Norman announces Proactive Forensic Toolkit
Press release
Examines Networks to Provide Proactive, Policy-based Defense against Today’s Threats
RSA CONFERENCE 2010, SAN FRANCISCO, 2 March, 2010 - Norman ASA today announced the introduction of the first version of Forensic Toolkit, a proactive solution that protects against a new generation of sophisticated malware that can inflict significant damage to organizations of all sizes. Norman Forensic Toolkit enables organizations to instantly investigate client activity and provides a management console that makes it easy to apply policies to proactively eliminate suspicious client behavior.
Traditional signature-based network security solutions are no match for the proliferation of targeted attacks from organized cyber criminals using blended threats and multi-layer attack methods such as worms, Trojan horses and “day zero” threats to pose a formidable threat to corporate networks.
To solve this problem and deliver proactive network protection, Norman Forensic Toolkit uses extensive analysis collected via Norman SandBox technology to determine policies that define ”bad behavior.” The Forensic Toolkit applies these policies to proactively defend your clients.
When the Forensic Toolkit identifies supicious client behavior, it uses Norman SandBox® technology to decode the threat before creating a policy based on the threat’s behavior. The Forensic Tookit’s management console is used to distribute the policy across the network, clean infections and block future instances of the threat.
For example, when network administrators read about a new form of malware that hides behind a rootkit and creates suspicious files, changes registry settings and tries to connect to an outside server, they can enter these details into the management console, submit the search throughout the network with “uninstall threat” as the remediation setting, and the threat is instantly mitigated and reported.
If a network is compromised by a “zero day” threat that is discovered by Norman SandBox®, Norman Forensic Toolkit launches an automatic, predefined search and the network is scanned for matching threats. The Forensic Toolkit’s management console is then used to apply policies based on the threats behavior—and users can share this information with Norman’s Labs, where it is evaluated and re-distributed to prevent a potential infection reaching other Norman users.
Unlike traditional, signature-based network security solutions, Norman’s Forensic Toolkit enables organizations to automate the process of analyzing suspicious files, identifying types of malware and assessing threats. Companies like MessageLabs, Microsoft, eEye Digital Security, SonicWALL, Inc. and Bauer AG use Norman’s technology to protect their customers.
Availability:
Norman Forensic Toolkit will be demonstrated at the RSA show in San Francisco. The general availability of the technology will be announced later.
For more information, please contact:
Audun Lødemel, VP Marketing and Business Development, +47 934 46 531, audun.lodemel@norman.com
Brian Beard, Vice President of Sales, (703) 608-4593, brian.beard@norman.com
Arvid Gomez, Vice President OEM and Technology, +47 41539790, arvid.gomez@norman.com
About Norman ASA
Founded in Norway on 1984, Norman ASA is a global leader and pioneer in proactive content security solutions and forensics malware tools. Norman’s proactive antimalware solutions, including malware analysis tools, network security and endpoint protection, are powered by patented Norman SandBox® technology and used by security solutions around the world.
Norman’s unified core antimalware protection for clients, servers and network security are delivered as products and services designed to protect business communications and resources, including corporate networks and applications, remote employees, branch offices and extranets. Norman’s solutions are available through Norman subsidiaries and a network of global partners. For more information, visit www.norman.com.