Cloud APP: Advanced threat and data protection
Trend Micro Cloud App Security
Trend Micro Cloud App Security is a new product which protects Office 365 email and file sharing.
It uses advanced techniques to detect threats including:
Document exploit detection
(aka. Advanced Threat Scan Engine, ATSE) – looks for malware hidden in office files (more later in the presentation)
Web reputation
examines URLs both in the body of email and within attachments (criminals are now sending phishing emails with a URL in the attachment to bypass security filters which only look at URLs in the message body)
True filetype blocking
looks at header information instead of just the file extension (criminals can change an .exe file to .jpg to fool the built-in file blocking within Office 365)
Sandbox malware analysis
opens suspicious files in a virtual sandbox to observe actual behavior to find zero-day malware (i.e. malware which has never been seen before and not caught with pattern matching techniques)
Cloud App Security is completely delivered as a cloud service to protect Exchange Online, SharePoint Online, and OneDrive for Business, and integrates directly with Office 365 using API’s.