Next-generation endpoint sensor and enhanced network threat defense accelerate protection, remediation of targeted attacks. In today’s complex and IT-constrained environment, organizations need a complete, systematic approach for thwarting the massive volume of traditional threats, while handling the rise of newer, more sophisticated attacks. At RSA 2014, Trend Micro Incorporated is announcing the latest enhancements to the Trend Micro™ Smart Protection Platform, building upon a set of unified threat defense capabilities that already enable customers to protect their organization against known threats, yet also detect and respond to new targeted attacks, immediately guarding against further intrusion.
The primary improvement to the company’s Smart Protection Platform is the new Smart Sensor product, described as “a context-aware endpoint monitoring solution that enables threat investigators to rapidly detect and assess the nature and extent of targeted attacks on endpoints and servers, speeding time to remediation.”
The new Smart Sensor works in conjunction with the company’s Deep Discovery solution designed to protect against targeted attacks.
Smart Sensor monitors process-level and network communications so security investigators can conduct multi-level “signature-less” analysis using “indicators of compromise” parameters produced by Deep Discovery or other sources of network security intelligence.
Trend Micro said investigators can use Smart Sensor to examine the chain of events associated with a targeted attack across enterprise systems, including endpoints on-premise, at remote locations or in the cloud. These events can include system infiltration, malicious “command and control” incursions and possibly dangerous account activities.
Introduced at the RSA 2014 security conference in San Francisco, Smart Sensor helps investigators “understand actual malware behavior including delivery method, execution, communications and system implications,” the Tokyo-based company said.
Other enhancements include a Deep Discovery Email Inspector designed to complement other email security measures and protect against “spear phishing” emails, described by Trend Micro as a common point of entry for the types of targeted attacks now in use. “It uses proven sandboxing and other advanced detection engines to identify malicious attachments or embedded URLs, allowing the customer to analyze the threats and to set automatic policies for email blocking or quarantine,” the company said.
Yet another component is Deep Discovery Inspector v3.6, which the company said helps large-scale enterprises improve and extend sandboxing analysis and better investigate threats with better event management (SIEM) integration and a new 4 Gbps model.
“Customers can now create more custom sandbox images, concurrently analyze more files and more rapidly analyze attack details within Deep Discovery or their SIEM systems,” Trend Micro said. “In addition, [with] the new 4Gbps model, Deep Discovery Inspector supports broader deployment options to better protect against targeted attacks.”