Written By Michael Vaughan And Presented By Charles Leaver Ziften CEO
More tailored products are required by security, network and operational groups in 2017
A number of us have actually participated in security conventions over the years, but none bring the same high level of enjoyment as RSA – where security is talked about by the world. Of all the conventions I have attended and worked, absolutely nothing comes close the passion for brand-new innovation people displayed this previous week in downtown San Francisco.
After taking a couple of days to digest the lots of discussions about the requirements and restrictions with existing security tech, Ihave actually been able to synthesize a particular theme amongguests: Individuals want personalized solutions that fit their environment and work well throughout several internal groups.
When I describe the term “individuals,” I mean everyone in attendance regardless of technological section. Operational professionals, security pros, network veterans, as well as user habits analysts frequented the Ziften booth and shared their stories with us.
Everybody seemed more prepared than ever to discuss their wants and needs for their environment. These guests had their own set of objectives they wanted to attain within their department and they were hungry for answers. Since the Ziften Zenith service offers such broad visibility on business devices, it’s not unexpected that our booth stayed crowded with individuals eager to read more about a brand-new, refreshingly easy endpoint security innovation.
Attendees featured grievances about myriad enterprise centric security concerns and looked for deeper insight into exactly what’s truly taking place on their network and on devices traveling in and out of the office.
End users of old-school security solutions are on the look
out for a more recent, more essential software.
If I could choose just one of the regular questions I received at RSA to share, it’s this one:
” What exactly is endpoint discovery?”
1) Endpoint discovery: Ziften exposes a historical view of unmanaged devices which have been connected to other business endpoints at some
time. Ziften allows users to find recognized and unidentified entities which are active or have actually been interactive with recognized endpoints.
a. Unmanaged Asset Discovery: Ziften utilizes our extension platform to
expose these unknown entities working on the network.
b. Extensions: These are custom-fit services customized to the user’s particular desires and requirements. The Ziften Zenith agent can execute the designated extension one time, on a schedule or on a continuous basis.
Almost always after the above explanation came the genuine factor they were going to:
People are looking for a large range of options for different departments, which includes executives. This is where working at Ziften makes answering this question a real treat.
Only a part of the RSA guests are security experts. I spoke with dozens of network, operation, endpoint management, vice presidents, general supervisors and channel partners.
They clearly all use and understand the need for quality security software however relatively find the translation to business worth missing out among security vendors.
NetworkWorld’s Charles Araujo phrased the problem quite well in a post last week:
Businesses must also rationalize security data in a service context and manage it holistically as part of the general IT and company operating design. A group of suppliers is likewise trying to tackle this challenge …
Ziften was among only three businesses mentioned.
After paying attention to those wants and needs of individuals from different business critical backgrounds and discussing to them the abilities of Ziften’s Extension platform, I typically explained how Ziften would regulate an extension to fulfill their need, or I gave them a short demo of an extension that would enable them to overcome a difficulty.
2) Extension Platform: Customized, actionable options.
a. SKO Silos: Extensions based on fit and need (operations, network, endpoint, etc).
b. Customized Requests: Require something you can’t see? We can fix that for you.
3) Boosted Forensics:
a. Security: Risk management, Danger Assessment, Vulnerabilities, Metadata that is suspicious.
b. Operations: Compliance, License Justification, Unmanaged Assets.
c. Network: Ingress/Egress IP motion, Domains, Volume metadata.
4) Visibility within the network– Not simply exactly what enters and goes out.
a. ZFlow: Lastly see the network traffic inside your enterprise.
Needless to say, everybody I talked to in our booth quickly comprehended the critical benefit of having a tool such as Ziften Zenith running in and throughout their business.
Forbes writer, Jason Bloomberg, said it best when he recently explained the future of enterprise security software and how all signs point toward Ziften blazing a trail:
Possibly the broadest interruption: suppliers are improving their ability to understand how bad actors act, and can thus take steps to prevent, identify or mitigate their malicious activities. In particular, today’s vendors understand the ‘Cyber Kill Chain’ – the actions a skilled, patient hacker (understood in the biz as an innovative persistent threat, or APT) will require to accomplish his/her nefarious objectives.
The product of U.S. Defense professional Lockheed Martin,
The Cyber Kill Chain contains seven links: reconnaissance, weaponization, shipment, exploitation, installation, developing command and control, and actions on objectives.
Today’s more ingenious vendors target several of these links, with the goal of avoiding, finding or mitigating the attack. Five suppliers at RSA stood apart in this category.
Ziften offers an agent based technique to tracking the behavior of users, devices, applications, and network aspects, both in real time in addition to throughout historical data.
In real time, analysts utilize Ziften for hazard recognition and avoidance,
while they use the historic data to uncover steps in the kill chain for mitigation and forensic purposes.