Advanced Threat Protection

Preventative Protection, Detection, Investigation, & Resolution

Efficient investigation, and remediation processes are critical in todays’ high stakes security world. Symantec provides the telemetry that feeds our targeted attack detections, the deep forensic records that speed investigations, and powerful tools to quickly remediates breaches. Built on strong preventative protections in endpoint, network, email and cloud infrastructure.

Symantec Endpoint Detection and Response

Content Analysis and Advanced Malware Sandbox

Content Analysis is the most effective way to detect file based malware. It integrates with Symantec Proxy, ASG, WSS, Endpoint Protection, ATP Platform, Secure Message Gateway, CASB, Email Security Service, & WAF.

Content Analysis combines multiple engines – white list, black list, dual anti-virus, and advanced machine learning – to identify advanced malware. It also has the option for full emulation and virtual detonation sandbox to replace less effective sandbox technologies.

Content Analysis can submit files to 3rd party sandboxes including FireEye and Lastline, driving

  • 4x better malware detection
  • Dramatically reduced sandbox capacity from pre-filtering and centralizing sandbox capacity
  • Ability to leverage proxy to decrypt SSL/TLS
  • Dramatically reduced incident queues from preventative architecture

Content Analysis is offered as an appliance, virtual appliance, and cloud service.

Download the Data Sheet

Symantec Endpoint Detection and Response

Keep attacks from turning into breaches

Symantec EDR – aka ATP Endpoint – applies machine learning and behavioral analytics to detect and expose suspicious activity. It enables you to hunt for threats by searching for indicators of compromise across all endpoints in real time.

Symantec EDR prioritizes incident allows you to navigate endpoint activity records for a full forensic analysis of potential attacks.
You can contain suspicious events using advanced sandboxing, blacklisting, and quarantine;  seal off potentially compromised endpoints during investigation with endpoint isolation. And, finally, delete malicious files and associated artifacts on all impacted endpoints.

Symantec’s EDR agent is already consolidated into your Symantec Endpoint Protection agent on Windows, Mac, Linux. Extend EDR to non-SEP devices with Cloud EDR

  • Proactively detect attacks on endpoint and email
  • Quickly investigate scope, scale, and attack details
  • Quarantine suspicious processes and events
  • Remediate impacted endpoints

Download the Data Sheet

Symantec Network Forensics: Security Analytics

Full-packet capture Advanced network security forensics

Symantec Security Analytics delivers enriched, full-packet capture for full network security visibility, advanced network forensics, anomaly detection, and real-time content inspection for all network traffic.

Armed with this detailed record, you can conduct forensic investigations, respond quickly to incidents, and resolve breaches in a fraction of the time you would spend with conventional processes. Security Analytics is an advanced network forensics analysis and analytics tool enabling you to:

  • See the full source and scope of attacks and respond faster
  • Arm incident response teams with clear, concise answers and evidence
  • Use unrivaled data enrichment and threat intelligence
  • Add context to existing security tools
  • Integrate with Symantec ATP to extend investigations across network, endpoint and email

Read the Report

Our Products

  • Advanced Threat Protection for Email

    Symantec's Advanced Threat Protection for Email protect against most sophisticated email threats and gain comprehensive insights in advanced email attacks.

  • Web Isolation

    Symantec Web Isolation prevents malware and phishing threats while allowing broad web access through the isolation of uncategorized and potentially risky traffic.

  • Encrypted Traffic Management

    Symantec Proxy and SSL Visibility Appliance decrypt traffic, feed existing security infrastructure, and maintain privacy compliance.

  • CASB Cloud Security - CloudSOC CASB

    Secure employee use of cloud apps with the leading Symantec Cloud Access Security Broker and Cloud Security Gateway.

Related Products