Symantec Content & Malware Analysis

Detect and block advanced threats that elude traditional analysis with multiple-layer inspection and customizable sandboxing

Download the Data Sheet View the Infographic

Analyze all content automatically to block advanced threats

Symantec Content Analysis automatically escalates and brokers zero-day threats for dynamic sandboxing and validation before sending content to users. Analyze unknown content from one central location. Leveraging Symantec ProxySG, this malware analyzer uses a unique multi-layer inspection and dual-sandboxing approach to reveal malicious behavior and expose zero-day threats, and safely detonate suspicious files and URLs.

Read the Solution Brief

Analyze all content automatically to block advanced threats

New Features in Content Analysis

Content Analysis delivers multi-layer file inspection to better protect your organization against known and unknown threats. Unknown or suspicious content from sources like ProxySG, Symantec Messaging Gateway or other tools is delivered to Content Analysis for deep inspection, interrogation, analysis and ultimately blocking, if deemed malicious. Recent enhancements to Content Analysis strengthens this platform even further. New features in recent releases include:

  • On-box or cloud sandboxing
  • Endpoint protection and response through integration with Symantec Endpoint Protection
  • Addition of Symantec Antivirus and Advanced Machine Learning to Content Analysis for even better detection

More details on the powerful new capabilities in recent releases:

Content Analysis 2.1 Content Analysis 2.2

Improve threat detection and sandboxing performance

Even with the benefit of expensive malware sandboxing technologies, incident response teams are inundated with alerts. Because they can’t tell what’s urgent and what’s not, they often ignore alarms, leaving your enterprise exposed to risk. Symantec Content Analysis delivers effective tools for malware analysis to ensure that only truly unknown content is brokered to sandboxes so incident response focuses on real threats, not false alarms.

  • Analyze all content before it is sent to the malware sandbox
  • Prefilter and block all malicious content
  • Use proxy inspection and dual malware detection engines
  • Centralize and consolidate sandboxes for cost savings for on-premise or cloud products.
  • Focus on real threats, not false alarms

Download the Data Sheet

Network to Endpoint Detection and Response

Content Analysis now delivers integration with Symantec Endpoint Protection (SEP) Manager to provide the network to endpoint visibility, analysis, blocking and remediation that is needed to protect your organization from today’s advanced threats.

  • Send Indicators of Compromise (IOC) to Symantec Endpoint Protection Manager
  • Validate network-borne threats at the endpoint
  • Inoculate all other endpoints
  • Begin swift response and remediation

See how easy integration is and how organization will benefit from bringing these two powerful network and endpoint technologies together.

Block malicious threats with flexible sandboxing

While many sandboxes are passive and can only report incoming threats, Symantec Malware Analysis – built into Content Analysis – coordinates with inline technologies, delivering real-time sandboxing, discovery, and protection before malware ever reaches a user. A powerful combination of of malware sandbox tools, including virtualization and emulation captures more malicious behavior across a wider range of custom environments, including mobile, than typical single-method sandboxes.

  • Customize sandbox profiles to represent your ‘gold’ images
  • Create custom behavioral patterns to detect unique IOCs
  • Detect malware that is crafted to avoid sandbox detection
  • Delay file delivery until analysis is complete
  • Mimic user activity so malware thinks it is being activated

Download the Data Sheet

Symantec Selected as the Top Leader in the Advanced Persistent Threat (APT) Protection - Market Quadrant 2018

The Radicati group views the Advanced Persistent Threat Protection market as a set of integrated solutions for the detection, prevention and possible remediation of zero-day threats and persistent malicious attacks. Once again, Symantec Content Analysis plays a critical role in Symantec's being selected as the Top Leader in their 2018 report. Symantec achieved this high honor for several reasons, including:

  • Symantec’s market share leadership with enterprise customers
  • The variety of deployment options (on-prem, hybrid or cloud) we offer customers
  • Our fully-integrated portfolio across Symantec and third-party products and technologies
  • A keen focus on protection at endpoint, gateway, cloud and mobile
  • The massive Global Intelligence Network for unrivaled threat intelligence
  • Symantec's integration between ProxySG, Content Analysis, ATP, Security Analytics, SSL Visibility, Web Isolation and more

Download the report

Discover Our Community

View the latest product discussions in our forums.

Learn More

Need help?

Technical support and more.

Learn More

Related Products

White Papers

Network Security for the Cloud Generation

Next-Gen Firewall or Proxy Architecture? Which platform will you trust for your network security?

Solution Briefs

Network Protection Hardware Products Value of Maintenance

Learn how keeping current on Maintenance provides rapid access to 24/7 technical support, hardware repair/ replacement, and to new Operating System (OS) features and enhancements so your network is continuously protected from the ever-increasing sophistication and volume of web-based threats.

Reports

Top 4 Reasons to Migrate to Content Analysis

Discover the top four reasons organizations need Symantec Content and Malware Analysis

Infographics

2017 Gartner Magic Quadrant

For the 10th time*, Symantec is a Leader in Gartner's Magic Quadrant for Secure Web Gateways