Symantec Corp. has introduced Symantec Advanced Threat Protection (ATP), a solution that can detect and remediate advanced threats across control points, from a single console with just a click, all with no new endpoint agents to deploy.
Advanced threats, such as ransomware, remote access trojans, advanced persistent threats (APTs) and zero day attacks, are on the rise and security professionals can no longer rely on using individual point products at each control point to stop them. The process of uncovering threat data across endpoint, network and email gateways is manual and time-consuming, which gives attackers an edge. Symantec ATP correlates suspicious activity across all control points and prioritizes the events that pose the most risk to an organization. Once a critical threat is identified, it can now be quickly contained and new instances can be blocked.
Symantec ATP allows customers to uncover a full range of threats from APTs to zero day attacks across endpoint, network and email, with cross-control point detection and environmental search.
The solution also prioritizes what matters most by correlating the threat intelligence from across local control points with all that Symantec sees globally through its massive telemetry.
Symantec ATP also remediates the threats fast through containment of endpoints and blocking new instances across control points, with one click, from a single console.
Users can leverage existing investments in Symantec Endpoint Security and Email Security cloud, without deploying any new endpoint agents, according to the company.
“Security professionals are constantly on their toes trying to monitor and prevent the next cyber-attack,” said Michael A. Brown, president and CEO, Symantec. “Symantec Advanced Threat Protection gives customers a complete picture of their entire enterprise from a single console. Now they can filter out the noise and quickly discover and remediate an attack.”
Reducing the noise for customers with Symantec ATP happens in a few ways. First, Symantec’s massive global threat intelligence combined with local customer data means companies have a more accurate view of which threats pose the greatest risk inside their infrastructure.
Additionally, Symantec ATP includes Symantec Cynic, a new cloud-based sandboxing and payload detonation service to discover and prioritize today’s most advanced threats. It also includes Synapse, a cross-control point correlation capability that collects suspicious activity across endpoints, networks and email to prioritize those that are of greatest risk to the organization.
“Our new Synapse and Cynic technologies work together to provide up to 30 percent better detection than existing products out there,” said Victor Law, Regional Director, Systems Engineering, Product and Consulting Services, Enterprise Security, Greater China Region, Symantec. “Before, a security professional would need to manually check to see if a suspicious file was properly blocked. With our new technologies built into Symantec ATP, we do the legwork for customers, cutting down on their search and remediation time.”
“The average enterprise uses 75 distinct security products,” Law added. “That overload creates opportunity for attackers because it slows down detection. Symantec ATP allows security professionals to click once and remediate everywhere across all three control points.”
Symantec ATP enhances existing installations of Symantec Endpoint Protection and Email Security.cloud without requiring any new endpoint agents. This allows customers to deploy a new installation of Symantec ATP in under an hour and search for attacks in minutes. The product can also export its rich intelligence into third party security incident event managers (SIEMs). As Symantec ATP evolves, the company plans to open it up to third party technology partners, including firewall and other security product vendors, allowing customers to enhance the value of their existing investments.