We’ve entered a new era of cyber threats. It’s like no other that’s gone before, in that CISOs must battle not only the huge volume of “old threats” out there but also a growing array of stealthier new attacks designed to circumvent traditional tools. These could include certain types of targeted attacks, ransomware, zero-day threats, and even business process compromise. And they have to deal with a much larger attack surface created by cloud, mobility, and riskier user behavior. It’s no surprise that 2016 hit a record number of recorded data breaches in the US – over 1,000. And many more are likely to have gone as-yet unnoticed.
That’s why, in this new era, organizations need to bridge the gap between an old and new generation of threats, IT architectures, and yes, even user behaviors. That’s just what Trend Micro XGen™ security was designed to do.
Known and unknown
IT security teams have a problem. On the one hand the volume of known bad threats knocking at the door has reached epidemic proportions. Trend Micro blocked 80 billion such attacks in 2016 alone. But that’s just the start. Thanks to the growing availability of tools and knowledge on the dark web, we’re also seeing a surge in new and unique threats – something like 500,000 every day. These require more advanced techniques to spot and block.
In our 2017 predictions report, The Next Tier, we anticipate that the next generation of targeted attacks will be developed to feature new and unexpected techniques designed to fool security products. These might include advanced sandbox detection/evasion and VM escapes. Complicating matters is that these threats are targeted at every part of your IT infrastructure, from endpoints to networks and servers – all the way out to the cloud.
Deploying advanced security to all parts of the organization can be challenging because it requires different operational skills and resources. Many organizations do so with point products, which multiply the IT workload, impair visibility and performance and can leave gaps for the threats to sneak through.
The XGen difference: cross-generational
Many security vendors claim to have a single silver bullet to tackle this new era of cyber threats. I wish that were true, but it simply isn’t that straightforward. Machine learning alone is not the answer. While it can be a powerful way to predict whether an unknown file is malicious, it is also more computationally intensive with a higher rate of false positives, so is not the most efficient or effective way tackle the massive volume of known bad threats. Instead, there needs to be a ‘cross-generational’ approach that knows how to use the right threat defense technique at the right time to ensure maximum protection with the utmost efficiency. XGen™ security does exactly that, including – but not limited to – the following:
Antimalware and Content Filtering to quickly detect and block the massive number of known bad files, URLs and spam.
Behavioral Analysis including memory inspection, suspicious action monitoring and browser exploit protection examines an unknown item and its behavior at runtime to determine if it’s suspicious.
High-Fidelity Machine Learning uses mathematical algorithms to predict maliciousness, with the ability to analyze unknown files before execution and during runtime for greater accuracy,. It also features “noise cancellation” capabilities to reduce false positives.
Sandbox Analysis enables on-the-fly analysis of unknown threats – allowing them to run in a safe environment to examine their behaviors.
Intrusion Prevention shields known vulnerabilities against unknown, zero-day exploits.
Application Control allows only known good applications to install or run.
Integrity Monitoring flags any suspicious system changes.
Response and Containment enables investigative forensics, quarantine of suspicious items and automated security updates.
The Trend Micro Smart Protection Network – our cloud-based global threat intelligence which blocks 250 million threat each day – fuels these techniques to ensure customers are protected against the latest threat findings.
What’s more, the XGen™ approach to security also eases the burden on IT security. Threat defense techniques are designed to fit each layer of security—user environments, networks and hybrid clouds—making it faster and easier to deploy and manage. And, the solutions seamlessly share threat intelligence, enabling automated security updates. Everything is also nicely connected through a central console that offers visibility across security layers, speeding time to response.
As this generation quickly blurs into the next—with hackers continuing to add new types of threats to the volume of existing ones, and with the number of points to protect growing every day – IT security leaders must adopt a cross-generational approach to security.