Block. Detect. Analyze. A new breed of hackers – including cybercriminals, nation states, hacktivists, and insiders – are perpetrating increasingly sophisticated, targeted, and effective exploits on enterprises. This shift in the threat landscape requires a security platform that combines prevention with more effective attack detection, preparedness and response. The Blue Coat Security Platform delivers advanced threat protection via Blue Coat’s Content Analysis technology, that when combined with Blue Coat’s Web Gateway and Malware Analysis technologies, allow you to automate advanced threat protection at the gateway to fortify your network against unknown or advanced malware.
Bridging the Gap Between Prevention and Incident Containment
Content Analysis integrates real-time blocking of advanced threats—through application whitelisting, a variety of anti-malware technologies and static code analysis. Most importantly where traditional sandboxing vendors are deployed passively on a network, Blue Coat Content Analysis delivers an integration environment that allows sandboxing from either Blue Coat or third-party vendors to be leveraged as an inline and real-time inspection technology.
Content Analysis delivers:
- Intelligent Defense In-Depth Coordinated use of application whitelisting, malware scanning (supporting a variety of anti-malware engines) and static code analysis to block the simplest to the most advanced threats. Our efficient approach ensures that sandboxing operations can be reserved for the most sophisticated threats, thus delivering scale even in the largest of environments.
- Malware Analysis Orchestration As a broker between multiple sandboxes, Content Analysis simultaneously sends unknown or suspicious files to the Blue Coat Malware Analysis Appliance as well as third-party sandboxes. It then waits for behavioral analysis to be performed in the sandbox before delivering the file to the user, thus allowing you to optimize you existing investments while building out an in-depth, advanced malware defense.
- Endpoint Integration Content Analysis sends Indicators of Compromise (IOC) to a variety of supported Endpoint Detection and Response (EDR) technologies. Such technologies can validate the existence of a threat at the target endpoint, search all other systems for these IOCs and send information back to Content Analysis for report generation and links to suspect devices. This saves your security team time and allows for prioritization of alerts.
- Advanced Threat Protection Solution Content Analysis is a key component of the Blue Coat Advanced Threat Protection solution. It integrates technologies to deliver a comprehensive defense that fortifies the network by blocking known threats, proactively detecting unknown and already-present malware, and automating post-intrusion incident containment.