Share this: 

Content Analysis

Block. Detect. Analyse. A new breed of hackers – including cybercriminals, nation-states, hacktivists and insiders – are perpetrating increasingly sophisticated, targeted and effective exploits on enterprises. This shift in the threat landscape requires a security platform that combines prevention with more effective attack detection, preparedness and response. The Blue Coat Security Platform delivers advanced threat protection via Blue Coat’s Content Analysis technology, which, when combined with Blue Coat’s Web Gateway and Malware Analysis technologies, enables you to automate advanced threat protection at the gateway, to fortify your network against unknown or advanced malware.

Bridging the gap between prevention and incident containment

Content Analysis integrates real-time blocking of advanced threats—through application whitelisting, a variety of anti-malware technologies and static code analysis. Most importantly, where traditional sandboxing vendors are deployed passively on a network, Blue Coat Content Analysis delivers an integration environment that allows sandboxing from either Blue Coat or third-party vendors to be leveraged as an inline and real-time inspection technology.

Content Analysis delivers:

  • Intelligent Defence In-Depth Co-ordinated use of application whitelisting, malware scanning (supporting a variety of anti-malware engines) and static code analysis, to block the simplest to the most advanced threats. Our efficient approach ensures that sandboxing operations can be reserved for the most sophisticated threats, thus delivering scale even in the largest of environments.
  • Malware Analysis Orchestration As a broker between multiple sandboxes, Content Analysis simultaneously sends unknown or suspicious files to the Blue Coat Malware Analysis Appliance as well as third-party sandboxes. It then waits for behavioural analysis to be performed in the sandbox before delivering the file to the user, thus allowing you to optimise your existing investments while building up in-depth, advanced malware defences.
  • Endpoint Integration Content Analysis sends Indicators of Compromise (IOC) to a variety of supported Endpoint Detection and Response (EDR) technologies. Such technologies can validate the existence of a threat at the target endpoint, search all other systems for these IOCs and send information back to Content Analysis for report generation and links to suspect devices. This saves your security team time and enables the prioritisation of alerts.
  • Advanced Threat Protection Solution Content Analysis is a key component of the Blue Coat Advanced Threat Protection solution. It integrates technologies to deliver a comprehensive defence, fortifying the network by blocking known threats, proactively detecting unknown and already-present malware and automating post-intrusion incident containment.

 

Content Analysis System - System Overview