APTs, or Advanced Persistent Threats, remain some of the most insidious and damaging cybersecurity threats. This year, APTs have led to breaches at some very high visibility targets and caused significant damage – Home Depot, Target, JP Morgan…and those are merely the ones we know about.
APTs are unique because they use a combination of attack techniques and sophisticated malware to infiltrate and target high value assets. This makes them especially difficult to thwart. And these threats are evolving very quickly – far outstripping the ability of most enterprises to effectively combat them.
Cloud-based security solutions are particularly well suited to protect against APTs. A cloud-based architecture allows for several unique advantages. It is deployed inline and blocks threats in the cloud, ensuring malicious objects never reach the corporate network. A cloud-based platform can automatically quarantine unknown suspicious files to ensure that even the first person that attempts to download a new zero-day threat remains safe from infection. Once a new zero-day attack or APT is identified as malicious, the cloud system can be updated immediately to protect all users worldwide.
Miercom, a leading security testing firm, recently performed a head to head security efficacy analysis of network-based breach detection and Advanced Persistent Threat (APT) prevention solutions that utilize sandboxing. Zscaler's Internet Security platform and FireEye Web MPS 1310 were tested, and Miercom found the Zscaler platform to be significantly more effective than FireEye:
- The Zscaler Internet security platform detected 64 percent more zero-day threats and 40 percent more malicious documents than FireEye Web MPS 1310.
- Zscaler equaled or outperformed FireEye in every category of malware detection.
- Zscaler’s threat analysis was significantly more effective, surpassing FireEye by 64 percent in identifying, decomposing, emulating and accurately determining whether newly created zero-day samples were malicious.
- Zscaler correctly classifies and identifies known threats with its first lines of defense, multiple layers of anti-malware and advanced threat protection.
- Zscaler mitigates known threats immediately upon identification, and only sandboxes unknown objects, which allows for far more rapid incident response time than FireEye. Known threats were processed in less than one second for Zscaler vs. an average of 18 minutes for FireEye.
- The Zscaler dashboard and reporting is clear, concise and easy to navigate, which allows for faster incident response time.
- Zscaler was very easy to deploy and it took Miercom engineers a mere five minutes to start sending traffic through Zscaler’s Software as a Service platform compared to days to install and implement FireEye’s appliance.
Interested in learning more? Get the full Miercom report here.