Viewfinity and Checkpoint – Better Together

Earlier this spring Viewfinity announced our latest network security integration, this time with Check Point Anti-bot Blade. This integration brings the ability to remediate threats across all endpoints within a network, something previously impossible. The advanced remediation, successful due to this integration, allows Viewfinity to provide a full circle threat management solution which can also reduce costs by eliminating the need to reimage infected computers.

We’re running a 20 minute sneak preview demo on Thursday 5/14 – reserve your seat today.

Here’s a quick overview of how the collaboration works to accelerate remediation within any network:



If you’d like to learn more, be sure to attend our 20 minute demo.

Viewfinity Makes the List – 35 Companies Solidifying Massachusetts as a Cyber Security Hub

Cyber Security Ventures, a R&D firm out of Silicon Valley just released its latest report on the top cyber security firms around the world. Not only did Viewfinity make the list, it landed itself in the top 3rd of companies, and in the top 20 for Massachusetts.

Learn more about what landed Viewfinity on the list.

Viewfinity, along with 34 other innovative companies have made the Boston-area the 3rd largest cyber security hub in the US, just behind Virginia and California, respectively.

On their website Cyber Security Ventures explains a bit more about this list,

“The Cybersecurity industry is growing from $71 Billion in 2014 to $155+ Billion in 2019, according to consolidated estimates by IT research firms and analysts cited in the Cybersecurity Market Report, published quarterly by Cybersecurity Ventures. There are many new entrants as well as M&A, investment and IPO activity, that is constantly changing the vendor and service provider landscape. The Cybersecurity 500 creates awareness and recognition for the most innovative cybersecurity companies – ranging from the largest and most recognizable brands, to VC backed start-ups and emerging players, to small firms with potentially game-changing technologies, to solution providers poised for growth around productized or vertically focused services.”

Viewfinity is thrilled to be announced as one of the top global cyber security firms, especially in the wake of our latest product innovations. Viewfinity offers advanced endpoint protection that focuses on lessening the impact of IT security breaches before, during, and after an attack. Our core capabilities aim to reduce the attack surface and proactively deter advanced persistent threats by:

1.       Managing administrative rights once local admin rights have been removed from users machines

2.       Monitoring and controlling all applications being installed or run within an environment (can be used as a precursor to default deny)

3.       Accelerated detection, incident response, and remediation efforts via threat management capabilities that collaborate with network security sandboxes and firewalls, reputation database services, and SIEM.

RSA Recap – Pescatore Proves Data Breach Prevention Possible

Year after year RSA has no trouble creating buzz, as industry experts share knowledge and innovations related to IT security theories, trends and facts. However, above and beyond this year, a favorite story comes from John Pescatore of the SANS Institute. In the wake of so many data breaches over the past few years, organizations are losing faith in the ability to stop these infiltrations. Despite the pessimison, at RSA John Pescatore explained, measure by measure, that data breach prevention is possible and that organizations should not give up.

During his talk, Pescatore stressed the importance of having a strong security portfolio which takes on security from various angles. He used real-life examples of organizations who have been able to successfully prevent data breaches using a multitude of approaches.

One of the organizations which Pescatore featured in his talk was the Australian Government’s Department of Defense. According to Pescatore, this governing body was able to realize a number of measurable reductions in “the rate of successful malware execution by nearly two-thirds by layering three security technologies” (Shea, 2015). These three security technologies included Application Whitelisting, adding least privilege users access, and OS patch management.

Here is a quick breakdown on the results which they saw:



We’ve long been speaking about the top 4 mitigation strategies that the Australian Government has been implementing for a long time now, and it’s great to see that they have realized some strong measurable results. Clearly a layered security approach which handles management of both users and applications is a key factor in preventing these data breaches.

Viewfinity offers the only solution to combine the strength of both privilege management and application control within the architectural integrity of one single agent. If you’d like to find out more, join us on Tuesday, April 28th at 2pm ET for a live webcast event: Advanced Endpoint Protection: Full Circle Prevention-Detection-Remediation Based on a single Agent.


Sources

Shea, S. (2015, April 23). Pescatore on security success: Breach prevention is possible. Retrieved from Tech Target: http://searchsecurity.techtarget.com/news/4500244894/Pescatore-on-security-success-Breach-prevention-is-possible

 

 

60 Minutes Revisits the Sony Breach and the Investigation Sony Performed to Find the Culprit

The week before RSA, 60 Minutes dug in a bit deeper into the hack which effected Sony last fall, revealing the tactics taken related to the incident.  FireEye, a renowned IT security company, had its newly acquired company, Mandiant, share what they learned through their forensics investigation.   

If you missed the segment, you can view it online here: 
http://www.cbsnews.com/news/north-korean-cyberattack-on-sony-60-minutes/

What is most revealing about this report is that the hackers didn’t focus on stealing credit card or social security numbers and personal data, they exposed a different type of vulnerability.  This cyberattack almost had an “an eye for an eye” feel to it; the North Koreans were embarrassed by a film that Sony would soon release, so they wanted to embarrass Sony in retaliation. 

Because emails containing scandalous gossip were also made public as part of this breach, causing deep embarrassment for the authors and the persons of subject, FireEye reports that this hack has scared CEOs in a new way.  “Now every CEO is walking around saying, how do I feel if my email is out on the internet?”  CISOs are now having a new kind of dialog with the board of directors because of this twist on “breached data.”

The report goes on to state that a hacker only needs to break into one machine and then he’s inside your infrastructure, followed by a screen capture of passwords being stolen.  It’s cited that even an unsuspecting routine activity like an Adobe Flash updater is all it takes for an infiltration – it’s that one machine that it uses as a passageway.  “Every corporation's network is only as strong as its weakest link.”  That’s all it took to get going, and the hackers took off from there. 

This is a real-life, compelling use case for why admin rights need to be removed from your endpoint devices and all advanced endpoint security solutions need to be evaluated for how effective they can be in preventing, detecting and responding to these advanced persistent threats.

Viewfinity is helping a lot of companies manage least privilege environments as well as integrating endpoint forensics with network security vendors.   Viewfinity is at RSA.  Stop by our booth #1046 in the South Hall. 

Viewfinity Releases a New Version of its Endpoint Security Solution

This week Viewfinity announced the release of version 5.5 for Privilege Management and Application Control GPO solutions. This latest release brings together an easy to manage policy GUI, powerful forensic tools, and threat management and remediation via collaboration with network security vendors.

This release continues Viewfinity’s model to provide a full circle prevention-detection-remediation solution based on the architectural integrity of a single agent.

The latest release includes:

Viewfinity will be previewing this latest release next week at RSA. Stop by booth #1046 in the South Hall to see new capabilities first hand, or contact a Viewfinity representative today for a private demo.

Cyber Criminals Target Healthcare and Insurance

Last week Lysa Myers, of We Live Security, published an article highlighting the increase in breaches targeting medical based organizations. Premera Breach: Healthcare Businesses in the Crosshairs discusses some of the most high profile data breaches so far this year, affecting millions of records. Myers cites the high quantity and high value of medical records as a driving factor in many of these advanced attacks.

Read how Viewfinity works with healthcare companies to offer advanced endpoint protection.

Myers stresses the importance of risk mitigation as part of a solid security strategy; understanding security must be approached from various angles to achieve comprehensive protection. Myers uses the article to call out and explain the top strategies that organizations should employ to mitigate risk:

  • Regular and timely software updates / patch management
  • Two-factor authentication of sensitive data
  • The principle of least privileges
  • Comprehensive data encryption
  • Layered security: anti-malware + firewall + etc.

In line with Myers’ suggestions, Viewfinity offers advanced endpoint protection that focuses on lessening the impact of IT security breaches before, during, and after an attack. Our core capabilities aim to reduce the attack surface and proactively deter advanced persistent threats by:

  1. Managing administrative rights once local admin rights have been removed from user machines.
  2. Monitoring and controlling all applications being installed or run. This can be used as a precursor to default deny.
  3. Accelerating detection, incident response, and remediation efforts via threat management capabilities that collaborate with network security sandboxes and firewalls, reputation database services, and SIEM.

Found out more here.

Endpoint Defense Essentials

Endpoint Defense Essentials: Prevention-Detection-Remediation Practices

IBM did the math, over 1 billion records were leaked in 2014 as a result of cyber-attacks. To put that into perspective, that’s like having every single person in the US have data stolen… 3 times.

While each cyber-attack deploys different infiltration methods, for different motivations, one thing can be agreed upon: defending the endpoint is paramount in the war against cyber criminals.

Today, Viewfinity will run a live webinar with Mike Rothman, Analyst and President of Securosis, to discuss endpoint defense essentials. The discussion will focus on prevention, detection, and remediation practices that you can be implementing within your organization right now.

Here are some of the essentials that you need to be considering to ensure your endpoints are protected from advanced attacks:

  • Solid hygiene and configuration practices
  • Focusing on least privilege to prevent exploitation
  • More effective detection
  • Working closely with network-based defenses
  • Investigating and remediating the inevitable compromise

Viewfinity offers a closed-loop security solution which works to protect organizations before, during, and after an attack, all within a single agent on the endpoint. This comprehensive solution provides unparalleled protection while still maintaining the architectural integrity of the endpoint. Which in laymen’s terms means that the Viewfinity agent is a one-stop shop for prevention, detection, and remediation.

After Mike Rothman’s presentation you’ll also get a chance to hear from Viewfinity VP of Product Management, Alex Shoykhet as he explains:

  • Managing privilege elevation after closing down the security loophole related to admin rights
  • Application control (above and beyond whitelisting) and the important role that monitoring and forensics play
  • Advanced threat management that shares endpoint information with firewall technology to update firewall policies.

Reserve your seat here, or request a recording if you can’t make it today.

Leading Analyst Firm Publishes A Buyer’s Guide to Endpoint Protection Platforms

In one of its latest research reports focusing on Endpoint Protection Platforms (EPP), this leading analyst firm stresses the importance of implementing solutions which fall in line with an organization’s specific business, technical, and regulatory needs. Each situation is different, however one common factor that all organizations battle is malware.

Analyst firm subscribers can read the full report here.

Malware detection is stressed as a core functionality of EPP solutions, breaking down the category into three distinct sections: Advanced Malware Protection, Malware Removal, and Application Control. Due to the limitations of traditional anti-virus/malware solutions it’s important for organizations to look for comprehensive tools which cater to all three malware detection categories. This enables organizations to have a closed-loop solution which handles security before, during, and after and attack.

The report also states that an ideal solution will cater to both well-known and not yet identified malware, while at the same time allowing an organization to identify, isolate/restrict, and eventually remove suspicious executables from your environment.

Viewfinity offers one of the only solutions to offer advanced endpoint protection that focuses on lessening the impact of IT security breaches before, during and after an attack. Our core capabilities aim to reduce the attack surface and proactively deter advanced persistent threats by:

  1. Managing administrative rights once local admin rights have been removed from user machines
  1. Monitoring and control all applications being installed or run.  Can be used as a precursor to default deny.
  1. Accelerate detection, incident response and remediation efforts via threat management capabilities that collaborate with network security sandboxes and firewalls, reputation database services, and SIEM.

Tech Target: CIOs beef up security tools in wake of 2014 data breaches

Tech Target recently published an article by Dina Gerdeman that breaks down new and changing IT security strategies that CIOs should be adopting given the current IT landscape. Key topics of the article cover:

  • Monitoring user behavior
  • Employee training
  • Working remotely and encrypting data
  • Seeking outside help
  • Planning for a disaster
  • Fear of the unknown

In regard to the top mentioned topic – Monitoring, this white paper may be helpful in your research phase: Utilizing Pervasive Application Monitoring and File Origin Tracking in IT Security.

Gartner also chimed in on the article: “Monitoring is one area where CIOs need to step up their game, said Jay Heiser, research vice president with Gartner Inc. Many organizations have been putting more effort into "locking the doors," he said, than in detecting whether those doors have been circumvented.”

"It feels good to put more locks on the doors, but if someone comes in through the windows, what's the point?" he asked. "If there is any change based on this year's dramatic failures, it's a renewed appreciation for the benefits of monitoring." (TechTarget, 2015)

Take a few minutes to read the article and let us know if you have questions about how Viewfinity can help you with some of these topics.

FireEye VP of Strategic Solutions Discusses Viewfinity/FireEye Integration

For the first time endpoint and network security solutions have come together for a truly comprehensive security solution.

In our recent press release we outlined our latest integration with FireEye TAP and AX solutions, in an aim to leverage the power of both solutions to accelerate incident response and remediation.

In an interview with Mary-Louise Hoffman of Executive Biz, Grady Summers FireEye VP of Strategic Solutions highlighted the need for this integration, “endpoint to network security visibility is an instrumental component to stopping advanced attacks” (Executive Biz, 2015).

Viewfinity and FireEye now can work in tandem to identify suspicious behavior within a network and then track, isolate, and block malicious activity on the endpoints.

Learn more about how the integration works.