Symantec Intros Endpoint Protection 12

  /     /     /  
Publicated : 22/11/2024   Category : security


Symantec Intros Endpoint Protection 12


Client-side security software for SMBs will utilize cloud-based data to identify mutating malware and other rapidly changing threats, Symantec says.



(click image for larger view)
Slideshow: 12 Money Saving Tech Tips For SMBs
Symantec on Tuesday announced version 12 of its Endpoint Protection and Endpoint Protection Small Business Edition (SBE) software. Both will be released this summer, with a public beta beginning in April.
The new versions will leverage Symantecs Insight technology to identify and protect against mutating
malware
and other threats as they change and adapt, based on information from the 2.5 billion files that Symantec sees across its cloud-based database of 175 million endpoints.
Think of [Insight] as an algorithm, but its an algorithm thats based on a pretty large sample size, said Blake McConnell, senior director of product management at Symantec, in an interview. Insight will put files into context: What is the age of that file? What is the frequency or prevalence? What is the source or location? Where was that file created? What are the behaviors or associations of that file?
McConnell said that the concept of context is critical because it enables Symantec to block potential threats before theyre actually identified in the digital landscape. The today problem is around malware mutations that are generated from attack toolkits, McConnell said. In other words: Although traditional signature-based protection is still in place, it is no longer enough.
Executables and other files are rated for risk by Symantec -- these ratings are preconfigured for SBE, while midsize and larger customers set their own comfort levels with various potential threats. McConnell added that although the SBE comes with more preconfigured options out of the box, customers can modify those settings if they wish. SBE targets firms with 5-99 employees or endpoints, while the flagship is geared for 100 or more seats.
Insight wont scan known good files, meaning it can skip 70% of files on typical systems, according to Symantec.
That clearly has a dramatic impact on scan time and scan overhead, McConnell said, adding that idle-only scans also help boost system performance. We dont even want the user to know were there.
Planned updates for version 12 also include Mac support and Sonar 3, Symantecs behavioral engine. If Insight is the lock on the front door, Sonar is the hall monitor -- it enforces policy-based behavioral rules. McConnell notes that while the composition of a malware file might change on the fly, its goal does not.
People who are looking to
steal passwords
are still looking to steal passwords. Spambots are still looking to do spam, McConnell said. Sonar goes looking for evidence of the bad seeds, such as keystroke logging or changes to the homepage of a Web site. [Sonar] will ask behavioral questions: What has [the file] done?
McConnell shares the view that small and midsize businesses (SMBs), though perhaps less likely to be the victim of headline attacks such as
Stuxnet
or the
Nasdaq hack
, are
increasingly at risk
for malware infections, particularly because of the rise of attack toolkits.
What we tend to see more of [with SMBs] is the impact that these attack toolkits have had on the amount of malware that is in the market, McConnell said, adding that the boom in quantity was a key driver of Endpoint Protections reputation-based and behavior-oriented enhancements. No one -- Symantec or others -- will be able to keep up with that amount of malware with a classic signature business.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Symantec Intros Endpoint Protection 12