Symantec Advanced Threat Protection helps companies uncover, prioritize and remediate advanced threats across their control points – fast
Symantec has introduced Symantec Advanced Threat Protection (ATP), the first solution that can detect and remediate advanced threats across control points, from a single console with just a click, all with no new endpoint agents to deploy.
Advanced threats, such as ransomware, remote access trojans, advanced persistent threats (APTs) and zero day attacks, are on the rise and security professionals can no longer rely on using individual point products at each control point to stop them. The process of uncovering threat data across endpoint, network and email gateways is manual and time-consuming, which gives attackers an edge. Symantec ATP correlates suspicious activity across all control points and prioritizes the events that pose the most risk to an organization. Once a critical threat is identified, it can now be quickly contained and new instances can be blocked.
Symantec ATP allows customers to:
- Uncover a full range of threats from APTs to zero day attacks across endpoint, network and email, with cross-control point detection and environmental search
- Prioritize what matters most by correlating the threat intelligence from across local control points with all that Symantec sees globally through its massive telemetry
- Remediate the threats fast through containment of endpoints and blocking new instances across control points, with one click, from a single console
- Leverage existing investments in Symantec Endpoint Security and Email Security.cloud, without deploying any new endpoint agents
“Security professionals are constantly on their toes trying to monitor and prevent the next cyber-attack,” said Michael A. Brown, president and CEO, Symantec. “We’re moving the industry forward with Symantec Advanced Threat Protection by giving customers a complete picture of their entire enterprise from a single console. Now they can filter out the noise and quickly discover and remediate an attack.”
Reducing the noise for customers with Symantec ATP happens in a few ways. First, Symantec’s massive global threat intelligence combined with local customer data means companies have a more accurate view of which threats pose the greatest risk inside their infrastructure. Additionally, Symantec ATP includes Symantec Cynic, a new cloud-based sandboxing and payload detonation service to discover and prioritize today’s most advanced threats. It also includes Synapse, a cross-control point correlation capability that collects suspicious activity across endpoints, networks and email to prioritize those that are of greatest risk to the organization.
“Our new Synapse and Cynic technologies work together to provide up to 30 percent better detection than existing products out there,” said Victor Law, Regional Director, Systems Engineering, Product and Consulting Services, Enterprise Security, Greater China Region, Symantec. “Before, a security professional would need to manually check to see if a suspicious file was properly blocked. With our new technologies built into Symantec ATP, we do the legwork for customers, cutting down on their search and remediation time.”
“The average enterprise uses 75 distinct security products,” Law added. “That overload creates opportunity for attackers because it slows down detection. Symantec ATP allows security professionals to click once and remediate everywhere across all three control points.”
Symantec ATP enhances existing installations of SymantecTM Endpoint Protection and Email Security.cloud without requiring any new endpoint agents. This allows customers to deploy a new installation of Symantec ATP in under an hour and search for attacks in minutes. The product can also export its rich intelligence into third party security incident event managers (SIEMs). As Symantec ATP evolves, the company plans to open it up to third party technology partners, including firewall and other security product vendors, allowing customers to enhance the value of their existing investments.
- “Securing a large pan-European stock exchange is high stakes and our IPO in 2014 added an enormous degree of complexity to securing our data. As the world has seen, one technical glitch can rock the markets and cause financial, legal and reputational damage. Euronext turned to market-leader Symantec to secure its infrastructure and signed on to test an early version of Symantec’s Advanced Threat Protection. Already it’s providing greater visibility into what’s happening on Euronext’s endpoints; and doing it in a simpler, faster more efficient way. As a result, Euronext has prioritized and reduced the number of potential security incidents,” said Marc Green, Head of Threat and Vulnerability Management, Euronext.
- “In reality, going forward, improved prevention, detection, response and prediction capabilities are all needed to deal with all types of attacks, ‘advanced’ or not. Furthermore, these should not be viewed as siloed capabilities; rather, they should work intelligently together as an integrated, adaptive system to constitute a complete protection process for advanced threats.” (Source: Gartner, Designing an Adaptive Security Architecture for Protection From Advanced Attacks 12 February 2014, Gartner Foundational 19 November 2014)
- “As enterprises’ security estates become more complex, in response to a dynamic threat landscape, CISOs demand a platform that integrates and manages their security operations. Similarly, to address skills shortages, they need a mechanism that automates as much of their security operations as possible, and in particular detects and remediates threats quickly,” said Duncan Brown, Research Director, European Security Practice, IDC.
- “Our strategic relationship with Symantec has received a further boost with the addition of the Symantec Advanced Threat Protection. In this day and age of cyber threats, we firmly believe that ATP will significantly enhance customers’ defenses by embedding superior threat detection and remediation capabilities into their current security portfolio. By leveraging Wipro’s Enterprise Security Solutions’ expertise and Symantec’s strong technology prowess, we expect to considerably improve our customers’ confidence in their Cyber Protection and Risk Management strategy,” said Sheetal Mehta, VP & Global Head – Enterprise Security Solutions, Wipro.
- “In today’s dynamic world, enterprises, more than ever, are challenged by security requirements as the data resides in public, private and virtual environments. The reality of the BYOD phenomenon inside enterprises have made data risk management all the more critical,” said Kalyan Kumar, SVP & Chief Technologist, HCL Technologies. “In such a scenario, Symantec Advanced Threat Protection is a state-of –the-art solution that not only acts as an early warning system but allows customers to take full advantage of Symantec’s vast amounts of threat intelligence to help prioritize the incidents that aren’t caught by other point products across the enterprise IT environment. It’s exactly what our customers are looking for – a simple way to manage and prevent the next mega breach.”
Pricing and Availability
Symantec Advanced Threat Protection is available since the end of calendar year 2015.
Symantec Corporation is the global leader in cybersecurity. Operating one of the world’s largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives.
 Source: Miercom, Symantec Advanced Threat Protection: Network, April 2015. http://miercom.com/pdf/reports/20150218.pdf