With our constant internet usage and plethora of devices, there is more information being generated and shared online than ever before. As a result, the focus of cybercriminals has shifted and antivirus is no longer enough to protect against their sophisticated attacks. Symantec led the first era of security with antivirus, and it continues to be an important part of our portfolio, but the internet security landscape has changed a lot since then, and you must implement more than antivirus to meet the challenges of today’s threats.
AV software, which is used to prevent, detect and remove or disarm malicious computer programs and malware threats, is not sufficient protection on its own because it only protects against the bad software that we already know exists. Essentially, antivirus is only a reactive technology. We have to know about a threat to write a detection for it. So, although AV does a good job of catching new variants of existing threats, it doesn't catch everything. Moreover, it can get overwhelmed or worked around by a determined, skilled attacker. For instance, targeted attackers, who only need to attack a small pool of businesses, can simple test, revise and rewrite their malware until they know it will avoid AV detection.
Today’s security landscape requires proactive attack protection to supplement basic AV. Using just AV is like fighting with one arm tied behind your back. Symantec has had its eye on the landscape and added proactive protection technologies that go beyond antivirus several years ago.
Symantec Endpoint Protection already includes multiple layers of protection that help to protect you against existing threats, and also analyze suspicious files’ reputation, characteristics and behavior to determine if they are malware to stop new and unknown threats. The key for business and enterprise customers, however, is that you enable and deploy all of these security features, not just AV, in order to be protected from threats. All of these technologies are built into the standard product with nothing additional needed to purchase. Symantec Endpoint Protection is built on this multi-layered protection, including Symantec Insight and SONAR, and provides protection against new and unknown threats.
In addition to the proactive protection in Symantec Endpoint Protection, we recently announced a new set of Advanced Threat Protection (ATP) products and services that expand our capabilities from just protection to protection, detection and response. The first edition of this new offering is our Managed Security Services – Advanced Threat Protection which correlates threat information from endpoints with information from leading network security products from Cisco Sourcefire, Check Point Software and Palo Alto Networks to more quickly pinpoint the most important security incidents. Symantec will later release a new Advanced Threat Protection Solution which will correlates threat information from Symantec Endpoint Protection with Symantec’s email security and gateway security products to also help determine which security incidents to tackle first. Both of these solutions will allow organizations to achieve better overall protection and lower their security operating expense.
Though AV is not truly dead, it’s also not enough on its own. Antivirus is a baseline capability required for any protection product, but it’s just one piece that’s built into our broader arsenal of advanced protection technologies to keep you and your information safe. Looking ahead, we’re continuing to build more services and solutions with even more innovative technologies that can identify the threats that slip through, prioritize them and help to stop them to keep you and your information protected.