Which Extra Protection Layers Does Symantec Endpoint Protection 14 Advance Machine Learning Offers?
Symantec’s prospering Endpoint Protection product’s latest major release v14 comes with all new feature : Advance Machine Learning (AML). As we observe, business facing cyberattacks every moment in all around of the world. When we look at the type of these attacks ; variations, modifications and evolutions can be seen easily.
Security software vendor’s represent their products with alternative solutions. Also, like any other antivirus, SEP 14, brings classical signature based protection into play however its not effective for different type of malwares as old days. Because of that Symantec develop, test and release breakthrough technologies to the customers. Among of them , AML engine change the perspective about war against cyber threats .
AML detect malware in pre-execution phase, by means of this huge amounts of attacks can be terminated without reaching out of our local. The AML engine is has a close relationship with the Symantec real-time cloud-based threat intelligence , even we can state that , they are co-working. What does it mean ? To clarify , without cloud-based threat intelligence , AML could cause to many false positives and false negatives.
Machine learning uses some algorithms to give decisions about new coming file instances. Briefly, the ML process follow these steps ;
-
Build a predictive model ; feed model with known good and bad files
-
Gain experience to model ; use train set data
-
As a final step predictive model receive real data and give decision if it’s good or bad with lower false positive rate
To have a greater idea of “How AML is working ?”, we can take a closer look to the process model shown below ;
AML definitions are being available as other Symantec virus definitions and delivered with antivirus engine using Live , .jdb file .etc.