Symantec DeepSight DataFeeds
Visibility into all ports/protocols for threat analysis and collection

Overview:

The Challenge

In today’s enterprise, security threats are more dynamic and pervasive than ever. They are more sophisticated, and are doing more damage, increasingly with criminal intent. This, coupled with an increased ability to exploit vulnerabilities, is a growing worry for security professionals.

Traditional security solutions can only do so much; they can only attempt to identify and block threats as they attack the enterprise. By adding deep visibility into the global threat landscape, security policy can become more proactive.

For organizations trying to keep up with the threat landscape, trying to aggregate threat data from numerous sources, identifying which threats are relevant and then prioritizing mitigation actions is a full-time task. The time and effort spent on research also reduces the resources available for actually integrating this data into security systems and implementing solutions to enhance security.

Symantec DeepSight™ DataFeeds Overview

Symantec DeepSight™ DataFeeds provide actionable intelligence about malicious activity sources, emerging threats, and vulnerabilities. This intelligence can enable you to reduce your exposure to threats through automated integration with existing security solutions. This integration into existing processes and tools allows businesses to act appropriately and quickly, preventing security incidents before they happen. Proactively protecting systems from application vulnerabilities prior to exploits and vendors patches being released allows security operations staff to stay ahead of the curve.

DeepSight DataFeeds are derived from deep, proprietary analysis of billions of events from the Symantec™ Global Intelligence Network. The Global Intelligence Network provides global visibility into the threat landscape, including:

• More than 240,000 sensors monitoring networks in over 200 countries
• Over 133,000,000 Symantec products and services
• Visibility into all ports/protocols for threat analysis and collection
• More than 8 billion emails per day
• More than 1 billion web requests a day

DeepSight DataFeeds are delivered in an XML format to allow enterprise security teams to easily integrate this intelligence into their security applications and systems, enabling dynamic security policy refinement to protect against communication with a malicious source with no IT overhead required.

Many customers integrate DeepSight DataFeeds to harness Symantec’s threat intelligence knowledge within their internal security programs and security intelligence dashboards. This enables customers to leverage a broad view of internet threats and apply this intelligence as a key element of identification and prevention within their internal environments.

Benefits

Unsurpassed accuracy and breadth of intelligence

Only Symantec has the breadth of visibility into real-world threat intelligence, combined with the expertise to analyze threat data to inform and protect our customers ahead of time.

Enable the transition from reactive to proactive security programs

Incorporating enhanced global threat and vulnerability visibility helps identify and block threats before they impact your network.

Improve IT security staff productivity

Delivered as an automated feed, there is no manual threat or vulnerability research required by IT, freeing up time that can be spent on additional tasks.

Adjust organization’s response based on risk profile

The combination of threat, vulnerability, and reputation information allows businesses to customize which alerts to take action on based on their internal infrastructure and security posture.