The financial services industry is constantly under attack. Some firms estimate more than a million new pieces of malware are being generated every day. Consequently, most companies have developed strong threat detection capabilities. But detecting the threat is just part of defending your enterprise. Once identified and quarantined, threats must be remediated. What if you could only identify and quarantine the threat but couldn’t prevent it from returning?
That’s exactly what brought one company to Interfocus. Under constant threat, our client in the financial industry struggled with malware attacks and infections across their network. After installing Cylance on their 1,200 endpoints, they were able to detect and quarantine a particularly problematic threat. However, even though the threat was quarantined with Cylance, it returned day after day.
Our client made numerous attempts to identify the source of the attack. First, they interviewed their users, but the interviews didn’t reveal suspicious behaviors. Next, they purchased another industry-leading product, but that product was still unable to tell them where the threats were originating. Feeling the pressure, they reached out to us to help uncover the source of the attacks.
We recommended the Interfocus Advanced Threat Prevention (ATP) solution. Interfocus ATP presents critical security event information in an easy-to-use dashboard, providing visibility into suspicious activity across all of your endpoints, supporting your analysis into the cause and impacts of that activity, and delivering the details needed to take immediate corrective action.
Utilizing Interfocus ATP user activity logs, our client was finally able to see the point in time where Cylance detected the malware and where the attack initiated. Specifically, it pinpointed a website as the point of entry and our client was then able to create policy that blocked the website to prevent future exposure.
With Interfocus ATP, IT management and endpoint security are combined in one solution. IT managers no longer have to examine multiple distinct sources of security data, manually correlate the data, and connect the dots to gain the upper hand over suspicious activity across their network, across their endpoints, and across their users.
Integrating CylancePROTECT® within its platform, Interfocus ATP reports on malware activity through a robust dashboard. Every device connected to the network is regularly reviewed in an intelligent, non-performance impacting process to ensure that all endpoints are continually protected by the current version of the Cylance agents. ATP’s real-time threat information identifies the digital footprint of any malware, making it easy to:
- Investigate current threats,
- Zero in on just those specific security events of importance, and
- Develop policies that can prevent identified threats.
Our client now has a complete solution to uncover, analyze, and quickly remediate today’s complex and dynamic security threats. With its comprehensive and easy-to-use dashboard, ATP supports their endpoint security life cycle from management through detection, investigation, and mitigation.
Ready to identify and stop threats where they start—at the endpoint? Learn more about the Interfocus ATP solution integrating CylancePROTECT®.