Symantec has introduced new solutions intended to help organizations defend themselves from targeted attacks at the gateway, on the endpoint and in the data center. The solutions are the Disarm technology in Symantec Messaging Gateway and Network Threat Protection in Symantec Endpoint Protection for Mac computers.
Nowadays, it’s not only large companies that are the target of sophisticated attacks. Even small-scale businesses which have fewer security protections are not spared from cybercriminals and threats which are growing and becoming more and more sophisticated. Targeted attacks on businesses with 250 employees are increasing by 18% while on organizations with workers numbering more than 2,501, the threats are growing by 50%.
Despite the increase in targeted attacks, organizations are failing to prevent them from happening. Citing the Horizon Breach report, Richard Velasco, Symantec’s Senior Technical Consultant for Asia South Region said that 66% of breaches or attacks remain undetected for more than a month and it will take four months for advanced threats to be remediated. It claimed that in a network, it takes 243 days before an advanced persistent threat to be detected.
Symantec’s Senior Technical Consultant for Asia South Region, Richard Velasco (left) and Technical Consultant for Philippines, Christina Tee.
“A key concern of Chief Information Security Officers (CISOs) and IT managers today is safeguarding their organizations against evolving targeted attacks which have since become an established part of the threat landscape. The new technologies, combined with Symantec’s comprehensive solution portfolio, are designed to protect organizations in the Philippines from threats at the gateway, on the endpoint and in the data center,” said Richard Velasco, Symantec’s Senior Technical Consultant for Asia South Region.
A new innovation by the Symantec Research Labs which uses a first-of-a-kind technique to protect organizations from targeted attacks, the Disarm technology is packed with enhanced features for Symantec Messaging Gateway 10.5. The technology works by detecting and removing potentially malicious content from many common email attachments, including Microsoft Office documents and Adobe PDFs. Instead of scanning the document, it essentially makes a digital harmless carbon copy of every incoming email document/attachment, delivering this copy to the recipient, rather than the original and potentially malicious content. This way, it removes any traces of infection before the document reaches the user.
Symantec Research claimed that 98% of attacks that exploit zero-day document vulnerabilities in 2013 would have blocked by Symantec’s Disarm technology. These are attacks that were entirely unknown and have likely evaded all traditional scanners, heuristics, emulators and even Virtual Execution (VX) solutions.
For endpoint protection, Symantec has developed its advanced Network Threat Protection technology for the Mac version of the Symantec Endpoint Protection 12.1.4. Symantec claimed that it is one of the firsts to develop a protection that allows a Mac user to safely remove threats.
The Network Threat Protection technology for Mac computers uses a patented, application-level, protocol-aware Intrusion Prevention System to identify and block not only known attacks, but also many unknown or day-zero attacks as well. This solution stops threats before they can implant on the system to keep data and endpoint devices such as laptops, notebooks, tablets and smartphones.
It is a protection against drive-by downloads, social engineering attacks, infection detection, social media attacks and unpatched vulnerabilities.
To protect the physical and virtual data center of an organization, Symantec comes up with a server lockdown solution called Symantec Critical System Protection (CSP). This protection technology allows known-legitimate activities on servers and blocks all other (anomalous) activities. As a security solution, CSP hardens and protects VMware infrastructure, protects domain controllers, addresses PCI compliance requirements to prevent leakage of credit card information, stops zero-day attack, and shields embedded systems like ATM.
