Home Tags Perimeter security

Tag: perimeter security

As the value and volume of data grows, perimeter security is not enough to battle internal or external threats.
Today, a dangerous new trend is emerging: steganography is increasingly being used by actors creating malware and cyber-espionage tools. Most modern anti-malware solutions provide little, if any, protection from steganography, while any carrier in which a payload can be secretly carried poses a potential threat.
The 2017 Data Security Confidence Index Report reveals gaps between organizations' perceptions of what keeps them secure and what actually works.
Mike Mimoso talks to Duo Security co-founder and CTO Jon Oberheide at RSA Conference about Google's BeyondCorp security model, enforcing perimeter security, how endpoint security has evolved through the years, and the future of passwords.
Hewlett Packard Enterprise's 2017 State of of Security Operations Report reveals that 82 percent of Security Operation Centers are not running at the optimal level of maturity and meeting business goals. Hewlett Packard Enterprise (HPE) released its St...
AppGate 3.0 release adds new capabilities to help organizations provide secure, authenticated access to resources, including Single-Packet Authorization technology that keeps network resources hidden from unauthorized users. Security vendor Cryptzone t...
Recognised as providing the broadest coverage of social, mobile and web dataLondon, UK – RiskIQ today announced it was among the nine select companies that Forrester invited to participate in The Forrester Wave™: Digital Risk Monitoring, Q3 2016, an evaluation for security and risk professionals.
In this evaluation, RiskIQ was cited as a Leader based on its scores in the Strategy, Current Offering, and Market Presence categories, with the top-ranked scores in the Current Offering category and among the highest scores in the Market Presence category. Participants were judged on 27 criteria including data coverage, digital governance, corporate strategy and vision and number of customers to determine category positioning. RiskIQ logo RiskIQ believes that the category creation of digital risk monitoring (DRM) is recognition by the research firm of the disruption to traditional security programs by the rapid Internet, cloud, mobile and social media adoption by the business.

DRM is now a must have capability for the CISO as inside the perimeter security technologies have failed in the face of targeted cyber attacks and threats that exploit user trust.
Security teams require a holistic view of all their assets that live beyond the firewall – their digital footprint – and must rely on internet data to observe the activities of cyber-criminals and to prevent cyber-threats and data breaches. “[Security and risk pros] track a much smaller portion of their environment than they realise. Without comprehensively and persistently monitoring risk in digital channels, companies remain susceptible to a wide variety of brand, cyber, and physical risk events,” according to the Forrester Research report. Many of the risks in the digital landscape are still emerging as threat actors find clever ways to exploit blind spots in an organisation’s attack surface and prey on the general population who use digital channels to interact with brands. “Despite the high stakes, many organisations struggle to improve digital risk visibility and mitigate related risks because: digital footprints are incredibly vast and chaotic … digital risk comes in countless shapes and sizes … companies are at the mercy of digital channels for control and enforcement … [and] generic online or social media monitoring provides a false sense of security,” wrote Forrester Research. In addition to being named a Leader in DRM, RiskIQ was specifically recognised for providing the “broadest coverage of social, mobile, and web data,” Forrester Research stated, “RiskIQ covers a practically endless list of digital channels to provide customers a comprehensive digital system of record.

Beyond that, RiskIQ monitors a large set of official and unofficial mobile app stores, and it’s one of the only vendors in this Forrester Wave to cover malvertising, including analysis of Facebook’s ad ecosystem.” By leveraging its proprietary sensor network and virtual web crawlers — which use behavior characteristics to mimic real users, RiskIQ is able to help fill the digital risk monitoring gap left by weak and/or incomplete solutions. “We are committed to enhancing the tools and data that threat researchers can easily access in order to address the growing and evolving digital threat landscape,” said Elias Manousos, CEO of RiskIQ. “We launched our new Security Intelligence Services in July.
It uses the internet itself as a detection system and is the only service to provide network defenders with true insights into how adversaries are using infrastructure to attack.
In September, we added more support and educational resources for our channel partners to help expand the base of ‘weaponised good guys,’ and have near-term plans to expand the capabilities of our research and investigation platform RiskIQ PassiveTotal.” RiskIQ and Forrester analyst, Nick Hayes will present a webinar on the “Crucial Components Of Digital Risk Monitoring” on October 26 at 11 a.m. PT, register here https://www.riskiq.com/webinar/crucial-components-digital-risk-monitoring/.

For a complimentary copy of the report, click here: https://www.riskiq.com/white-paper/riskiq-named-leader-digital-risk-monitoring-independent-research-firm/ About RiskIQRiskIQ is a cybersecurity company that helps organizations discover and protect their external-facing known, unknown, and third-party web, mobile, and social assets.

The company’s External Threat Management platform combines a worldwide proxy and sensor network with synthetic clients that emulate users to monitor, detect, and take actions against threats. RiskIQ is used by thousands of companies including many of the Fortune 500 and leading financial institutions to protect their digital assets, users, and customers from external security threats.

The company is headquartered in San Francisco, California and backed by growth equity firms Summit Partners and Battery Ventures. To learn more about RiskIQ, visit www.riskiq.com.
Branch-office networks are proving to be a weak security link in many enterprises.
In the 2013 Gartner Research report, "Bring Branch Office Network Security Up to the Enterprise Standard," analyst Jeremy D'Hoinne wrote that "30 percent of advanced targeted threats—up from less than 5 percent today—will specifically target branch offices as an entry point." While the attack landscape and threat vectors have evolved since that report was published, branch security architectures for the most part have not. Point security appliances such as next-generation firewalls (NGFWs), unified threat management (UTM) devices and software overlays in branch routers still dominate when it comes to protecting branch perimeter security; however, recent advancements in network functions virtualization (NFV) are enabling the same security features found in NGFWs and UTMs to be served via software as virtualized network functions.
In this eWEEK slide show based on industry information from Versa Networks, Gartner Research and other resources, we look at why software-defined security is poised to disrupt proprietary security appliance makers.
Will confer new name on Confer Endpoint security firm Carbon Black has bought "next-generation antivirus" firm Confer. Financial terms of the deal, announced today, were undisclosed.

Carbon Black plans to re-badge Confer’s security software as “Cb Defense” and offer it alongside its existing roster of application control, incident response, and threat hunting products. Cb Defense is a cloud-based product that combines behaviour-based prevention techniques with integrated detection and response capabilities.

Carbon Black initially offered white-listing security technologies before expanding its scope.

The Confer deal is another milestone along that path. While the term "next-generation firewall" might be understood to refer to application-aware perimeter security appliance, the term "next-generation antivirus" is even sketchier.

Those that market NGAV are (almost) united in attempting to highlight the alleged shortcomings of Symantec and Intel Security. Naturally enough, Symantec - the target of criticism that it offers a legacy product that lets too many attacks through - also claims to offer next-generation antivirus. Cylance emphasises the use of machine learning in fighting malware whereas Symantec talks about Big Data and others such as CrowdStrike talk about threat intelligence. Carbon Black said the Confer deal will allow it to take on Symantec, (next gen firewall pioneer) Palo Alto Networks, Cylance, and CrowdStrike with a "disruptive zero gap protection" or a combination of machine learning and behaviour analytics. ® Sponsored: Global DDoS threat landscape report
London —June 28, 2016 — RiskIQ, the leader in External Threat Management, today announced that it has selected DataComm360 to be their distributor in the Middle East and North Africa (MENA) market.DataComm360 enables system integrators and service providers to offer cloud-based Cyber Security Managed Services to SMEs, large enterprises, telecom operators and governments in the MENA region.

DataComm360 and its reseller network are focused on introducing new and innovative technologies to their clients to help them address the challenges posed by ever changing cyber threats. RiskIQ’s solution offerings complement the current DataComm360 portfolio by helping clients extend their security program outside the firewall. RiskIQ logo The Middle East experienced the fastest growth in internet users of all regions in 2015[1] and Enterprises in the MENA region continue to invest in digital channels to engage with this expanding audience.

As a result they are constantly growing their digital footprint; be it on the web, through the development of mobile applications or through social media.

This has significantly increased their digital attack surface and therefore their exposure to cyber threats.
In addition to defending their own digital assets, they also have to deal with the growing problem of cyber impersonation, whether it be domain infringement, web and mobile phishing or executive and brand impersonation on social media. RiskIQ Digital Footprint and External Threats solutions help organisations tackle both problems. “Demand for Cyber Security services is clearly on the rise in this part of the world,” said Naji Chakhtoura, COO at DataComm360 Inc. “While there are a lot of competing technologies in the market, RiskIQ plays in a blue ocean on its own, addressing the challenges of Cyber Security in the growing digital world. We are excited about our partnership with RiskIQ and the value we are bringing to our reseller network and through them, to customers in the MENA region.” "There has never been a more pressing time for organisations to focus on External Threats, as much as they do on perimeter security,” said Trevor Crompton, RiskIQ’s EMEA Channel Director. “Bringing visibility and management to the external attack surface is core to RiskIQ's solution and we are delighted to be able to extend this to organisations across the Middle East and North Africa, working with Datacomm360.
I am very pleased to able to harness Datacomm360's seasoned expertise and knowledge of this diverse market - and excited about what we can achieve together." [1]http://wearesocial.com/uk/special-reports/digital-in-2016 About RiskIQRiskIQ is a cybersecurity company that helps organizations discover and protect their external facing known, unknown and 3rd party web, mobile and social digital assets.

The company’s External Threat Management platform combines a worldwide proxy network with synthetic clients that emulate users to monitor, detect and take down malicious and copycat apps, drive by malware and malvertisements. RiskIQ is being used by leading financial institutions and other companies to protect their web assets and users from external security threats and fraud.
It is headquartered in San Francisco and backed by growth equity firms Summit Partners and Battery Ventures. To learn more about RiskIQ, visit www.riskiq.com. About DataComm360DataComm360 has been in the Information and Communications Technology (ICT) industry in Europe, Middle East & Africa (EMEA) markets for more than two decades.
It enables system integrators and service providers to offer Cloud-based Cyber Security Managed Services.

DataComm360 is managed by a cross-functional leadership team comprising expertise in innovation, technology and operations.

They have built solid relationships with Telecom Operators, Media, Governments and Enterprises operating across various industries. For more information, visit www.datacomm360.com.
Back in May, the National Institute of Standards and Technology (NIST) released a draft publication on systems security engineering. Although well-intentioned, the document lacks the specificity and concrete guidance needed to give systems security engineers actionable steps to fully incorporate security into the systems engineering process. The NIST document exhaustingly defines systems security engineering as a specialty discipline of systems engineering. It also provides a description of the processes, activities and tasks performed by systems security engineering professionals. However, to keep things simple and practical, network security company FlowTraq developed "The 10 Commandments of Secure Engineering," which take a look at securing engineering systems in a two-pronged approach. First, developers must design systems with security in mind, building varying levels of security into the system throughout the development life cycle. Secondly, systems engineers must prepare for active defense by using the right tools to monitor, track and identify potential threats. This eWEEK slide show, with the assistance of FlowTraq, looks at 10 tenets of secure engineering. 10 Commandments of Secure Engineering By Darryl K. Taft Separation of Data When engineering secure systems, you must follow the fundamental principles of data separation and separate data by mission, objective and trust level so that only approved individuals have access to different types of data as well as different parts of your system. Defense in Depth When designing systems, sometimes we focus so much on perimeter security that we forget to pay the same attention to building an in-depth defense posture. It is important to build sensible gates or privilege barriers throughout your systems—not just along the perimeter. Create Flood Barriers The saying “You’re only as secure as your weakest link” is absolutely true, which is why it’s important to isolate each part of the system, or mission, from failures and compromises in others. If one part of the system goes down, you don’t want this to affect other parts of your system, eventually taking down your entire IT infrastructure. Build a Kill Switch Engineer a secure way to shut down parts of your system that may be under compromise. This ensures that if a hacker does infiltrate one particular part of your system, you are able to stop him or her in their tracks before the consequences become widespread. Plan for Functionality Oftentimes, security requirements can become a barrier to system functionality—but they don’t have to be. Find new, creative ways to create functional systems that are also secure. Ubiquitous Data Acquisition The work for creating trustworthy, resilient systems isn’t done once a system is engineered. It is equally as important to maintain a strong defense posture over time, which heavily relies on continuously monitoring as many aspects of your system as feasible and storing this data for possible forensic analysis. You must monitor multiple points within your system, and keep the data around for weeks or even months, in the event that you need to investigate historical patterns as part of a larger security analysis further down the road. Accessibility of Telemetry Often it is difficult to obtain or understand the internal state of a system, so it’s important to make it easy to get to the telemetry and make it intuitive to understand. Only then will an operator be able to quickly understand the difference between a failure and a compromise. Track Baselines, Detect Anomalies Develop a set of baselines within your systems so that you can uncover deviations from normal patterns in volumes, identities, timestamps and messages within your data analysis. The ability to detect suspicious data movement is key to uncovering threats and vulnerabilities before they affect your system, and this is only accomplished when building into your system a sense of what is normal and what is abnormal. Prioritize Messages Assign priorities to alerts, anomalies and telemetry data and align these with possible impact on your systems. For example, if you have set up alerts to show when a particular part of your system is accessed at an irregular hour by an unauthorized user three days in a row, this should trigger a high-priority alert indicating a possible breach. Alternate Perspectives Create multiple views of the same system or component, allowing a multi-perspective view. This adds an extra layer of visibility in systems or system components to improve security analysis and help you develop the proactive measures you need to ensure a fully secured system. Darryl K. Taft covers the development tools and developer-related issues beat from his office in Baltimore. He has more than 10 years of experience in the business and is always looking for the next scoop. Taft is a member of the Association for Computing Machinery (ACM) and was named 'one of the most active middleware reporters in the world' by The Middleware Co. He also has his own card in the 'Who's Who in Enterprise Java' deck.
The internet has a new bug to fear, as Google Security and Finnish security company Codenomicon have uncovered a threat lurking, they say, at the very heart of OpenSSL. The weakness apparently allows "anyone on the internet" to read the memory of s...