1

Like the question says, is it the naming difference only or are they entirely different?

Regmi
  • 115
  • 6

1 Answers1

4

Advanced Persistent Threats (APT) describes actual threats. Depending on who you talk to and the context these are sophisticated and targeted attacks by advanced actors with lots of money like states or criminal organisations - or simply anything which is more complex than what basic firewalls and antivirus products could detect (like in "it wasn't our fault since it was an APT attack" when you did not care enough to secure the network). Thus "Anti-APT" likely refers to defending against these specific advanced threats.

Advanced Threat Protection (ATP) describes protections against threats. It is a marketing term like "Next Generation firewall" which should highlight the ability of an analysis system to be somehow better (i.e. "advanced") in detecting and preventing threats than "traditional" systems. Expectations are that it will not detect just the "average" attacks but "more". What exactly this "more" and "better" consists of is not clearly defined but it often involves some more buzzwords like using artificial intelligence to detect threats or cloud based threat intelligence.

The similarity in the abbreviation between APT und ATP might be accidental but the association it creates in the consumer is probably welcome by the marketing department of the vendor. But only few vendors explicitly claim that ATP is actually able to detect APT. But it is likely that if you want to actually detect ATP (i.e. "Anti-APT") that "traditional" network security like simple stateful firewalls and antivirus is not sufficient. Solutions claiming to be ATP are probably more useful but might not be sufficient too - depending on what these solutions actually do (instead of how they are marketed) and how you interpret the term APT for yourself.

Regmi
  • 115
  • 6
Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424