• Endpoint Detection and Response (EDR)

  • Dynamic Deception System (DDS), a Platform of Traps

  • Advanced Activities Monitoring (AAM), combining Advanced Controls of Users, Data and Devices.


“Unique and powerful capabilities for detailed data collection, monitoring, control, yara memory search, forensics, incident response, and detection”

  • Contextualized Data
  • Low Overhead
  • Open Platform

Deception Demo video:


Veramine, highly specialized in building cybersecurity endpoint products, have been awarded contracts worth multi-million USDs from

  • U.S. Department of Homeland Security (DHS), also recommended by DHS as a platform for financial and banking sector customers
  • U.S. Department of Defense (DOD)
  • U.S. Airforce
  • ANZ, a top-3 bank in Australia, will cover their 100 000 hosts worldwide
  • Singapore Ministry of Defense
  • And other important customers…


  1. Data Collection

    – Data Quality: Wide Variety. Relevance. Detailed. Structured. Real Time. Small Traffic.
    The collection of all security-related activities, especially System Security and SMB data, is
    probably only offered by Veramine: Process, Registry, System Security, Network, User, SMB, Binaries…
    – Flexible collection policies: The admin can select what data to collect. Adaptive filter: When sensor determines that a high-volume event is irrelevant for security, it does not send it to server. This can filter out TB’s of traffic being sent by sensor and processed by server.

  2. Detection

    – Aim to detect all attack tactics and techniques in, the Attack Dictionary.
    – More collected data types allow more data analysis algorithms, combining rule-based and machine learning, resulting in better Detection. Examples: SMB data allows detecting Lateral Movement and Insider Threat; Precise Elevation of Privilege (EOP) detection by collecting security tokens; Lsass process open allows detecting credentials and passwords dumping (Mimikatz); Command arguments allow detecting Malicious Powershell Fileless intrusion..

  3.  Incident Response

    – Yara Search on Memory and Filesis Unique of Veramine. Memory dumps are at fingertips. All collected data is searchable using very flexible logical expressions. All executable binaries are collected for forensics.
    – Veramine have most Response Actions, from Binaries, Users, Hosts to Processes. E.g. Network Quarantine, Process Suspend/Terminate, User Disable/Disconnect, Host Sleep/Shutdown/Restart, Binary Block, Scan with Virus Total…

  4. Deception

    – An Active Defense approach, whereas most existing approaches are Passive Defense. Platform of Traps, put along the kill chain, to cheat, detect and prevent intrusions. Capable of making every computer (physical or VM) a honeypot, in IT Systems. Uniquely offered by Veramine.
    – Deceptive services, processes, files, mutexes, events, listeners, credentials, shares, registries. Track intruders’ activities, and limit things they can do, with the traps. E.g. WannaCry checks a mutex to decide if a system is already infected. We can set such a deceptive mutex.

  5. Performance

    – Veramine sensors on average take less than 1% CPU and 20 MB RAM. On average, per host, network traffic is less than 30 MB per day. It can be further tuned using the collection policies. Quite easy deployment to the whole IT network in various ways such as AD, SCCM or psexec.


  • Singapore: Ms. Lily Le, Founder |  Whatsapp: +65 9042 9368 | Email:
  • Vietnam: Mr. Phuc Nguyen, CEO | Whatsapp: +84 938 201 102 | Email:


Veramine Incorporation, based in Seattle US, were found from the Microsoft Response Center (MSRC) engineering team, in charge of incident responses, patching and updates for all Microsoft products, and were responsible for security testing of Microsoft’s most important products such as Windows, Office, Azure, Xbox…The founding team’s expertise and capabilities in dealing with most sophisticated cyber attacks explain why Veramine can build powerful cybersecurity products to protect IT Systems. Veramine founders are authors of best rated books ( and invited speakers at most respected venues in cybersecurity (Black Hat, Chaos Computer Club (CCC), ReCon, NATO Cyber Defense, RSA,

Mr. Lan Nguyen is Vietnamese co-founder of Veramine Inc and Ph.D of Cyber Security.

As one of top 100 Vietnamese Young Talented Representatives who made us to be proud of his working. Here is some photos that he is invited to join government events and TV shows to share about Cyber Security. And some articles in Vietnamese about him and Veramine.