Blue Coat introduced the Blue Coat Content Analysis System with malware analysis to automate advanced threat protection at the Internet gateway. The Content Analysis System blocks known threats and detects and analyzes zero-day and advanced malware, sharing new threat intelligence to continually fortify the network. This allows organizations to bridge the gap between the day-to-day security operations team and the advanced security team that is focused on incident containment and resolution.
“To protect their networks from advanced targeted attacks and zero-day malware, businesses need a systematic approach that aligns security teams on the right strategy, process and action to block the threats they can, detect the ones they can’t and respond to the ones that are already on the network,” said Matthias Yeo, Chief Technology Officer – Asia Pacific, Blue Coat Systems. “Our Content Analysis System is a key technology for organizations that want to build an automated defense into their networks that continually fortifies the network by operationalizing new threat intelligence. This allows our customers to protect and empower their business.”
The Content Analysis System supports up to two leading anti-virus signature databases and provides application whitelisting and dynamic malware analysis. Together, these technologies deliver the following benefits for businesses:
- Best-of-Breed Sandboxing: Powered by Norman Shark, a Blue Coat Business Assurance Technology partner, the Blue Coat malware analysis technology – available as an appliance today and via the cloud in the future – combines customizable virtual environments with sandbox emulation for the most comprehensive detection of unknown or advanced malware, including malware that employs evasive detection techniques.
- Malware Analysis Orchestration: The Blue Coat Content Analysis System acts as a broker for multiple sandboxing or malware analysis instances, simultaneously sending unknown or suspicious files to both the Blue Coat sandbox as well as third-party sandboxes. By seamlessly integrating into existing security infrastructures, the Content Analysis System allows enterprises to optimize their existing investments in sandbox technologies while building out an advanced malware defense in-depth. The system also future proofs customers’ infrastructure via a scalable interface that can incorporate other advanced malware analysis technology via the broker capability.
- Threat Intelligence Feedback Loop: New intelligence from the analysis of advanced or unknown malware is shared with Blue Coat ProxySG appliances to automate blocking of newly identified threats at the gateway for a more scalable defense. New intelligence is also shared with the Security Analytics Platform from Solera, a Blue Coat company, which delivers advanced threat profiling and remediation of the full scope of the attack. The network effect of the Blue Coat Global Intelligence Network further automates protection by sharing threat intelligence from 15,000 customers worldwide.
Availability
The Blue Coat Content Analysis System is already with application whitelisting and support for anti-malware signature databases from leading anti-virus vendors. The malware analysis technology will be available as an appliance at the same time and via the cloud in the future.
