APTs are usually operated by highly skilled teams or governments and use advanced technology and multiple methods and vectors to reach specific targets and obtain sensitive or classified information. Also known as targeted attacks, reconnaissance is carried out on each target to determine best method of entry. Social engineering or zero-day vulnerabilities are the most common infection vectors.
The FortiGuard cloud-based sandboxing service uses behavioral attributes to detect malware by executing them within a virtual environment. This serves as an additional protection layer that complements FortiGate’s existing antivirus engine and its inline lightweight sandbox. Suspicious files can be submitted automatically to the new hosted service for further scanning without significantly impacting a FortiGate’s performance. In addition, FortiCloud has added a new feature that serves as the online sandboxing portal, which provides detailed status and visibility into the scanned results.
“Today’s advanced persistent threats are challenging both IT personnel and network security vendors. While the signature approach to malware abatement is not going away overnight, additional dynamic safeguards need to be implemented now in order to effectively combat these threats at all layers in rapid fashion," said Derek Manky, global security strategist for Fortinet. “The new services announced today offer a strategic approach to detect and respond to breaking threats from numerous attack vectors. Modern threats strike and shift quickly and so should detection."
Follow senior online managing editor @Craig_Galbraith on Twitter.