Webinar Recording - "It's not IF, but WHEN: Preparing for a Data Security Breach"

Last week we ran a webinar with Alex Shoykhet, Viewfinity VP of Product Management, "It's not IF, but When: Preparing for a Data Security Breach". The webinar was a 20 minute discussion on endpoint security, taken phase-by-phase, and tied back to the threat management principles: prevention, detection, response, and remediation.

Here is a link to the webinar recording, in case you missed it the first time around. We promise, it's worth your time.

http://www.viewfinity.com//vfadmin/ContentRepository/WebCasts/It%20is%20not%20IF%20but%20WHEN.wmv



What we learned at Black Hat 2015: Technology, The Best Swag, and More

With all the buzz of Black Hat USA winding down it’s great to be able to sort through all of the recaps and get a solid picture of the hottest things going on at the show.

Here’s a link to an article on the Top 10 Best Security Swag at Black Hat 2015... because who doesn’t love SWAG! We love seeing all of the clever giveaways out there. Did anyone get a chance to get one of our magnifying glasses before they ran out?


Of course, the main focus of the show is to share and learn about innovative technologies in the security space. It’s amazing to see at shows like Black Hat, just how many approaches there are to cybersecurity. That being said, discussions at our booth were around prevention, detection, response and remediation.  Some folks were more focus on certain areas than others, but many wanted to talk about this entire security chain. 

With all of this discussion flooding our booth we decided we ought to run a webinar, because chances are everyone else is wondering the same things.

The webinar, “It’s not IF but When”, will run on Wednesday, August 19th at 1:00pm EDT.

REGISTER NOW

Here is a quick rundown of the webinar, it’s definitely worth attending if you have the time; and if you don’t we’ll send out recordings to all registrants after the event.

“It’s not IF but WHEN” seems to be today’s mantra when it comes to security breaches. Which leads to the next refrain PREVENT – DETECT – RESPOND – REMEDIATE.

Is it all talk and no action? Not at all.

Attend this accelerated 20 minute live webcast event that will discuss endpoint security, phase-by-phase, tied back to the threat management principles: prevention, detection, response, and remediation.

Don’t miss it!

Viewfinity Receives 4-Star Rating from PC Magazine Product Review

Technology editor Wayne Rash took the Viewfinity Privilege Management software for a test drive and summed up his findings in a product review published in PC Magazine.  The review is comprehensive and represents the product fairly, earning 4 out of 5 stars with an editor’s rating of “Excellent”. 

The information presented digs into the details of the Viewfinity Privilege Management solution.  The testing was performed via Viewfinity’s SaaS-based platform and walks the reader through a step-by-step approach to how a project to remove admin rights and then manage privilege elevation needs would be approached.

While the review is easy to follow and provides just the proper amount of detail to get a good overview and feel for the solution, what is stressed more importantly by this technology expert is the fact that organizations should be paying attention to the local admin rights security loophole.  It’s been said over and over by many security experts that removing local admin rights from your end users is one of the most important ways to reduce the attack surface.

The most common pathway to a data breach by far is the misuse of administrative rights on a company data system. Normally this happens in either of two ways: The first way is by stealing the credentials of someone with administrative rights and the second way is by elevating the rights of an existing user. Once either is accomplished, the data theft is often carried out by inserting a background application that siphons off critical data and sends it to the criminals who want it. Viewfinity Privilege Management and Application Control ($20 per user per year) cloud-based services aim to prevent both of those scenarios.
 

You can read the full review here.



Black Hat Attendees - Know the full timeline of events tied to the activity of a malicious file

Join Viewfinity this week at Black Hat (Booth #764) to learn how Viewfinity uses powerful File History and Forensics to help organizations understand exactly WHEN a malware was introduced into your environment.


It is vital to know, in real-time, what applications are installing and running in your server and endpoint environment in order to trace a breach. If you won't be at the show, you can schedule a private demo at your convenience.

Black Hat Attendees - Determine points of origin for malicious applications with Viewfinity

Join Viewfinity next week at Black Hat (Booth #764) to learn how Viewfinity uses powerful File History and Forensics to help organizations understand exactly WHERE an application on our servers or endpoints originated from?


It is vital to know, in real-time, what applications are installing and running in your server and endpoint environment in order to trace a breach. If you won't be at the show, you can schedule a private demo at your convenience.

Black Hat Attendees - Understand a malicious applications propagation path with Viewfinity

Join Viewfinity next week at Black Hat (Booth #764) to learn how Viewfinity uses powerful File History and Forensics to help organizations understand exactly WHAT propagation path a malicious application took, once inside your environment.


It is vital to know, in real-time, what applications are installing and running in your server and endpoint environment in order to trace a breach. If you won't be at the show, you can schedule a private demo at your convenience.

Black Hat Attendees - Identify who downloaded a malicious application with Viewfinity

Join Viewfinity next week at Black Hat (Booth #764) to learn how Viewfinity uses powerful File History and Forensics to help organizations understand exactly WHO performed the initial installation of a malicious file.


It is vital to know, in real-time, what applications are installing and running in your server and endpoint environment in order to trace a breach. If you won't be at the show, you can schedule a private demo at your convenience.


Cybersecurity Insurance Driving Enterprise Purchase Decisions and Implementations


More and more we are seeing that the need for Cybersecurity insurance, and other contingency plans, are driving how organizations view and consume cyber security tools. Cybersecurity insurance providers need to see that organizations are doing their due diligence in order to protect the assets and privacy of their company, customers and other stake holders.

Todd Bell of Enterprise Tech recently published an article, Getting Cybersecurity Insurance After a Breach, outlining the struggles that organizations can face if they fail to take the necessary steps to protect themselves and their assets before a breach occurs.  Pretty serious challenges - it’s worth a read for anyone looking to better understand what they might be up against.

As a place to start, Viewfinity offers a complimentary tool which can provide a baseline for organizations to audit their endpoint security posture in regards to who has local administrator rights.  The Viewfinity Local Admin Discovery is a free tool that allows you to discover user accounts and groups that are members of the local “Administrators” built-in user group on computers in your Windows domain.


Sign up here to schedule your session


If you have removed admin rights from the majority of your end users, you can use this information provided in our tool as proof that you have closed down this security loophole that hackers use regularly to penetrate an infrastructure.

On a larger scale, Viewfinity enables organizations to approach cybersecurity with a 1-2 punch; Application Control with the ability to remove and manage admin rights, from a single agent. Both of these capabilities are vital to avoiding cybersecurity vulnerabilities and loopholes that serve as access points for hackers, Advanced Persistent Threats (APTs), and sophisticated Zero-day attacks. Not to mention, these tools offer the necessary capabilities to satisfy cybersecurity insurance providers and potentially even reduce cybersecurity insurance premiums.

Upcoming Webinar: 30-day Cyber Security Sprint - Not Just for the Government

We've been keeping you up to date on the OPM government data breach over the past few weeks, including information about the Federal CIO's mandated 30-day Cyber Security Sprint. However, it's important to understand that this initiative can benefit and apply to all organizations, regardless of industry.

This week we're running a 30 minute webinar dedicated to spreading awareness for this initiative; attendees will learn first hand how they can begin implementing some of the suggested tactics, within their organization, in order to improve their cyber security posture. Full details of the webinar are below:

Join us for a webinar on July 23, 2015 at 11:30AM EDT

30-day Cyber Security Sprint - Not Just for the Government

Register now!

On June 12th, US federal government CIO Tony Scott launched a government-wide Cyber Security Sprint, giving agencies 30 days to shore up their systems. The guidelines outlined in the 30-day cyber security sprint make sense for all industries, not just the US federal government.

There are two important elements on the list that Viewfinity can help with in regard to improved cyber security:

  1. Controlling, Containing, and Recovering from Incidents: Contain malware proliferation, privilege escalation, and lateral movement. Quickly identify and resolve events and incidents.
  2. Reducing Attack Surfaces

Join our 30 minute webinar focused on explaining the various methods by which the Viewfinity software addresses these security measures. Topics to be addressed include:

  • Removing administrator rights and managing privilege elevation needs through policies
  • Application Control, Monitoring and Forensics providing threat detection and response
  • Mitigating Pass the Hash tactics that harvest local admin credentials in an attack
  • Protecting against Cryptolocker

Leading Analyst Firm “Cool” Report Still Leans on IT Security Fundamentals

A leading analyst firm recently published a report highlighting emerging technology companies in security infrastructure protection that offer innovative solutions to tackling IT security challenges.  While the technologies are intriguing, what is also interesting is that the analysts continue to address the common attack loopholes.  So while there is cool new technology, the importance of adhering to IT security fundamentals like removing local admin rights and understanding endpoint vulnerabilities continues to offer solid security.

One such citing was “the most common attack vector that hackers use across enterprises and sectors is dumping malware on a user's endpoint…” and “code is typically reused for initial exploits, establishing a foothold, and escalating privileges and moving laterally through the target victim organization.”

Even with all the emerging technology available, analysts are still bringing fundamental IT security concerns to the attention of CISOs! 

This is why we stress the importance of being informed about all technology.  You can learn more about Viewfinity’s here.  

Viewfinity offers endpoint security technology that eliminates risks exposed due to excessive administrative privileges and allowing unclassified applications to run unmonitored.  We shut down a hackers ability to use pass-the-hash to steal user credentials because no user has administrative privileges on the endpoint, effectively closing off this extremely vulnerable security loophole.