WatchGuard's Thurber Touts APT Detection Service To Channel


Security vendors have rushed out to market their products around so-called advanced threat detection capabilities, primarily driven by the attention given to appliances sold by FireEye and Palo Alto Networks. The two firms have added virtual machine sandboxing capabilities in an attempt to identify zero-day attacks that use custom malware to exploit new and unpatched vulnerabilities. Lastline, which has developed and sells a similar technology, has been quietly gaining attention, said Thurber. The firm is led by former Fortinet executive Jens Andreassen, and was founded by researchers who developed Anubis and Wepawet, popular open-source malware analysis services.

The technology is being adopted by large enterprises and some larger midsized businesses but it will trickle down over time, said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. Small and midsized businesses are being targeted, but it's best if businesses considering new technologies also assess their current processes and existing security systems, Oltsik said.  The problem of detecting advanced threats still demands businesses pay attention to risk management, incident detection and prevention and incident response, Oltsik said.

"This kind of detection may be eventually moved into a managed service or turnkey type of appliance but this is absolutely going down market because there are businesses that want the additional level of protection," Oltsik said. 

Businesses are growing increasingly concerned about zero-day threats using malware designed to evade antivirus and other traditional, signature-based security technologies, said Richard Galganov, CIO at Dallas-based HBR Technologies, a WatchGuard channel partner. Galganov said his current customer base is being constantly targeted with a myriad of threats requiring multiple levels of protection.

"We're going to do what is best for our clients," Galganov said. "We won't play on people's fears, but attacks are getting more high-tech all of the time and you have to stay on top of it all."

PUBLISHED APRIL 7, 2014