Top 8 Advanced Threat Protection (ATP) Tools

Palo Alto Networks WildFirePalo Alto Networks VM-SeriesRSA NetWitness Logs and Packets (RSA SIEM)Check Point SandBlast NetworkFortinet FortiSandboxSymantec Advanced Threat ProtectionSonicWall Capture Advanced Threat ProtectionFireEye Network Security
  1. leader badge
    Remote access is excellent.The solution is completely integrated with all the other Palo Alto products. I think that it is the best part for endpoint protection. The firewall features include URL and DNS filtering, threat protection, and antivirus.
  2. leader badge
    The initial setup was straightforward. Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. 
  3. Find out what your peers are saying about Palo Alto Networks, RSA, Check Point and others in Advanced Threat Protection (ATP). Updated: June 2021.
    522,281 professionals have used our research since 2012.
  4. The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs.
  5. The sandbox is able to scan files without adding a delay or compromising productivity.Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us.
  6. Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox
  7. The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration.
  8. report
    Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
    522,281 professionals have used our research since 2012.
  9. It also has an easy configuration. The feedback that we get from our customers is that it's a good product. Provides good protection and security.
  10. I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went.

Advice From The Community

Read answers to top Advanced Threat Protection (ATP) questions. 522,281 professionals have gotten help from our community of experts.
What steps should businesses take to assess and improve their security posture? What tools would you recommend for this purpose?
author avatarNorman Freitag

Awareness Awareness and Awareness, the Problem is the Head.

True story, issues take place on the senior lvl (Open USB Port, no Clean Desk Policy, etc.)

Afterwards "we" (the working lvl) can talk about trainings and SW/HW Solutions.

So first is that security means not only buying a SIEM or ISMS Monitrin, its a mindset.

Some sort of taking care for the company like taking care for your family :)

author avatarRicardoGranados (Ingram Micro Inc.)
Real User

You must perform a vulnerability assessment on all your devices, for example with Tenable Vulnerability Management. Then you must remedy the critical and high vulnerabilities.

author avatarShaik Sayeed
Real User

Always evolving your technologies with security threats and trends is needed , similarly user awareness of security is a key . As an IT person with a limited budget of SMB organization they should opt for UTM (NGFW) , better endpoint with EDR,ATP and email security . An enterprise should be always ready for any targeted or rogue attacks hence a defence in layers is required , firewall, network layer ATP (sandboxing), Email with zero day attack intelligence, device controls, EDR and EPP , WAF for web servers and an honeypot to trap and known the threat vectors for their organization. 

author avatarVishalGilatar
Real User

No matter what tool you used, we can't stop all the threats. 

We need 360 degree visibility and need to categorise the risk factor and work continuously to improvise on enhancing security posture. There are end number of tools available depending on the risk factor   

author avatarManoj Nair
Real User

1. People buy - very important - it's not the technology adopted but the mindset and willingness of the people.

2. Choose your technology based on actual need and available budget.

3. Ensure that all possible exposure points are covered in your defense mechanism - laptops, server, firewalls, VPN - all are exposure points. 

4. At the time of final design consider the threat landscape you are in and what all factors are contributory to it - your industry type and technology used, the endpoints involved, the type of people who are using these endpoints 

The product and technology you finally choose AFTER you answer these basic questions will define your future defense mechanism as this will be the start point of your company's defense mechanism and its future evolution.

author avatarSimonClark
Real User

The question is very broad as it depends on what industry you are in and if you are B2B or B2C and how transactional your website is. Ideally, you should request a cyber security consultant to provide some advice.

My priority would be to request a comprehensive IT & Risk Assessment. Small MSP's can perform these at very affordable prices and sometimes credit the fee back if you subsequently buy other products and services from them.

A good IT & Risk assessment will provide you with visibility of everything attached to your network(s) and a thorough analysis of each of them. One of the biggest threats to an organisation is leaving servers and applications on old versions of software - patching. That is what criminals are looking for as an easy route into your company. The second threat is poor password management. A good assessment will notify you about devices you didn't know you even had and their patch status. It will also notify you of users with passwords that need to be reset and their login history of all the systems they have access to. We sometimes find credentials of employees who left the company months ago are still being used to login to critical systems - That is a big alarm bell!

If you are considering a penetration test (pen test) - great, but have a network assessment first and clean up all the easy stuff so that the pen testers have to work hard for their money.

The contributors to this article who talked about staff being the weakest link are correct. Email phish simulation and training can cost as little as $1.5 per person per week. Over a fairly short time, it makes a massive difference to the likelihood of an attack getting into your company. MSP's that provide assessments usually offer a staff awareness platform too. Staff benefits from vital cyber skills in their personal lives too.

author avatarreviewer1406157 (Deputy Technical Manager (SOC Operations) at a tech services company with 1,001-5,000 employees)
Real User

People are the weakest link in security so frequent awareness training is a must. 

The top management needs to understand the implications of data/security breaches and also understand that they also need to comply with security policies. Form a TI team for detailed information on what threats are most likely to affect the organization/industry, and indicators to help prevent and detect more attacks. 

author avatarreviewer1327503 (Infrastructure Team Lead at a comms service provider with 1,001-5,000 employees)
Real User

Training & awareness to the insider, understand the risk involved and have mitigation plans. 

The recommended tools are APT Patch Management tools and Content filtering.

See more Advanced Threat Protection (ATP) questions »
Find out what your peers are saying about Palo Alto Networks, RSA, Check Point and others in Advanced Threat Protection (ATP). Updated: June 2021.
522,281 professionals have used our research since 2012.