Automatically Executes and Analyzes Potentially Threatening Content on Endpoints, Servers and Networks; Prioritizes Alerts, Speeds Investigation and Accelerates Remediation
WALTHAM, Mass.—May 21, 2013—Bit9, the leader in Next-generation Endpoint and Server Security, today announced the introduction of the Bit9 Connector for Palo Alto Networks, the first solution to combine network security with real-time, continuous endpoint and server monitoring and recording. The Bit9 Connector for Palo Alto Networks integrates with Palo Alto Networks’ next-generation firewalls and WildFire, the company’s cloud-based advanced persistent threat (APT) prevention service, and delivers four significant enterprise security firsts:
- It is the FIRST solution to automatically enforce endpoint and server protection based on results from the Palo Alto Networks WildFire service.
- It is the FIRST solution that can automatically retrieve any file on any system, submit it to Palo Alto Networks for execution and, if it’s determined to be malicious, prevent it from ever executing again.
- It is the FIRST solution to combine a real-time endpoint sensor and continuous recorder with Palo Alto Networks network security devices to automatically prioritize actionable alerts.
- It is the FIRST solution to provide real-time enterprise-wide visibility into all endpoints and servers infected by malware discovered by Palo Alto Networks.
Traditional security solutions are ineffective against today’s advanced threats, especially zero-day and targeted attacks. Network security solutions and endpoint/server security solutions can no longer operate in silos; they must work together to deliver complete actionable intelligence from the network to endpoints and servers.
The Bit9 Connector for Palo Alto Networks delivers real-time security for two major use cases:
1. Files that arrive on the network are automatically executed by Palo Alto Networks with malware alerts sent to the Bit9 Platform. These execution results are immediately correlated with Bit9’s up-to-the-second endpoint and server data to confirm the location, scope and severity of the threat across the enterprise. This enables security teams to:
- Prioritize network alerts based on how many machines have been infected and if the malware has executed.
- Investigate the scope of threats using the recorded details of every endpoint and server to trace the root cause and progression of the attack.
- Remediate endpoints and servers by knowing precisely which machines are impacted and need attention and automatically ban files from executing based on Palo Alto Networks-detected malware.
2. Bit9 can retrieve any executable content from any endpoint or server—automatically or on-demand—and have Palo Alto Networks execute it to analyze the file and assess its risk level. This enables security teams to:
- Ensure every new file on any endpoint or server is safe. Security teams can also write rules to determine which files should be automatically submitted to maximize coverage while minimizing network traffic.
- Analyze any file on any endpoint or server with just a few clicks. Often security analysts need to determine the risk level of a particular suspicious file. Now they can use Bit9 to retrieve the file from any endpoint or server and directly submit it to Palo Alto Networks for analysis.
- Automatically block the execution of files on endpoints or servers based on detonation results. Bit9 can automatically ensure that any file deemed malicious by Palo Alto Networks can never execute again throughout the enterprise.
Bit9 Executive Quote: Brian Hazzard, vice president of product management
“Attacks are becoming increasingly sophisticated and stopping them requires innovation. Legacy antivirus solutions can’t stop these advanced threats. Our customers asked us to deliver a solution that effectively integrates Palo Alto Networks with our next-generation endpoint and server security. The Bit9 Connector for Palo Alto Networks is a game-changer. Now security teams can prioritize Palo Alto Networks alerts and investigate events in minutes. This product combination can automatically retrieve any new file arriving on any endpoint or server and submit it to Palo Alto Networks for execution and, if it’s malicious, automatically ensure it can never execute again in their enterprise. This truly represents the next generation of endpoint and server security.”
Palo Alto Networks Executive Quote: Chad Kinzelberg, senior vice president of business and corporate development
“Bit9’s endpoint security perfectly complements our next-generation firewalls and WildFire service, benefitting our mutual customers by providing comprehensive threat prevention. The joint solution helps them investigate threats and remediate endpoints by uniquely delivering content analysis across all of a customer’s endpoints and network traffic for the entire network.”
Analyst Quote: Fran Howarth, practice leader, security, Bloor Research
“Enterprises urgently need innovative security solutions to combat the escalating number of complex threats. The new Bit9 Connector for Palo Alto Networks uniquely integrates network security with endpoint and server security by continuously monitoring and recording all activity to ensure that malicious files are stopped from executing, detonated and analysed wherever they are. This important breakthrough will enable organizations to neutralise even the most advanced threats and enable compliance with mandates and best practice standards that require computing resources be proactively monitored.”
Pricing and Availability
The Bit9 Connector is available immediately. An Early Access Program offering priority access and financial savings is available until June 30, 2013. Click here for details.
Brian Hazzard on the customer benefits of the Bit9 Connector
The Bit9 Security Platform is the only next-generation endpoint and server security solution that continuously monitors and records all activity on endpoints and servers and stops cyber threats that evade traditional security defenses. Bit9’s real-time sensor and recorder, real-time enforcement engine, and cloud-based services provide the most reliable form of endpoint and server security and deliver value within days of implementation. This combination gives organizations immediate visibility to everything running on their endpoints and servers; real-time signature-less detection of and protection against advanced threats; and a recorded history of all endpoint and server activity for deep forensics. Security teams use Bit9’s integration with network security devices such as FireEye and Palo Alto Networks to accelerate incident response and ensure all files arriving on endpoints and servers are safe. Bit9 has stopped the most advanced attacks, including Flame, Gauss, and the malware responsible for the RSA breach. One thousand organizations worldwide—from 25 Fortune 100 companies to small businesses—use Bit9 to increase security, reduce operational costs, and improve compliance.