Vulnerabilities / Threats

2/28/2019
09:56 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symantec Announces Updates to Platform, Partners with Amazon, Box, Splunk & Others

More than 120 Partners, Including AWS, Box, IBM Security, Microsoft, Oracle, ServiceNow and Splunk, Commit to Symantec's Integrated Cyber Defense Platform

February 27, 2019 01:00 PM Eastern Standard Time

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today announced that more than 120 companies have joined forces with Symantec to drive down the cost and complexity of cyber security, while improving response times to protect enterprises against sophisticated threats. This includes major players like AWS, Box, IBM Security, Microsoft, Oracle, ServiceNow and Splunk, as well as dozens of other technology innovators, who are now building or delivering more than 250 products and services that integrate with Symantec’s Integrated Cyber Defense (ICD) Platform.

“The threat landscape we all face is not static and is constantly on the move, as are our customers and employees, so strategies to deal with that kind of environment are very complex”

Tweet this

This unprecedented industry collaboration reflects a “platform shift” in the cyber security industry, as new research from Enterprise Strategy Group (ESG) shows enterprise customers are looking to consolidate vendors and adopt more integrated platforms backed by an open ecosystem.

Integrated defense improves security by increasing the speed and effectiveness, while greatly reducing the resources required. To make that shift even easier, Symantec also today announced important innovations – including a new universal data exchange, shared management capabilities, and upgraded data loss prevention software that help customers stop untrusted apps before they compromise confidential data. All are built on Symantec’s ICD Platform, which provides a unified framework for information protection, threat protection, identity management and compliance across endpoints, networks, applications, and clouds.

“There’s a seismic shift happening in cyber security,” said Art Gilliland, EVP and GM Enterprise Products, Symantec. “The old way of fighting cyber-attacks using fragmented tools has become too complex and expensive to manage. Integrated platforms are the future. We’re proud to be leading this platform shift with a clear vision and winning portfolio – along with hundreds of partners and thousands of experts working every day on the front lines to protect our customers. We are completely convinced that our best defense going forward is an integrated defense.”

New Research Demonstrates the Need for Integrated Platforms

ESG recently published new customer research showcasing how the lack of a cohesive security technology strategy creates real problems for enterprises, leading customers to seek more integrated platforms and fewer, more strategic vendors. Key findings based on the research include:

  • More than 80 percent of C-level executives said threat detection and response effectiveness is impacted by too many independent point tools1;
  • 53 percent of organizations have a problematic shortage of cyber security staff and skills2; and
  • 91 percent of enterprises are actively consolidating or considering consolidating the cyber security vendors with whom they conduct business3.

“Almost two-thirds of large enterprises surveyed use at least 25 different cyber security products. For security operations centers, managing disparate tools can be ineffective, costly, and time consuming, especially considering the shortage of cyber security skills,” said Jon Oltsik, senior principal analyst and fellow, ESG. “This explains why CISOs are looking to consolidate and integrate their security infrastructure with platforms and open architectures that provide advanced developer support and deliver a partner ecosystem with robust third-party integrations.”

Symantec Integrates Products, Services and Partners

Symantec started building ICD two and a half years ago with its acquisition of Blue Coat Systems, which added best-of-breed web and cloud security technologies to Symantec’s market-leading endpoint, email and data loss prevention (DLP) technologies. At the time, Symantec saw and heard that customers were spending enormous time and resources to integrate point technologies in order to derive real value from their cyber security investments. So, the company invested in a strategy and roadmap to deliver an integrated platform that significantly reduces cost of operations while improving the speed and accuracy of prevention, detection and response in order to reduce risk.

Since then, Symantec has:

  • Invested significant R&D effort to integrate its products around key customer pain points – protecting information in SaaS applications; integrating complementary technologies like cloud access security broker (CASB) and DLP; enhancing endpoint security with advanced endpoint detection and response (EDR) to protect against targeted attacks; and securing infrastructure from endpoint to cloud for “Zero Trust” security implementations.
  • Acquired innovative security technologies like Fireglass, Skycure, Appthority, Javelin, and Luminate to address emerging challenges – and quickly integrated them into the Symantec portfolio.
  • Deepened its services portfolio to provide security leaders with in-depth expertise in global threat intelligence, advanced threat monitoring, cyber readiness, and incident response.
  • Opened its APIs and launched a Technology Integration Partner Program (TIPP) to do deeper integration work with key technology players.

ICD Platform Earns Broad Ecosystem Support

Symantec now has more than 120 partners in TIPP, who are building or delivering more than 250 new applications and services that integrate with Symantec’s ICD Platform, so enterprise customers can reduce the cost and complexity of their security operations. In addition, Symantec is now launching a new “Innovation Playground” program within TIPP to simplify integration with startups. The new program will enable startup teams to leverage Symantec APIs and gain access to products, engineering resources, and customer innovation days.

“In order to reduce security operations complexity and fight today’s increasingly sophisticated adversary, organizations need products that work as a platform instead of an army of point products working in silos,” said Oliver Friedrichs, VP of security automation and orchestration at Splunk. “Splunk’s support for the ICD Platform provides our joint customers with consolidated views across their security infrastructure, including incidents flowing from endpoint, web, network and email security solutions.”

“At Box, security is a top priority and we are dedicated to providing our customers with powerful controls to protect their sensitive content,” said Niall Wall, senior vice president of partners at Box. “Symantec is a founding member of the Box Trust Ecosystem. We are excited about Symantec’s Integrated Cyber Defense and how it will help our mutual customers reduce risk of data loss, detect advanced threats, and seamlessly bring together our security capabilities.”

“Security analysts today deal with increasingly complex threats, fragmented security tools, and siloed organizations,” said Rich Telljohann, director of business development at IBM Security. “To combat this we are seeing that the cyber security landscape is demanding a shift to integrated platforms in order to reduce complexity and cost. We have built an integration using Symantec ICD Exchange, so the IBM Resilient Incident Response Platform can provide intelligent orchestration, automation, and enrichment of incidents triggered by Symantec ICD, allowing analysts to respond intelligently to threats.”

ICD Platform Drives Customer Adoption and Value

As evidenced by Symantec’s recent quarterly earnings, more and more customers are moving beyond individual products to adopt the ICD platform and portfolio. For example:

  • In Europe, a household appliance manufacturer signed an eight-figure deal with Symantec, adopting a substantial footprint of the ICD platform;
  • In Asia Pacific, a major securities and derivatives trading exchange expanded beyond Symantec endpoint security to adopt Symantec’s cloud security stack; and
  • In the U.S., a global Fortune 500 power company – originally a single product customer – signed a seven-figure, multi-product, multi-service deal to build an internal security operations center.

“The threat landscape we all face is not static and is constantly on the move, as are our customers and employees, so strategies to deal with that kind of environment are very complex,” said Emily Heath, vice president and chief information security officer, United Airlines. “Visibility of your environment and integration of solutions are a key part of that strategy. For example, if one security control catches something, it is much more efficient for us if those controls are integrated and can communicate seamlessly with each other to help with real time detection. Additionally, if security providers take the time to integrate across the stack so we don’t have to, that results in an even better outcome.”

Symantec Extends ICD Platform with New Features & Functions

Symantec is introducing three new technology innovations today that extend ICD for shared intelligence and shared management across multiple technology components, as well as new “threat aware” data protection capabilities:

  • ICD Exchange: A universal data exchange that shares events, intelligence and actions across Symantec and third-party systems, improving visibility for security teams and security operations centers, so they can take faster action and increase automation.
  • ICD Manager: Shared management capabilities that will provide customers with unified visibility into threats, policies and incidents, helping them to reduce incident response times from days to minutes.
  • Data Loss Prevention 15.5: New data loss prevention (DLP) software that integrates with Symantec’s market-leading endpoint protection suite to help customers stop untrusted apps before they compromise confidential data. This “threat aware” data protection is one of many breakthroughs made possible due to Symantec’s ICD platform investments.

For more information on ICD, please visit: www.symantec.com/icd.

For more details about TIPP, please visit: https://www.symantec.com/technology-partners.

For more details on how Symantec and partners are leading the shift to Integrated Cyber Defense, please visit: https://www.symantec.com/blogs/feature-stories/united-we-stand

For more details on the cyber security platform shift, please visit: https://www.symantec.com/blogs/feature-stories/cyber-security-platform-shift-more-secure-less-complex

To see a detailed mapping of Symantec product and partner integrations, please visit: https://www.symantec.com/integration.

About Symantec

Symantec Corporation (NASDAQ: SYMC), the world's leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec's Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world's largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on FacebookTwitter, and LinkedIn.

NOTE TO U.S. EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec Newsroom at http://www.symantec.com/news.

Symantec and the Symantec logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

FORWARD-LOOKING STATEMENTS: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

1 Source: ESG Research, Threat Detection and Response Survey, December 2018.

2 Source: ESG Research Report, 2019 Technology Spending Intentions Survey, February 2019.

3 Source: ESG Master Survey Results, Cybersecurity Landscape: The Evolution of Enterprise-class Vendors and Platforms, October 2018.

Contacts

MEDIA CONTACT:
Justin Saia
Symantec Corp.
(650) 527-7455
[email protected]

INVESTOR CONTACT:
Cynthia Hiponia
Symantec Corp.
(650) 527-8020
[email protected]

 

SYMANTEC CORPORATION

Release Summary

Symantec is leading an unprecedented industry collaboration with more than 120 partners to drive down the cost and complexity of cyber security.

 

Contacts

MEDIA CONTACT:
Justin Saia
Symantec Corp.
(650) 527-7455
[email protected]

INVESTOR CONTACT:
Cynthia Hiponia
Symantec Corp.
(650) 527-8020
[email protected]

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.