What Is Symantec Insight™ and SONAR
Symantec Insight™ is a cloud-based security technology that identifies new, mutating threats as soon as they are created. It uses the file’s age, frequency, location, and anonymous telemetry data to look for rapidly changing encryption and mutating codes. Insight is able to detect threats rapidly and accurately.
Symantec Online Network for Advanced Response (SONAR) proactively detects new threats based on their behaviors. Enhancing detection for zero-day threats, it complements Insight by working together to monitor and stop previously unknown malware.
Symantec Insight™ and SONAR offer an intelligent and innovative security approach that can detect malware as soon as it appears. Powering Symantec Endpoint Protection 12, these technologies create the fastest and most effective endpoint protection security solution – built for both physical and virtual environments – to stop malware from compromising your network.
Why signature-based security is not enough for today’s organizations
Mutating malware
Due to vast improvements in technology and greater access to malware toolkits, malware is mutating rapidly, finding new ways to encroach on organizations’ security. Signature-based antivirus solutions are only as effective as their latest signature definitions. Hence organizations require a solution that can detect and block new malware almost as soon as it is created, based on age, security rating, and how they can be associated with threats.
Mutating malware
Due to vast improvements in technology and greater access to malware toolkits, malware is mutating rapidly, finding new ways to encroach on organizations’ security. Signature-based antivirus solutions are only as effective as their latest signature definitions. Hence organizations require a solution that can detect and block new malware almost as soon as it is created, based on age, security rating, and how they can be associated with threats.
- Distribution via social engineering: They induce unsuspecting employees to download or open links that appear to be from trusted partners or colleagues
- Customized attacks: They exploit security loopholes and tailor their tools, such as zero-day vulnerability exploits, viruses, worms and rootkits
- Long-term campaigns: They avoid detection by attacking slowly over long periods of time, remaining undetected as they continue towards their objective
- Focused and targeted: They’re aimed at organizations with valuable technology or intellectual property, targeting distinct individual systems instead of the “spray and pray” methods of phishing scams
- Higher aspirations: APT attackers are often well-funded, analyzing information to look for greater opportunities instead of simply selling that information quickly.
Check this Factsheet (as attached) on Symantec Insight™ and SONAR for more..