June Product of the Month: Symantec ATP
By Keith Millett | May 31, 2016 | Product of the Month
Uncover Advanced Threats Across Endpoints, Networks, and Email Gateways
Email remains a very popular and effective mechanism for advanced attacks to enter organizations. Attackers target chosen victims through email by attaching malicious files or embedding links to attacker-controlled websites. Five out of every six large companies were targeted with email-based spear phishing attacks in 2014, a 40% increase over the previous year. Small and medium-sized businesses also experienced an uptick in such attacks, seeing increases of 26 percent and 30 percent respectively.
Symantec Advanced Threat Protection (ATP) combines global telemetry from one of the world’s largest cyber intelligence networks with local customer context across endpoints, networks, and email to uncover attacks that would otherwise evade detection.
Quickly search for any attack artifact across your infrastructure- all with the single click of a button. And, if you discover a suspicious file in your environment, you can easily retrieve it from any endpoint for further analysis.
ATP Endpoint: With Symantec Advanced Threat Protection: Endpoint, a security analyst can see all of the endpoint attack components in one place- how a threat entered the organization, a list of machines that have the threat, what new files the threat created, what files it downloaded, etc. Analysts can also hunt for any Indicators-of-Compromise by searching every endpoint in the organization.
ATP Network: Symantec Advanced Threat Protection: Network is a new solution, available in either hardware appliance or virtual machine (VM) form factor, which uncovers and prioritizes advanced attacks entering the organization through the network. The product automatically sends all suspicious files to the new Symantec Cynic sandboxing system for rapid detection of even the most complex and stealthy attacks.
ATP Email: Symantec Advanced Threat Protection: Email uncovers advanced attacks entering your organization through email by adding unique targeted attack identification and Symantec Cynic sandbox detection capabilities to existing installations of Symantec Email Security.cloud. In addition, you’ll receive detailed information from Symantec analysts about new or unknown malware entering your organization through email.