After months of hints and a behind-closed-doors look, Symantec has finally lifted the lid off its Advanced Threat Protection (ATP) offering.
The solution is ambitious. According to Symantec, it’s designed to underpin the entire IT ecosystem, including endpoints, the network and email, and is able to detect and fix threats across all of it from one console, without deploying agents.
It’s also meant to provide a different approach than traditional end-point security practices, where individual products are relied upon to keep ransomware, trojans and zero day attacks at bay.
“The process of uncovering threat data across endpoint, network and email gateways is manual and time-consuming, which gives attackers an edge,” Symantec said in a statement. “Symantec ATP correlates suspicious activity across all control points and prioritizes the events that pose the most risk to an organization. Once a critical threat is identified, it can now be quickly contained and new instances can be blocked.”
Prioritization in the solution is accomplished through real-time analytics of all global threats that Symantec sees, a process the company refers to as telemetry.
Upon detecting a threat, the solution is able to contain endpoints and block access from the console. It is also able to make use of existing Symantec Endpoint Security and Email Security.cloud deployments without the need for new endpoint agents.
Symantec says that eventually it will open up the solution to third party technology partners, such as firewall and security vendors. For now it’s able to export its intelligence into third party incident event managers.
The solution is slated for availability by end-of-year 2015 at a base MSRP of $40 per user on one control point for one year.