Posted: 2 Min ReadExpert Perspectives
Translation: 日本語

4 Numbers That Will Lead to Better Protection in 2022

Symantec helps you solve your toughest challenges

The past is prologue and the protection numbers from 2021 tell us a lot about what we should be doing in 2022.  With that in mind I looked at some of the protection numbers from 2021 and found 4 that shine a bright light on things that can be done to better protect you in 2022.  At Symantec, as part of Broadcom Software, we are driving innovation to help you solve your toughest challenges

93%. Of all the threats blocked by our STAR protection technologies in 2021, 90% of them were blocked by Symantec’s IPS technology. Vulnerability exploits, web attacks, tech support scams, coin miners, crypto-jacking and malware downloads all blocked at the network layer.  IPS can also detect C&C traffic, identify the infected client and remove the threat.  But 93% of those blocked were pre-infection.  Pre-infection prevention means the threat never got on the machine. 

20. The top twenty vulnerabilities being exploited by attackers in 2021 were all server vulnerabilities.  Log4j lead the way.  It was the number one exploited vulnerability in 2021 despite not being public till December.  That demonstrates how quickly attackers jump, with both feet, on any new vulnerability.  But the real takeaway from this number is that servers need to be protected.  They need to be locked down and prioritized in patching schemes.  Symantec has a solution for locking down servers called DCS.  It’s a good way to lock your servers.  Getting IPS turned on for servers running SES should also be done.  While it’s understandable that there may be performance concerns, IPS has features to mitigate this issue.  Go here for more details. 

Of all the threats blocked by our STAR protection technologies in 2021, 90% of them were blocked by Symantec’s IPS technology.

6 million. You’re right, MacOS does not see as much malware as Windows.  But Symantec did block 6 million MacOS threats in 2021.  Not a lot compared to the number of Windows based threats.  But if have Macs it’s enough to take notice.  We boosted the protection for Mac clients this year by added behavior blocking to the file based inspection and IPS technology already protecting those clients.  If you’re not protecting your Macs, it’s time to do so.

21 billion. Audit signatures were first created as a way to put a signature in the field to monitor it for potential false positives.  These were log-only signatures.  We called them silent.  Soon customers begin to look for detections based on these signatures in the log file to discover potential issues in their network.  Symantec leaned into this and turned audit signatures into a feature, to detect but not block or remove behavior in the network. For instance, these signatures can be used to monitor red team tool usage, discover disallowed software being used or even be notified of suspicious usage of remote desktop applications.  Because they could be being used legitimately in the network you don’t want to automatically block them.  But you do want to know about them.  And if you decide that traffic should be blocked, you can do that too.  We saw 21 billion detections in 2021 by these signatures.  There is a wealth of knowledge available via these signatures – learn more about them here.

Symantec has been meeting the complex security needs of customers of all sizes, across all industries for decades.  To learn more Symantec solutions go here.  And to learn more about how to Optimize and Protect with Broadcom Software, see the video below.

Broadcom Software Blogs
You might also enjoy
Video
Feature Stories4 Min Read

Broadcom Software 2022 Predictions

Tackle complex problems at scale with a trusted partner

Broadcom Software Blogs
You might also enjoy
Threat Intelligence4 Min Read

Log4j Vulnerabilities: Attack Insights

Symantec data shows variation and scope of attacks.

About the Author

Kevin Haley

Director, Symantec Security Response

Kevin Haley is responsible for ensuring the security content from Symantec’s Global Intelligence Network is actionable for its customers-including focus on education in security issues and incorporating the security content into Symantec’s enterprise products.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.