Blue Coat Systems introduced the Blue Coat Content Analysis System with malware analysis to automate advanced threat protection at the Internet gateway. The Content Analysis System blocks known threats, as well as detects and analyzes both zero-day and advanced malware, sharing new threat intelligence to continually fortify the network. This allows organizations to bridge the gap between the day-to-day security operations team and the advanced security team that is focused on incident containment and resolution.
“Businesses need a systematic approach, to protect their networks from advanced targeted attacks and zero-day malware, aligning security teams on the right strategy, process and action to block the threats they can, detect the ones they can’t and respond to the ones that are already on the network,” said Ambarish Deshpande, Managing Director at Blue Coat Systems.
Today, enterprises are forced to use ad hoc malware analysis or sandboxing solutions that operate in a silo and cannot share the threat intelligence required to bridge the gap between blocking known threats and detecting and analyzing unknown threats or advanced malware. This gap is made worse because existing technologies fail to help security operations teams maneuver through the stages of the advanced threat lifecycle. The Blue Coat Content Analysis System addresses this gap.
Together, these technologies deliver the following benefits for businesses:
Sandboxing: Powered by Norman Shark, a Blue Coat Business Assurance Technology partner, the Blue Coat malware analysis technology available as an appliance today and on-box and via the cloud in the future.
Malware Analysis Orchestration: The Blue Coat Content Analysis System acts as a broker for multiple sandboxing or malware analysis instances, simultaneously sending unknown or suspicious files to both the Blue Coat sandbox as well as third-party sandboxes.
Threat Intelligence Feedback Loop:New intelligence from the analysis of advanced or unknown malware is shared with Blue Coat ProxySG appliances to automate blocking of newly identified threats at the gateway for a more scalable defense.