True Proactive Endpoint Defense

An innovative solution of the NG EDR (Next Generation Endpoint Detection and Response) type.

ROMAD ensures reliable and proactive protection against any malware.

The main advantage is that ROMAD is capable of detecting and removing new malware which has not got into research labs of the traditional AVs and for which respective signatures have not been written yet.

ROMAD is a unique and innovative approach to detecting and responding to threats caused by malware.

Decisions based on static files attributes or signatures appeared to be ineffective. Developing new, more complicated algorithms bottomed on static analysis looks unpromising.

Our team had spent 5 years researching and developing, 4 out of which were exclusively self-funding works in scientific investigations (total investments make up around $5 million).

The main aim of the research was to develop a brand-new approach to malware detection based on real-time malware behavioral characteristics analysis.

The result of our research and development is a fully functioning product, made in Ukraine, which is undergoing certification at the State Service of Special Communication and Information Protection of Ukraine.

Licensing and copyright protection is proved by the US patent (US2014 / 0237596 A1) and the EU patent (EP 2 767 923 A3).

ROMAD Malware Genetics ™ is a saltation in preventing and detecting threats!

Our mission and vision:
to remove malware as we know it in the global scale

ROMAD was designed to reach the main goal: to actively frustrate criminal economic models, that lead to wide malware spread, by doing it legally, securely and without additional overheads for end users or security groups.

Traditional antiviral decisions have to (due to fundamental architectural features which cannot be changed because of the commercial and organizational reasons) track down separate strains of malware. There are hundreds of millions of them:

Cumulative quantity of the malware strains


However, sectoral studies show that more than 80% of the new strains out of 140 million being created each year can be tracked down to less than 50 main malware families.

Thanks to the Malware Genetics ™ idea ROMAD can efficiently detect the whole malware families instead of tracking each separate strain created on the basis of one or another family.

Unique, US and EU patented technology ROMAD describes genetic features of the whole malware families allowing our products to effectively and proactively detect and block all the strains of malware already existing and the most importantly the strains, which are going to be created in the future based on the family once described in ROMAD  Malware Genetics ™.

Creating the entire malware family is very complicated and expensive. On the other hand, developing derivative strains, the basis for fraudulent models monetizing, is quite cheap. This is a notorious and widespread practice in the world of cybercrime.

ROMAD troubles the basis of monetization and complicates the returns from the criminal investments into creating new malware families.

ROMAD makes “bad guys” come back to the beginning of their “food chain” – to creating new malware families, which is an expensive, long-term and complicated component of the cyber-criminal economic system.

Regardless of lengthy profile studies, resource-intensive legal procedures and bureaucratic mechanisms of law enforcement, ROMAD attacks the very essence of the business model of creating and applying malicious software. All that the user is required to do is simply to install the ROMAD product.

ROMAD is being actively sold on Ukrainian and Malaysian markets at the moment.

ROMAD is 100% protection from existing and upcoming malware

Next Generation EDR

Traditional AV
(Legacy AV)

Reliable protection from already existing malware and from those that will be created in the future:

100% protection from the malware of the same family thanks to the Malware Genetic ™ module.

100% protection is not possible, since static signatures must be developed for each strain of malware even within the same family.

Signatures for future strains will be developed in the future.

Always ahead because the genetic sequences of the Malware Genetic ™ module are unfavorable to the threat of " time-to-detect gap" (the time between actual invasion and its detection)

In its nature, it is vulnerable to the threat of "time-to-detect gap" because it takes time to generate and distribute a static signature to the users’ end points (devices).

Low rates of false positives thanks to dynamic multilevel trust model

Prone to frequent false positives

It does not require user’s interference  thus excluding an error-prone human factor.

Requires constant interaction with the end user or administrator. Staff training can be complex and expensive.

Excellent performance thanks to dynamic multilevel trust modulus.

Scanning files requires significant memory and processor resources.

Perfect for Windows servers.

Often critically lowers Windows-server productivity.

ROMAD Analyzer

ROMAD Analyzer is aimed at detecting rootkits developed for Windows user mode. It is compatible with Windows 7, 8, 10. We have put a lot of efforts to minimize the possibility of false positive. If ROMAD Analyzer informs you about a hidden or injected module in your OS, you can be sure in it.


Product special features


We know the state of each module in the system: normal, hidden (absent in PEB) or infected. This is a widespread technique for “man-in-the-browser” attacks.

Deep threats’ analysis 

We detect IAT / EAT / inline hooks and track them to the end point. We are not going to disturb you with trivial nop/nt3 or something like .extjmp / gs-cookie false.

Real-time analysis 

ROMAD Analyzer is intended for fast operation. ROMAD Analyzer runs in the background to monitor the OS in real-time with insignificant loss in performance.