Symantec Introduces Unique New Technologies to Fight Evolving Targeted Attacks

Symantec Introduces Unique New Technologies to Fight Evolving Targeted Attacks

New Disarm technology and network threat protection for Mac computers added to Symantec’s protection portfolio


Symantec (NASDAQ:SYMC) today announced new additions to its industry leading protection technologies to protect organizations from targeted attacks. The powerful new innovations include Disarm technology in Symantec Messaging Gateway and the addition of Network Threat Protection in Symantec Endpoint Protection for Mac computers.

Defending against sophisticated targeted attacks is now the norm, and it’s not just large companies that are being impacted. Targeted attacks are growing significantly among businesses with fewer than 250 employees. Small businesses globally are the target of 31 percent of all attacks, according to the 2013 Internet Security Threat Report. Small companies are an attractive target for cybercriminals as they have fewer security safeguards and often have business relationships with larger companies which may be the ultimate target of attackers.

“Safeguarding their organisations against evolving targeted attacks in this changing threat landscape is increasingly becoming a key concern of Chief Information Security Officers (CISOs) and IT managers. The new technologies, combined with Symantec’s comprehensive solution portfolio, are designed to protect organisations in Thailand from threats at the gateway, on the endpoint and in the data centre,” said Nopchai Tangtritham, Symantec’s technical director for Thailand.

Protection at the Gateway: Disarm Technology

Developed by Symantec Research Labs, Symantec’s advanced research division, the new Disarm technology in Symantec Messaging Gateway 10.5 uses a first-of-a-kind technique to protect companies from targeted attacks. Most targeted attacks are now delivered in the form of malicious, but seemingly innocuous, documents delivered over email. Each such malicious document, e.g., a PDF, DOC or XLS file, contains an embedded attack, and when a victim simply views the document, their computer is automatically and silently compromised.

Traditional protection technologies attempt to scan documents for suspicious characteristics. The problem is that many of these document-based attacks are purposefully crafted so they don’t look suspicious, and as a result, they go undetected.

Disarm technology takes a whole new approach. Instead of scanning the document, it essentially makes a digital harmless carbon copy of every incoming email attachment/document, delivering this carbon copy to the recipient, rather than the original and potentially malicious document. The result is that the recipient is never exposed to the attacker’s malicious attachment.

According to Symantec research, the Disarm technology would have blocked 98 percent of attacks that exploit zero-day document vulnerabilities thus far in 2013 – these are attacks that were entirely unknown and would therefore have likely evaded all traditional scanners, heuristics, emulators and even Virtual Execution (VX) solutions.

Protection at the Endpoint: Network Threat Protection for Mac Computers

Symantec has added its advanced Network Threat Protection technology to the Mac version of the Symantec Endpoint Protection 12.1.4. “Many Mac users think they’re impervious to attacks, and as a result, don’t take security seriously. But the reality is that this makes Mac users a potential goldmine for targeted attackers. Symantec’s Network Threat Protection technology intercepts incoming network traffic before it can impact the Mac computers, looking for targeted attack exploits and automatically blocking them,” said Tangtritham.

Network Threat Protection technology uses a patented, application-level, protocol-aware Intrusion Prevention System to not only identify and block known attacks, but also identify and block many unknown or day-zero attacks.

Protection at the Data Centre: Solutions to Protect the Physical and Virtual Data Centre

Symantec also protects an organization’s critical assets and information in the data centre. Symantec offers Symantec Critical System Protection (CSP), a server lockdown solution designed to protect both physical and virtual infrastructure. Organizations can install and configure CSP so it only allows known-legitimate activities on your servers and blocks all other (anomalous) activities. If a targeted attacker does compromise a server, they must – by definition – perform activities that will deviate from the norm in order to access sensitive data on the machine, or elsewhere in the data centre. CSP automatically detects and blocks those deviations, stopping the attack automatically. Only approved software programs are allowed to run, and those programs are only allowed to perform approved behaviors, access approved resources, etc.

Targeted Attack Protection Powered by Unmatched Expertise, Global Intelligence

In addition to these new innovative technologies, Symantec’s security solutions are powered by the Symantec Global Intelligence Network (GIN) and a team of more than 550 researchers around the world. Symantec’s GIN platform collects anonymous telemetry from Symantec’s hundreds of millions of customers and sensors around the clock. Symantec uses this data – more than 2.5 trillion rows of security telemetry – to automatically discover new attacks, and monitor attacker networks. Symantec also uses this data to develop predictive, proactive protection technologies, such as Symantec’s Insight reputation technology, for gateway, endpoint and data centre offerings.


About Symantec

Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people, businesses and governments seeking the freedom to unlock the opportunities technology brings – anytime, anywhere. Founded in April 1982, Symantec, a Fortune 500 company, operating one of the largest global data-intelligence networks, has provided leading security, backup and availability solutions for where vital information is stored, accessed and shared. The company’s more than 21,500 employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are Symantec customers. In fiscal 2013, it recorded revenues of $6.9 billion. To learn more go to \ or connect with Symantec at: