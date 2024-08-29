Security Program Controls/Technologies

2024 SC Awards Finalists: Best Threat Detection Technology

Threat detection technology speeds identifying threats and also actively mitigates attacks in real-time. It's vital when it comes to alerting security team of an ongoing attack, but also a crucial part identifying subtle indications of prior system infiltrations. Closely aligned to threat intelligence technologies and processes, threat detection techniques have graduated from simpler network-based detection products to technologies focused on improving detection times, alerting, and mitigating attacks as they happen. Not only can a wide range of organizations now readily fall victim to an attack, bad actors can infiltrate systems undetected, leveraging various points of entry and methods of obfuscation. As such, these products deliver features that offer detection and/or remediation capabilities for the entire network, including mobile devices, cloud applications, and IoT-based devices.

The Top 5 | Best Threat Detection Technology

Advanced Email Security – Best Threat Detection Technology

Perception Point has been named a finalist in the “Best Threat Detection Technology” category for its Advanced Email Security solution. As cyberattacks fueled by GenAI become more sophisticated, organizations need robust protection against these evolving threats. Traditional email security measures often fall short, leaving security teams overwhelmed. Perception Point’s solution stands out by offering unparalleled detection accuracy of 99.95%, near real-time prevention, and swift remediation for even the most complex threats.

This advanced security is powered by multiple layers of AI-driven detection engines that thoroughly scan all content, including text, files, and URLs, across various platforms. The solution also integrates innovative features like the GenAI Decoder™, which detects social engineering attempts by analyzing text context and patterns, and QR code phishing defenses that protect against ‘quishing’ attacks. Additionally, Perception Point extends its protection beyond email to cover collaboration channels, cloud storage, and web browsers.

The solution’s fully managed Incident Response (IR) service is another key differentiator, reducing SOC team workloads by up to 75%. Powered by the GPThreat Hunter, an autonomous IR agent using GPT-4, it automates rapid detection and response, enhancing overall efficiency. The solution’s effectiveness is reflected in its 4.9/5 rating on Gartner Peer Insights Voice of the Customer Report, the highest score received by any vendor.

Perception Point continues to innovate, with plans to enhance its GPThreat Hunter capabilities and develop new modules to combat social engineering threats. The company’s commitment to customer service is highlighted by its all-included 24/7 Managed Incident Response service, which has consistently received praise for its responsiveness and effectiveness. Perception Point’s strong market position and ongoing growth are supported by a transparent pricing structure and a holistic service that includes free training, implementation, and ongoing support, ensuring customers receive comprehensive protection and excellent value.

BDVision – Best Threat Detection Technology

Binary Defense has been named a finalist in the “Best Threat Detection Technology” category for its BDVision platform. Targeting the small to medium business market, BDVision provides essential protection for organizations that lack the capability to build robust internal security functions. It specifically addresses threats such as file-based and fileless malware, malicious network connections, lateral movement, and persistence hooks — threats that traditional security measures often miss. BDVision’s behavior-based detection techniques and advanced deception technologies offer proactive defense against sophisticated and emerging threats.

The solution’s rapid deployment, minimal CPU usage, and seamless integration ensure that it does not disrupt existing operations. BDVision utilizes advanced behavior-based detection to identify and alert on real-time attacks, including evasive and emerging threats that traditional methods might miss. The platform’s containment feature allows immediate isolation of compromised endpoints, preventing the spread of threats and enabling swift remediation. Additionally, BDVision leverages deception technology to deceive and neutralize attackers proactively, enhancing overall security.

Binary Defense’s commitment to customer service is reflected in its mission-obsessed approach, offering dedicated teams to support clients at all levels. The company maintains an average 12-minute response time for critical alerts and provides transparent, consistent communication through weekly technical meetings, monthly reports, and quarterly business reviews. This high level of support ensures that customers are always informed and aligned with their security goals.

BDVision continuously evolves with monthly updates and quarterly feature releases to maintain its effectiveness against modern threats. Recent updates include new deception capabilities built into the solution, offering a fully managed deception service integrated with Binary Defense’s MDR. Customers have praised BDVision for its ability to reduce actionable security alerts, providing unprecedented observability and immediate contextual feedback on security events. The platform’s effectiveness in hardening security postures and reducing labor costs makes it a vital tool for SMBs looking to protect their digital assets without extensive internal security resources.

Permiso Identity Threat Detection and Response – Best Threat Detection Technology

Permiso Security has been named a finalist in the “Best Threat Detection Technology” category for its Identity Threat Detection and Response (ITDR) solution. As threat actors like LUCR-3, also known as Scattered Spider, increasingly target organizations across various industry verticals, Permiso’s ITDR solution has become essential. This solution detects and responds to identity threats across the cloud multi-plane, including IdP, IaaS, PaaS, and SaaS layers. Existing security tools often fail to detect these sophisticated threats, making Permiso’s unified approach crucial for protecting both human and non-human identities from advanced attacks.

Permiso stands out by providing unified multi-plane identity threat detection and response from a single pane of glass. The solution combines static rule-based detection logic with machine-learning-powered runtime detection engines to create a baseline of normal identity activity. This allows for the development of a unified identity graph, which detects and alerts on suspicious activities such as advanced account takeover, impersonation attacks, and insider threats.

Proofpoint Targeted Attack Protection (TAP) and Threat Response – Best Threat Detection Technology

Proofpoint has been named a finalist in the “Best Threat Detection Technology” category for its Targeted Attack Protection (TAP) and Threat Response solutions. With email accounting for over 90% of targeted attacks, Proofpoint TAP addresses the evolving tactics of cybercriminals, who launch approximately 66 million business email compromise attacks monthly. TAP’s innovative approach goes beyond traditional email security by providing proactive threat detection, adaptive controls for risky clicks, and extending protection to cloud applications, making it a comprehensive defense against advanced threats.

Proofpoint TAP empowers organizations to protect their users by utilizing machine learning and a combination of static and dynamic analysis, including sandboxing in various environments, to identify and block new and evolving threats. The platform offers comprehensive visibility and early detection across a wide range of threats, such as phishing, ransomware, BEC, and cloud-based attacks. Additionally, Threat Response automates response actions like email quarantine and user permission adjustments, streamlining security operations and enabling security teams to focus on high-priority tasks.

Proofpoint’s solutions are trusted by many of the world’s largest companies, processing billions of emails and URLs daily. The platform holds nearly 27% of the market share in email security and is used by over 85% of the Fortune 100, 60% of the Fortune 1000, and 45% of the Global 2000, making it the leader in enterprise threat protection.

Customers benefit from Proofpoint’s cloud-based service, which offers a cost-effective, scalable solution with no additional costs for managing or updating the service. Proofpoint’s commitment to customer satisfaction is evident in its high renewal rate of over 90% and its award-winning support, which includes 24/7 global coverage, a robust knowledge base, and a virtual Customer Support Center with a wide range of online resources.

Proofpoint’s Threat Protection is continuously updated to enhance security effectiveness, allowing customers to choose when to accept upgrades based on their individual needs. The platform’s integrated, multi-layered solution for email threats includes threat detection and protection, authentication, security awareness, mSOAR, and DLP, ensuring comprehensive security coverage. Recent developments include enhanced BEC condemnation summaries in the TAP Dashboard and the integration of identity threat defense following the acquisition of Illusive, further strengthening Proofpoint’s position as a leader in threat detection technology.

VMware vDefend Firewall with Advanced Threat Prevention – Best Threat Detection Technology

VMware by Broadcom has been named a finalist in the “Best Threat Detection Technology” category for its VMware vDefend Firewall with Advanced Threat Prevention (ATP). As cybercrime continues to rise, the need to secure east-west traffic within data centers has become paramount. VMware vDefend ATP addresses this challenge by offering an automated, distributed, and enterprise-wide solution to prevent advanced threats. The platform enhances fidelity, reduces false positives, and accelerates remediation while minimizing manual work for analysts.

VMware vDefend ATP combines multiple detection technologies — Intrusion Detection/Prevention System, Network Sandboxing, and Network Traffic Analysis — with Network Detection and Response engines. These capabilities work together to provide a comprehensive defensive layer, ensuring efficient operation, high-fidelity detection, and complete visibility.

With over 600 customers, VMware vDefend ATP has proven its value in various sectors. For example, Cenitex, an Australian ICT services provider, uses vDefend ATP to meet federal data breach laws while enabling faster deployment and greater security for their diverse customer base. Another customer highlights how vDefend ATP reduced network infrastructure provisioning time from weeks to minutes, demonstrating the platform’s ability to streamline operations.

VMware offers 24/7 worldwide customer service and professional services, including deployment, migration, and training. Customers report significant value, achieving a 610% three-year return on investment and a six-month payback period. VMware vDefend ATP continues to evolve with major releases twice a year, ensuring it remains at the forefront of threat detection and prevention.

