endpoint security Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

endpoint security

Is application isolation the future of endpoint security?

960 640 Guest Post

The endpoint is the new frontline in the battle against enterprise cyber-risk – considering the increasing volume and complexity of threats, and the growth of unmanaged endpoints during the pandemic, it’s no surprise that the vast majority (91%) of global IT decision-makers interviewed recently by HP now believe that endpoint security has become as important as network security.

The question is how to mitigate the risks posed by insecure devices, error-prone users and a cybercrime economy worth trillions.

For some, part of the answer lies with application isolation, a novel approach gaining traction in the industry, which applies zero trust principles and hardware virtualization to help neutralize threats.

In this article, Phil Muncaster investigates what application isolation has to offer for enterprise CISOs.

Click here to read more.


WEBINAR: Solorigate/SUNBURST – Chronology of a supply chain nightmare

960 640 Guest Post

By SentinelOne and ReliaQuest

SUNBURST was one of the most devastating cyberattacks in recent years and has sent shockwaves like no other attack before. Solorigate/SUNBURST impacted more than 420 of the Fortune 500 companies and thousands of government and commercial organizations. The attack on the ‘digital supply chain’ was uncovered in December 2020, although the foundation was made at the end of 2019 with the first organizations being infected in the second quarter of 2020.

Despite the widespread use of threat intelligence and EPP / EDR solutions, how did this happen? Why did the attack go undetected for so long? 

During this webcast on Tuesday 13 April at 10am BST, the course of the attack campaign will be traced and discussed. It will also explain how SentinelOne protected their customers from SUNBURST and how ReliaQuest responded immediately to protect their customer base with targeted threat intelligence, detection logic and automated enterprise wide retroactive threat hunting to surface and respond to any evidence of attack.

Together SentinelOne and ReliaQuest are protecting customers against these unforeseeable supply chain attacks and acting as a force multiplier for your security operations. 

Click Here To Register

WHITE PAPER: 5 Steps to Battle Endpoint Cybercrime with KACE

960 640 Guest Post

By Quest

Endpoint updates are becoming more complex and challenging than ever with Bring-your-own-device (BYOD) programs and internet-of-things (IoT) technologies. Each device connecting to your network increases the number of threats from malware and viruses.

Read this white paper to learn five steps for building a unified endpoint security strategy that will give you:

  • Clear visibility into all the devices connecting to your network
  • Automated patching and software deployment
  • Protection from threats such as unpatched operating systems and applications
  • Peace of mind that security compliance regulations are being met

Click here to download the White Paper.

WHITE PAPER: Get total endpoint security with KACE

960 640 Guest Post

As an IT professional, you’re likely under pressure to manage an increasingly complex environment, while also protecting your network and devices from cyberthreats.

Read this white paper to discover how the KACE Unified Endpoint Manager by Quest enables you to streamline complex endpoint management tasks and gain greater control of both traditional and modern managed devices — all from one easy-to-use interface.

  • Track all connected devices and software throughout your IT environment.
  • Provision, manage and secure assets across a variety of platforms, from Windows, Macintosh, Chromebook and Linux to iOS, Android and others.
  • Be proactive with patch management and vulnerability scanning.

Click here to download the white paper:- https://www.quest.com/whitepaper/get-total-endpoint-security-with-kace-8146293/

Why endpoint security matters more than ever

960 640 Guest Post

The swiftly evolving threat landscape, combined with the huge increase in remote working, means that securing your organisation’s endpoints has never been more critical.

Here, George Glass, Head of Threat Intelligence at Redscan, explains the importance of endpoint security and why detecting and responding to the latest threats demands greater endpoint visibility and specialist expertise...

Next-generation endpoint protection is a must

As cyber threats continue to evolve, it’s increasingly clear that organisations must look beyond traditional endpoint security solutions.

Antivirus software remains essential, but relying on traditional AV tools, which are largely signature-based, can leave organisations vulnerable to more sophisticated threats. Most traditional AV solutions are estimated to block just 40% of attacks.

Detecting the latest advanced threats requires next-generation capabilities, such as those provided by Endpoint Detection and Response (EDR) and Next-Gen AV (NGAV) platforms. 

EDR and NGAV technologies provide deep visibility across devices by collecting raw telemetry relating to processes, file modifications and registry changes, and using behavioural analytics to examine events in near real-time. 

Fileless malware is a serious risk to organisations and the top critical threat to endpoints in 2020. However, without more advanced endpoint detection there is a real danger that these and other sophisticated attack vectors can be missed.

The increasing risks of remote working

Providing employees with seamless access to the corporate network is essential to ensure that they can fulfil their roles effectively, but every device that connects to the network carries an inherent risk.

When employees work from home, they are located outside the protection of the corporate firewall, which can monitor and block incoming and outgoing communications to endpoint devices. Many organisations insist that employees connect to a Virtual Private Network (VPN) and while this can offer some security, ensuring all employees do so with regularity can be a challenge.

Employee devices are at greater risk for a number of other reasons too. Many often have unpatched software vulnerabilities and are operated by people susceptible to phishing, the most common attack vector used to target endpoints.

Malware threats such as Emotet are primarily delivered via emails. Emotet is equipped with wormable features, making it highly effective at triggering ransomware. 

The average cost per breach resulting from an attack on endpoints is over £7 million, more than twice the average cost of a general data breach 

(Ponemon Institute)

The significant damage and disruption that endpoint breaches can cause makes incident response critical. Securing endpoints is important because it helps organisations to reduce incident response times by disrupting and containing attacks earlier in the kill chain. Advanced tools like EDR can automate response actions, such as by terminating processes and isolating infected endpoints from a network, thereby ensuring infections are shut down as quickly as possible.

With threats deployed more quickly than ever, a swift response is vital to address critical vulnerabilities such as Zerologon and shutting down ransomware attacks, which can achieve full domain-wide encryption in just a matter of hours.

The challenges of endpoint security 

Early detection of endpoint attacks is imperative, but without a team of security experts to manage and monitor EDR and NGAV technologies around-the-clock, organisations will experience challenges with achieving the required security outcomes.

Next-generation endpoint solutions collect and analyse a huge volume of data, and the greater the number of devices and applications that are monitored, the more security alerts that can result. This causes growing complexity that can be difficult to manage for in-house teams, who may lack the specialist security training required to make sense of them.

Getting the best from the latest tools and reducing false positives requires security teams to draw upon a wide range of threat intelligence and develop custom rulesets that accurately identify the latest threat behaviours.

It is only by maximising the benefits of specialist technology that organisations will fully realise their endpoint security goals.

George Glass is Head of Threat Intelligence at Redscan, a leading UK-provider of Managed Detection and Response and security assessment services. 

To learn more, visit www.redscan.com/