Symantec Content & Malware Analysis

Detect and block advanced threats that elude traditional analysis with multiple-layer inspection and customizable sandboxing

Download the Data Sheet View the Infographic

Analyze all content automatically to block advanced threats

Symantec Content Analysis automatically escalates and brokers zero-day threats for dynamic sandboxing and validation before sending content to users. Analyze unknown content from one central location. Leveraging Symantec ProxySG, this malware analyzer uses a unique multi-layer inspection and dual-sandboxing approach to reveal malicious behavior and expose zero-day threats, and safely detonate suspicious files and URLs.

Read the Solution Brief

Analyze all content automatically to block advanced threats

New Features in Content Analysis

Content Analysis delivers multi-layer file inspection to better protect your organization against known and unknown threats. Unknown or suspicious content from sources like ProxySG, Symantec Messaging Gateway or other tools is delivered to Content Analysis for deep inspection, interrogation, analysis and ultimately blocking, if deemed malicious. Recent enhancements to Content Analysis strengthens this platform even further. New features in recent releases include:

  • On-box our cloud sandboxing
  • Endpoint protection and response through integration with Symantec Endpoint Protection
  • Addition of Symantec Antivirus and Advanced Machine Learning to Content Analysis for even better detection

More details on the powerful new capabilities in recent releases:

Content Analysis 2.1 Content Analysis 2.2

Improve threat detection and sandboxing performance

Even with the benefit of expensive malware sandboxing technologies, incident response teams are inundated with alerts. Because they can’t tell what’s urgent and what’s not, they often ignore alarms, leaving your enterprise exposed to risk. Symantec Content Analysis delivers effective tools for malware analysis to ensure that only truly unknown content is brokered to sandboxes so incident response focuses on real threats, not false alarms.

  • Analyze all content before it is sent to the malware sandbox
  • Prefilter and block all malicious content
  • Use proxy inspection and dual malware detection engines
  • Centralize and consolidate sandboxes for cost savings for on-premise or cloud products.
  • Focus on real threats, not false alarms

Download the Data Sheet

Network to Endpoint Detection and Response

Content Analysis now delivers integration with Symantec Endpoint Protection (SEP) Manager to provide the network to endpoint visibility, analysis, blocking and remediation that is needed to protect your organization from today’s advanced threats.

  • Send Indicators of Compromise (IOC) to Symantec Endpoint Protection Manager
  • Validate network-borne threats at the endpoint
  • Inoculate all other endpoints
  • Begin swift response and remediation

See how easy integration is and how organization will benefit from bringing these two powerful network and endpoint technologies together.

Block malicious threats with flexible sandboxing

While many sandboxes are passive and can only report incoming threats, Symantec Malware Analysis – built into Content Analysis – coordinates with inline technologies, delivering real-time sandboxing, discovery, and protection before malware ever reaches a user. A powerful combination of of malware sandbox tools, including virtualization and emulation captures more malicious behavior across a wider range of custom environments, including mobile, than typical single-method sandboxes.

  • Customize sandbox profiles to represent your ‘gold’ images
  • Create custom behavioral patterns to detect unique IOCs
  • Detect malware that is crafted to avoid sandbox detection
  • Delay file delivery until analysis is complete
  • Mimic user activity so malware thinks it is being activated

Download the Data Sheet

Symantec Selected as the Top Leader in the Advanced Persistent Threat (APT) Protection - Market Quadrant 2017

The Radicati group views the Advanced Persistent Threat Protection market as a set of integrated solutions for the detection, prevention and possible remediation of zero-day threats and persistent malicious attacks. Symantec Content Analysis plays a critical role in Symantec’s being selected as the Top Leader in their 2017 report. Symantec achieved this high honor for several reasons, including:

  • Symantec’s market share leadership with enterprise customers
  • The variety of deployment options (on-prem, hybrid or cloud) we offer customers
  • Our fully-integrated portfolio across Symantec and third-party products and technologies
  • A keen focus on protection at endpoint, gateway, cloud and mobile
  • The massive Global Intelligence Network for unrivaled threat intelligence

Download the report

Related Products