Welcome!

IBM Cloud Authors: Carmen Gonzalez, Jnan Dash, Elizabeth White, Sematext Blog, Pat Romanski

News Feed Item

Trend Micro Introduces Custom Defense Against APTs and Targeted Attacks

Unique Solution Delivers Adaptive Protection and Empowers Customers to Fight Back Against Their Attackers

CUPERTINO, Calif., Oct. 8, 2012 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), is introducing "Custom Defense" – the industry's first advanced threat protection solution that enables businesses and government agencies not only to detect and analyze advanced persistent threats (APTs) and targeted attacks, but also to rapidly adapt their protection and respond to these attacks. Custom Defense integrates software, global threat intelligence, and specialized tools and services to deliver a comprehensive solution for customers.

Today's most damaging attacks are those targeted specifically at an organization – its people, its systems, its vulnerabilities, and its data. Stealthier and more sophisticated than ever, cybercriminals use clever social engineering techniques like spear phishing to quietly penetrate select organizations, deploying customized malware that can live undetected for months within an organization. Cybercriminals can remotely and covertly steal an organization's valuable information – from credit card data to the more lucrative intellectual property or government secrets – potentially destroying an organization's competitive advantage, or in the case of government even putting national security at risk.

While many organizations feel that they have been targeted, 67 percent admit that their current security activities are insufficient to stop a targeted attack.1 Not surprisingly, 55 percent are not even aware of intrusions2, and fewer know the extent of the attack or who exactly is behind it. While necessary to thwart the majority of today's attacks, standard defenses have proven insufficient to handle APTs and targeted attacks; a custom attack requires a custom defense. Trend Micro's Custom Defense solution enables a complete Detect – Analyze – Adapt – Respond lifecycle.  Custom Defense goes beyond the ability to just detect and analyze targeted attacks by blocking and shutting them down before the real damage occurs. This comprehensive solution also delivers custom insight about the specific threat and cybercriminals involved, empowering organizations with the information they need to fight back against their attackers.

The Custom Defense – How It Works

Detect

At the heart of the Custom Defense solution is a specialized threat protection platform that performs network-wide monitoring to detect zero-day malware, malicious communications and attacker behaviors that are invisible to standard security defenses. Uniquely integrated with control points across the network, the solution can detect and block attacks occurring via corporate and personal email, social media applications, mobile devices and more. It can also detect and block malware communications back to the cybercriminal, or attempts to move laterally to other valuable systems within the network. Unlike competitive offerings that use generic 'sandboxes' in the hope that one will trigger and detect the attack, the Custom Defense solution allows for multiple, customer-defined sandboxes that better reflect their real-life environment and allow them to determine whether they have been breached. The Custom Defense sandbox detonates suspect code in a safe, controlled environment that can be optimized for performance and to evade hacker techniques that are on the lookout for sandboxing solutions.

Analyze

Upon detection, the Custom Defense solution best enables organizations to profile in depth the risk, origin and characteristics of the attack, and uniquely delivers actionable intelligence that guides the organization on how to contain and remediate the attack. To aid in the threat investigation, this solution offers a customized view of threat intelligence that is specific to the organization's environment, and offers the ability to tap into the power of a global, cloud-based threat intelligence network.

Adapt

To immediately adapt and strengthen protection against further attacks, the Custom Defense solution helps customers create custom responses to these targeted attacks, such as IP blacklists, custom spear phishing protection, and coming soon, custom signatures -- all specific to each attack.  The solution automatically updates the global threat intelligence network and issues these custom security updates to Trend Micro gateway, endpoint and server enforcement points. Built using an open and extensible platform, the solution can also send security updates to non-Trend Micro security products that may already be an important part of an organization's defense in-depth strategy.

Respond

Finally, the solution delivers 360-degree contextual visibility of the attack, arming the organization with the insight needed to respond to their specific attackers. The solution can deliver insight such as what information is being targeted, how the attack works, who the attacker is, and perhaps most importantly, who is actually sponsoring the attack. How the organization responds depends on its own situation, and could be as simple as evasive action to make it difficult for the attacker to continue, but could also include public exposure of the attacker to discredit him or her in the cyber community, or even legal action against the attacker and sponsor.

The Custom Defense – Key Components

As part of this announcement, Trend Micro is revealing enhancements to critical software components, its threat intelligence, as well as the availability of specialized tools and services – all of which are necessary for providing a complete custom defense.

Deep Discovery

Trend Micro Deep Discovery uniquely detects and identifies evasive threats in real-time, and provides the in-depth analysis and relevant actionable intelligence found at the heart of the Custom Defense solution. It has been enhanced to meet the growing demands of large enterprises and governments:

  • Open: Delivers highly scalable, customer-defined sandboxing analysis that can be leveraged by other products
  • Automated: Automatically shares IP/Domain blacklists with Trend Micro and third party products
  • Scalable: Supports incremental capacity ranges up to 50,000 samples/day
  • Lower TCO: Offers multiple form factors with the ability to start simply with a single device to monitor all network traffic types
  • Infrastructure fit: Breadth of attack detection goes beyond Microsoft-targeting malware and identifies lateral movement, cross-port activity and privilege escalation

Messaging Security

As part of the Custom Defense solution and for better protection across the network, Trend Micro is the first to integrate advanced threat detection capabilities into its mail gateway and server security products. Trend Micro™ ScanMail™Suite for Microsoft® Exchange™, Trend Micro™ ScanMail™ Suite for IBM® Lotus® Domino™, and Trend Micro™ InterScan™ Messaging Security have been integrated with Deep Discovery to send suspicious files for sandbox analysis and detection of previously unknown malware. In addition, these products feature a new exploit detection engine that identifies email attachments that contain exploits for vulnerabilities in major Adobe, Microsoft Office and other programs and blocks or quarantines them, furthering the level of protection provided.

Other Trend Micro Enterprise Security Products

All Trend Micro protection products will integrate more tightly with the adaptive updates of Deep Discovery. Additional product integrations are planned and will be announced at a later date.

Smart Protection Network and Threat Connect

The Trend Micro Smart Protection Network cloud security infrastructure rapidly and accurately identifies new threats, delivering global threat intelligence to secure data wherever it resides. It looks in more places for threat data, and uses big data analytics to deliver actionable threat intelligence across mobile, physical, virtual and cloud environments.

The Threat Connect information portal is accessible via Deep Discovery. It has been enhanced to provide the full breadth of relevant Trend Micro threat intelligence about specific threats – aiding in the rapid assessment, containment and remediation of an attack.

Attack Response Tools and Services

For years, Trend Micro has been helping its customers effectively identify and remediate targeted cyber-attacks with tools and services that enable Trend Micro support engineers to discover and analyze advanced threats in mail stores and network traffic, as well as for searching log files for traces of attack activity.  Proven effective for incident response and forensics, these tools are now being made available to the Trend Micro partner ecosystem, including, value-added resellers and service providers. 

Quotes

Customer

"Custom Defense is not just a step forward—it is a big leap forward. With the new 'sand box' capability of Deep Discovery we can evaluate a suspicious java applet or code snippet and make the right decision. After all, it is not always the broad-scale threats that represent the biggest danger to our business. Today, it could be a targeted attack—a piece of code crafted just to get at our data. Trend Micro Custom Defense gives us a line of defense against targeted attacks. We can now shut them down quickly."

- Andrew McCullough, Lead Information Security Architect, IT 
  G6 Hospitality (Motel 6 and Studio 6), Dallas, Texas  

"I can't say enough good things about this product—it's doing an awesome job in our environment. We are just getting started with Deep Discovery and we expect that long-term it will yield even more benefits for us. Right now, it is helping us respond more quickly to incidents. It is telling us all kinds of things we would never have known if not for this tool."

- Manager, Desktop Security
Large U.S. Manufacturing Company

"Trend Micro has a great track record of performance and innovation in protecting our clients assets, and the addition of Custom Defense raises the bar higher by shortening the critical window of exposure between threat identification and response."

- Dan Wilson, Senior Vice President of Partner Alliances, Accuvant

Analyst

"Our research indicates that the majority of enterprise security professionals believe that it is 'highly likely' or 'somewhat likely' that their organization has been the target of an APT. Risks can no longer be ignored or addressed with token changes to the status quo; instead, response must be immediate and adaptive. An effective approach is with network-based security monitoring designed to detect and analyze attack activity in real-time. Trend Micro is one of few vendors whose solutions fit this description; with the Custom Defense, it is enhancing its capabilities in attack detection and intelligence." 

- Jon Oltsik, Senior Principal Analyst
Enterprise Strategy Group

Sources:

  1. The Human Factor in Data Protection, Ponemon Institute, January  2012
  2. Trend Micro research, 2012

Supporting materials:

Supporting Videos:

White Papers and Case Studies:

Data Sheets and Web pages:

About Trend Micro
Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro Smart Protection Network cloud computing security infrastructure, Trend Micro's products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe. 

Additional information about Trend Micro Incorporated and its products and services are available at Trend Micro.com. This Trend Micro news release and other announcements are available at http://NewsRoom.TrendMicro.com and as part of an RSS feed at www.trendmicro.com/rss. Or follow our news on Twitter at @TrendMicro.

SOURCE Trend Micro Incorporated

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2017 New York. The 20th Cloud Expo and 7th @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, NY. "The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it," stated Roger Strukhoff. "More importantly, it leverages the power of devices and the Internet to enable us all to im...
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, will share examples from a wide range of industries – includin...
"We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Internet of @ThingsExpo has announced today that Chris Matthieu has been named tech chair of Internet of @ThingsExpo 2017 New York The 7th Internet of @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, New York. Chris Matthieu is the co-founder and CTO of Octoblu, a revolutionary real-time IoT platform recently acquired by Citrix. Octoblu connects things, systems, people and clouds to a global mesh network allowing users to automate and control design flo...
With 15% of enterprises adopting a hybrid IT strategy, you need to set a plan to integrate hybrid cloud throughout your infrastructure. In his session at 18th Cloud Expo, Steven Dreher, Director of Solutions Architecture at Green House Data, discussed how to plan for shifting resource requirements, overcome challenges, and implement hybrid IT alongside your existing data center assets. Highlights included anticipating workload, cost and resource calculations, integrating services on both sides...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud.
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web co...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
"Once customers get a year into their IoT deployments, they start to realize that they may have been shortsighted in the ways they built out their deployment and the key thing I see a lot of people looking at is - how can I take equipment data, pull it back in an IoT solution and show it in a dashboard," stated Dave McCarthy, Director of Products at Bsquare Corporation, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Dave McCarthy, Director of Products at Bsquare Corporation; Alan Williamson, Principal...