July 23, 2020

Shining the Light on Forcepoint Advanced Classification Engine (ACE)

Carl Leonard Principal Security Analyst

Did you know that Forcepoint Advanced Classification Engine (ACE) is a modern, purpose-built suite of cyber threat prevention and detection analytics that underpin the threat intelligence capabilities of your Forcepoint web, email, network security and data loss prevention products?

ACE supports Forcepoint’s human-centric approach to cybersecurity by providing detailed, real-time categorization of content to enable a rich picture of the context surrounding cyber behavior and thus, more accurate determinations of risk.

The creation and evolution of ACE by the Forcepoint X-Labs team started more than a decade ago. This tried and trusted technology protects you, our customers, from threats across multiple attack vectors with a set of eight defense assessment areas.

Here's a diagram that shows those attack vectors (and how we protect against them) in more detail:

Malware, phishing, spam and other risks are handled by the following:

  • Real-Time Security Classification. Inspects all traffic content for malicious or suspicious code such as obfuscated scripts and iframe tags.
  • Real-Time Content Classification. Employs advanced machine learning to quickly and accurately classify web pages for effective access filtering.
  • URL Classification. Applies current classification information for known web pages, and assesses new pages and links based on associated sites and redirections.
  • Behavioral Sandboxing. Protects against the most advanced threats using full system emulation. See Forcepoint AMD.
  • Anti-Malware Engines. Applies state-of-the-art anti-malware protection.
  • Anti-Spam/Anti-Phishing Engines. Provides proactive protection against spam and phishing campaigns.
  • Reputation Analysis. Reputation databases identify web and email traffic from untrustworthy sources.
  • Real-Time Data Classification. Classifies structured and unstructured data to address outbound data theft.

As you can see ACE is modular by design allowing the X-Labs team to add, swap and tune as the threat landscape evolves. It is no accident that the assessment areas are combined in the way they are and how they work together – it is this system and this approach that allows us to protect from the latest threats as well as those that are well-known.

ThreatSeeker Intelligence

ACE is “fed” by the telemetry aggregated by Forcepoint ThreatSeeker Intelligence. Billions of requests per day are processed and analyzed to uncover new trends and to monitor efficacy.

Interested in knowing more about ACE and ThreatSeeker Intelligence?

For more detail please view the Solution Brief “Forcepoint Advanced Classification Engine (ACE)”.

Carl Leonard

Principal Security Analyst

Carl Leonard is a Principal Security Analyst within Forcepoint X-Labs. He is responsible for enhancing threat protection and threat monitoring technologies at Forcepoint, in collaboration with the company’s global Labs teams. Focusing on protecting companies against the latest cyberattacks that...

Read more articles by Carl Leonard

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.