Anti-malware, Redefined.

Plug & play USB scanning

A high degree of protection can be achieved by leveraging IOT security for a transiting USB device. Air-gapped environments are frozen in time and host unseen classes of malware, often via a transiting USB device between the OT and IT networks. Monitoring at a network security level does not enable organizations to prevent even accidental infections. Our plug & play USB scanning station is endowed with artificial intelligence technologies to prevent known, unknown and future forms of attacks, such as adversarial machine learning. This protects industrial IOT environments in various segments such as manufacturing, pharmaceutical, oil gas, shipping, drilling, and more inside this threat landscape. Featuring technologies include:

  • Neural Networks 
  • Enforcement Driver
  • Advanced Machine Learning 
  • Signatures 
  • Emulation 
  • File Reputation

Thousands of engineers work to protect your critical environments

Here’s how:

Neural Networks

  • Enhances our industry-leading efficacy with artificial intelligence technologies
  • Up to 15% more detection capabilities on real work samples
  • Expand capability to protect against future forms of attacks, such as adversarial machine learning
  • Organic self-adaptation to changing environments, threats and more
  • These improvements in anti-malware can be used across control points – email, web traffic, and endpoints

Advanced Machine Learning

  • Leveraging malware samples from 175 millions of endpoints around the world, our engine uses this trained multi-dimensional behavioral model to identify large classes of malware, both known and unknown
  • Signature-less detection 
  • Multiple decision forests trained weekly with in-field samples


  • “Wisdom of the crowd”
  • File reputation and insight data collected from 175 million endpoints
  • We leverage these reputation ratings in our products to block entirely new attacks, and to provide another feed into our engine when rapidly processing files


  • Scans and eradicates malware that arrives via USB
  • Algorithm-based instrumented signatures to cover large filesets
  • Maintains information on prevalent threats and can retrieve information on all known vulnerabilities when cloud access is available
  • A single signature can cover up to 100 variants of a malware


  • Samples are executed in a lightweight virtual machine to cause threats to reveal themselves in an emulated environment
  • X86 Emulation Obfuscated Threat
  • JS emulation
  • VBS/VBA emulation
  • Unrar/UnZip
  • PE/Non-PE

Critical System Protection

Timeless, signatureless, policy-based endpoint security and compliance.

Building a cyber defense arsenal for IOT systems requires control points for a vast range of operating systems and device-specific threats. Our lightweight behavioral hardening engine is purpose-built to protect legacy and EOL systems, by adding layers of defense at the kernel level to prevent unhygienic operations to your endpoints. Naturalizing defense on fixed-function systems through our application whitelisting approach ensures IOT device security , freezing systems such that malicious content is unable to run. Critical System Protection isolates IOT devices from network intrusion, zero-day exploits, and other future forms of attacks. Features include:

  • Streamlined Application Whitelisting
  • Anti-exploit Techniques
  • Supports Windows 2000/XP/10 & Linux
  • Memory footprint less than 20MB
  • CPU utilization of less than 1 percent

Don’t Detect, Prevent.

These solutions work together, and with the rest of the Symantec product portfolio, thanks to our Integrated Cyber Defense (ICD) platform. Unify cloud and on-premises security to provide threat protection, information protection and compliance across all endpoints, networks, email, and cloud applications. Our solutions enact control points with enterprise-ready proven solutions to protect your critical environments from both known and unknown attacks.