Trend Micro Introduces Custom Defense Against APTs and Targeted Attacks

   Trend Micro Introduces Custom Defense Against APTs and Targeted Attacks

Unique Solution Delivers Adaptive Protection and Empowers Customers to Fight
Back Against Their Attackers

PR Newswire

CUPERTINO, Calif., Oct. 8, 2012

CUPERTINO, Calif., Oct. 8, 2012 /PRNewswire/ -- Trend Micro Incorporated (TYO:
4704; TSE: 4704), is introducing "Custom Defense" – the industry's first
advanced threat protection solution that enables businesses and government
agencies not only to detect and analyze advanced persistent threats (APTs) and
targeted attacks, but also to rapidly adapt their protection and respond to
these attacks. Custom Defense integrates software, global threat intelligence,
and specialized tools and services to deliver a comprehensive solution for

Today's most damaging attacks are those targeted specifically at an
organization – its people, its systems, its vulnerabilities, and its data.
Stealthier and more sophisticated than ever, cybercriminals use clever social
engineering techniques like spear phishing to quietly penetrate select
organizations, deploying customized malware that can live undetected for
months within an organization. Cybercriminals can remotely and covertly steal
an organization's valuable information – from credit card data to the more
lucrative intellectual property or government secrets – potentially destroying
an organization's competitive advantage, or in the case of government even
putting national security at risk.

While many organizations feel that they have been targeted, 67 percent admit
that their current security activities are insufficient to stop a targeted
attack.^1 Not surprisingly, 55 percent are not even aware of intrusions^2, and
fewer know the extent of the attack or who exactly is behind it. While
necessary to thwart the majority of today's attacks, standard defenses have
proven insufficient to handle APTs and targeted attacks; a custom attack
requires a custom defense. Trend Micro's Custom Defense solution enables a
complete Detect – Analyze – Adapt – Respond lifecycle. Custom Defense goes
beyond the ability to just detect and analyze targeted attacks by blocking and
shutting them down before the real damage occurs. This comprehensive solution
also delivers custom insight about the specific threat and cybercriminals
involved, empowering organizations with the information they need to fight
back against their attackers.

The Custom Defense – How It Works


At the heart of the Custom Defense solution is a specialized threat protection
platform that performs network-wide monitoring to detect zero-day malware,
malicious communications and attacker behaviors that are invisible to standard
security defenses. Uniquely integrated with control points across the network,
the solution can detect and block attacks occurring via corporate and personal
email, social media applications, mobile devices and more. It can also detect
and block malware communications back to the cybercriminal, or attempts to
move laterally to other valuable systems within the network. Unlike
competitive offerings that use generic 'sandboxes' in the hope that one will
trigger and detect the attack, the Custom Defense solution allows for
multiple, customer-defined sandboxes that better reflect their real-life
environment and allow them to determine whether they have been breached. The
Custom Defense sandbox detonates suspect code in a safe, controlled
environment that can be optimized for performance and to evade hacker
techniques that are on the lookout for sandboxing solutions.


Upon detection, the Custom Defense solution best enables organizations to
profile in depth the risk, origin and characteristics of the attack, and
uniquely delivers actionable intelligence that guides the organization on how
to contain and remediate the attack. To aid in the threat investigation, this
solution offers a customized view of threat intelligence that is specific to
the organization's environment, and offers the ability to tap into the power
of a global, cloud-based threat intelligence network.


To immediately adapt and strengthen protection against further attacks, the
Custom Defense solution helps customers create custom responses to these
targeted attacks, such as IP blacklists, custom spear phishing protection, and
coming soon, custom signatures -- all specific to each attack. The solution
automatically updates the global threat intelligence network and issues these
custom security updates to Trend Micro gateway, endpoint and server
enforcement points. Built using an open and extensible platform, the solution
can also send security updates to non-Trend Micro security products that may
already be an important part of an organization's defense in-depth strategy.


Finally, the solution delivers 360-degree contextual visibility of the attack,
arming the organization with the insight needed to respond to their specific
attackers. The solution can deliver insight such as what information is being
targeted, how the attack works, who the attacker is, and perhaps most
importantly, who is actually sponsoring the attack. How the organization
responds depends on its own situation, and could be as simple as evasive
action to make it difficult for the attacker to continue, but could also
include public exposure of the attacker to discredit him or her in the cyber
community, or even legal action against the attacker and sponsor.

The Custom Defense – Key Components

As part of this announcement, Trend Micro is revealing enhancements to
critical software components, its threat intelligence, as well as the
availability of specialized tools and services – all of which are necessary
for providing a complete custom defense.

Deep Discovery

Trend Micro Deep Discovery uniquely detects and identifies evasive threats in
real-time, and provides the in-depth analysis and relevant actionable
intelligence found at the heart of the Custom Defense solution. It has been
enhanced to meet the growing demands of large enterprises and governments:

  oOpen: Delivers highly scalable, customer-defined sandboxing analysis that
    can be leveraged by other products
  oAutomated: Automatically shares IP/Domain blacklists with Trend Micro and
    third party products
  oScalable: Supports incremental capacity ranges up to 50,000 samples/day
  oLower TCO: Offers multiple form factors with the ability to start simply
    with a single device to monitor all network traffic types
  oInfrastructure fit: Breadth of attack detection goes beyond
    Microsoft-targeting malware and identifies lateral movement, cross-port
    activity and privilege escalation

Messaging Security

As part of the Custom Defense solution and for better protection across the
network, Trend Micro is the first to integrate advanced threat detection
capabilities into its mail gateway and server security products. Trend Micro™
ScanMail™Suite for Microsoft® Exchange™, Trend Micro™ ScanMail™ Suite for IBM®
Lotus® Domino™, and Trend Micro™ InterScan™ Messaging Security have been
integrated with Deep Discovery to send suspicious files for sandbox analysis
and detection of previously unknown malware. In addition, these products
feature a new exploit detection engine that identifies email attachments that
contain exploits for vulnerabilities in major Adobe, Microsoft Office and
other programs and blocks or quarantines them, furthering the level of
protection provided.

Other Trend Micro Enterprise Security Products

All Trend Micro protection products will integrate more tightly with the
adaptive updates of Deep Discovery. Additional product integrations are
planned and will be announced at a later date.

Smart Protection Network and Threat Connect

The Trend Micro Smart Protection Network cloud security infrastructure rapidly
and accurately identifies new threats, delivering global threat intelligence
to secure data wherever it resides. It looks in more places for threat data,
and uses big data analytics to deliver actionable threat intelligence across
mobile, physical, virtual and cloud environments.

The Threat Connect information portal is accessible via Deep Discovery. It has
been enhanced to provide the full breadth of relevant Trend Micro threat
intelligence about specific threats – aiding in the rapid assessment,
containment and remediation of an attack.

Attack Response Tools and Services

For years, Trend Micro has been helping its customers effectively identify and
remediate targeted cyber-attacks with tools and services that enable Trend
Micro support engineers to discover and analyze advanced threats in mail
stores and network traffic, as well as for searching log files for traces of
attack activity. Proven effective for incident response and forensics, these
tools are now being made available to the Trend Micro partner ecosystem,
including, value-added resellers and service providers.



"Custom Defense is not just a step forward—it is a big leap forward. With the
new 'sand box' capability of Deep Discovery we can evaluate a suspicious java
applet or code snippet and make the right decision. After all, it is not
always the broad-scale threats that represent the biggest danger to our
business. Today, it could be a targeted attack—a piece of code crafted just to
get at our data. Trend Micro Custom Defense gives us a line of defense against
targeted attacks. We can now shut them down quickly."

- Andrew McCullough, Lead Information Security Architect, IT
 G6 Hospitality (Motel 6 and Studio 6), Dallas, Texas 

"I can't say enough good things about this product—it's doing an awesome job
in our environment. We are just getting started with Deep Discovery and we
expect that long-term it will yield even more benefits for us. Right now, it
is helping us respond more quickly to incidents. It is telling us all kinds of
things we would never have known if not for this tool."

- Manager, Desktop Security
Large U.S. Manufacturing Company

"Trend Micro has a great track record of performance and innovation in
protecting our clients assets, and the addition of Custom Defense raises the
bar higher by shortening the critical window of exposure between threat
identification and response."

- Dan Wilson, Senior Vice President of Partner Alliances, Accuvant


"Our research indicates that the majority of enterprise security professionals
believe that it is 'highly likely' or 'somewhat likely' that their
organization has been the target of an APT. Risks can no longer be ignored or
addressed with token changes to the status quo; instead, response must be
immediate and adaptive. An effective approach is with network-based security
monitoring designed to detect and analyze attack activity in real-time. Trend
Micro is one of few vendors whose solutions fit this description; with the
Custom Defense, it is enhancing its capabilities in attack detection and

- Jon Oltsik, Senior Principal Analyst
Enterprise Strategy Group


1.The Human Factor in Data Protection, Ponemon Institute, January 2012
2.Trend Micro research, 2012

Supporting materials:

Supporting Videos:

  oTrend Micro Custom Defense
  oForrester Protecting Against APTs: Network Visibility
  oIT Harvest Interview About Deep Discovery
  oHow Deep Discovery Works Against Targeted Attacks

White Papers and Case Studies:

  oESG Understanding and Addressing APTs
  oMotel 6 Customer Case Study
  oLeading Manufacturing Company Customer Case Study

Data Sheets and Web pages:

  oDeep Discovery Data Sheet
  oCombating Advanced Persistent Threats
  oDeep Discovery: Next-generation Protection from Advanced Persistent

About Trend Micro
Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cloud security
leader, creates a world safe for exchanging digital information with its
Internet content security and threat management solutions for businesses and
consumers.A pioneer in server security with over 20 years' experience, we
deliver top-ranked client, server and cloud-based security that fits
customers' and partners' needs, stops new threats faster, and protects data in
physical, virtualized and cloud environments. Powered by the industry-leading
Trend Micro Smart Protection Network cloud computing security infrastructure,
Trend Micro's products and services stop threats where they emerge – from the
Internet. They are supported by 1,000+ threat intelligence experts around the

Additional information about Trend Micro Incorporated and its products and
services are available at Trend This Trend Micro news release and
other announcements are available at and as
part of an RSS feed at follow our news on Twitter
at @TrendMicro.

SOURCE Trend Micro Incorporated

Contact: Andrea Mueller, +1-408-218-4754,
Press spacebar to pause and continue. Press esc to stop.