Marlow, UK – 24th April 2012 – Advanced Persistent Threat (APT) attacks represent one of the biggest challenges to government organisations and private businesses today. From the Operation Aurora attacks on Google and others through to Night Dragon, LURID and even the RSA data breach, they are targeted, covert and sophisticated enough to get past conventional security tools.
Enter Trend Micro Deep Discovery – the most comprehensive solution of its kind engineered specifically to help firms neutralise the growing menace of APTs. Not only does it provide the tools to detect zero day malware and tell-tale malicious human activity across the entire network and all phases of the attack, but it has also been designed to offer in-depth analysis so firms can prevent similar attacks in the future.
Typically an APT consists of several elements. The attack starts with intelligence gathering to create and execute a socially engineered employee infection – often in the form of a malicious email attachment. Next comes network infiltration, lateral movement across the organisation, and finally data discovery and exfiltration – and all the while, command & control communication and backdoor controls are executed by the attackers via remote control.
Deep Discovery is different because it focuses on the malicious content, suspect communications and the human attack behaviour to give firms the best chance of detecting and stopping APTs:
CONTENT: Trend Micro’s Smart Protection Network underpins the solution providing unparalleled threat detection of zero day and advanced malware with very low false positive rates, currently scanning over 45bn files per day
COMMS: Deep Discovery also makes use of the SPN’s reputation engine and blacklisting capabilities to detect and block the command and control channels used by the attackers to communicate with the malware embedded in the target organisation.
BEHAVIOUR: Through painstaking analysis Trend Micro researchers have been able to draw up a set of behavioural rules based around classic signs of an APT attack – including multiple log-in failures and data exfiltration – so that Deep Discovery can flag up a possible intrusion.
Organisations today don’t just need detection capabilities that will protect them once, they need actionable intelligence to contain and remediate the threats and enable a more proactive approach to preventing APTs in the future.
Deep Discovery therefore provides:
Sandbox simulation and analysis, allowing the user to put any newly discovered malware under the microscope to find out who it’s trying to contact and why.
Threat Connect – an information portal providing all the relevant threat intelligence about a particular attack.
Integration with leading SIEM platforms – so that relevant threat information can be exported and analysis done from a single location.
“APTs are designed to stay hidden. Organisations therefore need a solution which provides the broadest and deepest analysis possible of their network, encompassing threat detection and crucial intelligence on human attack activity”, said Andy Dancer, CTO at Trend Micro. “Deep Discovery has all that thanks to its superior intelligence gathering from thousands of global threat researchers and the billions of daily events processed by the Smart Protection Network.”
A new infographic showing how APTs work, and the menace that they represent, is available from Trend Micro's website here; Connecting the APT Dots.
For more information about the Deep Discovery solution, click here.
About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.
All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.
For more information, visit www.trendmicro.com/en_gb/. Or follow our news on Twitter at @TrendMicroUK.