Analyze all content automatically to block advanced threats
Symantec Content Analysis automatically escalates and brokers zero-day threats for dynamic sandboxing and validation before sending content to users. Analyze unknown content from one central location. Leveraging Symantec ProxySG, this malware analyzer uses a unique multi-layer inspection and dual-sandboxing approach to reveal malicious behavior and expose zero-day threats, and safely detonate suspicious files and URLs.
- Block all known threats identified through Global Intelligence Network
- Deploy multi-step analysis to inspect only suspicious files, including threats targeting mobile devices.
- Analyze unknown content delivered by Symantec ProxySG or messaging gateways
- Send IOCs to endpoint detection technologies
- Integrate with Symantec Endpoint Protection Manager
New Features in Content Analysis
Content Analysis delivers multi-layer file inspection to better protect your organization against known and unknown threats. Unknown or suspicious content from sources like ProxySG, Symantec Messaging Gateway or other tools is delivered to Content Analysis for deep inspection, interrogation, analysis and ultimately blocking, if deemed malicious. Recent enhancements to Content Analysis strengthens this platform even further. New features in recent releases include:
- On-box our cloud sandboxing
- Endpoint protection and response through integration with Symantec Endpoint Protection
- Addition of Symantec Antivirus and Advanced Machine Learning to Content Analysis for even better detection
Improve threat detection and sandboxing performance
Even with the benefit of expensive malware sandboxing technologies, incident response teams are inundated with alerts. Because they can’t tell what’s urgent and what’s not, they often ignore alarms, leaving your enterprise exposed to risk. Symantec Content Analysis delivers effective tools for malware analysis to ensure that only truly unknown content is brokered to sandboxes so incident response focuses on real threats, not false alarms.
- Analyze all content before it is sent to the malware sandbox
- Prefilter and block all malicious content
- Use proxy inspection and dual malware detection engines
- Centralize and consolidate sandboxes for cost savings for on-premise or cloud products.
- Focus on real threats, not false alarms
Network to Endpoint Detection and Response
Content Analysis now delivers integration with Symantec Endpoint Protection (SEP) Manager to provide the network to endpoint visibility, analysis, blocking and remediation that is needed to protect your organization from today’s advanced threats.
- Send Indicators of Compromise (IOC) to Symantec Endpoint Protection Manager
- Validate network-borne threats at the endpoint
- Inoculate all other endpoints
- Begin swift response and remediation
See how easy integration is and how organization will benefit from bringing these two powerful network and endpoint technologies together.
Block malicious threats with flexible sandboxing
While many sandboxes are passive and can only report incoming threats, Symantec Malware Analysis – built into Content Analysis – coordinates with inline technologies, delivering real-time sandboxing, discovery, and protection before malware ever reaches a user. A powerful combination of of malware sandbox tools, including virtualization and emulation captures more malicious behavior across a wider range of custom environments, including mobile, than typical single-method sandboxes.
- Customize sandbox profiles to represent your ‘gold’ images
- Create custom behavioral patterns to detect unique IOCs
- Detect malware that is crafted to avoid sandbox detection
- Delay file delivery until analysis is complete
- Mimic user activity so malware thinks it is being activated
Symantec Selected as the Top Leader in the Advanced Persistent Threat (APT) Protection – Market Quadrant 2017
The Radicati group views the Advanced Persistent Threat Protection market as a set of integrated solutions for the detection, preSavevention and possible remediation of zero-day threats and persistent malicious attacks. Symantec Content Analysis plays a critical role in Symantec’s being selected as the Top Leader in their 2017 report. Symantec achieved this high honor for several reasons, including:
- Symantec’s market share leadership with enterprise customers
- The variety of deployment options (on-prem, hybrid or cloud) we offer customers
- Our fully-integrated portfolio across Symantec and third-party products and technologies
- A keen focus on protection at endpoint, gateway, cloud and mobile
- The massive Global Intelligence Network for unrivaled threat intelligence