Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


07:23 PM
Dark Reading
Dark Reading
Products and Releases

Blue Coat Bridges The Gap Between Threat Detection And Incident Containment

Content Analysis System blocks known threats and detects and analyzes zero-day and advanced malware

SUNNYVALE, Calif., Nov. 18, 2013 – Blue Coat Systems, Inc., the market leader in business assurance technology, today introduced the Blue Coat Content Analysis System with malware analysis to automate advanced threat protection at the Internet gateway. The Content Analysis System blocks known threats and detects and analyzes zero-day and advanced malware, sharing new threat intelligence to continually fortify the network. This allows organizations to bridge the gap between the day-to-day security operations team and the advanced security team that is focused on incident containment and resolution.

Today, enterprises are forced to use ad hoc malware analysis or sandboxing solutions that operate in a silo and cannot share the threat intelligence required to bridge the gap between blocking known threats and detecting and analyzing unknown threats or advanced malware. This gap is made worse because existing technologies fail to help security operations teams maneuver through the stages of the advanced threat lifecycle.

The Blue Coat Content Analysis System addresses this gap by combining whitelisting and malware scanning for known threats with dynamic malware analysis of unknown threats at the gateway. The new system also helps align security operations teams by sharing new threat intelligence locally across the security environment and worldwide through the Blue Coat Global Intelligence Network of 15,000 customers and 75 million users.

"To protect their networks from advanced targeted attacks and zero-day malware, businesses need a systematic approach that aligns security teams on the right strategy, process and action to block the threats they can, detect the ones they can't and respond to the ones that are already on the network," said Greg Clark, CEO at Blue Coat Systems. "Our Content Analysis System is a key technology for organizations that want to build an automated defense into their networks that continually fortifies the network by operationalizing new threat intelligence. This allows our customers to protect and empower their business."

The Content Analysis System supports up to two leading anti-virus signature databases and provides application whitelisting and dynamic malware analysis. Together, these technologies deliver the following benefits for businesses:

· Best-of-Breed Sandboxing: Powered by Norman Shark, a Blue Coat Business Assurance Technology partner, the Blue Coat malware analysis technology – available as an appliance today and via the cloud in the future – combines customizable virtual environments with sandbox emulation for the most comprehensive detection of unknown or advanced malware, including malware that employs evasive detection techniques.

· Malware Analysis Orchestration: The Blue Coat Content Analysis System acts as a broker for multiple sandboxing or malware analysis instances, simultaneously sending unknown or suspicious files to both the Blue Coat sandbox as well as third-party sandboxes. By seamlessly integrating into existing security infrastructures, the Content Analysis System allows enterprises to optimize their existing investments in sandbox technologies while building out an advanced malware defense in-depth. The system also future proofs customers' infrastructure via a scalable interface that can incorporate other advanced malware analysis technology via the broker capability.

· Threat Intelligence Feedback Loop: New intelligence from the analysis of advanced or unknown malware is shared with Blue Coat ProxySG appliances to automate blocking of newly identified threats at the gateway for a more scalable defense. New intelligence is also shared with the Security Analytics Platform from Solera, a Blue Coat company, which delivers advanced threat profiling and remediation of the full scope of the attack. The network effect of the Blue Coat Global Intelligence Network further automates protection by sharing threat intelligence from 15,000 customers worldwide.

Blue Coat is partnering with Norman Shark to deliver flexible, customizable sandboxing. The malware analysis technology of the Content Analysis System is powered by Norman Shark's leading IntelliVM and SandBox technologies, giving advanced security teams the ability to analyze any threat type, in any version of any application they choose. This allows security teams to gather intelligence on malware targeting their specific environment and application vulnerabilities in order to more effectively contain and resolve the incident.

"Existing sandboxing technologies cannot effectively replicate real-world environments, leaving organizations with little information that will help them contain or resolve an incident," said Stein Surlien, CEO at Norman Shark. "The Norman Shark IntelliVM and SandBox technologies solve this problem by delivering customizable environments for more comprehensive and detailed detection of unknown malware."

"Analysis of unknown and advanced malware is critical intelligence for security teams tasked with containing and resolving the threats that get past traditional preventive defenses. Dynamic, customizable sandboxing can provide an opportunity for organizations to improve their defensive posture and security response capabilities," said Jon Oltsik with industry analyst firm ESG Global. "When used in conjunction with traditional front-line and advanced defenses, this enhancement can certainly improve an organization's ability to defend against advanced persistent threats and targeted attacks."

The Content Analysis System with malware analysis is a key component of the Blue Coat Advanced Threat Protection solution, which is purpose-built to bridge the gap in security organizations between day-to-day operations, incident containment and resolution. The new solution is the first to deliver a comprehensive Advanced Threat Protection lifecycle defense that fortifies the network by blocking known threats, proactively detecting unknown and already-present malware and automating post-intrusion incident containment. Please see today's release titled, "Blue Coat Empowers Business with New Advanced Threat Protection Solution" for additional information. To learn more, please visit the Blue Coat Advanced Threat Protection Resource Center.


The Blue Coat Content Analysis System will be available in December with application whitelisting and support for anti-malware signature databases from leading anti-virus vendors. The malware analysis technology will be available as an appliance at the same time and via the cloud in the future.

About Blue Coat Systems

Blue Coat empowers enterprises to safely and quickly choose the best applications, services, devices, data sources, and content the world has to offer, so they can create, communicate, collaborate, innovate, execute, compete and win in their markets. For additional information, please visit www.bluecoat.com.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.