Closing the Antivirus Protection Gap
|
|
- Tabitha O’Brien’
- 8 years ago
- Views:
Transcription
1 A comparative study on effective endpoint protection strategies May 2012 WP-EN
2 Introduction Corporate economic concerns have put increased pressure on already limited IT resources in recent years as the onslaught of malware and sophistication of cyber attacks continues to grow at exponential rates. As a result, 50% of endpoint operating costs are directly attributable to malware, 1 yet, corporate IT budgets are still focused on maintaining stand alone antivirus as the keystone in endpoint security. In this paper, we will benchmark the effectiveness of standalone AV and O/S resident patching solution versus newer technologies and a defense-in-depth of approach of layering multiple endpoint security and operational technologies together. Methodology Defining the Average Corporate Endpoint In order to conduct comparative malware testing, a model of the Average Corporate Endpoint was defined. The Average Corporate Endpoint was chosen to be representative of a business oriented end-user computer in terms of Operating System, installed applications and average IT operational and security practices. A Microsoft Windows 7 Enterprise (64-bit) machine, part of an Active Directory domain, was chosen as the best representative of an average enterprise desktop endpoint. The Average Corporate Endpoint test (ACE) system was loaded with Microsoft Forefront Endpoint Protection 2010 to represent an average 3rd party antivirus provided solution. Forefront was configured to provide maximum protection. This configuration is shown in Figure 1 and archive (.zip,.cab) and removable media scanning were also enabled. When trying to represent the ACE, it is also of value to consider the level of patching support in place as most malware still seeks to exploit known vulnerabilities within existing applications or within the OS. It was assumed that the OS and all Microsoft applications would be fully patched with the current Patch Tuesday update available, as patch mechanisms (e.g. Windows Updater, WSUS) are widely used to ensure timely patching. 1. Ponemon Institute, 2011 State of Endpoint Risk, December
3 Figure 1: Forefront Configuration There are numerous studies indicating that patch lags exist, are problematic for smaller organizations 2 or represent a significant and all too real exposure. 3 Update mechanisms such as Windows Update or WSUS do not natively extend their support to 3rd party applications, which in reality represent a significant portion of the applications found on any desktop endpoint. For third party applications, patches were applied, however, it was assumed that these applications might suffer from patch lag. To represent the real world exposure of average corporate desktops, a maximum patch lag of 3 months was chosen. The assumptions made about patching concurrency may indeed by optimistic as there are numerous examples of exploit that utilized aged vulnerabilities for which a patch had long been available (e.g. Conficker). 4 The Average Corporate Endpoint software is summarized in the tables below. 2. Derek E. Brink, To Patch or Not to Patch (Not If, But How) October 2011, Aberdeen Group 3. Derek E. Brink, Is Your Vulnerability Management Program Leaving You at Risk (Most Likely, Yes) June 2011, Aberdeen Group
4 Microsoft Application Software Microsoft Forefront Endpoint Protection 2010 Microsoft Office 2007 Microsoft Internet Explorer 9 Version at Time of Test Up-to-date with current signatures Up-to-date Up-to-date Table 1: Average Endpoint Software - Microsoft Applications Application Software Mozilla Firefox Google Chrome Google Chrome Adobe Flash Player Adobe Acrobat Reader Adobe Shockwave Player Apple QuickTime Java Runtime Environment Real Network RealPlayer Version at Time of Test Patch Up-to-date (Latest patch older than 3 months) Patch Up-to-date (Latest patch older than 3 months) Table 2: Average Endpoint Software - 3rd Party Applications Intelligent Whitelisting and Timely Patch Management To explore the malware prevention efficacies of technologies beyond standard antivirus and Microsoft patching, an additional test configuration was defined. The well known exponential growth of novel malware 5 represents a very real challenge for antivirus, which must continue to incorporate the ever increasing known bad (malware signatures). Heuristics, site blocking and increased rapidity of malware identification (often provided through cloud-based signatures and/or reputation) have been some of the techniques introduced by vendors to keep up with malware growth and decrease infection rates. Alternatively, application whitelisting aims to allow only the known good applications. This trades the problem of tracking of an explosive amount of malware to the more pragmatic management of a limited number of desired applications. 5. Frost and Sullivan, Cybersecurity Market: Malware Historical Growth Patterns and Future Projections, Global,
5 The comparative system known as the Lumension Endpoint Management and Security Suite or L.E.M.S.S., incorporates application whitelisting through the Lumension Intelligent Whitelisting Solution which is an integrated solution across Lumension Antivirus, Lumension Application Control and Lumension Patch Management. This test system was configured utilizing the Easy Lockdown process which takes an automated "snapshot" of an endpoint, which is then used to create an application whitelist and begin enforcement of whitelist policies. With the addition of Lumension Patch Management Vulnerability coverage was then extended to the 3rd party applications resident on the ACE. Microsoft Forefront is not present on L.E.M.S.S. test system nor is the Microsoft (WSUS) update agent is utilized in this test configuration. Real World Malware It was decided that the most effective comparison would use real malware, found in the wild, in order to best represent the growing reality of zero day threats. To facilitate this effort, Lumension contracted with an independent malware research organization 6 with expertise in malware attack vectors. Over a sevenday period, more than 2100 individual samples were collected in the wild and directed against each of the configured test systems. The malware test set included trojans, backdoors, PUAs, ransomware, viruses, rootkits and worms. The Average Corporate Endpoint, utilizing only Microsoft Forefront Endpoint Protection 2010 and the Windows Update Agent, was found to be highly vulnerable to a significant amount of malware allowing download and execution of 23% of the malware introduced each day. A minimum of 300 malware samples were tested each day against this configuration and the number of daily misses is referenced in Figure 2. As antivirus signatures are updated frequently, the test methodology did allow time for the antivirus technology to utilize updated signatures. To measure this, any sample that executed previously (missed on the previous day) was retested on the current day. The number of samples caught on subsequent testing varied from 5 to 40 samples with an average delay of just over 2 days for the signature to catch up with the malware. The cumulative number of missed samples remained significant at the conclusion of a week s testing with 19.2% of malware successfully executing on the Average Corporate Endpoint. 6. MRG (Malware Research Group) Effitas 4
6 New Malware Samples Missed Per Day Number of Samples Test Day Figure 2: Daily Malware Samples Missed The multi-faceted security approach of the L.E.M.S.S. test provided to be highly successful throughout the life of the test. The use of the Lumension Endpoint Management and Security Suite which supplied Intelligent Whitelisting as well as Patch and Remediation blocked all malware execution attempts. Though some recent has suggested shortcomings of defense-in-depth strategies in the world of software 7, these findings support the traditional view that a layered security approach affords the best protection. 8 The aggregate malware testing results are illustrated in Figure Prescott E. Small, Defense in Depth: An Impractical Strategy for a Cyber World, November Steve Ragan, RSAC 2012: Malware growth and why layered security is still king, March 2012, Malware-growth-and-why-layered-security-is-still-king 5
7 Cumulative Malware Samples Missed Number of Samples Test Day Figure 3: Daily Malware Samples Missed The overall malware blocking effectiveness is shown in Figure 4. This clearly illustrates the growing ineffectiveness of antivirus when used in a standalone manner vs. a more robust approach that utilizes more effective security technologies such as application whitelisting combined with other solutions such as robust patch management and antivirus. 6
8 Cumulative Malware Blocking Effectiveness Blocking Percentage Test Day Figure 4: Daily Malware Samples Missed 7
9 Potential TCO Benefits Malware may have a dramatic detrimental impact on an organization originating from loss of private customer data, corporate intellectual property and reputation. Quantifying the economic loss to the enterprise stemming from a significant breach of corporate defenses is difficult as the repurcusions of reputation damage are long-lasting. Malware s more mundane but not insignificant fiscal effects include the loss of employee productivity and increased help desk costs. Lumension has developed a True Cost of Malware Calculator 9 to help organizations understand these all too real costs. The calculator allows for customization of a large number of parameters, which allows a realistic organization specific model to be developed. Figure 5 below shows the representative output modeling a 1000 endpoint enterprise. Figure 5: TCO Calculator 1000 Endpoint Deployment
10 The TCO benefit from simply reducing the number of malware incidents and endpoint reimaging to recover from severe malware infections is significant. For example, a 1000 node enterprise, where the monthly malware incidents are reduced 40 to 10, may realize over an impressive 31% reduction in overall TCO. Comparative Total Cost of Ownership 1000 Endpoint Enterprise Total Cost of Ownership (USD) Deployment Year 40 Figure 6: Enterprise TCO vs. Malware Prevalence Conclusion It is clear that the de facto security standard for malware prevention employed in the Average Corporate Endpoint, traditional antivirus coupled with native patching services, delivers significant risk along with increased cost of operations across an enterprise endpoint environment. The Pareto Principle associates 80% of effects to 20% of causes. If this principle applies to malware prevention, then the 20% exposure to malware which exists with traditional antivirus may represent a corporate loss risk four times greater than that which is being protected. Certainly no security solution is perfect; however, even economically challenged IT operations may be better served by considering a defense-in-depth approach when it comes to securing their corporate endpoints. 9
11 About Lumension Security, Inc. Lumension Security, Inc., a global leader in endpoint management and security, develops, integrates and markets security software solutions that help businesses protect their vital information and manage critical risk across network and endpoint assets. Lumension enables more than 5,100 customers worldwide to achieve optimal security and IT success by delivering a proven and award-winning solution portfolio that includes Vulnerability Management, Endpoint Protection, Data Protection, Antivirus and Reporting and Compliance offerings. Lumension is known for providing world-class customer support and services 24x7, 365 days a year. Headquartered in Scottsdale, Arizona, Lumension has operations worldwide, including Texas, Florida, Washington D.C., Ireland, Luxembourg, Singapore, the United Kingdom, and Australia. Lumension: IT Secured. Success Optimized. More information can be found at Lumension, IT Secured. Success Optimized., and the Lumension logo are trademarks or registered trademarks of Lumension Security, Inc. All other trademarks are the property of their respective owners. Global Headquarters 8660 East Hartford Drive, Suite 300 Scottsdale, AZ USA phone: fax: Vulnerability Management Endpoint Protection Data Protection Compliance and IT Risk Management 10
Intelligent Whitelisting:
Intelligent Whitelisting: An Introduction to More Effective and Efficient Endpoint Security The volume and sophistication of malware is skyrocketing, and traditional anti-virus approaches are struggling
More informationThink Your Anti-Virus Software Is Working? Think Again.
Think Your Anti-Virus Software Is Working? Think Again. As attacks proliferate, anti-virus software can t keep up. Fortunately, there s a better way. We ve been so bombarded by computer viruses, worms,
More informationLumension Guide to Patch Management Best Practices
Lumension Guide to Patch Management Best Practices With the sophistication and sheer volume of exploits targeting major applications and operating systems, the speed of assessment and deployment of security
More informationPractical Patch Compliance
Practical Patch Compliance Relieving IT Security Audit Pain, From the Data Center to the Desktop Microsoft s System Center Configuration Manager doesn t handle every aspect of Linux/UNIX and third-party
More informationFederal Cyber Security Outlook for 2010
Federal Cyber Security Outlook for 2010 National IT Security Challenges Mounting How well prepared are IT professionals within U.S. government agencies to respond to foreign cyber threats? Will government
More informationTaking a Proactive Approach to Patch Management. B e s t P r a c t i c e s G u i d e
B e s t P r a c t i c e s G u i d e It s a fact of business today: because of the economy, most organizations are asking everyone, including the IT staff, to do more with less. But tight budgets and the
More informationHope is not a strategy. Jérôme Bei
Hope is not a strategy Jérôme Bei Press Highlights Conficker hits German Government! 3000 Clients down! Datatheft at German Telekom: 17.000.000 Customer Records lost! About 1.000.000 pieces of Malware
More informationTackling Third-Party Patches
Tackling Third-Party Patches VMware vcenter Protect Update Catalog Delivers an Efficient, Effective Way to Extend an Organization s SCCM Infrastructure Technical WHITE PAPER Companies around the world
More informationAccelerate Patching Progress in the Enterprise. Wolfgang Kandek CTO Qualys, Inc.
Accelerate Patching Progress in the Enterprise Wolfgang Kandek CTO Qualys, Inc. Introduction Patch Management Patch Progress Data Common Steps Case Studies Actions Summary References Q&A 2 Patch Management
More informationClosing the Vulnerability Gap of Third- Party Patching
SOLUTION BRIEF: THIRD-PARTY PATCH MANAGEMENT........................................ Closing the Vulnerability Gap of Third- Party Patching Who should read this paper IT Managers who are trying to manage
More informationWhy Free Patch Management Tools Could Cost You More
Why Free Patch Management Tools Could Cost You More Selecting the right solution can save your organization time and money By KACE & Lumension Table of Contents 1.0 Introduction... 3 2.0 Point Patching
More informationPatch Management. Picking the Low-Hanging Fruit. Why fixing third-party application vulnerabilities is at
Patch Management Picking the Low-Hanging Fruit Why fixing third-party application vulnerabilities is at the core of sound information security and how to make sure patch management is optimizing your security
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationAccelerate Patching. the Enterprise. Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate
Accelerate Patching Progress Title of in Presentation the Enterprise the Enterprise Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate Insert presenter logo here on
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More information3 Strategies to Protect Endpoints from Risky Applications
3 Strategies to Protect Endpoints from Risky Applications Though most organizations have invested considerable time and effort in improving their endpoint risk management processes, many of them are ill-equipped
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationDriving Company Security is Challenging. Centralized Management Makes it Simple.
Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary
More informationEndpoint Business Products Testing Report. Performed by AV-Test GmbH
Business Products Testing Report Performed by AV-Test GmbH January 2011 1 Business Products Testing Report - Performed by AV-Test GmbH Executive Summary Overview During November 2010, AV-Test performed
More informationINTRODUCING isheriff CLOUD SECURITY
INTRODUCING isheriff CLOUD SECURITY isheriff s cloud-based, multi-layered, threat protection service is the simplest and most cost effective way to protect your organization s data and devices from cyber-threats.
More informationReducing the Complexity of Virtualization for Small and Midsized Businesses
Reducing the Complexity of Virtualization for Small and Midsized Businesses Deploying an SMB-Specific SaaS Solution to Simplify Virtualization and Increase IT Productivity WHITE PAPER Executive Summary
More informationRESEARCH PAPER. Third-party applications in the enterprise. Management and risk mitigation of third-party applications. January 2013.
RESEARCH PAPER Third-party applications in the enterprise Management and risk mitigation of third-party applications January 2013 Sponsored by Contents Executive summary Third-party applications the hackers
More informationeguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life
Executive s Guide to Windows Server 2003 End of Life Facts About Windows Server 2003 Introduction On July 14, 2015 Microsoft will end support for Windows Sever 2003 and Windows Server 2003 R2. Like Windows
More informationWindows Server 2003 End-of-Support
Windows Server 2003 End-of-Support How to Securely Extend Service Life Microsoft withdraws support for Windows Server 2003 on July 14, 2015. Here s how you need to respond to protect your organization
More informationAnti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationAchieving HIPAA Security Rule Compliance with Lumension Solutions
Achieving HIPAA Security Rule Compliance with Lumension Solutions Healthcare organizations face a host of HIPAA Security Rule compliance challenges with the move to put patient medical records online.
More informationWhy should I care about PDF application security?
Why should I care about PDF application security? What you need to know to minimize your risk Table of contents 1: Program crashes present an opportunity for attack 2: Look for software that fully uses
More informationSymantec Endpoint Protection 12.1.4
Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationIBM Security re-defines enterprise endpoint protection against advanced malware
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
More informationEndpoint Security: Moving Beyond AV
Endpoint Security: Moving Beyond AV An Ogren Group Special Report July 2009 Introduction Application whitelisting is emerging as the security technology that gives IT a true defense-in-depth capability,
More informationEndpoint Security More secure. Less complex. Less costs... More control.
Endpoint Security More secure. Less complex. Less costs... More control. Symantec Endpoint Security Today s complex threat landscape constantly shifts and changes to accomplish its ultimate goal to reap
More informationInvincea Advanced Endpoint Protection
SOLUTION OVERVIEW Invincea Advanced Endpoint Protection A next-generation endpoint security solution to defend against advanced threats combining breach prevention, detection, and response The battle to
More informationMicrosoft IT Increases Security and Streamlines Antimalware Management by Using Microsoft Forefront Endpoint. Protection 2010.
Situation Microsoft IT had limited monitoring and reporting functionality with its existing antimalware system. Although the system could scan for malware, there was no reporting capability or configurable
More informationSOFTWARE UPDATER A unique tool to protect your business against known threats
SOFTWARE UPDATER A unique tool to protect your business against known threats OVERVIEW This document explains the functionality of Software Updater. What it is, what it does, how it works, what gets patched
More informationStaying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro
Staying Secure After Microsoft Windows Server 2003 Reaches End of Life Trevor Richmond, Sales Engineer Trend Micro Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock)
More informationSymantec Endpoint Protection 12.1.2
Data Sheet: Endpoint Security Overview offers comprehensive defense against complex attacks for both physical and virtual environments. It integrates ten essential security technologies in a single, high
More informationCompliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme
Compliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme avecto.com Contents Introduction to the scheme 2 Boundary firewalls and internet gateways 3 Secure configuration
More informationIBM Endpoint Manager Product Introduction and Overview
IBM Endpoint Manager Product Introduction and Overview David Harsent Technical Specialist Unified Endpoint IBM Endpoint Manager and IBM MobileFirst Protect (MaaS360) Any device. Identify and respond to
More informationMRG Effitas 360 Assessment & Certification Programme Q4 2014
MRG Effitas 360 Assessment & Certification Programme Q4 2014 1 Contents Introduction... 3 Executive summary... 3 Certification... 4 The purpose of this report... 5 Tests employed... 6 Security Applications
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationCA Client Automation: Patch Manager - Supported Patches
CA Client Automation: Patch Manager - Supported Patches Laural Gentry Sr. Principal Product Manager April 2012 CA Online Content Research Team 2 This published document was based on current information
More informationStandard: Patching and Malicious Code Management
Standard: Patching and Malicious Code Management Page 1 Executive Summary San Jose State University (SJSU) is highly diversified in the information that it collects and maintains on its community members.
More information2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationUNCLASSIFIED. Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC)
Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC) Cyber in the News 1 Tactics, Techniques and Procedures These observed tactics, techniques
More informationKaspersky Security. for Virtualization 1.1 and Trend Micro Deep. Security 8.0 virtual environment detection rate and performance testing by AV-Test
Kaspersky Security for Virtualization 1.1 and Deep Security 8.0 virtual environment detection rate and performance testing by AV-Test Kaspersky Security for Virtualization, Kaspersky Lab s corporate security
More informationMALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director
MALWARE THREATS AND TRENDS Chris Blow, Director Dustin Hutchison, Director WHAT IS MALWARE? Malicious Software Viruses Worms Trojans Rootkits Spyware Ransomware 2 MALWARE ORIGINS Users bring it from home
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationPROTECTION & CONTROL. Unified. Lumension Security provides proactive endpoint protection and control through best-of-breed policy-based solutions.
Unified PROTECTION & CONTROL Lumension Security provides proactive endpoint protection and control through best-of-breed policy-based solutions. putting security in a positive light putting security in
More informationLumension Endpoint Management and Security Suite (LEMSS): Patch and Remediation
Lumension Endpoint Management and Security Suite (LEMSS): Patch and Remediation Version 7.0 SP1 Evaluation Guide September 2010 Version 2.4 Copyright 2010, Lumension, Inc. Table of Contents Lumension Endpoint
More informationIT Security Cost Reduction
Quantifying the Impact of Greater Endpoint Security Effectiveness, Higher Performance, and Smaller Footprint In the constant drive for increased productivity and cost effectiveness, enterprises are continuously
More informationDOBUS And SBL Cloud Services Brochure
01347 812100 www.softbox.co.uk DOBUS And SBL Cloud Services Brochure enquiries@softbox.co.uk DOBUS Overview The traditional DOBUS service is a non-internet reliant, resilient, high availability trusted
More informationTivoli Endpoint Manager. Increasing the Business Value of IT, One Endpoint at a Time
1 Tivoli Endpoint Manager Increasing the Business Value of IT, One Endpoint at a Time Endpoint Management Cost Today s Endpoint Management Challenges Drive IT Costs Up More than 50% of end users change
More informationEndpoint Security and the Case For Automated Sandboxing
WHITE PAPER Endpoint Security and the Case For Automated Sandboxing https://enterprise.comodo.com A World of Constant Threat We live in a world of constant threat. Hackers around the globe work every hour
More informationIBM Endpoint Manager for Core Protection
IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,
More informationVulnerability Management ROI Calculator User Guide. v2.0 Monday, September 29, 2008. www.lumension.com. Copyright 2008, Lumension Security
Vulnerability Management ROI Calculator User Guide v2.0 Monday, September 29, 2008 Copyright 2008, Lumension Security www.lumension.com Vulnerability Management ROI Calculator Overview The Lumension Security
More informationSymantec Endpoint Protection 12.1.6
Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly
More informationSurvey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year
Survey: Endpoint Security Concerns 2014 The issues keeping IT admins awake into the New Year Intro 2014 has created uncertainty for those in charge of IT security. Not only is the threat landscape advancing
More informationReducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationPatch Management Solutions Test
Patch Management Solutions Test A test commissioned by Kaspersky Lab and performed by AV-TEST GmbH Date of the report: 5 th June, 2013, last update: 19 th July, 2013 Executive Summary From May to July
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationeguide: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success
: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success FAST FACTS Over 10 Million Windows Server 2003 Devices Still In Use Less Than 250 Days To Windows Server
More information15. juli 2013. Norman Enterprise Security NESEC
Norman Enterprise Security NESEC Agenda What is NESEC Product overview Pricing Campaigns Migration Collaterals Norman Enterprise Security What is NESEC? An agile solution suite that reduces complexity
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationEnd to End Security do Endpoint ao Datacenter
do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:
More informationWhy The Security You Bought Yesterday, Won t Save You Today
9th Annual Courts and Local Government Technology Conference Why The Security You Bought Yesterday, Won t Save You Today Ian Robertson Director of Information Security Michael Gough Sr. Risk Analyst About
More informationProcess Solutions. Staying Ahead of Today s Cyber Threats. White Paper
Process Solutions White Paper Staying Ahead of Today s Cyber Threats Executive Summary In an age where ubiquitous flash drives can become precision-guided munitions and a serious security breach is a single,
More informationCybersecurity on a Global Scale
Cybersecurity on a Global Scale Time-tested Leadership A global leader for more than a century with customers in 80 nations supported by offices in 19 countries worldwide, Raytheon recognizes that shared
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationApplication Whitelisting
White Paper Application Whitelisting Executive Summary The increasing complexity and volume of applications, and the issues stemming from threats to these applications, is resulting in the requirement
More informationLumension Endpoint Management and Security Suite
Lumension Endpoint Management and Security Suite Patch and Remediation Module Evaluation Guide July 2012 Version 1.1 Copyright 2009, Lumension L.E.M.S.S:LPR - Table of Contents Introduction... 3 Module
More informationDesktop Security. Overview and Technology Guidance. Michael Ramsey Network Specialist, NC DPI
Desktop Security Overview and Technology Guidance Michael Ramsey Network Specialist, NC DPI Desktop Security Best practices for both the technical type and the typical user Defensive Layering Top Vulnerabilities
More informationWHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security
WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security A World of Constant Threat We live in a world on constant threat. Every hour of every day in every country around the globe hackers
More informationSymantec Messaging Gateway 10.5
Powerful email gateway protection Data Sheet: Messaging Security Overview Symantec Messaging Gateway enables organizations to secure their email and productivity infrastructure with effective and accurate
More informationINSERT COMPANY LOGO HERE
INSERT COMPANY LOGO HERE 2014 Frost & Sullivan 1 We Accelerate Growth Technology Innovation Leadership Award Network Security Global, 2014 Frost & Sullivan s Global Research Platform Frost & Sullivan is
More informationENTERPRISE EPP COMPARATIVE ANALYSIS
ENTERPRISE EPP COMPARATIVE ANALYSIS Socially Engineered Malware Randy Abrams, Jayendra Pathak, Ahmed Garhy Tested Products Fortinet Fortigate 100D Management station Forticlient- 5.0.7.333 McAfee VirusScan
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationThe Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director sfrei@secunia.com
The Fundamental Failures of End-Point Security Stefan Frei Research Analyst Director sfrei@secunia.com Agenda The Changing Threat Environment Malware Tools & Services Why Cybercriminals Need No 0-Days
More informationEXTENSIVE FEATURE DESCRIPTION SECUNIA CORPORATE SOFTWARE INSPECTOR. Non-intrusive, authenticated scanning for OT & IT environments. secunia.
Non-intrusive, authenticated scanning for OT & IT environments The situation: convenience vs. security Interconnectivity between organizations and corporate networks, the internet and the cloud and thus
More informationPatch management: Fixing vulnerabilities before they are exploited
GFI White Paper Patch management: Fixing vulnerabilities before they are exploited Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department
More informationA Best Practice Approach to Third Party Patching
A Best Practice Approach to Third Party Patching Mike Grueber Senior Product Manager 1 Effective patch management is essential 90% of successful attacks occurred against previously known vulnerabilities
More information2012 Endpoint Security Best Practices Survey
WHITE PAPER: 2012 ENDPOINT SECURITY BEST PRACTICES SURVEY........................................ 2012 Endpoint Security Best Practices Survey Who should read this paper Small and medium business owners
More informationDefending Behind The Device Mobile Application Risks
Defending Behind The Device Mobile Application Risks Tyler Shields Product Manager and Strategist Veracode, Inc Session ID: MBS-301 Session Classification: Advanced Agenda The What The Problem Mobile Ecosystem
More informationSophistication of attacks will keep improving, especially APT and zero-day exploits
FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint
More informationTechnology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection
Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
More informationReal World and Vulnerability Protection, Performance and Remediation Report
Real World and Vulnerability Protection, Performance and Remediation Report A test commissioned by Symantec Corporation and performed by AV-Test GmbH Date of the report: September 17 th, 2014, last update:
More informationEndpoint Security Management
Endpoint Security Management LANDESK SOLUTION BRIEF Protect against security threats, malicious attacks and configuration vulnerabilities through strong endpoint security control and maintenance. Protect
More informationBest Practices for DanPac Express Cyber Security
March 2015 - Page 1 Best Practices for This whitepaper describes best practices that will help you maintain a cyber-secure DanPac Express system. www.daniel.com March 2015 - Page 2 Table of Content 1 Introduction
More informationCyberSecurity Innovation Assessing your Organizations Vulnerability to a Cyber breach
CyberSecurity Innovation Assessing your Organizations Vulnerability to a Cyber breach Steve Mullan Co Founder of Cognition Secure Ltd https://cognitionsecure.com Thank You 7/12/2015 Copyright Cognition
More informationEndpoint Security 2.0: The Emerging Role of Application Whitelisting Solutions. Todd Schell
Endpoint Security 2.0: The Emerging Role of Application Whitelisting Solutions Todd Schell tschell@coretrace.com Director, Product Engineering CoreTrace TM December 2008 Today s Endpoint Control Challenges
More informationCORE Security and the Payment Card Industry Data Security Standard (PCI DSS)
CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) Addressing the PCI DSS with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com
More informationOVERVIEW. Enterprise Security Solutions
Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s
More informationTEST METHODOLOGY. Endpoint Protection Evasion and Exploit. v4.0
TEST METHODOLOGY Endpoint Protection Evasion and Exploit v4.0 Table of Contents 1 Introduction... 3 1.1 Inclusion Criteria... 3 2 Product Guidance... 5 2.1 Recommended... 5 2.2 Neutral... 5 2.3 Caution...
More information