Symantec Advanced Threat Protection Review from The Cyber Security Trenches
March 08, 2018
Symantec Advanced Threat Protection Review from The Cyber Security Trenches
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Symantec Advanced Threat Protection
Symantec Advanced Threat Protection (SATP) is used to assist and detect malware and ATP across our organization as a whole. It is managed by our IT department. The business problem that it addresses is protecting the confidentiality, availability, and integrity of our IT assets and personnel.
- Detecting and Tracing Advanced Threats
- Actionable Intelligence
- Network traffic analysis.
- Context intelligence
- Sandboxing and detonation
- Static based detection
- Sandboxing and detonation helps in prevention and protecting our availability and confidentiality
- Context intelligence gives our department a clear view of the threat and how to remediate it
- Traffic analysis helps our department not waste time tracking down the source
- Cynic
Doesn't require me to provide dedicated virtual machines or organization specific images to detonate and detect malware. Cynic uses this suite of analysis technologies across multiple operating systems and multiple application versions. Makes it easier on our resources and planning as this alone helps to save time.
Using Symantec Advanced Threat Protection
10 - IT Security, Operations.
2 - System Administration and CISSP
- Sandboxing and detonation
- Network traffic analysis
- Context intelligence
- Simpler on-premises sandbox
- Rapidly updated service without causing downtime
- Reducing the cost to maintain and manage the on-premises side of security infrastructure
Evaluating Symantec Advanced Threat Protection and Competitors
Yes - FireEye, Carbon Black and Lastline
- Price
- Product Features
- Product Usability
- Product Reputation
- Prior Experience with the Product
- Existing Relationship with the Vendor
Product usability and features are the single most important factors.
I would have budgeted more for professional services and training.
Using Symantec Advanced Threat Protection
Pros | Cons |
---|---|
Like to use Relatively simple Easy to use Well integrated Consistent Quick to learn Convenient Feel confident using | Requires technical support |
- Sandboxing and detonation
- Static based detection
- File reputation
- Network traffic analysis.