Written By Michael Vaughan And Presented By Charles Leaver Ziften CEO
More tailored solutions are needed by security, network and functional teams in 2017
A lot of us have participated in security conventions for many years, however none bring the exact same high level of enjoyment as RSA – where security is talked about by the world. Of all the conventions I have participated in and worked, absolutely nothing comes close the passion for brand-new technology individuals displayed this previous week in good old San Francisco.
After taking a few days to absorb the lots of conversations about the needs and constraints with current security solutions, I’ve been able to synthesize a singular style amongst participants: People want personalized options that match their environment and work well throughout multiple internal teams.
When I refer to the term “individuals,” I suggest everybody in attendance despite technological segment. Operational experts, security professionals, network veterans, and even user behavior experts frequented the Ziften cubicle and shared their stories with us.
Everyone seemed more prepared than ever to discuss their wants and needs for their environment. These participants had their own set of objectives they wished to attain within their department and they were hungry for responses. Since the Ziften Zenith solution provides such broad visibility on business devices, it’s not unexpected that our booth stayed crowded with people eager to get more information about a brand-new, refreshingly easy endpoint security innovation.
Attendees came with complaints about myriad enterprise-centric security concerns and sought deeper insight into exactly what’s truly taking place on their network and on devices taking a trip in and out of the office.
End users of old-school security products are on the look out for a newer, more pivotal software applications.
If I could select just one of the regular questions I got at RSA to share, it’s this one:
” Just what is endpoint discovery?”
1) Endpoint discovery: Ziften reveals a historic view of unmanaged devices which have been linked to other business endpoints at some stage. Ziften permits users to find recognized and unidentified entities which are active or have actually been interactive with recognized endpoints.
a. Unmanaged Asset Discovery: Ziften uses our extension platform to expose these unknown entities operating on the network.
b. Extensions: These are custom-fit solutions tailored to the user’s specific desires and
requirements. The Ziften Zenith agent can execute the designated extension one time, on a schedule or persistently.
Usually after the above description came the real reason they were participating in:
People are searching for a vast array of solutions for numerous departments, which includes executives. This is where operating at Ziften makes answering this question a treat.
Only a part of the RSA guests are security experts. I spoke with lots of network, operation, endpoint management, vice presidents, general managers and channel partners.
They clearly all use and comprehend the need for quality security software applications but
seemingly discover the translation to business worth missing amongst security suppliers.
NetworkWorld’s Charles Araujo phrased the problem quite well in a post recently:
Organizations must also justify security data in a company context and handle it holistically as part of the total IT and company operating model. A group of suppliers is also attempting to tackle this obstacle …
Ziften was amongst only three companies discussed.
After listening to those wants and needs of individuals from various business critical backgrounds and describing to them the capabilities of Ziften’s Extension platform, I usually described how Ziften would regulate an extension to resolve their requirement, or I gave them a quick demo of an extension that would enable them to overcome a hurdle.
2) Extension Platform: Tailored, actionable services.
a. SKO Silos: Extensions based upon fit and requirement (operations, network, endpoint, etc).
b. Custom-made Requests: Require something you do not see? We can repair that for you.
3) Improved Forensics:
a. Security: Threat management, Danger Evaluation, Vulnerabilities, Suspicious metadata.
b. Operations: Compliance, License Justification, Unmanaged Assets.
c. Network: Ingress/Egress IP motion, Domains, Volume metadata.
4) Visibility within the network– Not simply exactly what enters and goes out.
a. ZFlow: Finally see the network traffic inside your business.
Needless to say, everybody I spoke with in our cubicle quickly comprehended the vital value of having a solution such as Ziften Zenith running in and across their business.
Forbes writer, Jason Bloomberg, stated it very well when he recently described the future of business security software and how all signs point toward Ziften leading the way:
Maybe the broadest disturbance: vendors are enhancing their capability to understand how bad actors act, and can therefore take actions to prevent, detect or reduce their malicious activities. In particular, today’s suppliers understand the ‘Cyber Kill Chain’ – the steps a proficient, patient hacker (understood in the biz as an innovative consistent hazard, or APT) will require to attain his/her dubious objectives.
The product of U.S. Defense contractor Lockheed Martin, The Cyber Kill Chain contains seven links: reconnaissance, weaponization, shipment, exploitation, installation, establishing command and control, and actions on objectives.
Today’s more innovative suppliers target one or more of these links, with the objective of avoiding, finding or reducing the attack. Five suppliers at RSA emerged in this category.
Ziften provides an agent-based method to tracking the behavior of users, devices, applications, and
network components, both in real-time along with throughout historic data.
In real time, analysts use Ziften for risk recognition and prevention, while they utilize the historical data to discover steps in the kill chain for mitigation and forensic purposes.