In August 2016 Palo Alto Networks (PAN) announced Traps advanced endpoint protection version 3.4 and the reception has been extremely positive. PAN currently have over 500 Traps customers, and continue to see rapid uptake. As part of their continued discussion of v3.4, let’s zoom in on two very important compliance use cases, one involving PCI, and the other involving healthcare environments.
The below has been produced by PAN.
The Widely Acknowledged Legacy AV Problem
Given the frustrations customers have shared with us about trying to stop threats with their existing, legacy corporate desktop AV (this is a mouthful, so we’ll simply refer to these solutions as “legacy AV”), the positive reception for Traps was not surprising. Based on our threat intelligence data,* six mainstream AV vendor scanners typically will detect only around 38 percent of malware that is discovered by our WildFire threat analysis service which is natively integrated with our Traps solution. Recently, one of our customers shared that it had multiple team members to manage its legacy AV solution and needed extra team members just to handle remediation.
This is why our latest release of Traps, v3.4, is so exciting because with new capabilities, such as local static analysis, trusted publisher identification, and remediation capabilities (including quarantine), we are confident organizations can replace their legacy AV with Traps v3.4. (For a more complete list of the new capabilities in v3.4, check out the announcement blog post.)
Replacement Needs Beyond Technology
The gap in protection left by legacy AV has seen an explosion of startups offering point products claiming to be more effective and offer more protection than legacy AV. But based on customer conversations, the challenges of replacing legacy AV go beyond just technology. A common question we hear is, “when we replace our existing legacy AV with your Traps Advanced Endpoint Protection solution, will we remain in compliance with certain regulatory standards?” The standards most often requested by our customers were the Payment Card Industry Data Security Standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA).
To remove this objection for customers and provide further differentiation from a number of new point product vendors, we sought out and partnered with Coalfire Systems, a global technology leader in cyber risk management and compliance services for private enterprises and government organizations. Coalfire put Traps through rigorous testing in their labs to ensure it met or surpassed key security standards requirements or rules so customers could be confident that, when they chose to replace their legacy AV with Traps, they would remain in compliance with either the PCI DSS or HIPAA standard.
We’re pleased to make both Coalfire reports available at links that follow. And please read on for excerpts of Coalfire’s assessments:
PCI DSS: It’s Coalfire’s determination that an organization who was using a traditional AV to remain PCI DSS compliant can confidently replace that solution with Traps and remain compliant… Traps solution also helps organizations with various PCI requirements such as ensuring anti-virus mechanisms are enabled and maintained, not only meeting the requirement in many study cases, but often exceeding it when compared to industry standard solutions available.
HIPAA: The Traps Advanced Endpoint Protection solution meets the requirements of HIPAA rule 164.308(a)(5)(ii)(B) and can be used in PHI environments allowing a customer to satisfy and exceed HIPAA HITECH compliance requirements for protection from malicious software.
Ready to get started with Traps in your environment?
Learn how to protect yourself from legacy AV.
Attend our webinar on October 25: Attain PCI Compliance without AV
* Average monthly values as of January 2016. Source: Palo Alto Networks WildFire and Multi-Scanner
View the original blog post by Dal Gemmell
October 4, 2016 at 5:00 AM