Highway Into the Gravity Zone: Advanced Security for All Organizations—Part One
By CMD Technology Group
4 min read
Unfortunately, news about security breaches and data theft are becoming more and more common. Don’t believe me? Just look here, and here, and here, and here…and that only covers the last three weeks! As disconcerting the frequency of such incidents can be, what is more troubling is that 56% of breaches take months or longer before they are discovered.* That means statistically speaking, over half of you reading this article have suffered a security breach and don’t even know it yet.
It can be almost overwhelming to contemplate how you can keep your infrastructure secure when you hear the stories, read the statistics, and consider how spread out our networks have become with cloud and mobility. How are we supposed to protect ourselves?
The most important defense is knowledge. With a little insight and perspective on the threats your company faces, it can help you narrow the playing field and focus on where most breaches happen.
Web Browsers: The Welcome Mat for Malicious Code
According to a report from Palo Alto, “90% of fully undetected malware was delivered via web-browsing,” and “it took antivirus vendors four times as long to detect malware from web-based applications as opposed to email.” So the question becomes, how do we “lock-down” browser vulnerabilities without negatively impacting user experience and productivity?
Bitdefender has been an industry leader in security technology for many years. They have been listed in the top three for the past ten years from the world’s top two independent testing firms, AV-TEST and AV-Comparatives. In this article, we are going to highlight a few key elements that make up their security platform through adaptive layered security.
When considering cyber protection, most will think of preventative measures, such as controlling the devices allowed on the network, whitelisting or blacklisting applications, or managing the content allowed on a browser. Of course, prevention is critical, but in today’s threat landscape, it is impossible to anticipate every threat vector. So, equally important is having a sound pre-execution and post-execution strategy when malware comes knocking at your door.
Like it was said earlier, knowledge plays a crucial component in defense. For any security software, having a robust database of known threats, such as malware, compromised IPs, and patterns of behavior are critical. Where Bitdefender’s Gravity Zone (Bitdefender’s platform for endpoint protection and security) sets itself apart is the sheer volume of data it regularly collects to increase its threat intelligence. Over 150+ cybersecurity vendors utilize Bitdefender technologies in their solutions, which means Bitdefender gathers a massive amount of data about new threats. In conjunction with that, Bitdefender also maintains a network of 500+ million sensors, the largest in the world, to keep track of new threats in real-time. When you consider that 500,000 new threats occur every day, it’s not hard to see why a healthy threat database is so important.
However, the rabbit hole goes deeper than databases. Even when you are maintaining up-to-the-second data on new threats, you’re still always going to be a little behind the curve on new malware that hasn’t been discovered, and who wants to be on the front lines of that battle? So, another vital piece of the defense puzzle is machine learning.
Machine learning or heuristic systems can identify techniques or patterns of behavior instead of just looking for specific malware signatures, and with seven US patents and more than 30 published papers on machine learning, Bitdefender has positioned itself as a world leader in machine learning. But even with an enormous threat database and machine learning keeping tabs on new threats, sometimes you can’t be sure whether or not a particular file, URL, or IP is malicious. What then?
Here is where we enter the next layer of security, the post-execution phase, where endpoint integrated sandboxing, and process inspection becomes the next line of defense to keep your system safe. Some of you may be familiar with sandboxing. For those who aren’t, sandboxing creates a virtual environment separate from your system. Bitdefender’s sandbox creates this virtual environment on one of their servers, protecting your system, and here the suspicious file is run to determine if it is malicious or not.
Taking this concept a step further is the continuous process inspection feature. Sometimes to get around sandboxing a malicious file may incorporate time-bombing, a method where a file will delay the execution of malicious code. By continuously monitoring its processes for its entire life, Gravity Zone can monitor for infection and keep track of the changes made by the malicious code to aid remediation.
And So Much More…
This overview is just the tip of the iceberg when it comes to the advanced technologies employed by the engineers at Bitdefender. They have very innovative (that word gets thrown around a lot, but we genuinely mean it here) solutions that help organizations of all sizes and threat profiles. One such innovation is Hypervisor Introspection the only security solution that runs at the hypervisor level and greatly simplifying your endpoint management all through a single pane of glass. We have partnered with them because we genuinely believe they offer the best solutions by far!
As with so many products and services in IT, knowing which solution or combination of solutions meet your current needs, accounting for future growth, and wise use of limited resources can be challenging in the least. That is where you can rely on CMD and the expertise of our consultants who take careful consideration of your needs and answer any questions you have, before offering any recommendation or solution.
We want to make sure you fully understand what options are available to you so you can make an informed decision. If you have any questions about the solutions and bundles offered by Bitdefender, if you are curious about how it compares to your current security setup, give us a call or send us an email, we would be happy and answer any of your questions.
Get in touch
You can email us at email@example.com
Give us a call at 1-800-806-4173
Or contact us using the form below