Advanced Threat Detection (ATD) Appliances
Advanced threat detection (ATD) appliances are used as an extra security approach to examine all communications that standard layers of security controls have allowed to pass. These appliances look at combinations of source reputation, executable analysis and threat-level protocols to detect advanced targeted threats that existing controls cannot detect.
In IT, ATD is not the kind of branded security product that is trademarked in the home security industry. It is a broad-level term for solutions that use certain kinds of analysis to boost security in systems. For example, ATD tools may use elements like source reputation to analyze network traffic for security purposes. They may work across multiple operating systems or otherwise develop "rich threat intelligence" that gives the human security teams a better view of where systems are vulnerable. Advanced threat detection tools may analyze downloads or other user activity within the system. They may analyze the use of internal alerts to pinpoint how cyberthreats apply to the system. Vendor tools can help companies improve their security by bringing this type of deeper level analysis to networks.
The primary benefit of advanced threat detection solutions is their ability to detect malware that has sophisticated evasion or obfuscation capabilities as well as new malware that has not been identified previously. Advanced threat detection plays a critical role in protecting data from advanced and persistent malware attacks. When advanced threat detection solutions are integrated into a company’s security program, they provide another key source of threat intelligence to protect against zero-day attacks, improve detection-to-containment times, and aid in the follow-up investigation to make security improvements after a threat is neutralized.
- Custom Malware Sneaks Past Advanced Threat Detection Appliances In Lab Experiment Jackson Higgins