Stop Advanced Threats that Evade Traditional Detection Techniques
Modern attacks are rapidly growing in volume and sophistication. New malware strains are designed to evade traditional detection techniques and are often propagated through targeted, zero-hour attacks. And these new malware variants are appearing faster and in greater number than ever before—new ransomware variants alone are predicted to appear at a rate of more than 200 per quarter for the foreseeable future.
Barracuda Advanced Threat Protection is an integrated cloud-based service that analyzes traffic across all of the major threat vectors.
Barracuda Advanced Threat Protection uses advanced machine learning techniques to stay ahead of ever-evolving malware, including new variants that are capable of exploiting one or more threat vectors.
Benefits of a Layered Defense
Stopping advanced threats from reaching your users and data requires a layered defense. In a 2016 independent test conducted by MRG Effitas and AV-Comparatives, the Barracuda CloudGen Firewall, with Barracuda Advanced Threat Protection technology enabled, was the only solution tested to achieve 100-percent effectiveness, along with a zero-percent rate of false positives.
Barracuda’s multi-layer defense pre-filters possible threats by using increasingly sophisticated analysis, to optimize efficiency and ensure rapid response to any type of attack without compromising network performance or security policies.
Advanced Threat Signatures
Barracuda maintains a massive database of known threat signatures that is used to detect and block any known threat. Whenever a new threat is identified, its signature is immediately added to the database and shared across all our security products and subscribers in real time.
Behavioral and Heuristic Analysis
Any email or data that is not blocked at Layer 1 is then subjected to behavioral and heuristic analysis at Layer 2. In this layer, questionable code and scripts are analyzed in a controlled environment. This layer looks for suspicious activities such as replication, file overwrites, and obfuscation attempts.
Static Code Analysis
Static code analysis examines parts of any executable file to find questionable code without actually executing the code. This layer is a fast and highly effective method of pre-filtering malware before sending questionable files on to the final, sandboxing layer.
The final layer of analysis is a comprehensive CPU emulation-based sandbox that detonates any suspect files that have survived the previous layers. By using CPU emulation, the Barracuda Advanced Threat Protection can detect threats that are designed to evade traditional virtualization-based sandboxes.
Global Threat Intelligence Network
Barracuda Advanced Threat Protection leverages a global threat intelligence network that ingests vast amounts of diverse threat information from millions of collection points around the world. These include deployed Barracuda endpoints; honeypots, or decoys intended to attract the attention of threat actors and criminals; autonomous crawlers, bots that travel the internet actively seeking out new threats; third-party malware submissions; and analysis by Barracuda Labs.
All this information comes together to create the most up-to-date possible view of the threat environment. This is shared in real time with all Barracuda deployments with Advanced Threat Protection enabled—giving you the best protection against advanced threats in the industry.