Content Analysis delivers multi-layer file inspection to better protect your organization against known and unknown threats. Unknown or suspicious content from sources like ProxySG, Symantec Messaging Gateway or other tools is delivered to Content Analysis for deep inspection, interrogation, analysis and ultimately blocking, if deemed malicious. Recent enhancements to Content Analysis strengthens this platform even further. New features in recent releases include:

• On-box or cloud sandboxing
• Endpoint protection and response through integration with Symantec Endpoint Protection
• Addition of Symantec Antivirus and Advanced Machine Learning to Content Analysis for even better detection

Even with the benefit of expensive malware sandboxing technologies, incident response teams are inundated with alerts. Because they can’t tell what’s urgent and what’s not, they often ignore alarms, leaving your enterprise exposed to risk. Symantec Content Analysis delivers effective tools for malware analysis to ensure that only truly unknown content is brokered to sandboxes so incident response focuses on real threats, not false alarms.

• Analyze all content before it is sent to the malware sandbox
  
• Prefilter and block all malicious content
  
• Use proxy inspection and dual malware detection engines
  
• Centralize and consolidate sandboxes for cost savings for on-premise or cloud products.
  
• Focus on real threats, not false alarms

Content Analysis now delivers integration with Symantec Endpoint Protection (SEP) Manager to provide the network to endpoint visibility, analysis, blocking and remediation that is needed to protect your organization from today’s advanced threats.

• Send Indicators of Compromise (IOC) to Symantec Endpoint Protection Manager
• Validate network-borne threats at the endpoint
• Inoculate all other endpoints
• Begin swift response and remediation

See how easy integration is and how organization will benefit from bringing these two powerful network and endpoint technologies together.

While many sandboxes are passive and can only report incoming threats, Symantec Malware Analysis – built into Content Analysis – coordinates with inline technologies, delivering real-time sandboxing, discovery, and protection before malware ever reaches a user. A powerful combination of of malware sandbox tools, including virtualization and emulation captures more malicious behavior across a wider range of custom environments, including mobile, than typical single-method sandboxes.

• Customize sandbox profiles to represent your ‘gold’ images
  
• Create custom behavioral patterns to detect unique IOCs
  
• Detect malware that is crafted to avoid sandbox detection
  
• Delay file delivery until analysis is complete
  
• Mimic user activity so malware thinks it is being activated

The Radicati group views the Advanced Persistent Threat (APT) Protection market as a set of integrated solutions for the detection, prevention and possible remediation of zero-day threats and persistent malicious attacks. Once again, Symantec Content Analysis plays a critical role in Symantec’s being selected as the Top Leader in their 2019 report. Symantec achieved this high honor for several reasons, including:

• Symantec’s market share leadership with enterprise customers
• The variety of deployment options (on-prem, hybrid or cloud) we offer customers
• Our fully-integrated portfolio across Symantec and third-party products and technologies
• A keen focus on protection at endpoint, gateway, cloud and mobile
• The massive Global Intelligence Network for unrivaled threat intelligence
• Symantec’s integration between ProxySG, Content Analysis, EDR, Security Analytics, SSL Visibility, Web Isolation and more