There are too many speeches to count that start off with some variation on “now is the time for…”. Whether it be “…to come to the aid of their country” or “…to make justice a reality for all of God's children.” or even Shakespeare’s variation “now is the winter of our discontent”, they all signal some new era approaching. Specifically heralding that is time for a change, and nothing could be needed more for the cyber security industry than a change from detection to prevention.
Advanced Threat Prevention
We have final moved from a world where advanced threat “detection” is evolving into advanced threat “prevention”. According to Jim Oltsik at CSO Magazine in his article titled “2018: The year of advanced threat prevention”,
“Cybersecurity technology vendors are introducing a wave of technologies for what I call advanced threat prevention. These tools do a much better job of blocking exploits, attack vectors, and malware while greatly reducing the attack surface. This, in turn, has the derivative effect of decreasing threat detection noise and complexity.”
Mr. Oltsik goes on to add,
“While there’s really no such thing as, "set-it-and-forget-it," security technology, these tools don’t require as much constant care and feeding as legacy security controls or monitoring or analytics systems. This means CISOs won’t need an army of staffers, months of deployment/customization, and weeks of staff training to benefit from these investments.”
This has the primary benefit of eliminating all of the noise and false positives of detection solutions with the added benefit of reduced resource, cost and time requirements. We agree and have also provided three keys to success in a previous blog.
Let’s face it, since the dawn of the information age, businesses large and small have relied almost exclusively on their content to survive. Whether that content is competitive and market research, business strategies and product/service plans, marketing and sales data, CRM and ERP, financial transactions and audits, or just the ubiquitous email communications with everyone, it all adds up to the fact that your business is a function of how well you create, use and manage your content. More importantly, how safe you can keep your content given the cyber threats that seem to manifest from everywhere will determine how productive and ultimately profitable you are.
The threat landscape has evolved in complexity considerably with the shift to cloud computing. Additionally, malware has become smarter and craftier. Contemporary malware protection approaches such as antivirus and sandboxing (standalone or integrated) have become commonplace, but they are signature and behavior-based, which by definition implies their inability to identify advanced threats and zero-day attacks for which no patterns, signatures or behaviors exist.
In other words, the time is now to ensure advanced threat prevention so that you can ensure your content is always safe.
ATP Done Right
Advanced Threat Prevention done right can only be achieved if the results and savings are quantifiable. Unlike signature-based and behavior-based security, which have both proven to be evaded by determined cyber criminals with publicly documented techniques, Solebit’s SoleGATE (now part of Mimecast) uses a static analysis which is faster, more accurate, not OS version dependent and covers 100% of your code, with complete visibility. With SoleGATE, every line of code is evaluated, making Sandbox evasion techniques ineffective. On average, Solebit analysis time is between milliseconds up to a few seconds. Network Sandboxes typically take 5-15 minutes to perform the same analysis.
Using deep inspection and analysis methods, SoleGATE is able to interpret and detect code in real time and immediately block threats from penetrating your organization. DvC™ has no assumptions on threat heuristics and behavior and assumes that there is no legitimate reason for executable code to be present in a data file, it relies solely on identifying code existence on non-executables files.
See for yourself what SoleGATE can do to deliver evasion proof security in your organization. Register for a demo today.