{"id":10713,"date":"2015-10-21T10:00:15","date_gmt":"2015-10-21T17:00:15","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=10713"},"modified":"2015-10-21T09:37:44","modified_gmt":"2015-10-21T16:37:44","slug":"back-to-the-future-you-dont-need-a-time-machine-to-prevent-previously-unknown-endpoint-threats","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2015\/10\/back-to-the-future-you-dont-need-a-time-machine-to-prevent-previously-unknown-endpoint-threats\/","title":{"rendered":"Back to the Future: You Don\u2019t Need a Time Machine to Prevent Previously Unknown Endpoint Threats"},"content":{"rendered":"<p><a href=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future.jpg\"><div style=\"max-width:100%\" data-width=\"500\"><span class=\"ar-custom\" style=\"padding-bottom:29.8%;\"><img loading=\"lazy\" decoding=\"async\"  class=\"aligncenter size-large wp-image-10718 lozad\"  data-src=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-500x149.jpg\" alt=\"back to the future\" width=\"500\" height=\"149\" srcset=\"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-500x149.jpg 500w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-230x69.jpg 230w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-510x152.jpg 510w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-134x40.jpg 134w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future.jpg 570w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/span><\/div><\/a><\/p>\n<p>Today is Back to the Future day, and the date above, as all fans of the iconic movie know, is what was programmed into the DeLorean time machine. The concept of time travel has long fascinated me, and thinking about this special day got me also thinking about how we deal with cyber threats.<!--more-->The approach to endpoint security still relied upon by most organizations has been largely unchanged for decades. That\u2019s right, signature based malware detection is very old technology. It relies on prior knowledge of a threat in order to detect and eradicate it. Even newer approaches require prior knowledge in the form of indicators of compromise (IOCs) or behavioral patterns to look for. This approach poses significant challenges when it comes to preventing security breaches. If your approach is based on detecting the fact that something bad has occurred, then how can you prevent that bad thing from happening? Do you need a time machine for that?<\/p>\n<p>It turns out our researchers here at Palo Alto Networks have solved that problem. We launched Traps about 12 months ago with the goal to redefine endpoint security by providing the much-needed ability to prevent advanced threats on the endpoint. Traps has been performing amazingly well when it comes to preventing previously unknown threats, without the need for any product updates. The reason for this is because it focuses on preventing the core techniques that are used by all exploits. And we didn\u2019t need a time machine to get there.<\/p>\n<h4>Let\u2019s examine the evidence<\/h4>\n<p><strong>Exhibit A:<\/strong><\/p>\n<p>A Traps customer in the banking industry recently reported to us that Traps successfully prevented an Adobe Flash exploit from April 2015. This, in and of itself, is not unusual because we know that Traps prevents exploitation of unpatched vulnerabilities all the time. The interesting part of this story is the version of Traps the customer was running. An early Traps customer, they still had a system running Traps v2.3.6, which was released about a year before this vulnerability and the associated exploits became known. So a version of Traps from March 2014, never updated, prevented a zero day exploit in April 2015.<\/p>\n<p><strong>Exhibit B:<\/strong><\/p>\n<p>In July 2015 a series of Adobe Flash zero day vulnerabilities were disclosed as the result of an unfortunate data breach. The public was left waiting for patches while attackers began exploiting those vulnerabilities. Even organizations that deployed every security patch immediately upon release were left vulnerable for weeks. However, those organizations running Traps were never vulnerable, regardless of whether patches were deployed. Traps simply prevented the exploit techniques leveraged by all of these exploits.<\/p>\n<p><a href=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-2.png\"><div style=\"max-width:100%\" data-width=\"500\"><span class=\"ar-custom\" style=\"padding-bottom:41.4%;\"><img loading=\"lazy\" decoding=\"async\"  class=\"aligncenter size-large wp-image-10714 lozad\"  data-src=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-2-500x207.png\" alt=\"back to the future 2\" width=\"500\" height=\"207\" srcset=\"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-2-500x207.png 500w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-2-230x95.png 230w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-2-510x212.png 510w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-2-96x40.png 96w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2015\/10\/back-to-the-future-2.png 646w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/span><\/div><\/a><\/p>\n<p style=\"text-align: center;\">Figure 1. Adobe Flash zero day timeline, July 2015<\/p>\n<p>I\u2019ll leave it to you to examine the evidence and make your own conclusions. Is the technology that underlies Traps fundamentally powerful and innovative? Or does someone on our R&amp;D team have a DeLorean in the garage? Either way, Traps is redefining the endpoint protection market by enabling organizations to truly prevent unknown exploits and malware.<\/p>\n<p>To learn more about Traps, visit our <a href=\"https:\/\/www.paloaltonetworks.com\/products\/endpoint-security.html\">resources page<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today is Back to the Future day, and the date above, as all fans of the iconic movie know, is what was programmed into the DeLorean time machine. The concept of time &hellip;<\/p>\n","protected":false},"author":95,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[598],"tags":[1208,1526,1527,778],"coauthors":[828],"class_list":["post-10713","post","type-post","status-publish","format-standard","hentry","category-endpoint-2","tag-adobe-flash","tag-back-to-the-future","tag-exploit","tag-traps"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/10713","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/95"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=10713"}],"version-history":[{"count":1,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/10713\/revisions"}],"predecessor-version":[{"id":10719,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/10713\/revisions\/10719"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=10713"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=10713"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=10713"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=10713"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}