ThreatTrack Security, a staple in the world of anti-malware, is going after Advanced Persistent Threats (APT) and wants partners along for the ride.
So what is an Advanced Persistent Threat? APT refers less to the threat technology and more to the threat source. By advanced it means the source has sophisticated attack capabilities. And by persistent it means the source is a steady source of attacks. These sources can be governments as in the case of cyber-warfare, or hacking groups and entities, such as criminal gangs.
And the attacks are often designed for corporate espionage or extortion.
ThreatTrack is hoping to attract security partners to use its ThreatAnalyzer anti-APT tool.
To keep tools like this up to date, the company engages in security research and a June study showed that 69 percent of top execs in the U.S. fear these sorts of cybercrime, APT and malware attacks. And close to half don't have proper defenses in place.
“Organizations of all sizes are discovering that their current security solutions are unable to defend them from today’s increasingly sophisticated cyber threats,” said ThreatTrack Security CEO Julian Waits, Sr. “That creates tremendous opportunity for partners with access to the advanced security technologies necessary to effectively combat APTs and other advanced malware threats. ThreatAnalyzer 5.0 fills that gap in partners’ cybersecurity portfolios, enabling them to capitalize on the rising demand for this critical new layer of malware defense.”
ThreatAnalyzer used to be GFI SandBox software, and was first known as CWSandbox. The company claims the tool was the first commercially available sandbox of this type. The idea is to go beyond the protection offered by signature-based anti-malware tools.
“ThreatAnalyzer enables the identification of malicious files unknown to or undetected by signature-based security solutions. It detonates executable files and URLs in a monitored sandbox environment to analyze and determine the risks they pose to a network, generating detailed behavioral reports so partners and their end-user customers can quickly eliminate discovered threats. It streamlines a task that could take days to just two minutes or less, on average,” the company said.
The ThreatTrack Story
This MSP Today reporter has seen the ThreatTrack technology as part of three different companies. It all started nearly two decades ago with Sunbelt Software which built security tools such as CWSandbox, and in 2008 released the VIPRE anti-malware tool.
In 2010 GFI Software bought Sunbelt, and last year spun off part of the GFI security business which turned into the independent company ThreatTrack.
GFI still offers VIPRE under a license with ThreatTrack, and to some extent they both go after MSPs, with ThreatTrack focusing on MSSPs.
Despite the slight overlap, ThreatTrack is now a close partner to former parent GFI, continuing to provide the security that helps drive GFI’s partner business.
Here is how Dr. Alistair Forbes, General Manager, GFI MAX Business Unit, describes the relationship. “The spinout was done to develop the enterprise side of the anti-malware business.
The VIPRE endpoint technology is a key component that ThreatTrack Security will further develop. We are confident that it remains a great solution for the GFI MAX product portfolio as well,” he said, adding that GFI is now a ThreatTrack OEM partner.
“The focus is the enterprise and there is some crossover into the MSP space but the solutions are different – the MAX delivery model integrates all of the technologies required by an MSP into a single console, whereas VIPRE focuses on being a best-of-breed pure play security solution.”
Edited by
Stefania Viscusi