Free shipping on orders above EUR 200 excluding taxes
Even the most sophisticated attack prevention systems can’t stop everything. When attackers get through, you need to know right away, so you can limit the harm. The only way you can know is to deploy technology that detects when attackers have bypassed these systems.
Proofpoint ET Pro Ruleset is a timely and accurate rule set for detecting and blocking advanced threats. ET Pro Ruleset is updated daily. It covers malware delivery, command and control, attack spread, in-the-wild exploits and vulnerabilities, and credential phishing. It also detects and blocks distributed denial-of-service attacks (DDoS), protocol and application anomalies, exploit kits, and supervisory control and data acquisition (SCADA) attacks.
• Stay on top of the dynamic threat landscape with daily rule updates
• Block attacks and campaigns before they do harm
• Increase the return on investment of your network security with rules that focus on malware and are easy to consume
• Enforce security policies based on threat categories that matter to you
• Improve fidelity, and reduce false positives from existing IDS, IPS and NGFW
• Available in Suricata and Snort IDS and IPS format
Cyber criminals with many different motives launch today’s advanced attacks with increasing frequency. Some focus on making a profit. Some engage in espionage. The tools they use in these attacks have things in common. But each campaign uses botnets, proxies, attack vectors and command and control systems in a unique way. This makes it nearly impossible to keep pace with changes in the threat landscape.
That’s where Proofpoint comes in. ET Pro Ruleset signature writing is based on real-world threats that surface every day.
Security teams have few good options for network detection rules. For ET Pro Ruleset, we leverage our massive international malware exchange, an automated virtualization and our bare metal sandbox environment. In addition, we take advantage of our global sensor network and over a decade of antievasion and threat intelligence experience. ET signature writers also contribute to other Proofpoint products, such as Email Protection and TAP. And this helps us identify threats from other vectors, such as mobile, social, cloud applications, abuse mailboxes and more. That means we have ET Pro Ruleset coverage for all of these.
Email is the primary attack vector. But not all threats come in through corporate email. Some are web-based attacks, personal email or social media attacks, and lateral network spread. Also, there are supply chain attacks and attacks against applications on servers. ET Pro Ruleset helps with all of these.
The five requirements for quality network-based detection are:
1. Early access to the latest malware samples from around the world, a global network of intrusion detection system (IDS) sensors, and access to the latest attacks.
2. An automated sandbox environment that can evaluate millions of new malware samples every day and capture the network behavior that follows.
3. Detecting how a compromised organization interacts with attackers’ command and control systems.
4. A commitment to writing and testing accurate detection signatures to reduce false positives.
5. Daily updates.
ET Pro Ruleset delivers on all five.