Blue Coat FileThreat BLADE
Optimized and Comprehensive Detection of Viruses, Worms and Malware Embedded in Virtually any File Type
The sheer number, size, and diversity of file types transmitted on the Internet just keep growing. Each file type introduces its own security risks. And collectively, those mushrooming vulnerabilities represent a huge risk for your workforce and your business.
Unless you’re using the Blue Coat FileThreat BLADE.
Deployed exclusively on the Solera Security Analytics Platform, this software BLADE uses industry-leading file and software reputation intelligence to guard against known viruses and malware embedded in virtually any file type. So you can protect your workforce against advanced threats while empowering them to access and use the applications of their choice. Blue Coat FileThreat BLADE identifies all known malware without the need for sandbox detonation all suspicious files. Specifically, the Blue Coat FileThreat BLADE delivers:
- Complete coverage of virtually all file types, including Microsoft Office documents, Adobe Flash and PDFs, Java, EXE files, email attachments, Android APK files, web objects, and more
- Reputation intelligence, gleaned from the Blue Coat WebPulse,Collaborative Defense Cloud to help you identify and avoid all the latest file-based attacks and exploits
- Combines file threat intelligence with security analytics, complete security visibility and Blue Coat ThreatBLADES in a single user interface
- Integration with the Security Analytics Platform for drill-down into full payload information and evidence of any threat or persistent attack
The Blue Coat FileThreat BLADE is an all-new software blade—powered by the WebPulse Collaborative Defense Cloud—that delivers real-time file reputation intelligence to guard against known viruses and malware embedded within virtually any file type. This innovative solution leverages the Solera Security Analytics Platform's real-time file extraction capability to reconstruct files based on pre-defined rules—while its machine-learning engine conducts dynamic analysis to detect advanced threats. The FileThreat BLADE benefits from the Solera Platform's intelligent algorithms that collect actionable knowledge on any known good and known bad file type, while storing file information in a local machine-learning database. The result is optimized malware analysis and a dynamic, up-to-date knowledge base leveraging both the Blue Coat MalwareAnalysis BLADE and the WebPulse Collaborative Defense Cloud. And, the Blue Coat FileThreat BLADE requires less computing power and provides faster time-to-protection—without unnecessary malwaredetonation on known bad files.
The FileThreat BLADE works together with other Blue Coat ThreatBLADES, and is tightly integrated with the Solera Security Analytics Platform and Solera Central Manager for maximum efficiency, security visibility and contextual analysis on all files crossing the network. Enterprises gain unrivaled protection against known bad files through a combination of real-time threat intelligence feeds and the Solera Platform's ability to reconstruct and deliver accurate and actionable file-level evidence from raw packet data.
Leveraging the WebPulse Collaborative Defense Cloud
The Blue Coat FileThreat BLADE works exclusively with the Security Analytics Platform by Solera and is powered by the Blue Coat WebPulse Collaborative Defense Cloud, which maintains the latest information of all known good and bad files while providing background processes that hunt for evidence of malware and malicious content—based on intelligence aggregated from 75 million endpoints. The WebPulse Collaborative Defense Cloud provides unmatched visibility and intelligence to the Solera Security Analytics Platform to quickly identify and resolve advanced file-based threats.
Organizations are often blind to the activities of cybercriminals, hactivists and nation states due to the fact that advanced malware and zero-day attacks fly under the radar of even the most fortified enterprises. Today's persistent threats target enterprises using customized or embedded malware that evades the detection of traditional, signature-based security technologies. As a result, there is a significant increase in malicious files that successfully compromise even the most fortified enterprise networks. These new threats and attack techniques are causing significant damage, while threatening critical information assets and resources. And, once attackers are in the network, they stay in—leveraging their foothold to perform ongoing data exfiltration. According to the 2013 Verizon Data Breach Investigations Report:
- 84% of advanced target attacks compromise their target in seconds, minutes or hours
- 78% of advanced target attacks take weeks, months or years to discover
Performing virus and malware scans on endpoints alone is not enough to detect advanced and targeted attacks. Traditional security technologies do not have the capability to fully reconstruct and inspect the variety of potentially malicious file formats or file objects. And, despite the effectiveness of sandboxing technology to uncover the true nature and intent of malicious files, analyzing and detonating every suspicious file requires significant processing power and is highly inefficient. Enterprises need visibility, context and up-to-date threat intelligence on all the files traversing their network—allowing them to make optimized and informed decisions while minimizing the need to submit every file sample to expensive malware sandboxing systems.
Blue Coat and Solera Networks are revolutionizing advanced threat protection by unifying big data security analytics, threat intelligence and security visibility. This Advanced Threat Protection Platform combines with the new Blue Coat ThreatBLADES—which deliver a host of extensible and fully integrated software blades on the industry-leading Solera Security Analytics Platform (formerly Solera DeepSee). Blue Coat ThreatBLADES provide dynamic, up-to-date threat intelligence on today's advanced persistent threats. All of the powerful and flexible ThreatBLADES use a cloud-based threat intelligence infrastructure powered by the Blue Coat WebPulse Collaborative Defense Cloud—leveraging the collaborative 'network effect' of more than 75 million users. Now, as part of the Blue Coat ThreatBLADES portfolio, the FileThreat BLADE provides optimized, real-time protection against known malware and malicious files.
Features & Benefits:
- Leverages industry’s largest repository of known good files
- Dynamic scan and up-to-date knowledge-base of all known good and bad files
- Real-time extraction of virtually any file type
- Integrated file reputation and threat intelligence feeds from Blue Coat WebPulse
- Dynamic, machine-learning knowledge for optimized malware analysis
- Combines with the MalwareAnalysis BLADE for a unified analysis of malicious files
- Built on the industry-leading Security Analytics Platform by Solera
- Faster time-to-protection with locally cached file threat knowledge base
- Comprehensive coverage detects advanced malware in virtually every file type
- Machine-learning, ThreatProfiler engine for accurate, real-time detection of malicious files
- Intelligent algorithms deliver context-based malware analysis and threat intelligence
- Up-to-the-minute defense and inoculation against all known malicious files
- Unified management delivered in a single pane-of-glass
- Flexible and extensible software blade eliminates CapEx costs
|Form Factor||Software blade|
|Supported Sensors||Security Analytics Appliances, Security Analytics Software and Security Analytics Virtual Appliance|
|Deployment Options||Single software blade or as part of the ATP Suite|
|File||Detects and extracts files from dozens of file-transports|
|File Search||MD5/SHA1-based search|
|Actions||Real-time file extraction and analysis rules|
|Alerts||E-Mail based alerts with syslog|
|User Interface||Integrated into Security Analytics Dashboard|
|Central Management||Security Analytics Central Manager|
Download the Blue Coat FileThreat BLADE Datasheet (PDF).
- Pricing and product availability subject to change without notice.