Proactive threat protection not updating
13-Feb-2020 15:38
In addition to detecting malicious code variations, CPRL is also able to deeply inspect and detect code that is searching to see if it is in a sandbox environment, thereby rendering its evasion technology irrelevant.Detected code is also cross-referenced with global threat intelligence from Forti Guard Labs to ensure that data is always being compared against the very latest threat findings.Ransomware attacks will only become more prolific as Ransomware as a Service (Raa S) gains traction on the dark web, allowing people to simply buy and execute someone else’s malware.
While a sandbox is a powerful threat detection tool, it is important to note that the full execution and analysis of code in a virtual environment is resource intensive and time consuming.We also recently learned that Wanna Cry used an anti-sandbox program, albeit one that was poorly planned, as the ransomware was mitigated by being tricked into thinking it was in a sandbox environment and thereby destroying itself.Sandboxes are a popular security measure that execute potentially threatening code in an isolated, virtual environment.Cybercriminals are constantly updating and releasing new iterations of their code in the hopes that it will outsmart security features.
With that in mind, it is important that IT professionals take a proactive approach to security to anticipate tactics that hackers might use, perform effective threat analysis, and implement proper security measures to minimize impact.Fortinet’s ATP solution is uniquely qualified to keep your customers’ network a step ahead of cybercriminals, and protect them from current and future iterations of ransomware for three key reasons.