Continuous Threat Detection

Find Out the Root Cause and Avoiod Reinfection

Introduction​

Why you need continuous threat detection​

350,000 new malware strains everyday Your existing security controls can only block 99.5% of them. That means 1750 new malware attacks every day can bypass your security devices New malware and virus variants are produced every day. According to AV-TEST Institute, there are over 350,000 new malware samples registered every day. So, you can imagine that if your existing security controls can block 99.5% of the new malware every day, there are still more than 1,750 malware threats that can bypass your security controls and get into your network. Even worse, studies show most threat detection services organizations’ have in place are unable to prevent 50% of the new malwares. This is an alarming figure and should serve as a wake-up call for companies to take appropriate action when it comes to advanced threat detection, implementing network traffic analysis tools, and getting the latest and best threat hunting and detection software available.

Security Teams Need to Shift Mindset

Prevention alone cannot stop attacks. Security teams must recognize that new threats require new paradigms and threat detection services to defend against them. Changing their mindset from keeping all attackers out of their network to assuming the hackers are already in their network will help develop more robust strategies to identify and stop attacks before they cause damage. Understanding mean-time-to-identify (MTTI) and mean-time-to-Response (MTTR) is important. Security events can become breaches if they have months to spread throughout a network. Security teams need to find and fix any security gaps through threat hunting and detection to reduce MTTI and MTTR; the faster they can find and respond, the less damage a breach will incur.

Work from Anywhere Scenario Solutions

aDesk / HCI + Endpoint Secure

  • Data never leaves the environment
  • Good for medium to large organizations
  • Good for smaller organizations especially with MSSP but may be expensive

Cyber Command + SD-WAN / NGAF SSLVPN + Endpoint Secure

More cost-effective option for smaller organizations or those not cloud ready

IAG + Endpoint Secure SWG/CASB

Endpoint risk analysis in addition to Authorization/Access control

Business Benefits

  • Compliance auditing
  • Ensure authorized users only
  • Prevent data leakage
Sangfor Network Secure Use Cases
XDDR puts emphasis on the coordinated response, ready to contain and mitigate that one breach WHEN it happens.
Group 770_38.png

Scheduled or on-demand endpoint Secure vulnerability scanning initiated by NGAF

Group 770 (1)_23.png

Vulnerability Scan results sent back to NGAF for closed-loop patch

Group 770_38.png

Real-time Threat Intelligence (TI) from cloud-based NeuralX recognizes malware

Group 770 (1)_23.png

Network-Wide Threat Disposal allows the administrator to respond

Group 770_38.png

Cyber Command for enhanced threat detection/response

Group 770 (1)_23.png

Vulnerability Scan results sent back to NGAF for closed-loop patch

Group 770_38.png

Enterprise asset tracking and rogue asset detection

Group 770 (1)_23.png

Endpoint Secure Protect Agent Ransomware honeypot capability

Frequently Asked Question

With so many different malware programs out there, finding the right one can be tricky. With threat detection services and software still being in high demand, Sangfor Continuous Threat Detection is one of the leading solutions when it comes to threat hunting, threat detection, and network traffic analysis.
Malware has evolved significantly lately to evade all the threat detection software out there. Some of the ways it does this includes stalling delays, intelligent suspension, and fragmentation. With many more ways to avoid detection, the need for threat detection services and network traffic analysis tools has never been higher.