it to governments, financials, universities, enterprises. NPCore
established LLC and branch in U.S.A. and Vietnam in 2014 and had distributors in Japan, Indonesia,
Taiwan, Malaysia to broaden target market to Southeast Asia and US in the future. NPCore has achieved
an export to Japan, Malaysia and Vietnam since 2015. Based on this, we will be a global security
professional company that represents Korea.

Business model

APT Countermeasures, Information security solution    



1) Korea : KT, INFORMATION LINE, Hilineisp, netKTI, Irexnet, SOMANSA, DAOU Technology, WetoD, THEWINTECH, SysOne, NICSTECH, Secucen,
2) Overseas : DAOU Japan (Japan), Seraphim (Indonesia), Phitech (Taiwan), TechLab (Malaysia)
3) Vietnam : CMC Infosec, VNPT, ParalLine, VKX
4) USA : Spry, Aveshka, Spectrum, Identity Alliance

YouTube PLAY

Company Information

company information
Contact Person Han Seungchul
Company NPCore, Inc.
Address ISBizTower #1001, 1002
Homepage www.npcore.com , http://seller.buykorea.org/npcore--EC059773
Tel 15445317 Fax 024135317
Biz. Type Est. Year
Employees Annual Export USD 0~1 mn
Related Business Event List
Korea Service Market 2017 COEX B2 2017-10-23 ~ 2017-10-24
Korea ICT Expo in Japan 2017 2017-11-13 ~ 2017-11-15
IT convergence business week 2017-09-13 ~ 2017-09-15
GLOBAL MOBILE VISION 2017 2017-09-13 ~ 2017-09-15
GMV 2017 2017-09-13 ~ 2017-09-15
Innovation & Technology Partnering 2018 2018-04-19 ~ 2018-04-20
한-UAE 비즈니스 파트너십 2018-03-26 ~ 2018-03-26
한-베트남 비즈니스 파트너십 2018-03-22 ~ 2018-03-22
Go to the top of the page