Panda Adaptive Defense 360 is the first and only product in the market to combine in a single solution Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) capabilities.
Do you want to get to know more about Adaptive Defense 360?
- Test a demo: http://bit.ly/21jl4Bi
- Talk to an expert: http://bit.ly/1Ouzvve
- Get more info: http://bit.ly/21jljMu
2. Index
1. Adapting Security Needs
2. Adaptive Defense 360
3. Features & Benefits
4. How does it work?
5. Customer testimonials
14/09/2015Adaptive Defense 360 2
3. Adapting to New Security Needs
14/09/2015Adaptive Defense 360 3
4. 14/09/2015Adaptive Defense 360 4
From Protection only…
Protection is a must,
but how solid is your
protection?
All organizations,
large and small, are
being targeted and
most protection
layers are
eventually
breached.
They also thought
they were
protected…
5. 14/09/2015Adaptive Defense 360 5
… to Protection plus
Detection, Response
and Remediation
Organizations need to Prevent
attacks and they need react if the
prevention fails by setting
mechanisms to:
- Proactively detect security
attacks
- Gather the necessary
information to respond
effectively to the security
breach
- Apply remediation actions
automatically to minimize the
impact and scope of the
infection
6. 14/09/2015Adaptive Defense 360 6
Understand and Follow
the Information Flow
In the era of BYOD, distributed and remote
offices or Cloud solutions, setting information
flow control rules is no longer a feasible option.
There is a need to shift from control to
understand and follow the information flow;
who, how and when the information is
accessed and it flows within and outside your
organization.
7. 14/09/2015Adaptive Defense 360 7
Minimize Friction with
Business Operations
• What really matters is your
business
• Tight security measures can
suffocate employees daily
operations
• Security shouldn’t be a stopper
but a facilitator
• Users demand no interference in
their daily tasks and IT
administrators better security
with less hassle
8. What is Panda Adaptive Defense
360?
14/09/2015Adaptive Defense 360 8
9. 14/09/2015Adaptive Defense 360 9
Panda Adaptive Defense 360 is the first and only product in the market to combine in a single solution
Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) capabilities
The EDR capabilities relies on a new security model which can guarantee complete protection for devices
and servers by classifying 100% of the processes running on every computer throughout the organization
and monitoring and controlling their behavior.
More than 1.2 billion applications already classified.
Automated
malware removal to
reduce burden on
administrators
Block non-goodware
applications and exploits to
prevent future attacks
Forensic information for
in-depth analysis of
every attempted
attack.
Targeted and zero-day
attacks are blocked in
real-time without
signature files
11. Protection of intellectual
assets against targeted
attacks
Web & Mail
(Exchange) Filtering
Device Control
Data access and
transmission monitoring for
applications
Forensic report
14/09/2015Adaptive Defense 360 11
Protection
Productivity & Management
Detection &
Response
Light, easy-to-
deploy solution
Daily and on-
demand reports
Simple, centralized
administration from a
Web console
Total transparency
for the user
Better service, simpler
management
Continuous monitoring
and analysis of running
applications
Protection of vulnerable
systems
Antivirus/Antimalware
Personal Firewall
12. How does Adaptive Defense 360
work?
14/09/2015Adaptive Defense 360 12
13. 14/09/2015Adaptive Defense 360 13
Combining Panda’s EPP and EDR capabilities
Adaptive Defense 360 are 2 solutions in a single console.
Adaptive Defense 360 starts with Panda’s best-of-breed EPP solution (Endpoint Protection
Plus) and adds the EDR capabilities of Adaptive Defense in order to protect against zero-
day and targeted attacks that take advantage of the ‘window of opportunity for
malware”.
14. 14/09/2015Adaptive Defense 360 14
The best Endpoint
Protection
Covers all infection vectors in Windows, Linux, Mac
OS X and Android devices
Prevention technologies
• Browsing, email and file system protection
• Control of devices connected to the PC
Security on all platforms.
• Windows (from 2000 to 10)
• Linux (Ubuntu certified, Red Hat, Debian,
OpenSuse and Suse)*
• Mac OS X (10.6 – 10.10)*
• Android (from 2.3)*
• Virtual engines (WMware, Virtual PC, MS Hyper-V,
Citrix)
Cross-platform security
Monitors and filters Web traffic and spam, allowing
companies to focus on their business and forget
about unproductive employee behavior
Website monitoring and filtering
• Increases business productivity
• Monitors Web browsing
• Select the Web categories you consider
dangerous or unproductive during working hours
• Compatible with any Web browser
No more saturated inboxes
• Reduces the attack surface in Exchange servers
through content filtering
• Increases security and user productivity with the
anti-malware and anti-spam engine, blocking
junk mail and malicious messages
Maximum productivity
* Only endpoint protection, EDR not supported on these platforms
15. A three phased cloud security model for
Endpoint Detection and Response
14/09/2015Adaptive Defense 360 15
1st Phase:
Comprehensive monitoring of all
the actions triggered by
programs on endpoints
2nd Phase:
Analysis and correlation of all
actions monitored on customers'
systems thanks to Data Mining
and Big Data Analytics
techniques
3rd Phase:
Endpoint hardening &
enforcement: Blocking of all
suspicious or dangerous
processes, with notifications to
alert network administrators
17. Key Differentiators
The only offering to include Endpoint Defense &
Response and Endpoint Protection Platform
capabilities
Categorizes all running processes on the endpoint
minimizing risk of unknown malware
• Continuous monitoring and attestation of all
processes fills the detection gap of AV products
Automated investigation of events significantly
reduces manual intervention by the security team
• Machine learning and collective intelligence in
the cloud, and manual check from PandaLabs
Experts definitively identifies goodware & blocks
malware
Integrated remediation of identified malware
• Instant access to real time and historical data
provides full visibility into the timeline of
malicious endpoint activity
Minimal endpoint performance impact (5%)
14/09/2015Adaptive Defense 360 17
18. 14/09/2015Adaptive Defense 360 18
What Differentiates Adaptive Defense 360
* WL=Whitelisting. Bit9, Lumension, etc ** ATD= Advanced Threat Defense. FireEye, Palo Alto, Sourcefire, etc
AV vendors WL vendors* New ATD vendors**
Lack of proactive detection
Do not classify all applications
Management of WLs required
Not all infection vectors
covered
(i.e. USB drives)
Interference to end-users and
more hassle for admin (false
positives, quarantine
administration,… )
Complex deployments required
Monitoring sandboxes is not as
effective as
monitoring real environments
No traceability for forensic
information
Expensive work overhead
involved
ATD vendors do not
prevent/block attacks
No protection against
vulnerable applicatons
External solution or manual
intervention needed for
remediation
19. 14/09/2015Adaptive Defense 360 19
New malware detection capability*
Traditional
Antivirus (25)
Panda Adaptive Defense 360
New malware blocked during… Deep-hardening Mode
the first 24 hours 82% 99%
the first 7 days 93% 100%
the first 3 months 98% 100%
Suspicious detections YES NO (no uncertainty)
* Viruses, Trojans, spyware and ransomware received in our Collective Intelligence platform. Hacking tools, PUPS and cookies
were not included in this study. ** Using the Universal Agent technology included as endpoint protection in all Panda Security
solutions.
Adaptive Defense 360 above and beyond AVs
20. +1,2 billion applications already
categorized
Malware detected in 100% of deployments
regardless of the existing protection
mechanisms
+100,000 endpoints and servers protected
+200,000 security breaches mitigated in
the past year
+230,000 hours of IT resources saved
estimated cost reduction of 14,2M€*
14/09/2015Adaptive Defense 360 20
Adaptive Defense in
figures
* Based on average time and cost estimations from
Ponemom Institute report on Cost of Cybercrime Oct-2014
22. "Panda Adaptive Defense is a managed security solution that allows us to guarantee complete protection
of our customers’ endpoints and servers, with granular monitoring and supervision of the behavior of each
device. We can also offer forensic analysis services to customers on request.“ "Panda Advanced Protection
Service enables us to provide guaranteed security against cyber-crime and targeted attacks, a key point
which we were not convinced we would be able to achieve when we began to evaluate solutions.”
Alfonso Martín Palma, Senior Manager of the Indra Cybersecurity Operations Center (i-CSOC).
"After the success of this project, and thanks to the quality of the services delivered, Eulen is now
concentrating on the security of new operating systems such as Android, and as such is considering further
collaboration with Panda Security."
14/09/2015Adaptive Defense 360 22
24. 14/09/2015Adaptive Defense 360 24
The endpoint protection installed on each
computer monitors all the actions triggered by
running processes. Each event is cataloged
(based on more than 2,000 characteristics) and
sent to the cloud*
• File downloads
• Software installation
• Driver creation
• Communication processes
• DLL loading
• Service creation
• Creation and deletion of files and folders
• Creation and deletion of Registry branches
• Local access to data (over 200 formats)
Phase 1: Continuous
endpoint monitoring
* It is estimated a two weeks period for full detection and
classification of current applications
25. 14/09/2015Adaptive Defense 360
Phase 2: Big Data
Analysis
* Pattern based classification by Panda Labs with a response time of less than 24hours in average
** The trustability score determines whether or not a process is trusted. If a process is not trusted, it will be prevented from running.
Information
Static
Contextual
External (3rd parties)
Controlled execution and
classification* on physical
machines
Big Data Analysis
Continuous classification
of executable files
Trustability score
The trustability score** of
each process is
recalculated based on
the dynamic behavior of
the process
The trustability score** is
recalculated based on
the new evidence
received (Retrospective
Analysis)
2525
26. 14/09/2015Adaptive Defense 360 26
Phase 3: Endpoint
hardening and
enforcement
The service classifies all executable files with
near 100% accuracy (99.9991%)
Every process classified as malware is
immediately blocked.
Protection against vulnerabilities
The service protects browsers and
applications such as Java, Adobe or
Microsoft Office against security flaws by
using contextual and behavioral-based rules.
Data hardening
Only trusted applications are allowed to
access data and sensitive areas of the
operating system.
Blocking of all unclassified processes.
All unclassified processes are prevented from
running until they are assigned an MCL
(Maximum Confidence Level) by the system.
If a process is not classified automatically, a
security expert will classify it.
STANDARDMODE
EXTENDEDMODE