In the past, we have discussed the idea that 100% protection is unattainable. However, there exist defense strategies that combine protection solutions, managed services and artificial intelligence. These are capable of increasing an organization’s capacities to detect and stop attackers. In this battle, it is vital to focus on defending the place where organizations keep their assets: the endpoint
SANS Institute evaluates Panda Adaptive Defense
SANS Institute (SysAdmin Audit, Networking and Security Institute), one of the most influential institutions in the cybersecurity world, which reaches over 165,000 professionals in the sector, has published a review of the advanced solution, Panda Adaptive Defense 360.
“SANS found Panda Adaptive Defense 360 to be easily deployable, with instant results in preventing malware and identifying targeted attacks. Within the platform, we found that tasks associated with large amounts of labor investment, such as tuning and patching, instead are automated or minimal. The solution brings synergy and success with groundbreaking preventive and detective capabilities.”
With this evaluation, Panda Security’s corporate cybersecurity solution joins the group of technologies recognized and certified by SANS Institute in the IT security ambit.
The SANS Institute review, step by step
In order to survive in a world where attackers deploy automatized malware and carry out targeted attacks, organizations need to secure their endpoints with platforms that provide automatized protection and mechanisms.
SANS Institute used Panda Adaptive Defense 360 for a month in order to evaluate its cybersecurity capacities. According to SANS, the evolution of malware requires better solutions, not more solutions. This is where Panda Adaptive Defense 360 comes in: it combines groundbreaking techniques designed to stop attacks immediately and provide detailed analytics to identify the most advanced attacks.
Agent deployment and management capabilities
For SANS, it is vital that a platform of this type adjust to the organization that uses it, and not the other way round. This is exactly what Panda Adaptive Defense 360 did; it returned no false positives, saving the IT team a lot of time.
SANS was impressed with the capability of the Patch Management module to schedule the installation of necessary patches: “Endpoint suites that do not include patch management forget that a key control for the prevention of malware execution is to patch software vulnerabilities.”
Endpoint prevention capabilities
Another reality that we are facing is the fact that it is important – and often tricky – to find a balance between automatizing the protection/detection and how easy it is to maintain the solution.
Panda Adaptive Defense 360’s 100% Attestation service classifies all processes, and depending on this classification, allows it to run, or not, on the endpoint. To do this, the service applies machine learning techniques and gathers over 1000 data points in order to classify the files.
If it cannot be identified this way, the file is sent to Panda’s expert malware analysts, who are part of what makes the platform so special: the managed threat hunting service. This only happens in 0.015% of cases.
How were Panda Adaptive Defense 360’s capabilities tested? By launching malware samples; from ransomware and rootkits, to traditional viruses. All of these samples were deleted or failed to run. One of the samples used was Petya; it failed to run successfully, and was also registered correctly.
Endpoint detection and visibility
There is a big difference between dealing with malware and dealing with a malwareless attack. More and more companies suffer attacks that use a combination of malware and techniques that are resident in the memory – that is, that don’t use malware. To fight this, SANS praises Panda Adaptive Defense 360’s EDR capabilities, which are added to EPP – a combination that, when it was created, was a milestone in endpoint protection.
Taming the endpoint chaos within: A review of Panda Adaptive Defense 360
To find out more, there was a live webcast on March 27 . In this webcast, Justin Henderson (SANS Institute analyst) and James Manning (Panda Security Pre-Sales Engineering team manager in North America) discussed in detail the advanced cybersecurity solution.
In this webcast, the attendees learned about:
-
- The importance of using endpoint protection, detection and response capabilities jointly in order to stop attackers before they can get a foothold on an endpoint.
- The value of certifying 100% in order to reduce the number of incidents that need to be investigated.
- How to understand the progression of endpoint protection, from auditing to blocking.
- How to investigate attacks on endpoints via visualization tools.