Financial services firms are constantly under attack. Some estimates say that more than a million new malware threats are being created every day. Consequently, most companies invest in strong threat detection capabilities. But detecting the threat is just part of defending your enterprise. Once identified and quarantined, threats must be remediated. Otherwise, you will be dealing with a threat that can return again and again—despite being detected and quarantined each time.
The Struggle with Malware Attacks
That’s exactly what brought one company to Interfocus. Under constant threat, our client in the financial industry struggled with malware attacks and infections across their network. Using their installed solution, they were able to detect and quarantine a particularly problematic threat across their 1,200 endpoints. However, that same threat returned day after day.
Our client made numerous attempts to identify the source of the attack. Interviews with users didn’t reveal any suspicious behaviors and purchasing another industry-leading product still didn’t show from where the threats were originating. Feeling the pressure, they reached out to us to help uncover the source of the attacks.
The Solution to Stopping Malware Attacks
Our answer for them was LanScope Cat, which not only protects against malware but also prevents malware from returning and aids organizations in investigating how malware is entering their system. LanScope Cat does this by presenting critical security event information in an easy-to-use dashboard, providing visibility into suspicious activity across all of your endpoints and supporting your analysis into the cause and impacts of that activity. In short, it delivers the details needed to take immediate corrective action.
With LanScope Cat, IT management and endpoint security are combined in one solution. IT managers no longer have to examine multiple distinct sources of security data, manually correlate the data, and connect the dots to gain the upper hand over suspicious activity across their network, across their endpoints, and across their users.
How They Prevented Malware Infection
Integrating CylancePROTECT® within its platform, LanScope Cat reports on malware activity through a robust dashboard. Every device connected to the network is regularly reviewed in an intelligent, non-performance impacting process to ensure that all endpoints are continually protected by the current version of the Cylance agents. LanScope Cat’s real-time threat information identifies the digital footprint of any malware, making it easy to:
- Investigate current threats,
- Zero in on just those specific security events of importance, and
- Develop policies that can prevent identified threats.
Utilizing LanScope Cat user activity logs, our client was finally able to see the point in time where Cylance detected the malware and where the attack initiated. Specifically, it pinpointed a website as the point of entry and our client was then able to create a policy that blocked the website to prevent future exposure.
The Result: Stronger Endpoint Protection
Our client now has a complete solution to uncover, analyze, and quickly remediate today’s complex and dynamic security threats. With its comprehensive and easy-to-use dashboard, LanScope Cat supports its endpoint security life cycle from management through detection, investigation, and mitigation.
Ready to identify and stop threats where they start—at the endpoint? Learn more about LanScope Cat integrating CylancePROTECT®.