Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Trend Micro Enhances Cloud-security Infrastructure with Big Data Analytics

Trend Micro Adds Big Data Capabilities to its “Smart Protection Network” for Enhanced Cloud, Mobile and Targeted Attack Protection

Trend Micro has expanded its cloud-based security infrastructure with big data analytics to collect actionable intelligence about the latest threats.

Trend Micro Adds Big Data Capabilities to its “Smart Protection Network” for Enhanced Cloud, Mobile and Targeted Attack Protection

Trend Micro has expanded its cloud-based security infrastructure with big data analytics to collect actionable intelligence about the latest threats.

Trend Micro Smart Protection NetworkThe upgraded infrastructure would allow Trend Micro’s team of (now 1200 strong) researchers and analysts to better protect customers against zero-day attacks and previously unknown threats, Tom Kellermann, vice-president of cybersecurity at Trend Micro, told SecurityWeek. The company’s cloud-based network, introduced in 2008, connects all the endpoints and aggregates real-time threat information and automatically sends updates to the Trend Micro security software.

Employing big data analytics on the expanded Smart Protection Network, which is expected to generate more than 6 TB of data each day, will dramatically speed up the time it takes to rush out security patches and malware detection tools, Kellermann said. The company is making the investment to shift away from just blocking payloads to going after the source of attacks.

“Time is absolutely critical for reacting to threats,” he said.

The Smart Protection Network identifies and blocks over 200 million threats a day. The expanded network now includes new technologies, such as mobile app reputation to detect mobile threats, rules for vulnerability and exploits, network inspection rules, and in-the-cloud whitelisting to minimize false positives, the company said. These new capabilities will work in conjunction with other existing reputation-based technologies for Web, email, and files.

Big DataThreats and cybercriminal attacks have taken on an “unprecedented level of volume, variety, and velocity,” Eva Chen, CEO of Trend Micro, said in a statement. “These changes demand a smarter, accelerated approach to security.” 

The big data capabilities will allow Trend Micro to correlate critical relationships among all the components of an attack and model cybercriminal behavior and the environments they work in, the company said. This way, Trend Micro would be able to use behavioral-based identification methods to identify new threats.

Trend Micro would be able to detect whether a specific file originated from “a good or bad neighborhood,” Kellermann explained. The new capabilities will also allow Trend Micro to tell if a portion of the customer’s network has been compromised to become a bad neighborhood, as well, he said.

Trend Micro customers will receive real-time protection against the latest threats through Trend Micro Deep Discovery, Trend Micro Deep Security, and Trend Micro Titanium. Titanium is the company’s consumer endpoint security product while Deep Security is designed to protect virtual, physical and cloud environments. Deep Discovery focuses on detecting Advanced Persistent Threats, according to the company.

Advertisement. Scroll to continue reading.

The expansion is entirely invisible to the customer as everything is happening on the backend.

“Customers don’t have to buy anything separately,” Kellermann noted.

The company spent “tens of millions of dollars, close to hundred million dollars” to upgrade “Trend Micro’s brain,” Kellermann said. He declined to discuss which big data tools are being used by Trend Micro, calling it the “secret sauce.” He did say the company was using a number of publicly available tools as well as several custom tools developed internally, which could be considered a “hybrid” of what was publicly available.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.