In a world of advanced targeted attacks, stationary security budgets and determined, well-resourced cyber foes, the security software you choose can have a major impact on your organization’s bottom line. Effective detection is a critical success factor to any organization seeking to protect their data, intellectual property and communications. That’s why we’re thrilled that NSS Labs has presented Trend Micro with a special award at Black Hat in recognition of the Top Security Effectiveness Score and “Recommended” rating for Deep Discovery version 3.5 in the most recent NSS Labs Breach Detection Systems Test.
A new paradigm
By now, every IT security boss has heard of “targeted attacks.” They all know these advanced threats are becoming increasingly popular amongst the cybercriminal underground as a means to steal an organization’s “crown jewels” – customer data, IP and trade secrets. But perhaps not many appreciate the lengths the bad guys are going to in order to make sure their attacks go undetected.
Today, hackers will launch a series of attacks, many unsuccessful, against a target until one is successful. The malware hackers are using are offered within the criminal underground markets and are testing the victim’s existing security solutions to ensure it succeeds. Think VirusTotal but for criminals. Once inside, malware can lay hidden for weeks, months and sometimes years by hiding its running processes and network connections, masquerading as legitimate software, or using an array of other obfuscation techniques. All the while it’s busy exfiltrating those crown jewels.
This calls for investments in additional advanced threat detection solutions.
A new solution
With 26 years in the security business, Trend Micro has always been aware of the need to monitor and respond to the ever-changing threat landscape. It’s why our team of researchers have been working around the clock and across the globe to find new ways to protect our customers against the latest threats.
Powered by the Smart Protection Network,Deep Discovery is a single, purpose built appliance that has been specifically designed to help organizations detect and block zero-day exploits and advanced malware that is often associated with targeted attacks and advanced threats. As we’ve explained in the past, detecting advanced threats is no easy task and requires the ability to monitor a broad attack surface. That’s why Deep Discovery monitors more than 80 protocols and applications, and 65,000 ports across inbound outbound and internal network traffic.
Deep Discovery Inspector also provides the ability to mirror your desktop images with customizable virtual sandboxes that match your computing environments. The importance of this capability being, attackers will often embed checks within advanced malware as a form of validating the host they are targeting. Courtesy of a Deep Discovery customer, Figure 1 below provides an example of this exact activity. Specifically, the presence of a host based language setting impacts the execution of advanced malware in a virtual sandbox environment. Without this flexibility the ability to detect an attack may be constrained. In this example, the English sandbox version did not detect attack behavior yet the advanced malware did execute in the sandbox with the Portuguese language setting. With this example one can see the importance of being able to replicate your desktop environments and the direct relation to the detection efficiency of any targeted attack solution.
Figure 1 Sandbox Analysis Showing Detection Based on Operating System Language Settings
NSS Labs: testing excellence
The NSS Labs Breach Detection Systems Test covers security performance, effectiveness and TCO to evaluate solutions which can stop those threats designed to elude conventional endpoint and perimeter security.
That’s why Trend Micro was honored to receive a “Recommended” rating from NSS Labs for Deep Discovery 3.5. In particular, Deep Discovery Inspector was recognized by NSS Labs as having the top score in Security Effectiveness and the second lowest Total Cost of Ownership. What’s more, unlike other offerings this was accomplished using a single appliance, rather than multiple boxes.
To emphasize the importance of detection efficiency, we have created an animation using the perspective of a summer barbecue to illustrate the importance of security effectiveness when dealing with targeted attacks.
If you value your organization’s data and want to make the most informed decision possible on which solutions can best protect it from targeted attacks, our advice would be to visit www.TrendMicro.com/CustomDefense today. And you don’t have to take our word for it; check out this recent article, from the New York Times that highlighted the significance of NSS Labs’ recent findings.