Trend Micro’s Smart Protection Network

Trend Micro’s Smart Protection Network


The security industry is in a unique position. Not only is the amount of data we need to protect increasing, the amount that we need to analyze is staggering. If the volume of threat continues to increase at the same rate, we’ll see 230 million new unique threats in 2015 alone. Your computer will need to be aware of 26,000 new threats every hour just to stay protected. To deal with this challenge we developed the smart protection network. We pioneered global cloud-based threat intelligence back in 2008. This innovation meant that we can block threats at their source and do away with the need to provide updates to every protected computer. The real-time, global, cloud-based infrastructure means we can protect all of our customers from new threats everywhere instantly. We don’t stop innovating and we continue to invest in threat research, our core technologies, products and services to insure that we stay one step ahead of the bad guys. How do we do it? Let me show you. To identify new threats, you must start by collecting data. In today’s threat landscape, criminals are everywhere and launch attacks from every region of the globe. They use many techniques to themselves to ensure their activities remain undetected. Effective threat intelligence must have an extensive network gathering the data needed to keep up with the ever increasing volume. The smart protection network collects data many sources to build our correlated database, for example, email data from honeypots, from network taps, from threat research, or from smart feedback. internet addresses from DNS registrations automated tools from spam analysis or malware analysis and we check every one of the files that we find in those mails or on those sites for malicious behavior add it to the database. These are just the foundations, and when you consider that any single data point can inform any other, the permutations are massive. Picture this: email from IP addresses known to be sending spam are detected and blocked. Smart feedback means that web addresses from the spam are extracted. Servers are accessed and cataloged, files are retrieved and analyzed, and if those files in turn contain web addresses or IP addresses the cycle continues. And all the while real time updates are being added to email, web and file reputation databases. As the threat continues to evolve so must the protection. And that’s why we’ve enhanced the Smart Protection Network with several new core technologies. And in the cloud white list of known good files, identifying potential false positives and eliminating unnecessary analysis. Smart rules that allow us to shield zero our vulnerabilities as soon as they’re known, mobile app reputation. Analyzing Android apps for maliciousness, privacy, and resource utilization, and network traffic rules that analyze network behavior and identify unwanted or malicious events. The smart protection network takes into account every detail and runs it against every other. This is security on an unprecedented scale with distributed threat researches, constantly investigating the tools and techniques of today’s online criminal, 24 hours a day, every day of the year. We more places today than ever before as criminals use exploit kits, can monitor control infrastructure, DNS changes, mobile apps and many more tools and techniques to infect and data. Our global sensor net collects more than a billion new threat samples daily, including 7 million new files. We correlate and process more than 6 terabytes of data every day to ensure our customers remain protected from the threats arrayed against them. From that vast volume of data every day we identify around 90,000 new malicious files. More than 100 million new good files are routed to our in the cloud whitelist and more than a billion IP addresses are investigated and classified. But identifying new Press Faster only helps if you can protect your customers with the same speed. Our smart protection network can protect you regardless of the platform you choose. We currently block more then two hundred million new threats threats everyday, including 50 million URLs, and 18 million new files and we handle almost one and a half billion queries against our white list, ensuring we minimize false detect When it comes to threat intelligence of course size matters. But what counts more is what you do with it. Unless you have the infrastructure, tools, and processes in place, To deliver actionable threat intelligence out of all that data, then it’s all for nothing. Of course, we’re happy to be so big, but we’re even happier to be the best.

4 Replies to “Trend Micro’s Smart Protection Network”

  1. Thanks for taking the time to provide this information, raising awareness of cyber threats and associated criminal behaviour

Leave a Reply

Your email address will not be published. Required fields are marked *