Comprehensive security in one solution

As the fundamental element of our enterprise security platform, App ID™ – Application Visibility module from Palo Alto Networks is always on and available in every Veronym’s package – from Essential to Ultimate. It uses multiple identification techniques to determine the exact identity of applications traversing your network, including those trying to evade detection by masquerading as legitimate traffic, by hopping ports or by using encryption. App-ID™ enables you to see the applications on your network and learn how they work, recognize their behavioral characteristics and their relative risk. Applications and their functions are identified via multiple techniques, including application signatures, decryption (if needed), protocol decoding, and heuristics.

Attackers must complete a certain sequence of events, known as the attack lifecycle, to successfully accomplish their objectives, from stealing information to running ransomware. In order to be successful, nearly every attack relies on compromising an endpoint; and although most organizations make use of endpoint protection, infections are still common. By combining multiple methods of prevention, endpoint protection from Palo Alto Networks – Traps™ leads in its ability to protect endpoints. Traps™ blocks security breaches and successful ransomware attacks that leverage malware and exploits, known or unknown, before they can compromise endpoints.

Improved insight into application usage based on their users gives you a more relevant picture of the network activity. The power of User-ID™ technology from Palo Alto Networks becomes evident when you notice a strange or unfamiliar application on your network. You can determine what the application is, who the user is, the bandwidth and session consumption, along with the source and destination of the application traffic, as well as any associated threats. User-ID™ enables you to identify all users on your network through a variety of techniques, regardless of their location, access methods and operating systems used.

It’s based on another high-end enterprise solution providing unprecedented visibility into unknown threats, with the collective insight of thousands of global enterprises, service providers, and governments feeding the service, which correlates and gains intelligence: WildFire™ service – the industry’s largest threat analysis environment, PAN-DB URL filtering service, MineMeld enabling aggregation and correlation of any third-party threat intelligence source, Traps™ advanced endpoint protection, Aperture™ SaaS-protection service, Unit 42 threat intelligence and research team, Palo Alto Networks global passive DNS network and others.

Enterprises of all sizes are at risk from a variety of increasingly sophisticated threats, which have evolved to avoid many of the industry’s traditional security measures. Our technology relies on Palo Alto Networks Content-ID™ module – it delivers a new approach, based on the complete analysis of all allowed traffic and using multiple advanced threat prevention technologies in a single, unified engine. Content-ID™ is based on a single-pass architecture, which is a unique combination of software and hardware designed from the ground up to integrate multiple threat prevention technologies (IPS, anti-malware, URL filtering, etc.) into a single stream-based approach, simplifying management, streamlining processing, and maximizing performance. Threat prevention is applied in full application and protocol context – across all of your traffic and ports – to ensure that threats are detected and blocked despite evasion attempts. Content-ID™ provides you with fully integrated protection from vulnerability exploits, malware and malware-generated command and control traffic.

The use of SaaS (Software as a Service) applications is creating new gaps in security visibility for malware propagation, risks of data leakage and regulatory non-compliance. Veronym’s service delivers complete visibility and granular enforcement across all user-, folder- and file-activity within SaaS applications, providing detailed analysis and analytics on usage without requiring any additional hardware, software or network changes. It has the ability to connect directly to SaaS applications in order to provide data classification, sharing/permission visibility and threat detection within the application. This yields unparalleled visibility, allowing organizations to inspect content for data risk violations and control access to shared data via contextual policy. It builds upon the existing SaaS visibility and granular control capabilities of App-ID™ technology within our cloud subscription service with detailed SaaS-based reporting and granular control of SaaS access.