YOU ARE AT:DevicesSymantec releases internal security tools to combat targeted attacks

Symantec releases internal security tools to combat targeted attacks

Symantec uses machine learning to detect targeted attacks

Cybersecurity company Symantec announced it has made a threat detection technology used internally to detect targeted attacks available to its Advanced Threat Protection (ATP) customers.

Targeted attacks are one the biggest cybersecurity threats facing organizations. They can be difficult to view on account of being buried under alerts generated by security systems, which often distract security teams and restrict their ability to narrow in on advanced threats in real-time. Consequently, Symantec decided to make its threat detection system accessible to its customers.

The company’s Targeted Attack Analytics (TAA) technology enables ATP customers to leverage machine learning to automate the discovery of targeted attacks. With machine learning, a broad range of data can be analyzed, including system and network telemetry from Symantec’s global customer base. According to the company, this cloud-based approach enables the frequent re-training and updating of analytics to adapt to new attack methods without requiring product updates.

“Symantec’s team of cyber analysts has a long history of uncovering the world’s most high-profile cyber-attacks and now their deep understanding of how these attacks unfold can be put to use by our customers without the need to employ a team of researchers,” said Symantec CEO Greg Clark. “Targeted Attack Analytics uses advanced analytics and machine learning to help shorten the time to discovery on the most targeted and dangerous attacks and to help keep customers and their data safe.”

The company said the technology behind TAA is the same tool set it used to uncover Dragonfly 2.0, a cybersecurity attack in which hackers targeted dozens of energy companies during the spring and summer of last year. The company said TAA is the result of an internal joint-effort between Symantec’s Attack Investigation Team responsible for uncovering Stuxnet, Regin, Lazarus as well as links to SWIFT and WannaCry attacks, and the company’s security data scientists working on machine learning research. TAA is currently available as part of the company’s Integrated Cyber Defense Platform for Symantec ATP customers.

“Up until now, we’ve had the telemetry and data necessary to uncover the warning signs of dangerous targeted attacks but the industry has lacked the technology to analyze and code the data quickly,” said Technical Director of Symantec Security Eric Chien. “With TAA, we’re taking the intelligence generated from our leading research teams and uniting it with the power of advanced machine learning to help customers automatically identify these dangerous threats and take action.”

ABOUT AUTHOR

Nathan Cranford
Nathan Cranford
Nathan Cranford joined RCR Wireless News as a Technology Writer in 2017. Prior to his current position, he served as a content producer for GateHouse Media, and as a freelance science and tech reporter. His work has been published by a myriad of news outlets, including COEUS Magazine, dailyRx News, The Oklahoma Daily, Texas Writers Journal and VETTA Magazine. Nathan earned a bachelor’s from the University of Oklahoma in 2013. He lives in Austin, Texas.