Analyze all content automatically to block advanced threats
Symantec Content and Malware Analysis automatically escalates and brokers zero-day threats for dynamic sandboxing and validation before sending content to users. Analyze unknown content from one central location. Leveraging Blue Coat ProxySG, this solution uses a unique multi-layer inspection and dual-sandboxing approach to reveal malicious behavior and expose zero-day threats, and safely detonate suspicious files and URLs.
- Block all known threats identified through Global Intelligence Network
- Deploy multi-step analysis to inspect only suspicious files
- Detain unknown files
- Send IOCs to endpoint detection technologies
- Integrate with Symantec Endpoint Protection Manager
Improve threat detection and sandboxing performance
Even with the benefit of expensive sandboxing technologies, incident response teams are inundated with alerts. Because they can’t tell what’s urgent and what’s not, they often ignore alarms, leaving your enterprise exposed to risk. Symantec Content Analysis ensures that only truly unknown content is brokered to sandboxes so incident response focuses on real threats, not false alarms.
- Analyze all content before it’s sandboxed
- Prefilter and block all malicious content
- Use proxy inspection and dual malware detection engines
- Centralize and consolidate sandboxes for cost savings
- Focus on real threats, not false alarms
Network to Endpoint Detection and Response
Content Analysis now delivers integration with Symantec™ Endpoint Protection (SEP) Manager to provide the network to endpoint visibility, analysis, blocking and remediation that is needed to protect your organization from today’s advanced threats.
- Send Indicators of Compromise (IOC) to Symantec™ Endpoint Protection Manager
- Validate network-borne threats at the endpoint
- Inoculate all other endpoints
- Begin swift response and remediation
See how easy integration is and how organization will benefit from bringing these two powerful network and endpoint technologies together.
Block malicious threats with flexible sandboxing
While many sandboxes are passive and can only report incoming threats, Symantec Malware Analysis coordinates with inline technologies, delivering real-time sandboxing, discovery, and protection before malware ever reaches a user. A powerful combination of virtualization and emulation captures more malicious behavior across a wider range of custom environments than typical single-method sandboxes.
- Customize sandbox profiles to represent your ‘gold’ images
- Create custom behavioral patterns to detect unique IOCs
- Detect malware that is crafted to avoid sandbox detection
- Delay file delivery until analysis is complete
- Mimic user activity so malware thinks it is being activated
“We love the flexibility of Content and Malware Analysis and the fact that new malware modules are always being added to increase detection.”
Fortune 100 Bank
“The ability to customize Content and Malware Analysis sandboxing images to match our environment has been an important part of understanding our specific threat exposure.”
Global Fortune 500 Insurance Company
“Using Content Analysis as a sandbox broker decreased our sandbox workload significantly, and we now receive sandbox alerts in a much more timely fashion.”
Global Consumer Electronics and Manufacturing Company
Symantec Content and Malware Analysis works alongside the Symantec Security Analytics platform to deliver dynamic, advanced threat protection and uncover advanced malware and zero-day threats.