Symantec announced Symantec Managed Security Services -Advanced Threat Protection and Symantec Advanced Threat Protection Solution, which correlate alerts and intelligence across a range of security technologies to deliver more comprehensive attack prevention.
The company’s new ATP efforts will be informed by what Symantec has learned about advanced threats though it’s existing endpoint solutions that protect a base of 200 million endpoints, and from its current email and web security solutions that review over 8.4 billion email messages and 1.7 billion web requests a day.
“To successfully defend against the types of targeted attacks we are seeing today, you need to expand the focus from prevention to detection and response,” said Brian Dye, Senior Vice President of Symantec Information Security. “Network security alone is not going to solve the problem. Adversaries are targeting all control points from the gateway to email to the endpoint. Organizations need security across these control points working together, with incident response capabilities and global information intelligence, to beat the bad guys. Symantec is bringing that powerful arsenal to market.”
Available in June of 2014, the next piece in Symantec’s ATP approach is Symantec Managed Security Services -Advanced Threat Protection (MSS-ATP), a managed service that reduces the time it takes to detect, prioritize and respond to security incidents by producing integration between its endpoint security and third-party network security vendors’ products.
Symantec’s Advanced Threat Protection Alliance is an ecosystem of network security partners that currently includes Check Point Software Technologies, Palo Alto Networks and Sourcefire (now part of Cisco). Through this ecosystem, the detection and correlation of malicious network and endpoint activity helps substantially reduce false alerts by pinpointing the important incidents.
Within the next six months, Symantec will introduce two key services. The first is Incident Response service, providing customers with immediate access to critical capabilities, knowledge and skill sets during incident response scenarios. The second is Intelligence service, providing threat visibility and analytics that create insights into risks to key cyber assets through portal, data feed and service-based intelligence offering, as well as Managed Adversary information that delivers advanced reports on threat factors into the types of attacks that may target an organization. Tying it all together, Symantec will bring to market a new Advanced Threat Protection Solution, which is scheduled to be in beta testing within six months and generally available within the next 12 months.