Shining the Light on Forcepoint Advanced Classification Engine (ACE)

The creation and evolution of ACE by the Forcepoint X-Labs team started more than a decade ago. This tried and trusted technology protects you, our customers, from threats across multiple attack vectors with a set of eight defense assessment areas.

ACE supports Forcepoint’s human-centric approach to cybersecurity by providing detailed, real-time categorization of content to enable a rich picture of the context surrounding cyber behavior and thus, more accurate determinations of risk.

Here’s a diagram that shows those attack vectors (and how we protect against them) in more detail:

  • Real-Time Security Classification. Inspects all traffic content for malicious or suspicious code such as obfuscated scripts and iframe tags.
  • Real-Time Content Classification. Employs advanced machine learning to quickly and accurately classify web pages for effective access filtering.
  • URL Classification. Applies current classification information for known web pages, and assesses new pages and links based on associated sites and redirections.
  • Behavioral Sandboxing. Protects against the most advanced threats using full system emulation. See Forcepoint AMD.
  • Anti-Malware Engines. Applies state-of-the-art anti-malware protection.
  • Anti-Spam/Anti-Phishing Engines. Provides proactive protection against spam and phishing campaigns.
  • Reputation Analysis. Reputation databases identify web and email traffic from untrustworthy sources.
  • Real-Time Data Classification. Classifies structured and unstructured data to address outbound data theft.

As you can see ACE is modular by design allowing the X-Labs team to add, swap and tune as the threat landscape evolves. It is no accident that the assessment areas are combined in the way they are and how they work together – it is this system and this approach that allows us to protect from the latest threats as well as those that are well-known.

Malware, phishing, spam and other risks are handled by the following:

ACE is “fed” by the telemetry aggregated by Forcepoint ThreatSeeker Intelligence. Billions of requests per day are processed and analyzed to uncover new trends and to monitor efficacy.

ThreatSeeker Intelligence

For more detail please view the Solution Brief “Forcepoint Advanced Classification Engine (ACE)” accessible via the Resources section of our website.  For your convenience the “Read the Report” link above will take you straight there.

Interested in knowing more about ACE and ThreatSeeker Intelligence?

This post was first first published on Forcepoint website by Carl Leonard. You can view it by clicking here