A10 Networks, Cylance Partner to Integrate Real-Time Cybersecurity to Defeat Encrypted Attacks
This is the strategy driving A10 Networks’ new technology partnership with Cylance, which was officially announced during Black Hat 2016 in Las Vegas, Nev.
The agreement will expand A10’s security solution capabilities and deliver advanced threat detection for encrypted traffic. A10 will integrate CylancePROTECT with the SSL Insight decryption technology available with the A10 Thunder CFW and Thunder SSLi platforms.
“Cylance’s novel next-gen AV will augment the innovative A10 Thunder SSLi and Thunder CFW security platforms to offer increased security for governments, gaming, healthcare providers, financial institutions and other markets facing critical security threats,” said A10 Networks vice president Gunter Reiss in the official release.Once deployed, A10 customers will be able to predict and prevent malware and advanced threats with Cylance’s artificial intelligence-based file classification.
Defending inbound, outbound traffic
Even the most proactive and well-intentioned organizations understand that, at some point, their environment will be breached. Traditional signature-based antivirus (AV) solutions aren’t effective against unknown and rapidly evolving threat vectors. These attacks evolve rapidly and frequently to stay ahead of the technology deployed to mitigate them.
One increasingly popular threat vector is the use of SSL traffic to hide attacks from security devices and detection tools. Encryption is necessary to protect data in transit from being compromised, but SSL-based attacks are also maliciously used encryption to avoid detection. As the use of SSL encryption increases, so will the volume of attacks exploiting the blind spots it creates.
A10’s SSL Insight technology, coupled with optional CylancePROTECT security, will empower organizations to identify and mitigate both inbound and outbound attacks — even if they’re encrypted by SSL. The joint solution will be able to inspect a wide range of file types to detect and mitigate encrypted threats, including PDFs and various Object Linking & Embedding (OLE) files like .doc, .xls, .ppt, etc.
To understand how CylancePROTECT leverages artificial intelligence and predictive machine-learning to defeat attacks it has never seen before (i.e., the opposite of a signature-based approach), watch the solution identify and mitigate ransomware in this real-time demo.
Why AI is better than signature-based security
By taking a mathematical approach to malware identification utilizing patent-pending, machine-learning techniques instead of reactive signatures and sandboxes, CylancePROTECT helps neutralize the threat of new malware, viruses, bots and unknown future variants.
“Cylance is pleased to partner with A10 Networks to provide a solution that not only delivers cutting-edge anti-malware capability through predictive artificial intelligence, but also acts to complement and optimize A10 customers’ existing investments in other security tools and processes,” said Cylance vice president Joel Bauman.
According to Cylance, “the advanced AV technology analyzes and classifies hundreds of thousands of characteristics per file, breaking them down to an atomic level to discern whether an object is ‘good’ or ‘bad’ in real time.”
Stronger security, better visibility
The exclusive agreement brings together the best of the network and endpoint-based security for increased visibility and mediation of threats that are inside a customer network. It will also provide deeper context around threat traffic for more thorough investigations during and after an attack. CylancePROTECT is an ideal complement for the
CylancePROTECT is an ideal complement for the A10 Thunder SSLi and Thunder CFW platforms, which deliver high-speed SSL decryption for inbound and outbound email and end-user traffic to protect against malware, even when encrypted. The integrated solution is expected to arrive in early 2017 and will be available via a subscription service to A10 customers.