Symantec® Endpoint Security Adaptive Protection From CA Southern Africa

Enterprises across the globe are heavily invested in endpoint security to protect valuable assets. CA Southern Africa (CASA) reveals despite the time and money spent; more breaches are happening today than ever before.

Why is that?

“While the technology certainly has a role to play with some security solution offerings, lower protection levels and an unacceptable level of false positives, is rarely the only problem. Add in security misconfiguration and poor policy definitions, and it’s easy to see why endpoints are being compromised,” says Byron Horn-Botha, CASA Business Unit Head, Security.

“Global cyber threats are more aggressive than ever and can have a staggering impact on businesses, making prevention critical. Given that the detection and reaction window to a modern attack is very small, investing in incident response is crucial for creating a hardened security posture to prevent future attacks. CASA helps customers to defend their environments by bringing the best of breed security technology from Symantec and the greatest simplicity into the picture. The right solution needs to maximise endpoint protection and balance detection effectiveness across all devices, operating systems, and the entire attack chain,” confirms Horn-Botha.

“Symantec Endpoint Security automates protection configuration to deliver custom protection specific to organisation’s needs while saving time, money, and effort. It provides the most comprehensive and integrated endpoint security. As an on-premise, hybrid, or cloud-based solution, the single-agent Symantec platform protects all traditional and mobile endpoints, providing interlocking defences at the device, application, and network levels, and uses artificial intelligence (AI) to optimise security decisions. A unified cloud-based management system simplifies protecting, detecting, and responding to all the advanced threats targeting an organisation’s endpoints,” he adds.

Symantec Adaptive Protection automates security configuration to deliver customised protection for each organisation, effortlessly. Proactive attack surface reduction and innovative attack

prevention technologies provide the strongest defence against the hardest-to-detect threats that rely on stealthy malware, credential theft, and more. “Symantec also prevents full-blown breaches before exfiltration can occur. Sophisticated attack analytics, behaviour forensics, automated investigation playbooks, and industry first lateral movement plus credential theft prevention provide precise attack detections and proactive threat hunting to contain the attacker and resolve persistent threats in real time.”

Key features:

  • Protection for all endpoints: laptops, desktops, tablets, mobile devices, and servers.
  • Single agent for attack surface reduction, attack prevention, breach prevention, and Endpoint Detection and Response (EDR).
  • Single console with real-time threat visibility.
  • Flexible deployment: on-premise, cloud-managed, and hybrid models.
  • Adaptive Protection
    Active Directory Security.
    Advanced Application Control.
    Artificial Intelligence (AI) guided security management.
    Adaptive EDR.
  • Targeted Attack Analytics and Threat Hunter.
  • Global Intelligence Network (GIN), one of the largest in the world, providing real-time threat information, threat analytics, content classification, and comprehensive threat blocking data.

Horn-Botha notes Symantec Endpoint Security provides attack prevention, attack intelligent surface reduction, and breach assessment. “Machine learning (ML) and AI utilise advanced device and cloud-based detection schemes to identify evolving threats across device types, operating systems, and applications. Attacks are blocked in real-time, so endpoints maintain integrity and negative impacts are avoided. Intensive Protection enables fine-grained tuning of the level of detection and blocking to optimise protection while gaining enhanced visibility into suspicious files. Furthermore, the Network Connection Security module identifies rogue Wi-Fi networks, utilises hotspot reputation technology, and delivers a policy-driven VPN to protect network connections and support compliance.

“The Symantec prevention approach entails containing attackers as early as possible—at the endpoint—before they have any opportunity to persist and move laterally on the network. Various AI-driven deception and intrusion prevention technologies work together to thwart network persistence before and immediately following endpoint compromise—before a full-blown breach can occur. Autonomous security management continuously learns from administrator and user behaviours to improve threat assessments, tune responses, and strengthen overall security posture,” concludes Horn-Botha.