Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

2/28/2019
09:56 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symantec Announces Updates to Platform, Partners with Amazon, Box, Splunk & Others

More than 120 Partners, Including AWS, Box, IBM Security, Microsoft, Oracle, ServiceNow and Splunk, Commit to Symantec's Integrated Cyber Defense Platform

February 27, 2019 01:00 PM Eastern Standard Time

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today announced that more than 120 companies have joined forces with Symantec to drive down the cost and complexity of cyber security, while improving response times to protect enterprises against sophisticated threats. This includes major players like AWS, Box, IBM Security, Microsoft, Oracle, ServiceNow and Splunk, as well as dozens of other technology innovators, who are now building or delivering more than 250 products and services that integrate with Symantec’s Integrated Cyber Defense (ICD) Platform.

“The threat landscape we all face is not static and is constantly on the move, as are our customers and employees, so strategies to deal with that kind of environment are very complex”

Tweet this

This unprecedented industry collaboration reflects a “platform shift” in the cyber security industry, as new research from Enterprise Strategy Group (ESG) shows enterprise customers are looking to consolidate vendors and adopt more integrated platforms backed by an open ecosystem.

Integrated defense improves security by increasing the speed and effectiveness, while greatly reducing the resources required. To make that shift even easier, Symantec also today announced important innovations – including a new universal data exchange, shared management capabilities, and upgraded data loss prevention software that help customers stop untrusted apps before they compromise confidential data. All are built on Symantec’s ICD Platform, which provides a unified framework for information protection, threat protection, identity management and compliance across endpoints, networks, applications, and clouds.

“There’s a seismic shift happening in cyber security,” said Art Gilliland, EVP and GM Enterprise Products, Symantec. “The old way of fighting cyber-attacks using fragmented tools has become too complex and expensive to manage. Integrated platforms are the future. We’re proud to be leading this platform shift with a clear vision and winning portfolio – along with hundreds of partners and thousands of experts working every day on the front lines to protect our customers. We are completely convinced that our best defense going forward is an integrated defense.”

New Research Demonstrates the Need for Integrated Platforms

ESG recently published new customer research showcasing how the lack of a cohesive security technology strategy creates real problems for enterprises, leading customers to seek more integrated platforms and fewer, more strategic vendors. Key findings based on the research include:

  • More than 80 percent of C-level executives said threat detection and response effectiveness is impacted by too many independent point tools1;
  • 53 percent of organizations have a problematic shortage of cyber security staff and skills2; and
  • 91 percent of enterprises are actively consolidating or considering consolidating the cyber security vendors with whom they conduct business3.

“Almost two-thirds of large enterprises surveyed use at least 25 different cyber security products. For security operations centers, managing disparate tools can be ineffective, costly, and time consuming, especially considering the shortage of cyber security skills,” said Jon Oltsik, senior principal analyst and fellow, ESG. “This explains why CISOs are looking to consolidate and integrate their security infrastructure with platforms and open architectures that provide advanced developer support and deliver a partner ecosystem with robust third-party integrations.”

Symantec Integrates Products, Services and Partners

Symantec started building ICD two and a half years ago with its acquisition of Blue Coat Systems, which added best-of-breed web and cloud security technologies to Symantec’s market-leading endpoint, email and data loss prevention (DLP) technologies. At the time, Symantec saw and heard that customers were spending enormous time and resources to integrate point technologies in order to derive real value from their cyber security investments. So, the company invested in a strategy and roadmap to deliver an integrated platform that significantly reduces cost of operations while improving the speed and accuracy of prevention, detection and response in order to reduce risk.

Since then, Symantec has:

  • Invested significant R&D effort to integrate its products around key customer pain points – protecting information in SaaS applications; integrating complementary technologies like cloud access security broker (CASB) and DLP; enhancing endpoint security with advanced endpoint detection and response (EDR) to protect against targeted attacks; and securing infrastructure from endpoint to cloud for “Zero Trust” security implementations.
  • Acquired innovative security technologies like Fireglass, Skycure, Appthority, Javelin, and Luminate to address emerging challenges – and quickly integrated them into the Symantec portfolio.
  • Deepened its services portfolio to provide security leaders with in-depth expertise in global threat intelligence, advanced threat monitoring, cyber readiness, and incident response.
  • Opened its APIs and launched a Technology Integration Partner Program (TIPP) to do deeper integration work with key technology players.

ICD Platform Earns Broad Ecosystem Support

Symantec now has more than 120 partners in TIPP, who are building or delivering more than 250 new applications and services that integrate with Symantec’s ICD Platform, so enterprise customers can reduce the cost and complexity of their security operations. In addition, Symantec is now launching a new “Innovation Playground” program within TIPP to simplify integration with startups. The new program will enable startup teams to leverage Symantec APIs and gain access to products, engineering resources, and customer innovation days.

“In order to reduce security operations complexity and fight today’s increasingly sophisticated adversary, organizations need products that work as a platform instead of an army of point products working in silos,” said Oliver Friedrichs, VP of security automation and orchestration at Splunk. “Splunk’s support for the ICD Platform provides our joint customers with consolidated views across their security infrastructure, including incidents flowing from endpoint, web, network and email security solutions.”

“At Box, security is a top priority and we are dedicated to providing our customers with powerful controls to protect their sensitive content,” said Niall Wall, senior vice president of partners at Box. “Symantec is a founding member of the Box Trust Ecosystem. We are excited about Symantec’s Integrated Cyber Defense and how it will help our mutual customers reduce risk of data loss, detect advanced threats, and seamlessly bring together our security capabilities.”

“Security analysts today deal with increasingly complex threats, fragmented security tools, and siloed organizations,” said Rich Telljohann, director of business development at IBM Security. “To combat this we are seeing that the cyber security landscape is demanding a shift to integrated platforms in order to reduce complexity and cost. We have built an integration using Symantec ICD Exchange, so the IBM Resilient Incident Response Platform can provide intelligent orchestration, automation, and enrichment of incidents triggered by Symantec ICD, allowing analysts to respond intelligently to threats.”

ICD Platform Drives Customer Adoption and Value

As evidenced by Symantec’s recent quarterly earnings, more and more customers are moving beyond individual products to adopt the ICD platform and portfolio. For example:

  • In Europe, a household appliance manufacturer signed an eight-figure deal with Symantec, adopting a substantial footprint of the ICD platform;
  • In Asia Pacific, a major securities and derivatives trading exchange expanded beyond Symantec endpoint security to adopt Symantec’s cloud security stack; and
  • In the U.S., a global Fortune 500 power company – originally a single product customer – signed a seven-figure, multi-product, multi-service deal to build an internal security operations center.

“The threat landscape we all face is not static and is constantly on the move, as are our customers and employees, so strategies to deal with that kind of environment are very complex,” said Emily Heath, vice president and chief information security officer, United Airlines. “Visibility of your environment and integration of solutions are a key part of that strategy. For example, if one security control catches something, it is much more efficient for us if those controls are integrated and can communicate seamlessly with each other to help with real time detection. Additionally, if security providers take the time to integrate across the stack so we don’t have to, that results in an even better outcome.”

Symantec Extends ICD Platform with New Features & Functions

Symantec is introducing three new technology innovations today that extend ICD for shared intelligence and shared management across multiple technology components, as well as new “threat aware” data protection capabilities:

  • ICD Exchange: A universal data exchange that shares events, intelligence and actions across Symantec and third-party systems, improving visibility for security teams and security operations centers, so they can take faster action and increase automation.
  • ICD Manager: Shared management capabilities that will provide customers with unified visibility into threats, policies and incidents, helping them to reduce incident response times from days to minutes.
  • Data Loss Prevention 15.5: New data loss prevention (DLP) software that integrates with Symantec’s market-leading endpoint protection suite to help customers stop untrusted apps before they compromise confidential data. This “threat aware” data protection is one of many breakthroughs made possible due to Symantec’s ICD platform investments.

For more information on ICD, please visit: www.symantec.com/icd.

For more details about TIPP, please visit: https://www.symantec.com/technology-partners.

For more details on how Symantec and partners are leading the shift to Integrated Cyber Defense, please visit: https://www.symantec.com/blogs/feature-stories/united-we-stand

For more details on the cyber security platform shift, please visit: https://www.symantec.com/blogs/feature-stories/cyber-security-platform-shift-more-secure-less-complex

To see a detailed mapping of Symantec product and partner integrations, please visit: https://www.symantec.com/integration.

About Symantec

Symantec Corporation (NASDAQ: SYMC), the world's leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec's Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world's largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on FacebookTwitter, and LinkedIn.

NOTE TO U.S. EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec Newsroom at http://www.symantec.com/news.

Symantec and the Symantec logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

FORWARD-LOOKING STATEMENTS: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

1 Source: ESG Research, Threat Detection and Response Survey, December 2018.

2 Source: ESG Research Report, 2019 Technology Spending Intentions Survey, February 2019.

3 Source: ESG Master Survey Results, Cybersecurity Landscape: The Evolution of Enterprise-class Vendors and Platforms, October 2018.

Contacts

MEDIA CONTACT:
Justin Saia
Symantec Corp.
(650) 527-7455
[email protected]

INVESTOR CONTACT:
Cynthia Hiponia
Symantec Corp.
(650) 527-8020
[email protected]

 

SYMANTEC CORPORATION

Release Summary

Symantec is leading an unprecedented industry collaboration with more than 120 partners to drive down the cost and complexity of cyber security.

 

Contacts

MEDIA CONTACT:
Justin Saia
Symantec Corp.
(650) 527-7455
[email protected]

INVESTOR CONTACT:
Cynthia Hiponia
Symantec Corp.
(650) 527-8020
[email protected]

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5087
PUBLISHED: 2019-11-21
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code....
CVE-2019-5509
PUBLISHED: 2019-11-21
ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account.
CVE-2019-6693
PUBLISHED: 2019-11-21
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the admini...
CVE-2019-17272
PUBLISHED: 2019-11-21
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
CVE-2019-17650
PUBLISHED: 2019-11-21
An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check.