ATLANTA--(BUSINESS WIRE)--A new report from industry analyst firm Frost & Sullivan titled, The Forgotten Barometer: Bot Detection as an Integral Security Technology cites Damballa’s advanced threat protection and containment approach among security vendor solutions offering the most complete and having the greatest potential for differentiation in detecting advanced persistent threats (APT).
The report, released earlier this month, highlights the widespread use of advanced persistent threats, specifically bots, as the increasingly preferred tactic among threat actors and with that, the need for enterprises to procure strong bot detection capabilities to solve imminent threats and other security-related issues. Authored by analyst Christopher Rodriguez, the report explains the number of methods currently in place to detect bots along with the effectiveness and shortcomings of each. In the report Rodriguez points out that APT solutions that have the ability to detect and correlate multiple indicators in an automated and investigative manner is increasingly being required for effective and successful detection.
In the report Rodriguez states, “Beyond distinguishing between bot and human behaviors, a complete bot detection system should determine whether bots are malicious, benevolent, or benign in nature. This is the area in which the greatest potential for differentiation lies amongst security vendors. For example, Damballa uses a case analyzer to monitor the characteristics of endpoints and their communications over time. The case analyzer uses multiple clues such as: how automated the communications are; whether evasion techniques are used; the frequency of communications; who the endpoint is communicating with; and the content of communications.”
Additionally, Rodriguez cautioned companies relying solely on virtualized computing environments, or sandboxing, to identify APTS, as malware has become smarter and has learned evasion techniques to avoid being detected. He also points out that companies that utilize simple blacklists or signature-based approaches to bot detection should only consider these as short-term protection solutions as each is limited in the ability to protect against the next generation of malware and threats.
“More and more enterprises realize that a single approach to malware detection is yesterday’s thinking, and it just is not enough” said Brian Foster, CTO of Damballa. “In our ability to use behavioral and analytical patterns to detect hidden and active infections with certainty and provide indisputable evidence, the more our solution will demonstrate value as a complete and effective solution in fighting today’s most advanced threats.”
To read the full report visit http://bit.ly/1say0ZU.
As the experts in advanced threat protection and containment, Damballa discovers active threats that bypass all security prevention layers. Damballa identifies evidence of malicious network traffic in real time, rapidly pinpointing the compromised devices that represent the highest risk to a business. Our patented solutions leverage Big Data from the industry's broadest data set of consumer and enterprise network traffic, combined with machine learning, to automatically discover and terminate criminal activity, stopping data theft, minimizing business disruption, and reducing the time to response and remediation. Damballa protects any device or OS including PCs, Macs, Unix, iOS, Android, and embedded systems. Damballa protects more than 400 million endpoints globally at enterprises in every major market and for the world's largest ISP and telecommunications providers. For more information, visit www.damballa.com, or follow us on Twitter @DamballaInc.