The Content Analysis System is a key product in the Security and Policy Enforcement Center, that integrates real-time blocking of known advanced threats—through application whitelisting and dual anti-malware signature databases—with dynamic malware analysis, that uses state-of-the art sandboxing technologies.
To bridge the gap between real-time blocking of known threats and incident containment through the analysis and mitigation of unknown or advanced malware, the Content Analysis System delivers:
- Intelligent Defense In-Depth: Coordinated use of application whitelisting and malware scanning with single or dual anti-malware engines blocks known threats and identifies unknown content for deeper analysis. This efficient and scalable approach to threat detection scales malware analysis of unknown content, delivering rapid, high-performing advanced threat protection.
- Malware Analysis Orchestration: As a broker between multiple sandboxes, the Content Analysis System simultaneously sends unknown or suspicious files to the Blue Coat Malware Analysis Appliance as well as third-party sandboxes – allowing enterprises to optimize their existing investments while building out an in-depth, advanced malware defense.
- Threat Intelligence Network Effect: New intelligence from the analysis of unknown or advanced malware is shared with Blue Coat ProxySG appliances, to automate blocking of newly identified threats at your gateway; and with the Security Analytics Platform, for advanced threat profiling and remediation of the full scope of an attack. The network effect of the Intelligence Network further automates protection by sharing threat intelligence from 15,000 customers worldwide.