Advanced, Targeted and Dangerous
Advanced persistent threats (APTs) and targeted attacks are rapidly becoming the new normal for organizations all over the world. Once the exclusive domain of sophisticated organized cybercrime gangs and nation state actors, the same tools and techniques are rapidly being disseminated and are now readily and broadly available. In fact, in Trend Micro’s 2015 security predictions report, The Invisible Becomes Visible, we anticipate that next year and beyond will see ever more diverse attack origins and targets.
Thousands of enterprises rely on HP network security solutions (TippingPoint NGIPS and NGFW), along with ArcSight, its market leading security information and event management (SIEM) solution. Recognizing the importance of helping enterprises better defend themselves against targeted attacks and custom malware, HP turned to long-time business partner Trend Micro and our Deep Discovery solution. Deep Discovery is trusted by enterprises globally in a broad range of industries. It was designed to provide comprehensive, 360-degree visibility of cybercriminal activity to detect targeted attacks, custom malware, C&C communications and suspicious activities invisible to standard security solutions.
Strategic OEM Agreement
We are proud to announce that we’ve signed an OEM agreement with HP. The HP TippingPoint Advanced Threat Appliance (ATA) family of products leverages the power of Trend Micro™ Deep Discovery to provide customers with a single, integrated solution for detection and enforcement. The solution identifies malware through static, dynamic and behavioral techniques to block and neutralize threats before critical business data is compromised. The ATA will be generally available in Q1-2015 through HP and its channel partners.
According to Richard Stiennon, Chief Research Analyst at IT-Harvest, “The announcement between Trend Micro and HP is going to change the highly contested advanced malware detection space. By partnering with HP, Trend Micro has acquired a force multiplier. With Deep Discovery and the HP OEM agreement, Trend Micro has greater market reach for its best-in-class solution.”
Detect, Block & Investigate
Together with HP TippingPoint IPS, NGFW and ArcSight, the new appliance provides customers with the essential ability to detect, block and investigate APTs. Here’s how it does it:
- Detect: The ATA monitors virtually all network traffic to identify and analyze malware, command-and-control (C&C) communications, and evasive attacker activities that are invisible to standard security, using custom sandboxing.
- Block: The ATA maintains a real-time link with TippingPoint Security Management System (SMS) to convey Indicators of Compromise (IoCs) that SMS broadcasts to all TippingPoint devices per explicit policy management configurations. The devices can then block all subsequent C&C to/from the C&C location for any host on the network.
- Investigate: By combining intelligence from TippingPoint ATA, TippingPoint NGIPS, and other sources, HP ArcSight (security information & event management system) enables comprehensive investigation and reporting across all enterprise events.
This integrated solution delivers unmatched defensive capabilities against today’s most aggressive, elusive, and advanced attacks and intrusions.
Unique & Effective Breach Detection Capabilities
HP selected Deep Discovery to power the HP TippingPoint ATA after a comprehensive and rigorous analysis of market-leading breach detection systems. This further highlights the quality and effectiveness of Deep Discovery. Why did HP choose Deep Discovery? We have a few ideas. Unlike other solutions, Deep Discovery:
- Scans all network ports and more than 80 network protocols, in addition to web and email traffic
- Detects threats by using custom sandbox images that match system configurations. Custom sandboxing is an essential part of an effective breach detection solution, enabling enterprises to prevent evasion based on generic configuration checks by identifying and evaluating custom malware to determine if it is a threat.
- Uses multiple threat detection techniques to identify a broad set of attack signatures across a range of endpoints and mobile devices, including Microsoft Windows, Apple OSX, and Android
In addition, in an independent test of breach detection systems by NSS Labs, Deep Discovery earned the highest score in breach detection (99.1%) with zero false positives and low total cost of ownership − over 25 percent below the average of all products tested. (NSS Labs independent tests)
Our customers are also benefitting from the superior effectiveness of Deep Discovery. As Ty Smallwood, Information Services Security Officer, Navicent Health, stated, “Deep Discovery quickly paid for itself. In the first 48 hours, [it] detected threats on vendor-owned and maintained biomedical devices from several manufacturers that have traditionally not been as secure as they should be. We now had the visibility on the inside that we had on our perimeter.” He added, “Plus we get a sandbox architecture—Deep Discovery goes beyond threat detection to eliminate a lot of false positives with this capability. Now when I get an alert, I know it is something I need to carefully evaluate.”
As targeted attacks to enterprises continue to evolve and proliferate, our partnership with HP will enable more businesses to protect themselves against threats with Deep Discovery’s unique capabilities, allowing them to work more effectively toward their business goals.
HP customers are encouraged to speak now to their account managers to learn more about the HP TippingPoint ATA.