Home / / WatchGuard unveils APT Blocker

WatchGuard unveils APT Blocker

Anti-advanced persistent threat solution submits suspicious files to a cloud-based sandbox

WatchGuard unveils APT Blocker
Nachreiner: Nearly 88% of today's malware can morph to avoid detection by signature-based anti-virus solutions

WatchGuard has unveiled a new security solution to help enterprises mitigate against advanced persistent threats (APTs).

WatchGuard APT Blocker, the vendor said, delivers real-time visibility and indentifies and submits suspicious to a cloud-based sandbox. In the cloud, threats are given full system emulation and analysis, which, WatchGuard claimed, provides protection against both known threats and unknown threats such as APTs.

"Nearly 88% of today's malware can morph to avoid detection by signature-based anti-virus solutions," said Corey Nachreiner, director of security strategy and research for WatchGuard Technologies.

"That means today's anti-virus solutions remain necessary for catching known threats but alone, they're no longer sufficient. APT Blocker's full-system emulation approach to sandboxing provides simple, rapid protection, which doesn't rely on a traditional, signature-based approach to detect and stop advanced malware; in a solution that scales to inspect millions of objects at any given time."

The solution will come pre-installed on all WatchGuard unified threat management (UTM) and next-gen firewall (NGF) appliances on a 30-day trial basis. Indeed, the vendor has extended these products' proprietary, proxy-based architecture to detect suspicious files and send them to the cloud.

For the cloud aspect of the solution, WatchGuard has partnered with LastLine, which provides its full-system emulation inspection capabilities.

Historically, APT targets have been governments and large enterprises that have seen critical infrastructures disrupted by viruses such as Stuxnet and Duqu. However, security vendors claim that advanced threats now target much smaller organisations.

"Since today's APT targets are not anticipating these threats, they are not sufficiently protected. Often relying almost entirely on anti-virus and digital-signature solutions, these networks are almost completely vulnerable," Nachreiner said.  

Follow us to get the most comprehensive IT infrastructure news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.