WatchGuard WGT80173 software license/upgrade 1 license(s) Subscription 3 year(s)

An Advanced Persistent Threat (APT) attack is a type of network attack that uses advanced malware and zero-day exploits to get access to networks and confidential data over extended periods of time. APT attacks are highly sophisticated and often target specific, high-profile institutions, such as government or financial-sector companies. Use of this advanced malware has also expanded to target smaller networks and lower-profile organizations.\nBecause APT attacks use the latest targeted malware techniques and zero-day exploits (flaws that software vendors have not yet discovered or fixed) to infect and spread within a network, traditional signature-based scan techniques do not provide adequate protection against these threats. APT malware is designed to reside within a network for an extended period of time. The communication from the malware is hidden, and all evidence of the presence of the malware is removed, which allows it to evade detection.\nAPT Blocker is a subscription service that uses full-system emulation analysis to identify the characteristics and behavior of APT malware in files and email attachments that enter your network. APT Blocker does not use signatures like other traditional scanners, such as antivirus programs. Files that enter your network are scanned and an MD5 hash of the file is generated. This MD5 hash is submitted to the APT Blocker cloud-based data center over HTTPS. APT Blocker compares the file to a database of analyzed files and immediately returns the scan results. If the analysis finds a match to a known malware threat, you can take immediate action on the file, such as to block, drop, or quarantine the file. Results of the file analysis are stored in a local cache so that if that same file is processed again, the results are known immediately without the need to send the MD5 hash of the file to the data center again.