Enterprise network security firm Palo Alto Networks today announced the availability of a new security solution designed to prevent sophisticated cyber attacks targeting endpoints.
Called “Traps”, the new endpoint security solution is built on technology gained from Palo Alto’s $200 Million acquisition of Tel-Aviv, Israel-based Cyvera in March 2014.
Traps (PDF) was designed to proactively block all attacks targeting endpoints, including unknown malware and zero-day exploits. Cyvera previously claimed that its approach has been so powerful that they had successfully stopped every published zero-day attack since they first began deploying their product.
Reactive security models result in a never-ending chase after the thousands of new malware that emerge each day, or expanding number of software vulnerabilities that can be used to exploit an endpoint, Palo Alto Networks explained.
While the solution is appropriate for deployment in enterprise networks, Trips is also very effective in protecting Critical infrastructure organizations that run ICS/SCADA systems.
Because these systems are frequently distributed over large areas and typically rely on legacy equipment, they often cannot maintain a consistent patching routine and are vulnerable to cyber attacks.
“Cyber attacks utilize ICS-SCADA systems architectural features to target data flow in the operational network (PLCRTU, MTU, data and application servers, and HMI), as well as on the corporate network,” the security firm explained. “These attacks can perform silent espionage, gathering genuine system information through monitoring and exfiltration techniques, or launch more serious assaults that not only exfiltrate data, but distort it to sabotage your system.”
Traps protects ICS/SCADA systems by obstructing attacks in the exploitation phase and terminating them before they can execute and penetrate the critical infrastructure, Palo Alto Networks said.
Through integration with Palo Alto Networks’ WildFire service, the malware protection capabilities offered by Traps are enhanced by leveraging the company’s Threat Intelligence Cloud.
WildFire detects unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) by executing them in a cloud-based virtual sandbox environment.
“The integration of Traps with the Palo Alto Networks Threat Intelligence Cloud brings security of the network and endpoint together under a single common architecture, known as the Palo Alto Networks enterprise security platform,” the company explained.
Offered as a subscription service, Traps is available immediately from Palo Alto Networks channel partners.
The offering is inclusive of all functionality including exploit prevention, malware prevention through WildFire integration, forensics, and premium support, the company said.