Written By Michael Vaughan And Presented By Chuck Leaver Ziften CEO
More tailored options are required by security, network and functional teams in 2017
Many of us have participated in security conventions for many years, however none bring the very same high level of enjoyment as RSA – where the world talks security. Of all the conventions I have actually participated in and worked, absolutely nothing comes close the enthusiasm for brand-new technology people exhibited this previous week in good old San Francisco.
After taking a few days to digest the lots of discussions about the requirements and restrictions with present security tech, Ihave actually been able to synthesize a particular style amongstguests: People desire personalized solutions that fit their environment and work well across multiple internal groups.
When I refer to the term “individuals,” I suggest everyone in attendance regardless of technological segment. Operational specialists, security pros, network veterans, and even user habits experts frequented the Ziften booth and shared their experiences.
Everyone seemed more ready than ever to discuss
their needs and wants for their environment. These attendees had their own set of goals they wanted to achieve within their department and they were desperate for answers. Because the Ziften Zenith option provides such broad visibility on business devices, it’s not surprising that our booth remained crowded with individuals eager to find out more about a brand-new, refreshingly simple endpoint security technology.
Participants included complaints about myriad enterprise centric security issues and sought deeper insight into exactly what’s truly occurring on their network and on devices traveling in and out of the workplace.
End users of old-school security solutions are on the look
out for a newer, more essential software.
If I could select just one of the frequent questions I received at RSA to share, it’s this one:
” Exactly what is endpoint discovery?”
1) Endpoint discovery: Ziften reveals a historical view of
unmanaged devices which have actually been linked to other
business endpoints at some time. Ziften permits users to find known
and unidentified entities which are active or have been
interactive with recognized endpoints.
a. Unmanaged Asset Discovery: Ziften uses our extension platform to reveal these unknown entities running on the network.
b. Extensions: These are custom fit options customized to the user’s particular wants and requirements. The Ziften Zenith agent can execute the designated extension one time, on a schedule or on a continuous basis.
Generally after the above explanation came the real reason they were attending:
Individuals are searching for a vast array of solutions for various departments, which includes executives. This is where working
at Ziften makes addressing this question a real treat.
Only a part of the RSA participants are security professionals. I spoke with dozens of network, operation, endpoint management, vice presidents, general supervisors and channel partners.
They plainly all utilize and understand the requirement for quality security software however seemingly find the translation to company worth missing out amongst security suppliers.
NetworkWorld’s Charles Araujo phrased the issue rather
well in an article a short article last week:
Enterprises must likewise rationalize security data in a company context and handle it holistically as part of the general IT and business operating model. A group of suppliers is also attempting to tackle this challenge …
Ziften was among only three companies mentioned.
After paying attention to those wants and needs
of people from numerous business-critical backgrounds and describing to them the abilities of Ziften’s Extension platform, I generally described how Ziften would regulate an extension to resolve their requirement, or I gave them a brief demonstration of an extension that would allow them to overcome an obstacle.
2) Extension Platform: Tailored, actionable services.
a. SKO Silos: Extensions based upon fit and need (operations, network, endpoint, etc).
b. Custom-made Requests: Require something you can’t see? We can fix that for you.
3) Enhanced Forensics:
a. Security: Danger management, Threat Assessment, Vulnerabilities, Metadata that is suspicious.
b. Operations: Compliance, License Rationalization, Unmanaged Assets.
c. Network: Ingress/Egress IP movement, Domains, Volume metadata.
4) Visibility within the network– Not simply what enters and leaves.
a. ZFlow: Finally see the network traffic inside your business.
Needless to say, everybody I spoke with in our
cubicle quickly understood the important benefit of having a product such as Ziften Zenith running in and across their enterprise.
Forbes author, Jason Bloomberg, stated it best when
he recently explained the future of enterprise security software applications and how all signs point toward Ziften leading the way:
Maybe the broadest disturbance: vendors are enhancing their capability to comprehend how bad actors behave, and can hence take actions to prevent, find or reduce their malicious activities. In particular, today’s vendors understand the ‘Cyber Kill Chain’ – the steps a skilled, patient hacker (known in the biz as an advanced consistent threat, or APT) will require to achieve his/her nefarious goals.
The product of U.S. Defense professional Lockheed Martin,
The Cyber Kill Chain contains seven links: reconnaissance, weaponization, delivery, exploitation, setup, establishing command and control, and actions on objectives.
Today’s more ingenious vendors target one or more of these links, with the goal of avoiding, discovering or reducing the attack. Five vendors at RSA emerged in this classification.
Ziften provides an agent based technique to tracking the habits of users, devices, applications, and network components, both in real time as well as throughout historic data.
In real-time, experts utilize Ziften for hazard identification and avoidance, while they utilize the historical data to discover steps in the kill chain for mitigation and forensic purposes.