Advanced Threat Protection
Today’s threat landscape is populated by increasingly sophisticated intrusions that take the form of advanced persistent threats, advanced targeted attacks, advanced malware, unknown malware, and zero-day threats. Enterprises are experiencing material security breaches as a result of these attacks, because advanced security operations teams—as well as the defenses they deploy—operate in silos with no ability to share information across the entire security organization or environment.
Consequently, there is a shift towards a new approach that integrates real-time protection, dynamic analysis, and post-breach investigation and remediation. This approach closes the gap that exists between ongoing security operations and incident discovery, containment, and resolution. The net result: your business can move beyond fear and start focusing on possibilities.
Blue Coat: Uniquely Capable of Addressing the Requirements
The Blue Coat Advanced Threat Protection solution integrates technologies from the Blue Coat Security and Policy Enforcement Center and the Resolution Center to deliver a comprehensive lifecycle defense that fortifies the network. The solution
- Blocks known advanced persistent threats
- Proactively detects unknown and already-present malware
- Automates post-intrusion incident containment and resolution.
This makes it possible for day-to-day security operations and advanced security teams to work together to protect and empower the business.
Whiteboarding the Lifecycle Defense
Detect and Protect Against Known Threats
To prevent advanced persistent threats as part of day-to-day security operations, the Blue Coat ProxySG appliance, Secure Web Gateway Virtual Appliance, and Cloud Service,
block—in real–time—known threats, malicious sources, and malnets (malware delivery networks) at the gateway. The Blue Coat Content Analysis System integrates with the Proxy SG appliance to orchestrate malware scanning and application whitelisting while the Blue Coat SSL Visibility appliance gives you visibility into the threats attempting to hide in encrypted traffic.
Contextual information about new threats is shared locally across your security environment and globally with Blue Coat’s 15,000 customers and more than 75 million users to extend threat knowledge and protection.
Analyze, Mitigate Unknown and Advanced Malware
In order to realize incident containment, unknown malware must be escalated. The Blue Coat Advanced Threat Protection solution analyzes and mitigates unknown malware using the Blue Coat Content Analysis System, with malware analysis and sandboxing, as well as the Security Analytics Platform by Solera, a Blue Coat company, with integrated ThreatBLADES. As the behaviors and characteristics of an unknown threat are learned through automated analysis, that intelligence is shared across the security infrastructure, enhancing protection at the gateway for a more scalable defense.
Investigate, Remediate Breaches
For incident resolution, the Blue Coat Advanced Threat Protection solution uses the Security Analytics Platform for threat profiling to eradicate the full scope of an attack. Intelligence of a new known threat is used to investigate and remediate the full scope of the attack, including other instances of malicious files and threats already on the network. Intelligence is shared across the enterprise infrastructure as well as across the Blue Coat Intelligence Network to automate detection of the newly identified threats in the “detect and protect” stage.