Symantec is upping the ante in its attempt to win the advanced threat protection space, launching a new offering designed to detect and remediate advanced threats the entire enterprise from single console – with no endpoint agents to deploy.
Symantec Advanced Threat Protection is due to launch in New Zealand by the end of this calendar year.
Symantec says ATP correlates suspicious activity across all control points and prioritises the events that pose the most risk to an organisation. Once a threat is identified it can be quickly contained and new instances can be blocked.
Symantec says individual point products at each control point can no longer be relied on to stop the increasing proliferation of advanced threats, such as ransomware, remote access Trojans, advanced persistent threats and zero day attacks.
“The process of uncovering threat data across endpoint, network and email gateways is manual and time consuming, which gives attackers an edge,” Symantec says.
Symantec ATP includes Symantec's Cynic cloud-based sandboxing and payload detonation service and Synapse cross-control point correlation capability that collects suspicious activity across endpoints, networks and email to prioritise those that are the greatest risk.
The company claims that Synapse and Cynic working together can provide up to 30% better detection than existing products.
Balaji Yelamanchili, Symantec enterprise security business general manager, says the offering cuts down search and remediation time by doing the legwork for security professionals who in the past needed to manually check to see if a suspicious file was properly blocked.
“The average enterprise uses 75 distinct security products,” Yelamanchili says. “That overload creates opportunity for attackers because it slows down detection.
“Symantec ATP allows security professionals to click once and remediate everywhere across all three control points.
The company says Symantec ATP enhances existing installations of Symantec Endpoint Protection and Email Security.cloud, without requiring any new endpoint agents.
“This allows customers to deploy a new installation of Symantec ATP in under an hour to search for attacks in minutes.
Intelligence can be exported to third-party security incident event managers.
Symantec says it will open Symantec up to third party technology partners, including firewall and other security product vendors.