Symantec's latest update to its endpoint security product suite uses deception techniques to keep devices safe, an industry-first according to the company
Today, the company unveiled Endpoint Security for the Cloud Generation, a security software portfolio anchored by the Symantec Endpoint Protection (SEP) platform with added safeguards provided by deception technologies.
As the term suggests, deception technology is used by enterprises to trick attackers into believing that they have established a foothold on a network. Deception solutions create environments, that while convincing, don't pay off for attackers.
Rather than finding the proverbial pot of gold, those looking to pilfer intellectual property, customer records or other valuable information end up waste their time and energy breaking into fake servers.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
"Deception technology is a direct result of Symantec's innovation strategy paired with more than 15 years of endpoint security expertise," Sri Sundaralingam, head of product marketing for Enterprise Security Products at Symantec.
Introduced in version 14.1 of SEP, the new deception capabilities will allow businesses to guard their PCs and other endpoints with strategies used by enterprise IT security teams to turn the tables on attackers.
"With deception on the endpoint, customers can now utilize the threat intelligence and deception capabilities of the largest security company in the world to expose stealthy attack tactics, delay attackers, and determine attacker intent beyond what's available through purely network-based deception technologies – all at a scale like no other in the market," continued Sundaralingam.
SEP 14.1 also has a new an add-on component called Hardening that isolates suspicious activity aimed at applications, preventing zero-day attacks or limiting the damage of an attack. Additionally, it gains signatureless protection that uses behavioral analysis and machine learning to identify malware.
Meanwhile, Symantec Advanced Threat Protection (ATP): Endpoint 3.0 employs SEP's endpoint detection and response features, along with threat intelligence and machine learning to detect and prioritize threats for more targeted investigations and containment actions. Symantec EDR Cloud 3.0 provides threat detection, automation and visualization services.
Symantec also announced today the release of SEP Mobile, a solution based on Skycure's AI-enabled mobile threat defense software. Symantec acquired Skycure in July for an undisclosed amount.
“One of the most dangerous assumptions in today's world is that iOS and other mobile devices that employees bring into the office are safe, but the apps and data on these devices are under increasing attack," stated Symantec CEO Greg Clark at the time. "We believe that tomorrow’s workforce will be completely mobile and will demand a cyber defense solution that travels with them."