Symantec – Advanced Threat Protection

Cyber Security for London

Advanced Threat Protection (ATP) Webinar

Join us for an informative 60 minute WebEx and discover how Symantec Advanced Threat Protection combines global telemetry, and cloud based analytics from one of the world’s largest cyber intelligence networks (the largest non-state military) with local customer context across endpoints, networks and email, to uncover attacks that would otherwise evade detection.

The Symantec Advanced Threat Protection solution combines two new technologies developed by Symantec to detect advanced threats.

  • Symantec-Cynic: A cloud hosted detonation engine, that process any unknown file through a series of user and production simulation scenarios to detect malicious activity.
  • Symantec Synapse: Cloud based event collection of threat activity across Customer control points (endpoint, network and email). Providing simplicity to the complex task of threat visibility and risk comprehension.

These combined technologies work automatically in harmony, to provide better prevention, accurate detection, faster response and lower operating expenditure.

What is an advanced threat?

An advanced threat is the type of cyber attack that bypasses traditional security technology and network defences, examples include:

  • Zero-day malware: these are the type of Virus or Trojan that as yet has not been analysed or added to the detection library, or one that uses methods of stealth to bypass behaviour detection.
  • Clandestine Trojans: such as Crypto-locker and variants, that masquerade their true intentions. Seemingly harmless or even useful when in reality they pose risks to confidentiality and system productivity.
  • Targeted emails scams: these entice staff to open or download dangerous attachments that once in the network are controlled and accessed by criminals to compromise data – stealing banking credentials for example.

Who needs ATP?

  • Businesses who are struggling to deal with escalating threats and zero-day attacks.
  • Companies that have multiple security solutions in place, but are drowning in alerts and events.
  • Organisations considering a next generation firewall or sandboxing solution.
  • Symantec Endpoint Protection (SEP) customers that want to take advantage of the full functionality of ATP without having to install an additional agent.
  • Organisations who don’t use Symantec, and are looking at another level of defence that does not add any more complexity or resources to their network defence.
  • Organisations that need a better way to correlate all the data from the external and internal threat intelligence, so they can identify and address their most severe incidents before it’s too late.

Why now?

  • Organisations are not stopping attacks, but rather mopping up the consequences, its now time to mitigate quicker.
  • With a growing number of attack vectors, systems adversaries, and targets, it’s impossible to block every threat before it reaches a network.
  • When breaches do occur, most organisations are unable to detect them or respond in a timely manner.
  • 66% of breaches go undetected for more than 30 days (Verizon Breach Report).
  • On average data breaches are detected 243 days after they happen (Ponemon).
  • The average data breach takes four months to remediate (Mandiant ATP 1 Report).
  • Most organisations are unable to connect external threat intelligence to what’s happening in their environment in a meaningful manner.