Cybersecurity firm Symantec Corp. (Symantec) announced new innovations and enhancements to its endpoint security portfolio designed to defend against the most sophisticated cyber attacks through advanced endpoint protection and hardening capabilities. These new offerings will help customers reduce the endpoint attack surface by allowing only known good applications to run, enhancing application discovery and risk assessment, and preventing stealthy attacks.
Traditional endpoint security is effective at stopping malware, but sophisticated attackers are increasingly taking advantage of the complexity of endpoint environments, exploiting gaps to discover new paths to lucrative targets.
“The diversity and complexity of today’s heterogeneous endpoint environment create multiple opportunities for cyber-attacks,” said Fernando Montenegro, senior analyst, Information Security, 451 Research. “The deployment of endpoint security software that brings together not only prevention and EDR (endpoint detection and response) but also hardening technologies to further reduce the attack surface is more important than ever.”
To address these challenges, Symantec incorporated advanced protection and hardening into its market-leading endpoint security solution which delivers a coordinated, adaptive endpoint defense that is simple for security teams to manage. This defense framework reduces the attack surface and delivers protection from unauthorized access, known vulnerabilities, zero-day attacks, and everything in between. Symantec delivers these technologies through a single agent which is managed by an integrated cloud console, lowering deployment and management complexity.
Endpoint Security portfolio updates include:
Symantec Endpoint Application Control defends against advanced attacks by only allowing known, good applications to run, thus minimizing the attack surface. The whitelisting solution includes smart, auto-generation of application-specific rules, comprehensive application discovery, in-depth risk assessment, and continuous tracking of application drift — making it easy to deploy and manage in dynamic endpoint environments.
Symantec Endpoint Application Isolation enables users to download and use any application safely by ensuring every application is restricted to safe and authorized behavior. Through enhanced visibility and intelligence, suspicious applications can be isolated to prevent any privileged operations that can harm the endpoint. Application isolation will also shield known good applications from tampering to stop attackers from exploiting potential vulnerabilities.
Symantec Endpoint Cloud Connect Defense delivers dynamic protection by assuring network integrity through a policy-based smart VPN to defend against risky WiFi and carrier networks. This technology provides an additional layer of protection for Windows 10 devices.
Symantec Endpoint Threat Defense for Active Directory helps ensure that malicious actors on domain-connected endpoints cannot exploit Active Directory to gain access to critical assets. Threat Defense for AD restricts post-exploit incursions by preventing credential theft and lateral movement with a unique combination of AI, obfuscation and advanced forensics methodologies to contain these attacks automatically, in real-time. This new product follows the Javelin Networks acquisition.
“Stopping today’s most sophisticated threats requires integrated layers of security which make it difficult for attackers to operate,” said Art Gilliland, EVP and GM Enterprise Products, Symantec. “By incorporating advanced protection and hardening innovations into our endpoint portfolio, we help minimize the attack surface and make it more challenging to penetrate and move laterally across networks, an important part of an Integrated Cyber Defense strategy.”
Image by Darwin Laganzon/Pixabay