2020-10-01T07:46:00Z

Looking for alternatives to Symantec Cloud Protection Engine

I am looking for an alternative product to Symantec’s Cloud Protection Engine 8.1. I need a product that can scan uploads made by customers to our in house app.

Can anyone give recommendations of vendors/products?

SR
User with 51-200 employees
  • 6
  • 298
7
PeerSpot user
7 Answers
VK
AVP - Cyber Secuirty at Cloud4C Services
MSP
2021-06-03T04:34:08Z
Jun 3, 2021

How to secure file uploads yourself


If you do decide to implement the security yourself, these recommendations will help you avoid the 4 types of file upload attacks that were mentioned above:



  • Use a whitelist of allowed file types
    • Note: conversely, blacklisting file extensions is not recommended as there are many ways that this weak protection method can be bypassed.


  • Verify file type against the whitelist before upload

  • Use input validation to prevent the whitelist from being bypassed using the filename

  • Use input validation to prevent the metadata from being exploited. For example, remove any unnecessary metadata such as exif data from images and remove control characters from filenames and extensions.

  • Remove any unnecessary file evaluation

  • Limit the size of the filename

  • Limit the size of the file (unexpectedly small files and large files can both be used in denial of service attacks)

  • Limit the directory to which files are uploaded

  • Scan all files with antivirus software (most commonly ClamAV, an open-source AV engine, or using an API such as AttachmentScanner)

  • Name the files randomly or use a hash instead of the user’s input. This will prevent an attacker from scripting access to uploaded files using the file’s name as an attack vector.

  • Simplify error messages. Remove any directory paths and server configurations from error messages that attackers could use.

  • Check the uploaded directory to make sure the read/write/execute user permissions are correct.

  • Please try using for Malicious File Upload


  • https://cloudone.trendmicro.co... 

Search for a product comparison in Anti-Malware Tools
Eitan Greenberg - PeerSpot reviewer
VP Marketing of Sasa Software at Sasa Software
Vendor
2022-04-17T13:31:16Z
Apr 17, 2022

Check out GateScanner by Sasa Software. CDR file sanitization solutions for any kind of configuration you can possibly imagine.

CG
Consultant at Self
Real User
2022-02-17T14:37:32Z
Feb 17, 2022

I will recommend you go for a proactive solution that is based on zero trust since Uploaded documents are one of the prime sources of attacks. 


You should take a look at the CDR solution from odi-x, mind you it is not a replacement for any of your existing security solutions for the protection of your enterprise. It is specifically aimed and making sure that the documents that are uploaded are malware-free. It is on the cloud.

John Recendez - PeerSpot reviewer
Sr Customer Success Manager at IT Management Corp
User
2022-02-16T22:13:29Z
Feb 16, 2022

Look into Cloud Workload Protection & Security Posture Management: FortiCWP: https://www.fortinet.com/produ... 


Also, consider a Fortigate with Host Protection Engine.

GA
Endpoint Security Manager at Catholic Health Initiatives
Real User
2022-02-16T15:30:13Z
Feb 16, 2022

I need more context: do you scan inbound uploads to your servers/website? and is it a public upload portal?

Tarek Al-Halabi - PeerSpot reviewer
Systems Engineer at Aflak Solutions
Reseller
Top 5Leaderboard
2022-02-16T08:21:56Z
Feb 16, 2022

Data Loss Prevention: Forcepoint/DLP


Next-Gen AV: Bitdefender/Gravityzone

Learn what your peers think about ESET PROTECT Enterprise. Get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
734,678 professionals have used our research since 2012.
James OConnor - PeerSpot reviewer
Sr. Solutions Sales Executive - Commercial/Charity/Healthcare/SMB Individual Contributor at Hypertec Direct
Consultant
2021-06-02T21:51:55Z
Jun 2, 2021

Protection in depth is a strategy for defending against any type of malware or bad actors out there whatever their motivation, or internal threats (stupid people exist too) or mother nature.


I am not sure why you would get rid of Symantec's product if it is doing at least part of the job, but I will get to more of that later.  The problem most IT admin's I encounter is they are wanting, searching for or believing they have to get the one magic bullet at the price of as Free as possible.


If you knew that tomorrow, someone was going to break into your house with guns and rob you and kill everyone inside, you would pay any amount of money that you had to keep that from happening, or get out of town, move etc. sparing no cost.  If it cost you 90% of your net worth, you would think it was a bargain if it kept the other 10% and your loved ones safe.  But, we don't know when those things are happening, and we can't afford to just spend 90% of our net worth to live in Fort Knox.


SO...  What do you do...  


1) Realize that Security is a priority, and treat it as one of your top 5 business priorities.


2) Understand that 1 product will NOT meet your business security needs.


3) Get a paid security audit.  Spend the $2500 to $6000 or more depending on the number of IP's you have to check your vulnerabilities with PIN testing, and audit questionnaires.  Pay to have a review of your firewall assets and their settings as well as current security processes, password management, patch management, etc.


With a security audit, you will know where you are, from there you can decide to:


1) Fix the most important problems and create a plan for the rest.


2) Do nothing because it costs too much, and just shut it all down.


3) Do as little as possible and hope nothing happens (hope is not a strategy).

As far as getting rid of Symantec I think you must first know what their product does and does not do.  


Antivirus: Most "Antivirus" products will protect from active viruses once they try to do something "virusy" or once the software scans a specific piece of software and it fits a definition/pattern.  Antivirus is an important tool to have.  Antivirus is not a magic bullet.


Firewall: Firewalls are critical to have to keep you invisible to the rest of the internet, help stop DDoS attacks and to block certain types of traffic.  Next Generation firewalls, will actually scan the traffic as it is in motion.  Look for firewalls with deep packet inspection, virus protection, even firewalls that work in concert with the antivirus on the PC/Server.  If the PC becomes compromised with trojan malware that becomes weaponized later the firewall will detect the change and sandbox that device until it either automatically remediates the problem or you remediate the problem.


Patch Management: Patch Management tools like Configuration Manager and others will help keep the vulnerabilities down for the on-premise software.

Proper Backup Management: 3-2-1-1 Rule: 3 Copies of your Data, 2 Different Media, 1 Copy Off-Site, 1 Immutable copy (cannot be changed).


Employee Training: Training employees with proper procedures will help reduce Spear Phishing attacks.  There are a lot of tools to help train your employees to identify Phishing attacks so they are less apt to send a check to Tajikistan so the president of the company can get the latest needed hardware for the business.  There are many companies out there where you can get from free to a few thousand dollars worth of training and testing to help stop that.


I know I am missing some things, but you must think in-depth security.  Uploads from your customers to your server will likely require a segregated server, with its own hardware next-generation firewall, services turned ON and an up-to-date paid version of an Antivirus product (Symantec, Sophos, TrendMicro, ESET, Panda and others).  Oh, yea a security audit (Free for 3 IP's from one provider I know)…


Even with the best of the best product, if you don't implement it properly you will still get malware...  

Related Questions
US
Editor at PeerSpot
Sep 25, 2023
Hi, community, Why are Anti-Malware Tools important for companies? Share your thoughts with the rest of the community.
2 out of 4 answers
Ajay Kuamr - PeerSpot reviewer
Network and Computer Systems Administrator at Bahwan
Jul 30, 2023
For identify Malware: Use Strong Antivirus Schedule scan regularly Monitoring the unknown behavior Check task manager and services. Monitor network flow and browser add-ons Use online malware scanners, Inspect files and attachments For Mitigate : Isolated infected System Malware removal tools Email and web filtering Strong firewalls
TC
Content Specialist at PeerSpot
Jul 31, 2023
Anti-Malware Tools are essential for companies because: -They protect sensitive data and information from being compromised or stolen by malicious software. -They prevent malware infections that can disrupt business operations and cause financial losses. -They safeguard the company's reputation by preventing malware from spreading to customers, partners, and stakeholders. -They help maintain compliance with industry regulations and data protection laws. -They reduce the risk of downtime and productivity loss caused by malware attacks. -They provide real-time monitoring and threat detection, allowing companies to respond quickly to potential threats. -They offer automated scanning and updates, ensuring systems are constantly protected against the latest malware threats. -They help prevent unauthorized access to company networks and systems. -They assist in identifying and removing existing malware infections, minimizing the potential damage. -They contribute to a secure and trusted digital environment, indirectly fostering long-term customer confidence and loyalty.
US
Editor at PeerSpot
Aug 16, 2023
Hi, community, When evaluating Anti-Malware Tools solutions, what aspect do you think is the most important to look for? Share your thoughts with the rest of the community.
See 2 answers
TC
Content Specialist at PeerSpot
Jul 31, 2023
The most important aspects to look for when evaluating Anti-Malware Tools solutions are: -Effectiveness in detecting and removing malware, where the tool you are evaluating should have a high detection rate and be able to effectively remove various types of malware. -Real-time protection because real-time scanning and monitoring can prevent malware infections before they can cause harm. -Regular updates for the tool to keep up with the latest malware threats and ensure optimal protection. -A user-friendly interface that makes navigating and using the tool easier. -Minimal system performance impact to allow for smooth operation without slowing down the computer. -Compatibility with the operating system and other software installed on the computer. -Any additional features, such as web protection, email scanning, firewall, and ransomware protection, to enhance overall security. -Reliable customer support because that is crucial in case of any issues or queries regarding the tool. -And reputation and reviews, especially from trusted sources and users, to gauge its reliability and effectiveness.
Harish (Kumar) - PeerSpot reviewer
Cyber Security and IT Head at Aeren
Aug 16, 2023
During evaluating Network Monitoring Software solutions, focus on these key aspects: 1. Features: Ensure it offers essential monitoring, alerting, and reporting capabilities. 2. Scalability: Can handle your network's size and growth. 3. Usability: User-friendly interface for easy management. 4. Customization: Tailor alerts, dashboards, and reports to your needs. 5. Alerting: Flexible notification options for timely issue response. 6. Integration: Compatibility with existing tools and technologies. 7. Device Support: Monitors a wide range of devices and protocols. 8. Analytics: Advanced performance analysis for optimization. 9. Security: Includes access controls and compliance features. 10. Cost: Aligns with budget and scalability requirements. 11. Support: Reliable vendor reputation and support options. 12. Community: Strong user community and documentation resources. 13. Performance: Minimizes impact on network performance. 14. Future-proofing: Regular updates and alignment with industry trends.
Related Categories
Download Free Report
Download our free ESET PROTECT Enterprise Report and get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
DOWNLOAD NOW
734,678 professionals have used our research since 2012.