Growing up in the Silicon Valley, we would do “drop, cover, and hold on” earthquake drills in school so we were prepared when the big one hit. Not if, but when. When you live on the San Andres Fault, earthquakes are going to happen.
The same can be said for advanced threats and targeted attacks. With a 90 percent* success rate, it isn’t about if the bad guys get in, it is all about when they get in—and how you react and respond once they are in your network.
According to a recent IDG survey of IT professionals, 95 percent of those surveyed do not believe their current security will prevent all potential security incidents, and 2/3 of the same group said that they do not or cannot quarantine an infected host. What this tells me, is that the vast majority of IT professionals know they could be hours away from disaster but only 1/3 of them are prepared.
TippingPoint and Trend Micro announced they will be working together to help organizations like yours identify advanced threats early in the attack, neutralizing patient zero and stopping it from spreading across the network. The new TippingPoint Advanced Threat Appliance (ATA) family will detect and analyze the behavior of APTs by detonating them in a safe sandboxed environment.
This data is then sent to the TippingPoint Security Management System (SMS) where you can quickly enable filters to block future attacks with the TippingPoint Next-Generation Intrusion Prevention System (IPS). The best part is that the enforcement tools ‘learn’ from these attacks as they happen and add the security intelligence to our TippingPoint Threat Digital Vaccine (ThreatDV) service. Regardless of whether or not the attack and infection comes from inside or outside your network, you can count on us to neutralize patient zero – making sure the threat does not spread.
If all that weren’t cool enough, at the same time the ATA is communicating with the SMS to start the blocking action, it can send the CEF data to a SIEM solution where it will correlate the data to identify if more systems and users have been affected or to find a solution if there were such threats in the past that was responded.
No need to drop, cover and hold on. Now you just need to set up your network security to detect, block and investigate advanced threats with TippingPoint.