By Keith Millett | Sep 10, 2015 | Blog
WatchGuard’s APT Blocker is a good example of how full system emulation can protect organizations against APTs (Advanced Persistent Threats). It’s a security service that can be added to any of WatchGuard’s Unified Threat Management (UTM) and Next Generation Firewall (NGFW) appliances.
Leveraging technology from global breach detection provider Lastline, the company behind the Anubis tool used by researchers to analyze files for potential malware, APT Blocker works by fingerprinting computer files and checking them against an existing database on a WatchGuard appliance.
If it encounters an unknown file, it will analyze the file using a system emulator on the cloud that looks out for malicious activities and evasion techniques that other sandboxes may miss.
While malware programs are immediately blocked at the firewall, a file that poses a zero day threat may pass through while analysis is taking place in the cloud. In such cases, the WatchGuard system can immediately alert IT managers that a suspected piece of malware is lurking somewhere on the network.
For a full write-up on WatchGuard’s APT Blocker, CLICK HERE
You can get a free 30-day APT Blocker trial on all WatchGuard UTM and NGFW appliances. The service is fully integrated with WatchGuard Dimension, the award-winning security intelligence and visibility solution that comes free with all WatchGuard security appliances.
For your free 30-day APT Blocker trial or for more information, please contact CTI today at email@example.com or call 800.606.6060