Blue Coat Enhances Its Security Intelligence Platform

By Sean Michael Kerner  |  Posted 2015-03-24 Print this article Print
security intelligence

Multiple sources of security intelligence, including technology assets acquired from Norman Shark and Solera Networks, are now integrated into Blue Coat's portfolio.

Blue Coat today announced its expanded Global Intelligence Network, a cloud-based platform that works with the company's software and hardware product portfolio. The platform incorporates technologies that Blue Coat gained through the acquisitions of Solera Networks and Norman Shark.

The expanded platform announcement comes two weeks after Blue Coat announced that it was being acquired by Bain Capital for $2.4 billion.

"What we have done now is fully integrated our security intelligence to share information, not just known bad items," Michael Fey, president and COO at Blue Coat, told eWEEK. "We're sharing what we see across our platform so we can understand things better."

As an analogy, Fey said that Blue Coat previously would have shared the equivalent of the FBI's Most Wanted list. With the expanded platform, what Blue Coat is now sharing is what the bad actors are actually doing. For example, Fey explained that with the new intelligence capabilities, Blue Coat has been able to determine that a common set of stock images were being used by a bad actor. That intelligence was then employed to protect users, even before the attacker was able to attempt to deploy malicious code.

"In the past, where we would have to provide caveats as to which Blue Coat system connects or doesn't connect to the threat intelligence platform, now the entire portfolio can connect to it, as it logically fits," Fey said.

The Blue Coat portfolio spans both paying enterprise users, as well as consumers that benefit from the free K9 Web protection software. Fey said that he likes the K9 user footprint as it's a good source of validation for information beyond just enterprise users.

In 2013, Blue Coat acquired anti-malware firm Norman Shark as well as big data security analytics vendor Solera Networks. Technologies from both acquisitions are now fully integrated in the Blue Coat Global Intelligence Network.

"The Norman Shark engine has a sandbox and the ability to deconstruct malware to understand what it is doing," Fey said. "That's a source for a lot of the threat data we are now sharing."

With the Norman Shark technology, Fey explained that Blue Coat gets increased visibility into malware operations, beyond just making a decision about whether to block an application or a process.  He added that Blue Coat is now learning from the malware it analyzes to help defend its customers, against attacks.

While Blue Coat has its own technology assets, it also works in partnership with other vendors, including Lastline, to enable even more threat detection capabilities.  Blue Coat's Content Analysis System (CAS) enables the use of any inspection tool that an organization wants to use, as part of a broader defense-in-depth strategy.

"Our partners and our competitors can plug into CAS," Fey said. "So when you use a Blue Coat device, it can funnel off any suspicious activity to a series of partners to review."

Looking ahead, Blue Coat is set to accelerate its plans for growth over the course of this year, thanks in part to its acquisition by Bain Capital. "Bain acquired us not to change direction but to accelerate it," Fey said.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.



Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel