More

    Blue Coat Acquires Norman Shark for Deeper Analysis of Malware

    Realizing that an application or system has been compromised is one thing, but figuring out exactly what should be done about it is quite another.

    Looking to extend the reach and scope of its security analytics capabilities, Blue Coat Systems this week announced that it has acquired Norman Shark, a provider of malware analysis software.

    SlideShow: The Most Significant Cyber Attacks of 2013

    According to Steven Schoenfeld, senior vice president of products at Blue Coat, Blue Coat intends to extend the reach of the Norman Shark software across the entire spectrum of its security intelligence services. Schoenfeld says Blue Coat already has an existing partnership with Norman Shark. By opting to acquire Norman Shark, Schoenfeld says Blue Coat expects to be able to more tightly integrate the zero-day sandboxing technology software with Blue Coat software and services, which the company further enhanced earlier this year by acquiring Solera Networks, a provider of a Big Data analytics application that is optimized for security.

    Schoenfeld says one of the things that distinguishes Norman Shark most is that it can run a full copy of a custom desktop Windows environment in its sandbox. Rather than emulating a generic Windows environment, Schoenfeld says the Norman Shark approach specifically discovers how an advanced persistent threat (APT) is compromising a specific environment. That information, says Schoenfeld, is critical in terms of discovering how lethal a threat might be and deciding the appropriate response to take to remediate that threat.

    While APTs still represent a minority of the threats being aimed at organizations, Schoenfeld says they represent a clear escalation in the type of security threats used because they can be targeted at specific organizations or even individuals. As a result, the level of security that IT organizations will need to provide going forward will need to be significantly more robust and granular than anything most have provided to date. Key to that effort is not only better security software being installed on premise, but also increased reliance on security intelligence services in the cloud that can identify potential threats and appropriate countermeasures long before a threat actually finds a vulnerability to exploit.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles