Blue Coat Malware Analysis BLADE
Comprehensive, Open and Extensible Protection Against Zero-Day Threats, Targeted Attacks and Advanced Malware
Overview:
You've built a strong perimeter. Your firewall rules are sophisticated and you block commonly known malicious threats. But malware keeps evolving, and you find yourself constantly playing catch up, trying to stay ahead of emerging, targeted attacks.
Stop the treadmill. The Blue Coat Malware Analysis BLADE gives you comprehensive, cost-effective protection against unknown and advanced malware, malicious files, and zero-day threats. It's part of the Solera Security Analytics Platform and Blue Coat Threat BLADES for Advanced Threat Protection—and it's your key to enhanced malware detection accuracy and faster, more complete protection for your workforce and your business. The Blue Coat Malware Analysis BLADE delivers:
- Integrated malware analysis and detonation, with a hybrid technology that includes both a Blue Coat Sandbox VM and Blue Coat Sandbox for unrivaled advanced threat detection
- Detection of zero-day attacks and advanced persistent threats (APTs), with optimized and contextual malware analysis augmented with actionable intelligence for quick resolution
- On-premise or cloud-based deployment options for enterprises and managed security services
- Combines malware analysis with security analytics, complete security visibility and Blue Coat ThreatBLADES in a single user interface
- A software blade form factor for easy deployment that minimizes rack space and hardware expenditures
The Blue Coat Malware Analysis BLADE—powered by integrated sandbox technology from Blue Coat—detects, identifies and safely analyzes suspected malware-infected files. This allows enterprises to quickly and accurately identify zeroday attacks, advanced persistent threats and other malicious code embedded within dozens of file types—including Microsoft Office documents, PDFs, Java files, EXE files and more. For the first time, enterprises can gain full visibility and perform the most comprehensive malware analysis across the entire network—including advanced malware capable of rapidly spreading to multiple network locations and devices. The Malware Analysis BLADE leverages the Solera Platform's dynamic, machine-learning ThreatProfiler engine—which automatically and efficiently extract dozens of file types and objects in real-time for proactive malware analysis. And, our unique hybrid virtualization and emulation sandbox design achieves unprecedented detection accuracy of evasive malware for faster time-to-protection and greater ability to minimize impact.
The Malware Analysis BLADE works together with other Blue Coat ThreatBLADES, and is tightly integrated with the Solera Security Analytics Platform and Solera Central Manager for maximum efficiency and total contextual analysis across the enterprise. What's more, the Malware Analysis BLADE allows the freedom to choose between a locally controlled on-premises deployment, a highly scalable cloud-based solution, or an integrated deployment with other best-of-breed analysis platforms through Solera's flexible file-broker architecture.
Leveraging the WebPulse Collaborative Defense Cloud
The Blue Coat Malware Analysis BLADE works exclusively with the Security Analytics Platform powered by the Blue Coat WebPulse Collaborative Defense Cloud, which performs real-time categorization and ratings of web URLs and content and provides background processes that hunt for evidence of malware and malicious content —based on intelligence aggregated from 75 million endpoints. The WebPulse 'network effect' provides unmatched visibility and intelligence to the Security Analytics Platform to optimize the identification and resolution of advanced threats.
The Challenge
For years, organizations have built strong perimeters and complex firewall rules to keep the enemy out—deploying more and more security point-products along the way in an effort to stay ahead of the threat. Unfortunately, today's persistent threats and threat actors target enterprises with customized malware and targeted attacks that fly under the radar of traditional, signature-based security technologies. As a result, today's advanced, stealthy and evasive malware continues to compromise even the most secure networks and devices. According to the 2013 Verizon Data Breach Investigations Report:
- 84% of advanced target attacks compromise their target in seconds, minutes or hours
- 78% of advanced target attacks take weeks, months or years to discover
Successful targeted and zero-day attacks continue to dominate the headlines – whether at the hands of cybercriminals, hactivists or nation states. Recently, several media giants joined the ranks of big banks, defense contractors, government agencies, leading Internet providers and energy companies all penetrated by hackers using advanced threats and targeted attacks. Because traditional technologies can't defend against what they can't see, today's IT security teams need the context, content and visibility required to effectively detect and identify zero-day attacks, APTs, and advanced and unknown malware.
The Solution
Blue Coat and Solera Networks are revolutionizing advanced threat protection by unifying big data security analytics, threat intelligence and security visibility. This Advanced Threat Protection Platform combines with the new Blue Coat ThreatBLADES—which deliver a host of extensible and fully integrated software blades on the industry-leading Solera Security Analytics Platform (formerly Solera DeepSee). Blue Coat ThreatBLADES provide dynamic, up-to-date threat intelligence on today's advanced persistent threats. All of the powerful and flexible ThreatBLADES use a cloud-based threat intelligence infrastructure powered by the Blue Coat WebPulse Collaborative Defense Cloud—leveraging the collaborative 'network effect' of more than 75 million users. Now, as part of the Blue Coat ThreatBLADES portfolio, the Malware Analysis BLADE delivers superior protection against unknown and advanced malware, malicious files and zero-day attacks.
Features & Benefits:
Key Features
- Integrated sandboxing on the Security Analytics Platform by Solera
- VM Sandbox provides Intelligent virtualized malware detonation
- Emulator Sandbox simulates bare metal environments to detect evasive malware
- On-premises, cloud-based or ecosystem-integrated deployment options
- Malware analysis covering dozens of file-transports
- Optimized and smart detonation only on unknown malware
- Integrated with Blue Coat WebPulse Collaborative Defense Cloud
Key Benefits
- Unique hybrid sandboxing design delivers unrivaled malware and threat detection
- Multiple deployment options provides freedom of choice
- Automated, real-time alerting on malware and zero-day threats
- Optimized and contextual malware analysis for faster-time-to-resolution
- Machine-learning architecture minimizes submitted malware samples
- Unified management delivered in a single pane-of-glass
- Flexible and extensible software blade eliminates CapEx costs
Specifications:
Software Specifications | |
---|---|
Form Factor | Software blade |
Supported Sensors | Security Analytics Appliances, Security Analytics Software and Security Analytics Virtual Appliance |
Detonation Options | On-premise or cloud-based |
File Transport | Extracts files from dozens of file-transports |
File Search | MD5/SHA1-based search |
Actions & Alerts | Real-time file extraction and e-mail alerts |
User Interface | Integrated into Security Analytics Dashboard – Single Pane of Glass |
Central Management | Security Analytics Central Manager |
On-premises Malware Analysis Appliance Specifications | ||
---|---|---|
Blue Coat Malware Analysis 1U Appliance | Blue Coat Malware Analysis 2U Appliance | |
Management Ports | 2 — 10/100/1000 BaseT | 2 — 10/100/1000 BaseT |
Performance | Up to 10,000 samples per day | Up to 50,000 samples per day |
Rack Height | 1 – Rack Unit | 2 – Rack Unit |
Rack Depth | 710 mm / 28” | 723 mm / 28.5” |
Power Supplies | Dual, Hot-plug – 750 W | Dual, Hot-plug – 1100 W |
Documentation:
Download the Blue Coat Malware Analysis BLADE Datasheet (PDF).