Symantec Says Antivirus Software Is Dead, Focuses On Zero-day Attacks
Symantec says that the traditional antivirus software is dead and will focus on new products and managed security services for enterprises, helping them fend off targeted zero-day attacks.
The security firm today announced its Advanced Threat Protection (ATP) effort. Working with Check Point Software, Cisco and Palo Alto Networks, the company will use threat detection information that will be integrated into Symantec endpoint protection software.
Information collected from these three vendors' next-generation firewalls and other sources would be shared with Symantec in its managed security services division and Symantec cloud-based threat intelligence analysis. If one of these vendors identify any new zero-day exploit, for example, a defense for that would be immediately pushed down to the network endpoints of Symantec's managed security services customers.
Symantec is the global leader in endpoint anti-malware software, Symantec's director of product marketing, endpoint, messaging and security, Piero DePaoli, says the era of relying on signature-based antivirus is gone for good.
"Core A/V is dead. It is dead," DePaoli says.
"There is a significant need in the market for greater advanced threat protection, and many vendors do not have the holistic coverage or full-functionality needed to adequately detect and respond to targeted attacks," said Jon Oltsik, senior principal analyst, Enterprise Security Group (ESG). "Symantec is well positioned to deliver an end-to-end advanced threat solution by building on the technologies it offers today, integrating across its portfolio, and delivering it as a service enhanced by an evolving partner ecosystem. By leveraging its global intelligence and building-in completely new incident response capabilities, Symantec can really address a multitude of enterprise cybersecurity requirements."
"To successfully defend against the types of targeted attacks we're seeing today, you need to expand the focus from prevention to detection and response," said Brian Dye, senior vice president of Symantec Information Security. "Network security alone isn't going to solve the problem. Adversaries are targeting all control points from the gateway to email to the endpoint. Organizations need security across these control points working together, with incident response capabilities and global information intelligence, to beat the bad guys. Symantec is bringing that powerful arsenal to market."
Symantec is also planning to introduce an incident-response service where supported enterprises will receive incident-support services and forensics in the event of a cyberattack. The service will leverage the telemetry data from its endpoint and e-mail security products to respond to events.
Symantec is also developing a sandboxing-type product under the ATP effort that is going into beta in six months and is expected to be available within the year. It is designed to analyze content traffic in the cloud to determine if it's malware. This Dynamic Malware Analysis Service is intended to share and update threat defense across the endpoint, e-mail and gateway through the sandboxing approach.
Tying it all together, Symantec will bring to market a new Advanced Threat Protection Solution, which is scheduled to be in beta testing within six months and generally available within the next 12 months.
Information collected from these three vendors' next-generation firewalls and other sources would be shared with Symantec in its managed security services division and Symantec cloud-based threat intelligence analysis. If one of these vendors identify any new zero-day exploit, for example, a defense for that would be immediately pushed down to the network endpoints of Symantec's managed security services customers.
Symantec is the global leader in endpoint anti-malware software, Symantec's director of product marketing, endpoint, messaging and security, Piero DePaoli, says the era of relying on signature-based antivirus is gone for good.
"Core A/V is dead. It is dead," DePaoli says.
"There is a significant need in the market for greater advanced threat protection, and many vendors do not have the holistic coverage or full-functionality needed to adequately detect and respond to targeted attacks," said Jon Oltsik, senior principal analyst, Enterprise Security Group (ESG). "Symantec is well positioned to deliver an end-to-end advanced threat solution by building on the technologies it offers today, integrating across its portfolio, and delivering it as a service enhanced by an evolving partner ecosystem. By leveraging its global intelligence and building-in completely new incident response capabilities, Symantec can really address a multitude of enterprise cybersecurity requirements."
"To successfully defend against the types of targeted attacks we're seeing today, you need to expand the focus from prevention to detection and response," said Brian Dye, senior vice president of Symantec Information Security. "Network security alone isn't going to solve the problem. Adversaries are targeting all control points from the gateway to email to the endpoint. Organizations need security across these control points working together, with incident response capabilities and global information intelligence, to beat the bad guys. Symantec is bringing that powerful arsenal to market."
Symantec is also planning to introduce an incident-response service where supported enterprises will receive incident-support services and forensics in the event of a cyberattack. The service will leverage the telemetry data from its endpoint and e-mail security products to respond to events.
Symantec is also developing a sandboxing-type product under the ATP effort that is going into beta in six months and is expected to be available within the year. It is designed to analyze content traffic in the cloud to determine if it's malware. This Dynamic Malware Analysis Service is intended to share and update threat defense across the endpoint, e-mail and gateway through the sandboxing approach.
Tying it all together, Symantec will bring to market a new Advanced Threat Protection Solution, which is scheduled to be in beta testing within six months and generally available within the next 12 months.
