On the Radar: Ziften enables continuous endpoint monitoring
|
|
- Abel Flowers
- 5 years ago
- Views:
Transcription
1 On the Radar: Ziften enables continuous endpoint monitoring The Zenith platform can also run custom scripts for remediation Publication Date: 04 May 2017 Product code: IT Rik Turner
2 Summary Catalyst Ziften develops technology to provide endpoint visibility and control to IT and security operations teams within enterprise customers, combining both real-time and historical user device and threat behavior monitoring, analytics, and reporting. Key messages Ziften s main product is Zenith, a platform for monitoring and delivering visibility into endpoint estates. The technology covers desktops and laptops (on-net, off-net, and offline), servers, virtual machines (VMs), and containers. Lightweight agents on the endpoints collect data and send it to a management server where it can be stored and streamed to a console for security personnel. Ziften also has a product that generates extended network flow data from endpoints that can be ingested by SIEMs and other analysis tools. Ovum view Ziften enables the continuous visibility and monitoring of endpoints, a capability for which there is a clear demand, particularly as an increasing number of workloads migrate to the public or hybrid cloud, and employees increasingly work remotely. Ovum expects these trends to drive increasing demand for platforms such as Zenith. Recommendations for enterprises Why put Ziften Zenith on your radar? Ziften s ability to continuously monitor and store historical data for endpoints, including VMs and containers, is a compelling feature, while its ZFlow capability that provides NetFlow and IPFIX data from the endpoint for consumption by SIEMs and other platforms is an interesting capability for companies seeking greater visibility across their infrastructure. It should be on your list of technology providers to consider if you are planning to invest in additional or enhanced monitoring capabilities. Highlights Ziften grew out of the perception that systems management, as well as security functions such as vulnerability management and anti-virus checking, are not continuous activities, and that a platform that could provide visibility and monitoring on a continuous basis would enable a more holistic approach to systems management and security. Zenith focuses on the endpoint, which includes not only end-user computing devices, but also offnetwork user devices, servers, VMs, and containers. To perform its monitoring functions, it deploys a Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 2
3 lightweight agent, not in the kernel of the endpoint s OS but in the user space, the set of memory locations in which user processes (essentially everything except the kernel) run. Deployment is via a passive install where no reboot or maintenance window is required. For example, the agent becomes part of the image on a VM, and can be baked into the golden image for servers in a data center, or in an AMI for deployment in the AWS Cloud. The agent collects flow and connectivity data to provide insights into users and device behavior, looking at applications, binaries, and processes, enabling both performance management and security functions. It sends this data back to a management server, which can run in the cloud or as an on-premise appliance, from which it is streamed to a console. The system keeps six months of historical data by default, but customers can buy more if they need it for procedures such as insider threat investigations. In addition to reporting on endpoint activity, an extension to the platform announced in 2016 enables custom scripts to be run at the endpoint, making it possible to collect custom data elements and enable custom remedial actions such as changing a firewall policy, disabling a USB port or ejecting a USB drive, quarantining a device, or blocking or killing processes from an executable. Customers can also set policies so that these actions are triggered automatically. Zenith uses the Apache Kafka message broker and the Vertica analytics database from HPE. It also integrates with other analytics engines via an application programming interface (API). It can support up to 1 million endpoints for individual customers with this architecture. ZFlow, meanwhile, is a platform that creates network flow data from endpoints, covering the device itself, applications, binaries, and users. It uses proprietary technology based on the NetFlow and IPFix standards, and Ziften offers integrations with Lancope, Arbor, Fortinet s FortiSIEM, Splunk, and other tools that can ingest NetFlow data. Background Ziften was founded in 2009 by Mark Obrecht, who had previously founded and led WholeSecurity, a developer of anti-phishing technology acquired by Symantec in Obrecht led Ziften as CEO until 2012, and as chief Innovation officer until he left in 2015 to focus on venture capitalism at Trellis Partners, which had led Ziften s $5.8m Series A round in Since 2012, Ziften s CEO has been Charles Leaver, who was also a partner at Trellis from 2011 to The company has so far raised approximately $42m in venture funding, most recently announcing a Series C round of $24m led by Spring Mountain Capital in July This round also had additional investment from Sarofim Fayez and Co, which led the May 2012 $5.5m Series B round. Current position Ziften started out calling its product by the same name as the company, and launched Ziften 1.0 in With the addition of a second product to its portfolio, its flagship platform has now been renamed Zenith and is currently at version 5.1. Ziften has somewhere between 50 and 100 enterprise customers, with its largest deployment to date totaling some 120,000 endpoints. Zenith enables unmanaged IT asset discovery, system monitoring and hardening, threat detection and hunting, incident response and containment, and deep lookback forensics to protect organizations Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 3
4 from cyber-attacks. Ziften s other product is ZFlow, which generates an extended version of NetFlow to provide last-mile visibility for all endpoint activity on a network. Ziften goes to market through a two-tier channel as well as via managed security service providers (MSSPs). The company primarily sees other systems management and security vendors such as Tanium and Ivanti, and sometimes providers of endpoint detection and response (EDR) technology, as its main competitors. Data sheet Key facts Table 1: Data sheet: Ziften Product name Zenith Product classification Unified systems management and security software Version number 5.1 Release date First version launched in 2011 Industries covered Enterprise, Government & Managed Services Providers Geographies covered All Relevant company sizes Mid-Size and Large Licensing options Subscription URL Routes to market Value-added resellers, managed services providers Company headquarters Austin, Texas, US Number of employees Source: Ovum Appendix On the Radar On the Radar is a series of research notes about vendors bringing innovative ideas, products, or business models to their markets. Although On the Radar vendors may not be ready for prime time, they bear watching for their potential impact on markets and could be suitable for certain enterprise and public sector IT organizations. Further reading On the Radar: Tanium offers security and endpoint management, IT (November 2016) Heat Software and LANDesk merge to become Ivanti Software, IT (January 2017) Author Rik Turner, Principal Analyst, Infrastructure Solutions rik.turner@ovum.com Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 4
5 Ovum Consulting We hope that this analysis will help you make informed and imaginative business decisions. If you have further requirements, Ovum s consulting team may be able to help you. For more information about Ovum s consulting capabilities, please contact us directly at consulting@ovum.com. Copyright notice and disclaimer The contents of this product are protected by international copyright laws, database rights and other intellectual property rights. The owner of these rights is Informa Telecoms and Media Limited, our affiliates or other third party licensors. All product and company names and logos contained within or appearing on this product are the trademarks, service marks or trading names of their respective owners, including Informa Telecoms and Media Limited. This product may not be copied, reproduced, distributed or transmitted in any form or by any means without the prior permission of Informa Telecoms and Media Limited. Whilst reasonable efforts have been made to ensure that the information and content of this product was correct as at the date of first publication, neither Informa Telecoms and Media Limited nor any person engaged or employed by Informa Telecoms and Media Limited accepts any liability for any errors, omissions or other inaccuracies. Readers should independently verify any facts and figures as no liability can be accepted in this regard readers assume full responsibility and risk accordingly for their use of such information and content. Any views and/or opinions expressed in this product by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Informa Telecoms and Media Limited. Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 5
6 CONTACT US INTERNATIONAL OFFICES Beijing Dubai Hong Kong Hyderabad Johannesburg London Melbourne New York San Francisco Sao Paulo Tokyo
On the Radar: Positive Technologies protects against SS7 network vulnerabilities
On the Radar: Positive Technologies protects against SS7 network vulnerabilities PT SS7 Attack Discovery detects SS7 network intrusions Publication Date: 14 Feb 2017 Product code: IT0022-000885 Andrew
More informationOn the Radar: Condusiv Technologies
On the Radar: Condusiv Technologies Reducing I/O in both the physical and virtual environments Publication Date: 27 Apr 2015 Product code: IT0022-000341 Roy Illsley Summary Catalyst The modern data center
More informationOn the Radar: Carbon Black defends against malware and fileless
On the Radar: Carbon Black defends against malware and fileless attacks Cb Defense combines next-generation antivirus and endpoint detection and response Publication Date: 21 Jul 2017 Product code: IT0022-001039
More informationOn the Radar: Cloudmark Trident addresses spear phishing
On the Radar: Cloudmark Trident addresses spear phishing Context and behavioral analysis pick up attacks that may have no malicious payload Publication Date: 17 Feb 2016 Product code: IT0022-000603 Rik
More informationOn the Radar: Comodo protects endpoints by using containment with local and cloud-based inspection
On the Radar: Comodo protects endpoints by using containment with local and cloud-based inspection Sale of certificate authority business enables Comodo to focus on product development Publication Date:
More informationOn the Radar: IronScales offers anti-phishing defense suite
On the Radar: IronScales offers anti-phishing defense suite Awareness training, automated forensics, remediation, intelligence sharing, and anomaly detection Summary Catalyst IronScales offers a suite
More informationOn the Radar: Peplink
Multi-link WAN load balancing Publication Date: 26 Sep 2014 Product code: IT0022-000130 Roy Illsley Summary Catalyst The Internet and the mobile telephone have changed both business-model and user expectations
More informationOn the Radar: IBM Resilient applies incident response orchestration to GDPR data breaches
On the Radar: IBM Resilient applies incident response orchestration to GDPR data breaches An incident response orchestration platform tailored to GDPR breach management needs Publication Date: 24 Oct 2018
More informationOn the Radar: Kenna Security protects enterprises against data breaches
On the Radar: Kenna Security protects enterprises against data breaches Kenna offers continuous analysis of vulnerabilities and prioritizes remediation activities Publication Date: 27 Mar 2018 Product
More informationVeeam demonstrates its ambitions and capabilities
Veeam demonstrates its ambitions and capabilities Publication Date: 14 Jul 2016 Product code: IT0022-000730 Roy Illsley Ovum view Summary The market for data protection and availability is undergoing a
More informationNeustar forms partnership with Limelight for turbocharged DDoS mitigation
Neustar forms partnership with Limelight for turbocharged DDoS mitigation Publication Date: 28 Jun 2016 Product code: IT0022-000723 Rik Turner Ovum view Summary Neustar, a provider of real-time cloud-based
More informationOracle bakes security into its DNA
Publication Date: 16 Nov 2018 Product code: INT003-000287 Maxine Holt Ovum view Summary At the inaugural Oracle Security Summit held at the company s stunning Santa Clara campus in September 2018, analysts
More informationOn the Radar: Prevoty provides a runtime application security platform for the enterprise
On the Radar: Prevoty provides a runtime application security platform for the enterprise Protection for large-scale runtime environments Publication Date: 29 Dec 2015 Product code: IT0021-000138 Richard
More informationCase Study: Delivering Oracle Applications and Infrastructure in the Cloud
Case Study: Delivering Oracle Applications and Infrastructure in the Cloud How BT in Spain used Oracle s Private Cloud Appliance to deliver flexible cloud services Publication Date: 26 Jan 2016 Product
More informationDataStax stays the open core course as it reconnects with the Apache Cassandra community
DataStax stays the open core course as it reconnects with the Apache Cassandra community Publication Date: 18 Dec 2018 Product code: INT002-000204 Tony Baer Ovum view Summary With its latest open source
More informationEffective Vulnerability Risk Management
Effective Vulnerability Risk Management Maintaining security and compliance in a modern IT supply chain Publication Date: August 14, 2018 Author: Roy Illsley Summary Catalyst The reality for many data
More informationB2B Takes Center Stage at Huawei s Ultra-Broadband Forum
B2B Takes Center Stage at Huawei s Ultra-Broadband Forum Ovum view Summary Ovum recently attended Huawei s Ultra-Broadband Forum, an event aimed at its top customers, partners and other key players in
More informationThe strengthening case for fixed wireless broadband
The strengthening case for fixed wireless broadband Publication Date: 21 08 2018 Julian Bright Summary Ovum view Ubiquitous and affordable access to broadband is fundamental to building a modern digital
More informationOn the Radar: NuDetect uses behavioral biometrics to detect security violations and verify trusted users
On the Radar: NuDetect uses behavioral biometrics to detect security violations and verify trusted users Publication Date: 20 Oct 2017 Product code: IT0021-000263 Adam Holtby Summary Catalyst Balancing
More informationOptical Networks Booming in India
Major build cycle in India to support a rapidly modernizing mobile network infrastructure Publication Date: 13 Nov 2017 Product code: SPT002-000010 Don Frey Summary Catalyst India has been the best-performing
More informationOptical network futures Taking the carrier pulse
Optical network futures Taking the carrier pulse A KNect365 & Ovum survey of 60 communications service providers on optical network deployment plans and progress Ian Redpath, Principal Analyst, Service
More informationDataStax Enterprise 6 extends Apache Cassandra
DataStax Enterprise 6 extends Apache Cassandra Ovum view Summary As one of the most popular NoSQL databases, Apache Cassandra has been known for its ability to handle extremely massive scales of structured
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationSymantec Advanced Threat Protection: Endpoint
Symantec Advanced Threat Protection: Endpoint Data Sheet: Advanced Threat Protection The Problem Virtually all of today's advanced persistent threats leverage endpoint systems in order to infiltrate their
More informationThe threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
More informationDATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure
DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure AlienVault USM Anywhere accelerates and centralizes threat detection, incident response,
More informationTraditional Security Solutions Have Reached Their Limit
Traditional Security Solutions Have Reached Their Limit CHALLENGE #1 They are reactive They force you to deal only with symptoms, rather than root causes. CHALLENGE #2 256 DAYS TO IDENTIFY A BREACH TRADITIONAL
More informationAsset Discovery with Symantec Control Compliance Suite WHITE PAPER
Asset Discovery with Symantec Control Compliance Suite WHITE PAPER Who should read this paper: IT Operations IT Security Abstract Know Your Assets, Know Your Risk. A robust and easily managed host discovery
More informationMicrosoft Cosmos DB: The new flagship internet database of Azure
Microsoft Cosmos DB: The new flagship internet database of Azure Licensed Reprint Publication Date: 12 Jun 2017 Product code: IT0014-003285 Tony Baer Ovum view Summary At its Build conference in May, Microsoft
More information2018 Trends in Hosting & Cloud Managed Services
PREVIEW 2018 Trends in Hosting & Cloud Managed Services DEC 2017 Rory Duncan, Research Director, Managed Services & Hosting Penny Jones, Principal Analyst - MTDC & Managed Services Aaron Sherrill, Senior
More informationSOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM
RSA NETWITNESS EVOLVED SIEM OVERVIEW A SIEM is technology originally intended for compliance and log management. Later, as SIEMs became the aggregation points for security alerts, they began to be more
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationData Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview creates a protected endpoint and messaging environment that is secure against today s complex data loss, malware, and spam threats controlling
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationForeScout Extended Module for Splunk
Enterprise Strategy Group Getting to the bigger truth. ESG Lab Review ForeScout Extended Module for Splunk Date: May 2017 Author: Tony Palmer, Senior Lab Analyst Abstract This report provides a first look
More informationJens Thonke, EVP, Cyber Security Services Jyrki Rosenberg, EVP, Corporate Cyber Security CORPORATE SECURITY
Jens Thonke, EVP, Cyber Security Services Jyrki Rosenberg, EVP, Corporate Cyber Security CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy Family Connected home
More informationRed Hat Virtualization Increases Efficiency And Cost Effectiveness Of Virtualization
Forrester Total Economic Impact Study Commissioned by Red Hat January 2017 Red Hat Virtualization Increases Efficiency And Cost Effectiveness Of Virtualization Technology organizations are rapidly seeking
More informationQualys Cloud Platform
Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc. Digital Transformation More than just adopting new
More informationChristopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud
Christopher Covert Principal Product Manager Enterprise Solutions Group Copyright 2016 Symantec Endpoint Protection Cloud THE PROMISE OF CLOUD COMPUTING We re all moving from challenges like these Large
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationThe Why, What, and How of Cisco Tetration
The Why, What, and How of Cisco Tetration Why Cisco Tetration? With the above trends as a backdrop, Cisco has seen specific changes within the multicloud data center. Infrastructure is changing. It is
More informationCisco Tetration Analytics
Cisco Tetration Analytics Enhanced security and operations with real time analytics John Joo Tetration Business Unit Cisco Systems Security Challenges in Modern Data Centers Securing applications has become
More informationA Risk Management Platform
A Risk Management Platform Michael Lai CISSP, CISA, MBA, MSc, BEng(hons) Territory Manager & Senior Security Sales Engineer Shift to Risk-Based Security OLD MODEL: Prevention-Based Security Prevention
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationDATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationData Sheet GigaSECURE Cloud
Data Sheet GigaSECURE Cloud Intelligent network traffic visibility that enables enterprises to extend their security posture to Microsoft The rapid evolution of Infrastructure-as-a-Service (IaaS) brings
More informationMapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective
Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationPaper. Delivering Strong Security in a Hyperconverged Data Center Environment
Paper Delivering Strong Security in a Hyperconverged Data Center Environment Introduction A new trend is emerging in data center technology that could dramatically change the way enterprises manage and
More informationOracle Buys Palerra Extends Oracle Identity Cloud Service with Innovative Cloud Access Security Broker
Oracle Buys Palerra Extends Oracle Identity Cloud Service with Innovative Cloud Access Security Broker October 14, 2016 Copyright 2016, Oracle and/or its affiliates. All rights reserved. Oracle is currently
More informationInfrastructure Blind Spots Continue to Fuel Personal Data Breaches. Sanjay Raja Lumeta Corporation Lumeta Corporation
Infrastructure Blind Spots Continue to Fuel Personal Data Breaches Sanjay Raja Lumeta Corporation Why Is Real-Time Network & Cloud Situational Awareness Critical? Today s business drivers enable a greater
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationQuickSpecs. Aruba IntroSpect User and Entity Behavior Analytics. Overview. Aruba IntroSpect User and Entity Behavior Analytics Product overview
Overview Product overview Aruba s User and Entity Behavior Analytics (UEBA) solution, Aruba IntroSpect, detects attacks by spotting small changes in behavior that are often indicative of attacks that have
More informationSolution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and
Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and Compliance Management Through the integration of AlgoSec
More informationThreat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ
Threat Containment and Operations Yong Kwang Kek, Director of Presales SE, APJ 2018-07-19 1 1 2017 Infoblox Inc. All Rights 2013 Infoblox Inc. All Reserved. Rights Reserved. Three Aspects of Security #1
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationOne Hospital s Cybersecurity Journey
MAY 11 12, 2017 SAN FRANCISCO, CA One Hospital s Cybersecurity Journey SanFrancisco.HealthPrivacyForum.com #HITprivacy Introduction Senior Director Information Systems Technology, Children s Mercy Hospital
More informationPartner Management Console Administrator's Guide
Partner Management Console Administrator's Guide Partner Management Console Administrator's Guide Documentation version: November 17, 2017 Legal Notice Copyright 2017 Symantec Corporation. All rights reserved.
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationBusiness-Driven Security: An Essential Approach to Enterprise Protection and Compliance
Business-Driven Security: An Essential Approach to Enterprise Protection and Compliance Risk-enabled integration of security with business priorities is key to achieving the right protection Publication
More informationModern Database Architectures Demand Modern Data Security Measures
Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationWeb Data Integration: A new source of competitive advantage
Web Data Integration: A new source of competitive advantage An Ovum white paper for Import.io Publication Date: 29 January 2019 Author: Tony Baer Summary Catalyst Web data provides key indicators into
More informationReducing the Cost of Incident Response
Reducing the Cost of Incident Response Introduction Cb Response is the most complete endpoint detection and response solution available to security teams who want a single platform for hunting threats,
More informationARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin
ARC VIEW FEBRUARY 1, 2018 Critical Industries Need Continuous ICS Security Monitoring By Sid Snitkin Keywords Anomaly and Breach Detection, Continuous ICS Security Monitoring, Nozomi Networks Summary Most
More informationSoftware-Defined Secure Networks in Action
Software-Defined Secure Networks in Action Enabling automated threat remediation without impacting business continuity Challenge Businesses need to continuously evolve to fight the increasingly sophisticated
More informationSymantec and VMWare why 1+1 makes 3
Symantec and VMWare why 1+1 makes 3 Finn Henningsen Principal Systems Engineer Peter Schjøtt Principal Systems Engineer Rasmus Rask Eilersen Principal Systems Engineer Symantec and VMWare 1 Tak til vores
More informationCisco Stealthwatch Endpoint License
Data Sheet Cisco Stealthwatch Endpoint License With the Cisco Stealthwatch Endpoint License you can conduct in-depth, context-rich investigations into endpoints that exhibit suspicious behavior. In our
More informationHow-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018
How-to Guide: Tenable.io for Microsoft Azure Last Updated: November 16, 2018 Table of Contents How-to Guide: Tenable.io for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment
More informationSIEMLESS THREAT MANAGEMENT
SOLUTION BRIEF: SIEMLESS THREAT MANAGEMENT SECURITY AND COMPLIANCE COVERAGE FOR APPLICATIONS IN ANY ENVIRONMENT Evolving threats, expanding compliance risks, and resource constraints require a new approach.
More informationBuilding an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO
Building an Effective Threat Intelligence Capability Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO The Race To Digitize Automotive Telematics In-vehicle entertainment
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationAppDefense Cb Defense Configuration Guide. AppDefense Appendix Cb Defense Integration Configuration Guide
AppDefense Appendix Cb Defense Integration Configuration Guide Table of Contents Overview 3 Requirements 3 Provision API Key for Cb Defense Integration 3 Figure 1 Integration Type 4 Figure 2 API Key Provisioning
More informationTechnical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform
Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform Date: October, 2018 Author: Jack Poller, Sr. Analyst The Challenges Enterprise Strategy Group
More informationIBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation
IBM Security Endpoint Manager- BigFix Daniel Joksch Security Sales Establish security as an immune system Malware protection Incident and threat management Identity management Device management Data monitoring
More informationOUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER
OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER HOW TO ADDRESS GARTNER S FIVE CHARACTERISTICS OF AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER 1 POWERING ACTIONABLE
More informationKaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia
Kaspersky Cloud Security for Hybrid Cloud Diego Magni Presales Manager Kaspersky Lab Italia EXPERTISE 1/3 of our employees are R&D specialists 323,000 new malicious files are detected by Kaspersky Lab
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationCloud Strategy Snapshot: NTT Com
Cloud Strategy Snapshot: NTT Com Powering ahead with its global ambitions Publication Date: 16 Jul 2015 Product code: TE0005-000730 Adrian Ho Ovum view Summary Telecoms service providers have a patchy
More informationMobile County Public School System Builds a More Secure Future with AMP for Endpoints
Mobile County Public School System Builds a More Secure Future with AMP for Endpoints Cisco AMP for Endpoints met our needs from all security standpoints. We re seeing more and AMP is catching things that
More informationSECURITY OPERATIONS CENTER BUY BUILD BUY. vs. Which Solution is Right for You?
SECURITY OPERATIONS CENTER BUY vs. BUILD BUY Which Solution is Right for You? How Will You Protect Against Today s Cyber Threats? As cyber-attacks become more frequent and more devastating, many organizations
More informationALERT LOGIC LOG MANAGER & LOG REVIEW
SOLUTION OVERVIEW: ALERT LOGIC LOG MANAGER & LOG REVIEW CLOUD-POWERED LOG MANAGEMENT AS A SERVICE Simplify Security and Compliance Across All Your IT Assets. Log management is an essential infrastructure
More informationTrends to Watch: Managed Security Services. Providers invest in automation, tools, and skills as enterprises struggle with new regulations
ovum.informa.com 2018 Trends to Watch: Managed Security Services Providers invest in automation, tools, and skills as enterprises struggle with new regulations Summary Recommendations Catalyst Managed
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationSymantec Endpoint Protection Integration Component User's Guide. Version 7.0
Symantec Endpoint Protection Integration Component User's Guide Version 7.0 The software described in this book is furnished under a license agreement and may be used only in accordance with the terms
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
More informationProtecting Your Investment in Java SE
Software platform maintenance and patching is one of the greatest challenges of managing business critical applications. Oracle Java SE Subscription combines license and support into a simple subscription
More informationAlcatel-Lucent Network on Demand
Brochure Alcatel-Lucent Network on Demand 2017, August 14 Alcatel-Lucent Network on Demand Network Infrastructure as an operational expenditure Network infrastructure: Essential for your business Your
More informationin PCI Regulated Environments
in PCI Regulated Environments JULY, 2018 PCI COMPLIANCE If your business accepts payments via credit, debit, or pre-paid cards, you are required to comply with the security requirements of the Payment
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationSOLUTION BRIEF RSA NETWITNESS SUITE & THE CLOUD PROTECTING AGAINST THREATS IN A PERIMETER-LESS WORLD
RSA NETWITNESS SUITE & THE CLOUD PROTECTING AGAINST THREATS IN A PERIMETER-LESS WORLD THE CLOUD MAKES THREAT HUNTING HARDER The explosion in cloud workloads is driving real, substantial business value.
More informationBuilding a Resilient Cloud Network with SD-WAN
Ovum TMT intelligence Building a Resilient Cloud Network with SD-WAN 1 Singtel Building a Resilient Cloud Network with SD-WAN The evolution in the networks There is an evolution happening within modern
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016
Cisco Cyber Range Paul Qiu Senior Solutions Architect June 2016 What I hear, I forget What I see, I remember What I do, I understand ~ Confucius Agenda Agenda Cyber Range Highlights Cyber Range Overview
More informationSecurity Operations in Flux
Trace3 Research Trend Report 5/31/2018 Security Operations in Flux Features in Search of a Platform (FISOAP) Disclaimer This document has been prepared solely for Trace3's internal research purposes without
More informationAutomated Threat Management - in Real Time. Vectra Networks
Automated Threat Management - in Real Time Security investment has traditionally been in two areas Prevention Phase Active Phase Clean-up Phase Initial Infection Key assets found in the wild $$$$ $$$ $$
More informationVictorian Government Cloud adoption study
Victorian Government Cloud adoption study A survey of managers and senior executives in the Victorian Government Kevin Noonan, Chief analyst kevin.noonan@ovum.com November 2018 Commissioned by Contents
More informationSymantec Protection Suite Add-On for Hosted Security
Symantec Protection Suite Add-On for Hosted Email Security Overview Malware and spam pose enormous risk to the health and viability of IT networks. Cyber criminal attacks are focused on stealing money
More informationBUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY
SOLUTION OVERVIEW BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY Every organization is exploring how technology can help it disrupt current operating models, enabling it to better serve
More informationCloud offerings from IBM
Cloud offerings from IBM www.ibm.com/cloud Bjørn Roksvold roksvold@no.ibm.com Content LotusLive Development & test on the IBM Cloud CloudBurst Tivoli Live Managed backup services Cloud Security We eat
More information