View

Sorting

Products found: 15

logo
Offer a reference bonus
0.00

AnubisNetworks MPS

For Service Providers Grow your revenue and lower your costs, managing and selling email security services. The great skillset of Service Providers, their ability with communications networks, and especially their proximity to customers, make Service Providers especially fit to provide carrier-grade systems and value-added managed services on the Cybersecurity market. For Enterprises Email security is critical for business to face the growth of cyber threats The permanent relevance of Email in organizations, affected by the increasing security concerns associated with phishing, data leakage, and privacy protection, among others, pushes Service Providers to provide Email Security on top of the existing email infrastructure. Preferably, with an Email Security service robust enough to build trust on organizations, while becoming a value added service for the cloud platform itself, as well as hosted Service Providers and Resellers. MPS Characteristics AnubisNetworks Global Threat Intelligence Platform AnubisNetworks’ security ecosystem permanently monitors the world for Botnets, IP Reputation, Email phishing and Malware campaigns, and communicates with MPS edge filters, for real time proactive malware prevention. Control Features on top of Security Features DLP (Data Leakage Protection), Quota Management, Rate control, Email Validation, transport Encryption and many other features are available per user and per scope, taking this platform far beyond Email Security. Complete Visibility on your platform Complete details on messages and queues for inbound and outbound flows. MPS also contains several dashboard data, system auditing, business information tools, each feature configurable by scope and data. Customizable/White Label GUI Each of the hierarchy scopes can be fully customized with your brand identity, your partners and your end customers. Lean Management of Quarantine Quarantine can be managed by IT and/or end users, in a centralized console, with the option of web end user interface and/or email interface (via periodic digests). Hierarchic Multitenant System for Inbound and Outbound An advanced architecture with several administration scopes (Virtual scopes, SMTP domains and LDAP based Organizational units), each with distinct roles – including Helpdesk users - for both centralized and delegated management. Email Secure Routing and Virtual Aliases MPS brings a new dimension to email routing management by enabling the usage of BCC, Email Queue holding, Distribution lists, Virtual Aliases, and Listeners based routing. And protected under SPF, TLS and DKIM encryption mechanisms. Auditing, Monitoring and Billing information Advanced and easy access to detailed information on all activities and system information, for billing, auditing and compliance purposes. Email Control
  • DLP - Data Leakage Protection
  • Multitenant Quota management
  • White & Blacklists inheritance
  • Attachments Discovery
  • BCC and Archiving plugins
  • AD Integration for AAA
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
16
1
logo
Offer a reference bonus
1.00

Big Switch Networks Big Monitoring Fabric

Big Monitoring Fabric enables end-to-end visibility and security for applications, based on their networking behaviors, for both on-premises and public cloud deployments.

Big Monitoring Fabric enables pervasive security and monitoring of network traffic for an organization and selectively delivers it to multiple security, monitoring, performance measurement and compliance tools—both Inline and Out-of-Band. Leveraging an Open Ethernet switch fabric and an SDN Big Tap Controller, Big Monitoring Fabric is a highly scalable and cost-effective network visibility solution. Using an SDN-centric architecture, Big Tap enables tapping traffic everywhere in the network and delivers it to any troubleshooting, network monitoring, application performance monitoring or security tools.

The centralized Big Tap Controller software compiles user-defined policies into highly optimized flows that are programmed into the forwarding ASICs of bare metal Ethernet switches running production grade Switch Light Operating System.

There are two versions of the product:Big Mon Fabric — Public Cloud and Enterprise Cloud — leverage the same technologies. These technologies offer best-in-class economics for any monitoring infrastructure today.

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
1
8
logo
Offer a reference bonus
1.40

Blue Coat Systems Advanced Threat Protection

The Blue Coat Advanced Threat Protection solution integrates technologies from the Blue Coat Security and Policy Enforcement Center and the Resolution Center. It delivers a comprehensive, integrated and modern approach to advanced persistent threats, advanced targeted attacks, advanced malware, unknown malware and zero-day threats through its Advanced Threat Protection Lifecycle Defense.

This defense is the first to integrate a business process view that aligns with how your security team operationalizes new intelligence and technologies to fortify your security infrastructure against future attacks.

The Blue Coat Advanced Threat Protection Lifecycle Defense operates in three stages:

Detect and Protect for Ongoing Security Operations: The Blue Coat Secure Web Gateway and Blue Coat Content Analysis System with malware scanning engines, protect in real-time against known threats, malicious sources, and malware delivery networks. Contextual information about new threats is shared locally and globally via the Blue Coat global intelligence network in a continuous feedback loop that extends threat knowledge and protection effectiveness.

Analyze and Mitigate for Incident Containment: Unknown threats are escalated for incident containment using the Blue Coat Content Analysis System and Security Analytics Platform, which both use the Blue Coat Malware Analysis Appliance. As the behaviors and characteristics of unknown or advanced malware and zero-day threats are learned through automated analysis, that intelligence is shared across the security infrastructure, shifting protection to the gateway for a more scalable defense.

Investigate and Remediate for Incident Resolution: The Security Analytics Platform allows security incident escalation for retrospective analysis to enable threat profiling and incident resolution. Intelligence of the now-known threat is used to investigate and remediate the full scope of the attack, including other instances of the threat already on the network. The intelligence on the full scope of the attack is shared locally across the security infrastructure as well as globally across Blue Coat’s 15,000 customers and 75 million users to operationalize the new knowledge and fortify the security infrastructure.

The Blue Coat Advanced Threat Protection solution is designed to integrate into your existing security infrastructure, including your IPS, NGFW, SIEM and malware sandbox solutions, allowing you to deploy a defense-in-depth approach that shares information to increase protection.

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
15
20
logo
Offer a reference bonus
2.00

Check Point SandBlast

Check Point SandBlast Agent provides purpose-built advanced Zero-Day Protection capabilities to protect web browsers and endpoints, leveraging Check Point’s industry leading network protections.SandBlast Agent ensures complete real-time coverage across threat vectors, letting your employees work safely no matter where they are without compromising on productivity. Threat Emulation capability emulates unknown files in contained environment to detect malicious behaviors and prevent infections while Threat Extraction provides sanitized risk-free files to the users instantly.

Anti-Ransomware protection stops ransomware in its tracks and reverses the damage automatically, ensures organizations are protected against malicious extortion attacks that encrypt business data and demand ransom payment for its retrieval. Zero Phishing proactively blocks access to new and unknown deceptive websites and safeguards user credentials by preventing the use of corporate passwords on external websites.

SandBlast Agent captures forensics data with continuous collection of all relevant system events, and then provides actionable incident analysis to quickly understand complete attack lifecycle. With visibility into the scope, damage, and attack vectors, incident response teams maximize productivity and minimize organizational exposure.

Features:

  • Threat Emulation: Evasion resistant sandbox technology
  • Threat Extraction: Delivers sanitized risk-free files to users in real-time
  • Anti-ransomware: Prevents and remediates evasive ransomware attacks
  • Zero-Phishing: Blocks deceptive phishing sites and alerts on password reuse
  • Anti-Bot: Identify and isolate infected hosts
  • Anti-Exploit: Protects applications against exploit based attacks
  • Behavioral Guard: Detects and blocks malicious behaviors
  • Endpoint Antivirus: Protects against known malware
  • Forensics: Records and analyzes all endpoint events to provide actionable attack forensics reports

Benefits:

  • Advanced threat protection and automated endpoint forensic analysis for all malware types
  • Prevents and remediates evasive ransomware attacks
  • Proactively blocks known, unknown and zero-day malware
  • Provides instant actionable understanding of attacks
  • Automatically remediates infections
  • Protects users credentials
... Learn more
ROI-calculator
Configurator
ROI-
-
12
3
logo
Offer a reference bonus
2.00

Cisco Advanced Malware Protection (Cisco AMP for Endpoints)

Cisco Advanced Malware Protection (AMP) - a system that protects your business before, during and after an attack, making it the most robust form of malware protection available. Cisco AMP employs global threat intelligence to fortify your network’s defenses before an infiltration even occurs. During a network breach, it identifies and blocks the attack using a powerful combination of intelligence, file signatures and advanced malware analysis. After an attacker infiltrates your network, Cisco AMP arms your security team with a clear view of the malware’s origin, its method and point of entry, where it’s been, and its current trajectory. This combination of point-in-time and retrospective security make it possible to discover, confine, and dissolve the threat fast enough to protect your business from irreversible damage. Using Cisco AMP gives your business access to a wide selection of security features, including:
  • Filtering out policy-violating files from the Internet, e-mails, and more.
  • Detecting and protecting against client-side exploit attempts and exploit attempts aimed at client applications like Java and Flash.
  • Recognizing, blocking, and analyzing malicious files.
  • Identifying malware patterns and anticipating potentially breached devices.
  • Tracking malware’s spread and communications.
  • Alleviating threats of reinfection.
... Learn more
ROI-calculator
Configurator
ROI-
-
2
1
logo
Offer a reference bonus
1.00

Digital Guardian Advanced Threat Protection

Digital Guardian for Advanced Threat Protection is uniquely focused on understanding and preventing threats targeting your data and placing your systems at risk. It takes a data-centric approach to advanced threat detection, incident response and prevention that ensures security travels with the data. Adding DG for Advanced Threat Protection gives you the only security solution that protects sensitive data regardless of the source of attack. CAPABILITIES: Protect the data, regardless of the attack vector
  • Detect in real-time behaviors indicative of attacks targeting your systems, users and data via Digital Guardian’s attack sequencing approach.
  • Set rules to alert the user to the presence of an attack (via prompts) stop the attack in progress; notify IT in near real time and initiate collection of artifacts for forensic validation.
Cut analyst workload, improve workflow, increase incident handling capacity
  • Expedite delivery of critical alerts to speed response time and containment.
  • View correlated events and individual alerts for visibility of an attack or malicious activity by highlighting the individual rules which triggered the correlated event.
  • Automate collection of artifacts to reduce response time and enhance the ability to stop an attack in progress.
  • See all systems that are at risk or infected by using Digital Guardian’s automated binary analysis to track any file determined to be malicious or suspicious.
Maxmize the return on your security investments
  • Protect your endpoints from threats discovered at the network layer using DG’s integration with existing malware protection systems (FireEye and Palo Alto).
  • Download threat information from third party threat feed sources you define, directly to the DG agent to block agent execution within minutes of identification of known threats.
  • Use network security infrastructure to gather and submit suspicious files for detonation before they execute.
  • Get additional analysis and guidance on what action to take as a result of direct integration with VirusTotal. For example, automate the submission of a file hash for immediate analysis or industry reputation and if deemed to be a threat, all endpoints can be informed of the threat and set to block and alert should the threat be seen by any system whether on or off your network.
BENEFITS:
  1. Real-time visibility. To avoid the risk of missing critical artifacts and to maintain a full narrative of an attack you need real-time visibility. Digital Guardian includes real-time and historic visibility into more than 200+ parameters associated with system activities. This includes: process activity, user-mode and kernel execution events, file system activity, network and registry activity, and user-logon activity. Deep visibility ensures you have all the critical information needed to identify patient zero and drastically reduce your overall response time while validating the impact the attack had on your data.
  2. Context. Security teams today are overwhelmed with alerts from ineffective products that lack any context or prioritization of attacks; so they end up missing the real threats targeting their data. Digital Guardian provides host visibility as well as contextual intelligence about attacks targeting your data. Our solution gives you the context required to prioritize your response and answer the crucial who, what, why, and how questions.
  3. Data awareness. Advanced threats are intent on compromising your systems in order to gain access to your data. To protect your most critical data you must first understand it. New advanced threat protection products have no concept of data and traditional DLP products lack the understanding of threats. Digital Guardian is the first product to bridge the gap between system security and data protection by delivering a single solution combining threat prevention with context based data protection from a single agent.
  4. Flexible deployment. Only Digital Guardian offers complete data protection through an on premise, cloud-based managed service, or a hybrid of both. Our cloud-based managed services are the answer if you have more IP than IT. As an extension of your team, we’ll expertly develop, deploy, and manage all of your policies enterprise-wide as if they were our own.
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
16
9
logo
Offer a reference bonus
1.40

FireEye Malware Analysis (AX)

FireEye Malware Analysis is a forensic analysis solution that gives security analysts hands-on control over powerful auto-configured test environments to safely execute and inspect advanced malware, zero-day and advanced persistent threat (APT) attacks embedded in web pages, email attachments and files.

As cyber criminals tailor attacks to penetrate a specific business, user account or system, analysts need easy-to-use forensic tools that help them rapidly address targeted malicious activities.

HIGHLIGHTS:

  • Performs deep forensic analysis through the full attack life cycle, using the FireEye MVX engine
  • Streamlines and batches analysis of suspicious web code, executables and files
  • Reports in-depth on system-level OS and application changes to file systems, memory and registries
  • Offers live-mode or sandbox analysis to confirm zero-day exploits
  • Dynamically generates threat intelligence for immediate local protection via integration with FireEye Central Management
  • Captures packets to allow analysis of malicious URL session and code execution
  • Includes the FireEye AV-Suite to streamline incident response prioritization
  • Includes support for Windows and MacOS X environments
... Learn more
-
ROI-calculator
Configurator
ROI-
-
19
0
logo
Offer a reference bonus
2.00

Forcepoint Advanced Malware Detection

DETECT EVASIVE MALWARE OTHERS CANNOT SEE It’s become increasingly difficult to identify the malware components of advanced threats, mostly due to the evolution of evasion tactics and technology by criminal and nation-state threat actors. Unmatched Accuracy Forcepoint Advanced Malware Detection technology is unmatched in security efficacy. Even highly evasive threats are revealed through Deep Content Inspection of activity at multiple levels, dormant code, and other indicators often overlooked by traditional sandbox technologies. Zero-False Positives Eliminate the distraction of False Positive results with AMD. This means your incident response team can spend its limited time responding to actual threats, not chasing down false positives and searching for indicators of compromise (IOCs). Global Threat Intelligence Forcepoint sends threat intelligence updates containing the characteristics, behaviors and associated IOCs of every malicious object curated and analyzed within the global service. This allows for faster identification of previously-seen threats, new threats that reuse objects, and streamlines the analysis, detection and response to previously unseen threats. DEEP CONTENT INSPECTION – A STEP BEYOND SANDBOXING As with sandboxing, Forcepoint Advanced Malware Detection provides a simulated environment for malware execution; that is where any similarity ends. A Complete Environment Traditional sandboxes have visibility down to the operating system level only. Forcepoint offers a unique isolation and inspection environment that simulates an entire host including the CPU, system memory and all devices. Deep Content Inspection interacts with malware to observe all the actions it might take within this complete environment, and even identifies ‘dormant code’ for special analysis. Malware Interaction Sandbox-only solutions provide a relatively static environment, limiting the malicious ‘behavior’ they may uncover. Because Forcepoint Advanced Malware Detection interacts with malware, it observes every action that it might take, even when those actions are delegated to the operating system or other programs. In addition, this tool identifies potentially malicious ‘dormant code’ that the malware does not execute. Extensive Malware Detail Exposure A comprehensive solution must do more than just stop advanced malware. Correlated incident information prioritizes the most significant threats in your network without combing through massive log files. Full attack chain visibility enables your incident response team to quickly understand the nature of the attack, making your scarce security resources more efficient. MALWARE DETECTION ACROSS CHANNELS Threat actors will find and exploit any available point of entry. Forcepoint Advanced Malware Detection integrates with other defenses, complimenting their own security capabilities to frustrate attacker efforts across multiple channels. The resulting shared intelligence improves overall visibility and strengthens each point of defense. Forcepoint Web Security is a (cloud or hybrid deployed) Secure Web Gateway that stops advanced threats from getting in and sensitive data from getting out – whether an organization’s users are in the office, working from home or on the road. Forcepoint Advanced Malware Detection integrates with Web Security as an additional defense against zero-day and other advanced, evasive malware. Its cutting-edge classification engine, global threat intelligence, advanced malware detection and enterprise-class DLP work together to make strong security easy to deploy. It delivers real-time web protection for increasingly mobile workforces and can share policies and context with Email Security to thwart advanced, coordinated web and email attacks with complete inbound and outbound defenses. Forcepoint Email Security stops spam and phishing emails that introduce ransomware and other advanced threats before they can infect systems with malware. Forcepoint Advanced Malware Detection integrates with Email Security as an additional defense against zero-day and other advanced, evasive malware. The comprehensive defenses of Forcepoint Email Security integrate: highly effective analytics, URL Wrapping, Phishing education, and advanced malware detection for inbound protection—as well as integrated DLP as an outbound control and email encryption for secure communications. Operating on the security industry’s most secure cloud infrastructure, Forcepoint Email Security delivers unparalleled phishing, malware and DLP protection for Microsoft Office 365 and other popular email systems. Forcepoint Next Generation Firewall (NGFW) connects and protects people and their data throughout offices, branches, and the cloud – all with the greatest efficiency, availability and security. It applies multiple scanning techniques to files found in network traffic, allowing administrators to tailor granular levels of security to the specific needs of each connection. Forcepoint Advanced Malware Detection integrates with Forcepoint NGFW as an additional defense against zero-day and other advanced, evasive malware. Forcepoint NGFW can deploy, monitor, and update thousands of firewalls, VPNs and IPSs from a single console – cutting network operating expenses up to 50%. It eliminates downtime with high-availability clustering and Multi-Link networking, block attacks, and manages encrypted traffic without hurting performance. As the pioneer in Advanced Evasion Technique (AET) defenses and proxy technologies for mission-critical applications, Forcepoint NGFW gives you security without compromise. Forcepoint CASB delivers visibility and control over cloud applications and helps eliminate the security and compliance blind spots created in a cloud-first world. It quickly discovers unsanctioned cloud applications and assesses their associated risks, as well as the ability to control how sanctioned cloud applications such as Office 365, Google Suite, Salesforce, Box, Dropbox and others are used in order to prevent the loss of critical intellectual property. With Forcepoint CASB, organizations can truly embrace the Cloud by ensuring that their users are not engaging in risky behaviors - without slowing them down.  
... Learn more
ROI-calculator
Configurator
ROI-
-
2
15
logo
Offer a reference bonus
2.00

Fortinet FortiSandbox

With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown threats. While attack surfaces are becoming more dynamic due to the rise of IoT and cloud-based services, a continuing shortage of cyber security talent is driving organizations to integrate sandboxing with greater controls and a high degree of automation. Today’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It's also a key component of our Advanced Threat Protection solution. Features and Benefits: Independently top-rated. NSS Labs "Recommended" for breach detection and breach prevention, and ICSA labs certified for advanced threat defense. Broad integration. Extends advanced threat protection to your next-generation firewall, web application firewall, secure email gateway, and endpoint protection platform. Intelligent automation. Speeds mitigation by sharing real-time updates to disrupt threats at the origin and subsequent immunization across the entire organization and the global community. All-in-one. Simplifies deployment and reduces complexity by covering all protocols in a single common sandbox platform. Flexible deployment. Available as a physical or virtual appliance on premises, as well as a cloud-based or managed service. Open extensibility. Flexible APIs for easy third-party integration and available day-zero integration with Fabric-Ready partners.
... Learn more
ROI-calculator
Configurator
ROI-
-
4
14
logo
Offer a reference bonus
1.00

LookingGlass ScoutShield

ScoutShield Threat Intelligence Gateway is a high-assurance, low-touch security appliance designed to work with firewalls to identify and block phishing, malware, and malicious Command-and-Control (C2) domains – disrupting or stopping these threats.

The ScoutShield solution ingests LookingGlass Automated Data Services’ machine-readable threat intelligence to automatically block known phishing URLs, malicious URLs, and malicious C2 Domains.

  • Malicious C2 Domains Feed - Daily updated blacklist of all known C2 botnet servers
  • Phishing URL Feed - Real-time feed of global phishing URLs
  • Malicious URL Feed - Real-time feed of global malicious URLs

ScoutShield’s automated response mechanism allows organizations to respond more efficiently and effectively to threats, so you can combat data breaches, ransomware, and stolen credentials in real-time. Using ScoutShield’s multiple Monitoring and Reporting Dashboards enable your security team to easily determine the effectiveness of policy enforcement, the health of the entire system, and if threat intelligence rule sets have been deployed successfully.

Use ScoutShield to:

  • Protect against known malicious web pages and phishing attacks with 99.99% accuracy
  • Prevent infected devices from communicating with C2 servers automatically
  • Enable your security analysts to mitigate threats in real-time, increasing productivity
  • Deliver digestible insights on using its multiple dashboards: Appliance, System, Threat Intelligence,    
    and Threat Mitigation.
  • Alert your organization of compromises on the network
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
12
1
logo
Offer a reference bonus
2.00

McAfee Advanced Threat Defense

McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and exposeevasive threats. Tight integration between security solutions — from network and endpoint to investigation — enables instant sharing of threat information across the environment, enhancing protection and investigation. Flexible deployment options support every network. McAfee Advanced Threat Defense detects today’s stealthy, zero-day malware with an innovative, layered approach. It combines low-touch analysis engines such as antivirus signatures, reputation, and real-time emulation with dynamic analysis (sandboxing) to analyze actual behavior. Investigation continues with in-depth static code analysis that inspects file attributes and instruction sets to determine intended or evasive behavior and assesses similarity with known malware families. A final step in the analysis, McAfee Advanced Threat Defense specifically looks for malicious indicators that have been identified through machine learning via a deep neural network. Combined, this represents the strongest advanced malware security protection on the market and effectively balances the need for both in-depth inspection and performance. While lower analytical intensity methods such as signatures and real-time emulation benefit performance by catching more easily identified malware, the addition of in-depth static code analysis and insights gained through machine learning to sandboxing broadens detection of highly camouflaged, evasive threats. Malicious indicators that may not execute in a dynamic environment can be identified through unpacking, in-depth static code analysis, and machine learning insights. Advanced capabilities support investigation McAfee Advanced Threat Defense offers numerous, advanced capabilities including:
  • Configurable operating system and application support: Tailor analysis images with select environment variables to validate threats and support investigation.
  • User interactive mode: Enables analysts to interact directly with malware samples.
  • Extensive unpacking capabilities: Reduces investigation time from days to minutes.
  • Full logic path: Enables deeper sample analysis by forcing execution of additional logic paths that remain dormant in typical sandbox environments.
  • Sample submission to multiple virtual environments: Speeds investigation by determining which environment variables are needed for file execution.
  • Detailed reports: Provide critical information for investigation including MITRE ATT&CK mapping, disassembly output, memory dumps, graphical function call diagrams, embedded or dropped file information, user API logs, and PCAP information. Threat time lines help visualize attack execution steps.
  • Bro Network Security Monitor integration: Deploy Bro sensor to a suspected network segment to monitor and capture traffic and forward files to McAfee Advance Threat Defense for inspection.
Flexible advanced threat analysis deployment options support every network. McAfee Advanced Threat Defense is available as an on-premises appliance or a virtual form factor, with support for both private and public cloud with availability in the Azure Marketplace.
... Learn more
ROI-calculator
Configurator
ROI-
-
2
1
logo
Offer a reference bonus
2.00

Palo Alto Networks WildFire

Palo Alto Networks WildFire cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive zero-day exploits and malware. The service employs a unique multi-technique approach, combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.

WildFire changes the equation for adversaries, turning every Palo Alto Networks platform deployment into a distributed sensor and enforcement point to stop zero-day malware and exploits before they can spread and become successful.Within the WildFire environment, threats are detonated, intelligence is extracted and preventions are automatically orchestrated across Palo Alto Networks Next-Generation Security Platform in as few as five minutes of first discovery anywhere in the world.

WildFire goes beyond traditional approaches used to detect unknown threats, bringing together the benefits of four independent techniques for high-fidelity and evasion-resistant discovery, including:

Dynamic analysis – observes files as they detonate in a purpose-built, evasion-resistant virtual environment, enabling detection of zero-day exploits and malware using hundreds of behavioral characteristics.

Static analysis – highly effective detection of malware and exploits that attempt to evade dynamic analysis, as well as instant identification of variants of existing malware.

Machine learning – extracts thousands of unique features from each file, training a predictive machine learning model to identify new malware – which is not possible with static or dynamic analysis alone.

Bare metal analysis – evasive threats are automatically sent to a real hardware environment for detonation, entirely removing an adversary’s ability to deploy anti-VM analysis techniques.

Together, these four unique techniques allow WildFire to discover and prevent unknown malware and exploits with high efficacy and near-zero false positives.

WildFire threat analysis service:

  • Detects evasive zero-day exploits and malware with a unique combination of dynamic and static analysis, novel machine learning techniques, and an industry-first bare metal analysis environment.
  • Orchestrates automated prevention for unknown threats in as few as five minutes from first discovery anywhere in the world, without requiring manual response.
  • Builds collective immunity for unknown malware and exploits with shared real-time intelligence from approximately 17,000 subscribers.
  • Provides highly relevant threat analysis and context with AutoFocus.
... Learn more
-
ROI-calculator
Configurator
ROI-
-
9
0
logo
Offer a reference bonus
1.00

Proofpoint Targeted Attack Protection

Proofpoint Targeted Attack Protection (TAP) helps detect, mitigate, and block advanced threats that target people through email. We detect both known and new, never-before-seen attacks that use malicious attachments and URLs to install malware on a device or trick users to share their passwords or other sensitive information. TAP is unmatched in stopping targeted attacks that use polymorphic malware, weaponized documents, and credential phishing to access sensitive information or steal money.

TAP provides the first line of defense at the email gateway. TAP has two components:

Attachment Defense: TAP can hold messages until a verdict is received after analysing the attachment. Clean ones are delivered to the inbox and threats are quarantined.

URL Defense: Messages containing URLs that are known to be malicious are immediately quarantined. TAP rewrites all other URLs in order to track and block clicks. When users click on the rewritten URLs, TAP redirects them — based on the verdict from inspection — to either the original webpage or a customizable block page that prevents access to compromised site.

TAP is built on the Proofpoint next-generation email security platform, which offers clear visibility into all email communications. This means that TAP has greater context to extract threat intelligence, quickly mitigate the attack surface by blocking malicious messages, and reduce your security risk.

Our advanced threat solutions continually adapt to detect new attack patterns. TAP inspects the entire attack chain using static and dynamic techniques. We analyse potential threats in several stages using multiple approaches to examine behavior, code, and protocol. TAP uses unique features, such as predictive analysis to identify and sandbox suspicious URLs before users can click on them.

Proofpoint TAP includes a web-based graphical dashboard that provides data at organizational, threat, and user levels to help you prioritize alerts and take action. Detailed forensic information on both individual threats and campaigns is provided to you in real time.

Proofpoint TAP is easily configured as add-on modules to the Proofpoint email security platform, which can be deployed as a cloud service, virtual appliance, or hardware appliance. Proofpoint also uses the cloud to instantly update our software every day to quickly incorporate new features and help you stay ahead of attackers.

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
7
2
logo
Offer a reference bonus
1.40

Trend Micro Deep Discovery Analyzer

Deep Discovery Analyzer extends the value of existing security investments from Trend Micro and third-parties (through a web services API) by providing custom sandboxing and advanced analysis. It can also provide expanded sandboxing capabilities to other Trend Micro products. Suspicious objects can be sent to the Analyzer sandbox  for  advanced analysis using multiple detection methods. If a threat is discovered, security solutions can be updated automatically.

KEY CAPABILITIES:

Custom Sandbox Analysis uses virtual images that are tuned to precisely match your system configurations, drivers, installed applications, and language versions. This approach improves the detection rate of advanced threats that are designed to evade standard virtual images. The custom sandbox environment includes safe external access to identify and analyze multi-stage downloads, URLs, command and control (C&C), and more, as well as supporting manual or automated file and URL submission.

Flexible Deployment Analyzer can be deployed as a standalone sandbox or alongside a larger Deep Discovery deployment to add additional sandbox capacity. It is scalable to support up to 60 sandboxes in a single appliance, and multiple appliances can be clustered for high availability or configured for a hot or cold backup.

Advanced Detection Methods such as static analysis, heuristic analysis, behavior analysis, web reputation, and file reputation ensure threats are discovered quickly. Analyzer also detects multi-stage malicious files, outbound connections, and repeated C&C from suspicious files.

Broad file analysis range Examines a wide range of Windows executables, Microsoft Office, PDF, web content, and compressed file types using multiple detection engines and sandboxing. Custom policies can be defined by file type.

Document exploit detection Discovers malware and exploits delivered in common document formats by using specialized detection and sandboxing.

URL analysis Performs sandbox analysis of URLs contained in emails or manually submitted samples.

Web services API and manual submission Enables any product or malware analyst to submit suspicious samples. Shares new IOC detection intelligence automatically with Trend Micro and third-party products.

Support for Windows, Mac, and Android operating systems.

Detect ransomware Detects script emulation, zero-day exploits, targeted and password-protected malware commonly associated with ransomware. IT also uses information on known threats to discover ransomware through pattern and reputation-based analysis. The custom sandbox can detect mass file modifications, encryption behavior, and modifications to backup and restore.

... Learn more
-
ROI-calculator
Configurator
ROI-
-
5
12
logo
Offer a reference bonus
1.00

Zscaler Cloud Sandbox

Zscaler Cloud Sandbox uses advanced behavioral analysis techniques to find and block zero-day threats. Delivered as a service from the Zscaler global security cloud, Zscaler Cloud Sandbox provides a higher level of threat protection than any other solution.

With Zscaler, you can sandbox any suspicious or unknown file without backhauling traffic to the data center. Since Zscaler Cloud Sandbox is implemented from the cloud, it protects all of your users, regardless of their locations. This means that remote office workers and mobile users get the same level of protection as the users at your headquarters, without costly MPLS links or cumbersome VPN connections. Zscaler Cloud Sandbox is architected to provide inline protection to block threats before they enter your network. Malicious files are instantly blocked, quarantined, or flagged based on your defined policies.

Unlike appliances, which work in isolation, Zscaler Cloud Sandbox is fully integrated into the Zscaler Cloud Security Platform to deliver maximum threat visibility and multilevel protection. Because Zscaler is delivered as a service, there is no hardware deploy and manage, and no software to update.

The processing power of Zscaler Cloud Sandbox lets us inspect all suspicious and unknown files with efficiency. Data is correlated across multiple security engines to identify and block sophisticated threats that go undetected by traditional appliances. By performing this in-depth level of sandbox pre-processing, we streamline the detection of suspicious files and improve the user experience. And because SSL inspection is native to the cloud security platform, the tactic of hiding attacks behind encryption fails as well. Malicious files are instantly blocked, quarantined, or flagged based on your defined policy, which can be easily scaled across all users.

Zscaler Cloud Sandbox uses cloud intelligence gained from more than 60 billion transactions processed every day at peak periods and more than 120,000 unique security updates. Once a threat is identified anywhere in the Zscaler cloud, it is immediately blocked for all customers. By default, the Zscaler security cloud sandboxes all executables and libraries to improve the protection to all customers. Zscaler also incorporates over 40 partner threat feeds to make sure the latest threat intelligence is applied across the cloud, which minimizes the number of files that need to be sandboxed.

Zscaler Cloud Sandbox provides:

Integrated platform service

  • Pre-filters all known threats using threat feeds from 40+ security partners
  • Offers native SSL inspection to close security gaps
  • Provides APT protection — for both inbound and outbound traffic
  • Delivers rich forensics — including intelligence on users, locations, origins, and evasive tactics

Inline inspection of all suspicious and unknown files

  • Fully analyzes executables, libraries, Office documents, archives, and web and mobile content
  • Enforces patient-zero quarantines
  • Enables manual file submission via a sandbox scanning portal

Uniform policies across all users and locations

  • Defines global policies from a single console
  • Enforces policy changes immediately across all users, regardless of location

Benefits:

Simply Scalable. Break free from costly gateway-based architectures. Scale protection across all users and all locations with ease from the cloud.

Better Protection. Deliver a fully integrated sandbox solution that can inspect all traffic, including SSL, without performance limitations.

Cost-Effective. Minimize IT procurement and administration costs with protection that easily grows with your needs.

Cloud Intelligence. Empower your sandbox with the power and visibility of the world’s largest security cloud.

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
11
17

The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.