MOUNTAIN VIEW, Calif., May 6, 2014: Symantec has announced an entirely new approach to advanced threat protection (ATP), unveiling a roadmap of integrated solutions that demonstrates the security innovation power that only it can deliver to help customers solve their most complex problems. This approach is fueled by two new offerings, Symantec Managed Security Services -Advanced Threat Protection and Symantec Advanced Threat Protection Solution, which correlate alerts and intelligence across a range of security technologies to deliver more comprehensive attack prevention. Symantec’s holistic methodology captures the benefits achieved when security technologies work together, transforming the complex fight against advanced threats into a manageable function that delivers stronger protection and more value to businesses.
Symantec’s innovative security technologies and global intelligence already provide strong advanced threat protection, and the company will build on this core heritage to develop defenses that protect as sophisticated attacks evolve. The company’s new ATP efforts will be informed by what Symantec has learned about advanced threats though its existing endpoint solutions that protect a base of 200 million endpoints, and from its current email and web security solutions that review over 8.4 billion email messages and 1.7 billion web requests a day.
“There is a significant need in the market for greater advanced threat protection, and many vendors do not have the holistic coverage or full-functionality needed to adequately detect and respond to targeted attacks,” said Jon Oltsik, senior principal analyst, Enterprise Security Group (ESG). “Symantec is well positioned to deliver an end-to-end advanced threat solution by building on the technologies it offers today, integrating across its portfolio, and delivering it as a service enhanced by an evolving partner ecosystem. By leveraging its global intelligence and building-in completely new incident response capabilities, Symantec can really address a multitude of enterprise cybersecurity requirements.”
Targeted attacks are rising, cybercriminals are more ruthless than ever, and the multifaceted equation required to protect against these threats has only become more difficult. While the promise of network security-based solutions as the answer to advanced threats gains increasing attention, IT departments are still left grappling with massive amounts of incidents, too many false positives and a laundry list of manual processes to be tackled without the staffing and skill sets needed to win, leaving organizations exposed and vulnerable.
Senior vice president of Symantec Information Security Brian Dye said, “To successfully defend against the types of targeted attacks we’re seeing today, you need to expand the focus from prevention to detection and response. Network security alone isn’t going to solve the problem. Adversaries are targeting all control points from the gateway to email to the endpoint. Organizations need security across these control points working together, with incident response capabilities and global information intelligence, to beat the bad guys. Symantec is bringing that powerful arsenal to market.”
Managed Service Solves Practical Detection and Response Challenges
Available in June of 2014, the next piece in Symantec’s ATP approach is Symantec Managed Security Services -Advanced Threat Protection (MSS-ATP), a managed service that significantly reduces the time it takes to detect, prioritize and respond to security incidents by producing integration between its endpoint security and third-party network security vendors’ products. This data enables customers to rapidly and effectively contain, investigate and remediate unknown and zero day attacks that evade traditional security solutions. By prioritizing real threats, IT organizations can reduce false positives and operating costs and ensure that they are protecting against the most significant vulnerabilities.
Symantec’s Advanced Threat Protection Alliance is an ecosystem of network security partners that currently includes Check Point Software Technologies, Palo Alto Networks and Sourcefire (now part of Cisco). Through this ecosystem, the detection and correlation of malicious network and endpoint activity helps substantially reduce false alerts by pinpointing the important incidents, empowering customers to respond faster to the most critical incidents.
“The Palo Alto Networks WildFire offering is a proven, highly effective cloud solution for detecting and preventing APTs threatening customer networks today,” said Chad Kinzelberg, senior vice president of Business and Corporate Development at Palo Alto Networks. “The integration of WildFire with Symantec’s next generation Managed Security Services, Security Intelligence and Endpoint Protection brings a powerful combination to defeat the most advanced cyber threats.”
Powerful Incident Response and Managed Adversary Services
Within the next six months, Symantec will introduce two key services. The first is an entirely new Incident Response service, providing customers with immediate access to critical capabilities, knowledge and skill sets during incident response scenarios. The second is a new Intelligence service, providing unmatched threat visibility and analytics that create insights into risks to key cyber assets through portal, data feed and service-based intelligence offering, as well as Managed Adversary information that delivers advanced reports on threat actors for unprecedented visibility into the types of attacks that may target an organization.
New Advanced Threat Protection Solution Integrates Across All Control Points
Tying it all together, Symantec will bring to market a new Advanced Threat Protection Solution, which is scheduled to be in beta testing within six months and generally available within the next 12 months. This innovative, end-to-end solution will deliver integrated advanced threat protection across the endpoint, email and gateway to provide customers with critical detection and response capabilities at each respective control point.
Two new, innovative, and organically developed technologies will bolster the solution’s detection and response capabilities. Symantec’s Dynamic Malware Analysis Service is a cloud-based sandbox environment where behavioral analysis of active content can be used to quickly maximize threat identification; and Synapse, which enables smooth communication between the endpoint, email and gateway to facilitate improved response.
Symantec ATP Leverages Breadth of Security Expertise and Global Intelligence
Symantec’s portfolio of integrated ATP solutions is powered by the Symantec Global Intelligence Network (GIN) and a team of more than 550 researchers around the world. Symantec’s GIN platform collects anonymous telemetry submitted from hundreds of millions of customers and sensors around the clock. Symantec uses this data – more than 3.7 trillion rows of security telemetry and growing – to automatically discover new attacks, monitor attacker networks, and develop predictive, proactive technologies that deliver unmatched advanced threat protection for our customers.