So Much Passion At Splunk .conf About Ziften And Splunk – Charles Leaver

Written By Josh Applebaum And Presented By Charles Leaver

Like so many of you, we’re still recovering from Splunk.conf recently. As usual,. conf had fantastic energy and the individuals who remained in participation were enthusiastic about Splunk and the many use cases that it provides through the large app ecosystem.

One essential statement throughout the week worth mentioning was a new security offering called “Content Updates,” which essentially is pre-built Splunk searches for helping to spot security events.

Essentially, it takes a look at the most recent attacks, and the Splunk security group produces new searches for how they would look through Splunk ES data to find these kinds of attacks, and then ships those brand-new searches to consumer’s Splunk ES environments for automatic notifications when seen.

The very best part? Because these updates are using mostly CIM (Common Information Model) data, and Ziften occupies a lot of the CIM models, Ziften’s data is already being matched versus the new Content Updates Splunk has actually developed.

A fast demo revealed which suppliers are adding to each type of “detection” and Ziften was discussed in a great deal of them.

For instance, we have a current article that shares how Ziften’s data in Splunk is utilized to spot and react to WannaCry.

Overall, with the approximately 500 individuals who came by the cubicle over the course of.conf I have to say it was among the best occasions we have actually done in terms of quality discussions and interest. We had nothing but positive reviews from our in-depth discussions with all walks of business life – from extremely technical experts in the public sector to CISOs in the financial sector.

The most common conversation usually began with, “We are just beginning to implement Splunk and are new to the platform.” I like those, because individuals can get our Apps totally free and we can get them an agent to try out and it gets them something to utilize right out of the box to demonstrate value right away. Other folks were extremely experienced and actually liked our technique and architecture.

Bottom line: Individuals are genuinely excited about Splunk and real solutions are available to help individuals with real problems!

Curious? The Ziften ZFlow App and Technology Add-on helps users of Splunk and Splunk ES use Ziften-generated prolonged NetFlow from endpoints, servers, and cloud VMs to see exactly what they are missing at the edge of their network, their data centers, and in their cloud implementations.

Charles Leaver – Why Ziften Services Will Make The Difference For You

Written By Josh Harriman And Presented By Charles Leaver

Having the correct tools to hand is a given in our industry. But having the right tools and services is one thing. Getting the best worth out of them can be a challenge. Even with all the best objectives and effectively qualified workers, there can be gaps. Ziften Services can assist to fill those spaces and keep you on track for success.

Ziften Services can enhance, and even straight-out lead your IT Operations and Security groups to better equip your organization with 3 great offerings. Each one is tailored for a specific requirement and in light of the statistics from a current report by ESG (Enterprise Strategy Group) entitled “Trends in Endpoint Security Study”, which mentioned 51% of responders in the study stated they will be deploying and utilizing an EDR (endpoint detection and response) solution now and 35% of them plan to use managed services for the application, proves the requirement is out there for appropriate services around these products and services. Therefore, Ziften is providing our services understanding that many organizations lack the scale or proficiency to implement and completely use required tools such as EDR.

Ziften services are as follows:

Ziften Assess Service
Ziften Hunt Service
Ziften Respond Service

While each of the 3 services cover a distinct function, the latter two are more complementary to each other. Let’s look at each in a little bit more detail to better understand the advantages.

Assess Service

This service covers both IT functional and security teams. To determine your success in correct documents and adherence of processes and policies, you have to begin with an excellent strong baseline. The Assess services start by conducting in-depth interviews with key decision makers to truly comprehend what is in place. From there, a Ziften Zenith deployment provides tracking and data collection of essential metrics within customer device networks, data centers and cloud releases. The reporting covers asset management and efficiency, licensing, vulnerabilities, compliance as well as anomalous behaviors. The outcome can cover a series of concerns such as M&An evaluations, pre cloud migration planning and routine compliance checks.

Hunt Service

This service is a true 24 × 7 managed endpoint detection and response (MDR) offering. Organizations battle to completely cover this key aspect to security operations. That could be because of limited staff or critical proficiency in danger hunting strategies. Again, making use of the Ziften Zenith platform, this service utilizes continuous tracking throughout customer devices, servers, cloud VMs supporting Windows, Mac OSX and Linux os. Among the primary outcomes of this service is drastically cutting down on hazard dwell times within the environment. This has been talked about frequently in the past few years and the numbers are incredible, generally in the order of 100s of days that threats stay hidden within organizations. You require someone that can actively look for these adversaries as well as can historically look back to past occasions to find behaviors you were not knowledgeable about. This service does use some hours of dedicated Incident Response also, so you have all your bases covered.

Respond Service

When you up against it and have a true emergency situation, this service is exactly what you need. This is a proven and real IR group ready for battle 24 × 7 with a broad variety of response tool sets at hand. You will receive immediate event assessment and triage. Advised actions line up with the intensity of the risk and exactly what response actions have to occur. The teams are really versatile and will work remotely or if needed, can be on site where conditions necessitate. This could be your whole IR team, or will augment and mix right in with your existing group.

At the end of the day, you need services to assist optimize your opportunities of success in today’s world. Ziften has three great offerings and wants all our customers to feel secured and aligned with the very best operational and security posture available. Please reach out to us so we can assist you. It’s what we love to do!

Implement Vulnerability Lifecycle Management Now Or Face The Consequences – Charles Leaver

Written By Dr Al Hartmann And Presented By Charles Leaver


The following heading hit the news recently on September 7, 2017:

Equifax Inc. today announced a cyber security incident potentially impacting around 143 million U.S. customers. Wrongdoers exploited a U.S. site application vulnerability to gain access to certain files. Based upon the business’s examination, the unauthorized access happened from the middle of May through July 2017.

Lessons from Past Debacles

If you like your job, appreciate your role, and desire to retain it, then don’t leave the door open to enemies. A major data breach frequently begins with an un-patched vulnerability that is readily exploitable. And after that the inescapable happens, the cyber criminals are inside your defenses, the crown jewels have left the building, the press releases fly, costly consultants and outside legal counsel rack up billable hours, regulators come down, claims are flung, and you have “some severe ‘splainin’ to do”!

We are unsure if the head splainer in the current Equifax debacle will endure, as he is still in ‘splainin’ mode, asserting the breach started with the exploitation of an application vulnerability.

In such cases the typical rhumba line of resignations is – CISO initially, followed by CIO, followed by CEO, followed by the board of directors shakeup (particularly the audit and business responsibility committees). Do not let this occur to your career!

Steps to Take Immediately

There are some common sense steps to take to prevent the inescapable breach catastrophe arising from unpatched vulnerabilities:

Take inventory – Inventory all data and system assets and map your network topology and attached devices and open ports. Know your network, it’s segmentation, what devices are connected, what those devices are running, what vulnerabilities those systems and apps expose, what data assets they access, the level of sensitivity of those assets, what defenses are layered around those assets, and exactly what checks remain in place along all potential access points.

Simplify and toughen up – Implement best practices suggestions for identity and access management, network division, firewall and IDS setups, operating system and application setups, database access controls, and data encryption and tokenization, while simplifying and trimming the number and complexity of subsystems across your business. Anything too intricate to handle is too intricate to protect. Choose setup hardening heaven over breach response hell.

Constantly monitor and scrutinize – Routine audits are necessary but not enough. Constantly monitor, track, and assess all appropriate security events and exposed vulnerabilities – have visibility, occasion capture, analysis, and archiving of every system and session login, every application launch, every active binary and vulnerability exposure, every script execution, every command provided, every networking contact, every database transaction, and every delicate data access. Any gaps in your security event visibility produce an opponent free-fire zone. Establish crucial efficiency metrics, track them ruthlessly, and drive for unrelenting enhancement.

Do not accept functional reasons for insufficient security – There are always safe and effective operational policies, however they may not be pain-free. Not suffering a disastrous data breach is long down the organizational discomfort scale from the alternative. Operational expedience or operating legacy or misaligned top priorities are not valid excuses for extenuation of bad cyber practices in an intensifying danger environment. Lay down the law.

Take Action Now After The Security Incident At Equifax – Charles Leaver

Written By Michael Levin And Presented By Charles Leaver


Equifax, among the 3 major U.S. based credit reporting services simply revealed a major data breach where cyber criminals have actually taken sensitive info from 143 million American consumers.

Ways that the Equifax security breach WILL impact you:

– Personal – Your personal and family’s identity info is now known to hackers and will be targeted!

– Business – Your companies could be affected and targeted.

– Nationally – Terrorist, Nation States and organized crime groups could be included or utilize this data to commit cybercrime to acquire funds.

Protecting yourself is not complicated!

Five suggestions to secure yourself right away:

– Sign up for a credit tracking service and/or lock your credit. The quickest method to be notified that your credit is jeopardized is through a credit monitoring service. Equifax has already begun the process of establishing free credit monitoring for those involved. Other credit tracking services are offered and must be thought about.

– Track all your monetary accounts including credit cards and all bank accounts. Guarantee that notifications are turned on. Ensure you are receiving instant text and e-mail alerts for any modifications in your account or enhanced balances or transactions.

– Safeguard your bank and monetary accounts, guarantee that two level authentication is turned on for all accounts. Learn more about two level authentication and turn it on for all financial accounts.

– Phishing e-mail messages can be your biggest day-to-day risk! Take your time when dealing with email messages. Stop automatically clicking on every email link and attachment you recieve. Instead of clicking links and attachments in email messages, go separately to the sites beyond the e-mail message. When you get an email, you were not expecting from a name you recognize think about calling the sender independently before you click links or attachments.

– Strong passwords – consider altering all your passwords. Establish strong passwords and secure them. Use various passwords for your accounts.

Other Security Thoughts:

– Backup all computer systems and upgrade operating systems and software applications routinely.

– Social media security – Sharing too much details on social media increases the risk that you will be preyed on. For example, informing the world, you are on a getaway with images opens the risk your home will be robbed.

– Protect your devices – Don’t leave your laptop, phone or tablet unattended even for a moment. Don’t leave anything in your automobile you do not desire taken since it’s just a matter of time.

– Internet of things and device management – Understand how all your devices link to the Internet and exactly what information you are sharing. Check security settings for all devices including smart watches and physical fitness bands.

The value of security awareness training:

– This is another crime, where security awareness training can help to minimize danger. Understanding brand-new crimes and scams in the news is a fundamental part of security awareness training. Making sure that workers, friends and family are aware of this rip-off will considerably decrease the probability that you will be preyed on.

– Sharing new frauds and crimes you find out about in the news with others, is necessary to guarantee that the people you care about do not come down with these kinds of criminal activities.

Generic Is Limited Extensible Is Limitless – Charles Leaver

Written By Charles Leaver Ziften CEO


Whether you call them extensions, or call them modifications – no matter what they are called, the very best technology platforms can be customized to fit a company’s specific business needs. Generic operations tools are fine at carrying out generic operations jobs. Generic security tools are fine at attending to generic security challenges. Generic can just take you so far, though, and that’s where extensibility steps in.

Extensibility shows up typically when I’m talking to customers and potential customers, and I’m proud that a Global 10 business chose Ziften over everybody else in the market mostly on that basis. For that client, and lots of others, the capability to deeply tailor platforms is a requirement.

This isn’t about simply developing custom reports or custom alerts. Let’s be sincere – the capability to create reports are baseline capability of numerous IT operations and security management tools. True extensibility goes deep into the solution to provide it abilities that solve real issues for the company.

One client used lots of mobile IoT devices, and had to have our Zenith real time visibility and control system be able to gain access to (and monitor) the memory of those devices. That’s not a basic feature provided by Zenith, because our low footprint agent doesn’t hook into the os kernel or work through standard device drivers. However, we dealt with the client to customize Zenith with that ability – and it turned out to be simpler than anyone imagined.

Another customer took a look at the standard set of end point data that the agent collects, and wished to include extra data fields. They also wished to setup the administrative console with custom-made actions using those data fields, and press those actions back out to those endpoints. No other endpoint tracking and security option could supply the function for adding that functionality other than Ziften.

What’s more, the client developed those extensions themselves … and owns the code and intellectual property. It becomes part of their own secret sauce, their own organization differentiator, and distinct to their organization. They could not be happier. And neither could we.

With lots of other IT operations and security systems, if clients desire extra features or capabilities, the only choice is to submit that as a future feature demand, and hope that it appears in an approaching version of the product. Till then, regrettable.

That’s not how we designed our flagship solutions, Zenith and ZFlow. Due to the fact that our end point agent isn’t really based upon kernel hooks or device drivers, we can enable significant extensibility, and open up that extensibility for customers to access directly.

Similarly, with our administrative consoles and back-end monitoring systems; everything is customizable. And that was built in right from the beginning.

Another area of customization is that our real-time and historic visibility database can integrate into your other IT operations and security platforms, including SIEM tools, risk intelligence, IT ticketing system, job orchestration systems, and data analytics. With Zenith and ZFlow, there are no more silos. Ever.

In the world of endpoint tracking and management, extensions are significantly where it’s at. IT operations and business security teams need the capability to customize their tools platforms to fit their specific requirements for monitoring and handling IoT, standard endpoints, the data center, and the cloud. In numerous customer conversations, our integrated extensibility has actually caused eyes to illuminate, and won us trials and implementations. Tell us about your customized requirements, and let’s see exactly what we can do.

You Can See Our Endpoint Security Architecture In This Video – Charles Leaver

Written By Mike Hamilton And Presented By Ziften CEO Charles Leaver


End Point security is all the rage these days. And there are lots of various suppliers out there touting their services in this market. But it’s in some cases challenging to comprehend exactly what each vendor offers. What’s much more tough is to comprehend how each supplier solution is architected to supply their services.

I believe that the back-end architecture of whatever you choose can have an extensive impact on the future scalability of your execution. And it can create lots of unpredicted work and costs if you’re not cautious.

So, in the spirit of openness, and since we believe our architecture is not the same, unique and powerful, we invite all endpoint security suppliers to “reveal to us your architecture”.

I’ll get the ball rolling in the following video where I show you the Ziften architecture, and a number of exactly what I think about legacy architectures for comparison. Particularly, I’ll discuss:

– Ziften’s architecture developed using next-gen cloud concepts.
– One business peer-to-peer “mish-mash” architecture.
– Tradition hub-spoke-hub architectures.

I have actually revealed you the power of our really cloud-based platform. Now it’s my rival’s turn. What are you waiting for folks – show us your architectures!

Offense And Defense For Managing Security And Risk – Charles Leaver

Written By Roark Pollock And Presented By Charles Leaver Ziften CEO


Threat management and security management have long been handled as different functions typically performed by different functional teams within an organization. The recognition of the need for continuous visibility and control across all assets has actually increased interest in trying to find commonalities between these disciplines and the schedule of a new generation of tools is enabling this effort. This discussion is really timely given the continued difficulty the majority of business organizations experience in drawing in and retaining competent security personnel to manage and safeguard IT infrastructure. An unification of activity can help to much better take advantage of these crucial personnel, minimize expenses, and help automate response.

Historically, danger management has been considered as an attack mandate, and is generally the field of play for IT operations teams. Often referred to as “systems management”, IT operations teams actively perform device state posture monitoring and policy enforcement, and vulnerability management. The goal is to proactively mitigate potential risks. Activities that enhance risk decreasing and that are performed by IT operations consist of:

Offensive Danger Mitigation – Systems Management

Asset discovery, inventory, and revitalize

Software application discovery, usage tracking, and license justification

Mergers and acquisition (M&A) threat assessments

Cloud work migration, tracking, and enforcement

Vulnerability evaluations and patch installs

Proactive help desk or systems analysis and concern response/ repair work

On the other side of the field, security management is deemed a defensive strategy, and is generally the field of play for security operations teams. These security operations groups are usually responsible for hazard detection, event response, and resolution. The objective is to react to a risk or a breach as quickly as possible in order to lessen impacts to the organization. Activities that fall squarely under security management and that are carried out by security operations consist of:

Defensive Security Management – Detection and Response

Hazard detection and/or hazard hunting

User behavior monitoring / insider risk detection and/or searching

Malware analysis and sandboxing

Event response and threat containment/ removal

Lookback forensic examinations and source determination

Tracing lateral risk motions, and further threat elimination

Data exfiltration identification

Effective companies, obviously, need to play both offense AND defense equally well. This need is driving companies to recognize that IT operations and security operations have to be as lined up as possible. Hence, as much as possible, it assists if these 2 teams are playing utilizing the same playbook, or a minimum of working with the exact same data or single source of truth. This means both groups ought to aim to utilize some of the exact same analytic and data collection tools and methodologies when it concerns managing and protecting their endpoint systems. And if companies count on the same personnel for both jobs, it definitely assists if those people can pivot between both jobs within the very same tools, leveraging a single data set.

Each of these offending and defensive tasks is crucial to safeguarding an organization’s copyright, reputation, and brand. In fact, managing and focusing on these jobs is what frequently keeps CIOs and CISOs up during the night. Organizations need to acknowledge opportunities to align and combine groups, innovations, and policies as much as possible to guarantee they are concentrated on the most immediate need along the existing threat and security management spectrum.

When it concerns handling endpoint systems, it is clear that companies are approaching an “all the time” visibility and control model that allows constant danger assessments, constant hazard tracking, as well as constant performance management.

Thus, organizations have to try to find these 3 crucial abilities when evaluating brand-new endpoint security systems:

Solutions that supply “all the time” visibility and control for both IT operations teams and security operations groups.

Solutions that supply a single source of reality that can be utilized both offensively for danger management, and defensively for security detection and response.

Architectures that easily integrate into existing systems management and security tool ecosystems to provide even greater value for both IT and security groups.

What We Took From Black Hat And Defcon This Year – Charles Leaver

Written by Michael Vaughn And Presented By Ziften CEO Charles Leaver


Here are my experiences from Black Hat 2017. There is a minor addition in approaching this year’s synopsis. It is large in part due to the style of the opening talk given by Facebook’s Chief Security Officer, Alex Stamos. Stamos projected the importance of re focusing the security neighborhood’s efforts in working better together and diversifying security options.

“Working much better together” is seemingly an oxymoron when taking a look at the mass competitiveness amongst hundreds of security companies striving for customers throughout Black Hat. Based off Stamos’s messaging throughout the opening keynote this year, I felt it essential to add a few of my experiences from Defcon also. Defcon has actually historically been an occasion for finding out and consists of independent hackers and security specialists. Last week’s Black Hat style concentrated on the social element of how companies need to get along and really assist others and one another, which has constantly been the overlying message of Defcon.

People checked in from all over the world last week:

Jeff Moss, aka ‘Dark Tangent’, the founder of Black Hat and Defcon, likewise wishes that to be the style: Where you aim to help people acquire understanding and gain from others. Moss desires guests to remain ‘good’ and ‘useful’ throughout the conference. That is on par with what Alex Stamos from Facebook conveyed in his presentation about security companies. Stamos asked that we all share in the responsibility of helping those that can not help themselves. He also raised another relevant point: Are we doing enough in the security industry to truly assist individuals rather than just doing it to make cash? Can we accomplish the goal of actually assisting individuals? As such is the juxtaposition of the two occasions. The main distinctions between Black Hat and Defcon is the more corporate consistency of Black Hat (from vendor hall to the presentations) to the true hacker community at Defcon, which showcases the creative side of exactly what is possible.

The company I work for, Ziften, provides Systems and Security Operations software applications – providing IT and security teams visibility and control across all endpoints, on or off a business network. We likewise have a pretty sweet sock game!

Numerous participants flaunted their Ziften assistance by decorating prior year Ziften sock designs. Looking good, feeling great!

The concept of signing up with forces to fight versus the corrupt is something most attendees from around the world accept, and we are not any different. Here at Ziften, we aim to really assist our consumers and the neighborhood with our services. Why offer or count on a service which is limited to just exactly what’s inside the box? One that offers a single or handful of particular functions? Our software is a platform for integration and provides modular, individualistic security and functional solutions. The whole Ziften team takes the imagination from Defcon, and we push ourselves to try and develop new, customized features and forensic tools where traditional security businesses would shy away from or merely stay consumed by daily jobs.

Providing all-the-time visibility and control for any asset, anywhere is one of Ziften’s main focuses. Our unified systems and security operations (SysSecOps) platform empowers IT and security operations groups to quickly fix end point issues, decrease general risk posture, speed hazard response, and enhance operations performance. Ziften’s safe and secure architecture delivers continuous, streaming endpoint tracking and historic data collection for enterprises, federal governments, and managed security companies. And remaining with 2017’s Black Hat style of collaborating, Ziften’s partner integrations extend the value of incumbent tools and fill the gaps in between siloed systems.

Journalists are not enabled to take pictures of the Defcon crowd, however I am not the press and this was prior to entering a badge needed location:P The Defcon hoards and jerks (Defcon mega-bosses using red t-shirts) were at a dead stop for a solid twenty minutes waiting for initial access to the four massive Track meeting rooms on opening day.

The Voting Machine Hacking Village got a lot of attention at the event. It was fascinating however absolutely nothing new for veteran guests. I suppose it takes something notable to garner attention around particular vulnerabilities.? All vulnerabilities for most of the talks and particularly this village have currently been disclosed to the appropriate authorities prior to the event. Let us understand if you require aid locking down one of these (taking a look at you federal government folks).

A growing number of individual data is appearing to the general public. For example, Google & Twitter APIs are easily and openly available to query user data metrics. This data is making it much easier for hackers to social engineer focused attacks on people and particularly persons of power and rank, like judges and executives. This discussion entitled, Dark Data, showed how a simple yet brilliant de-anonymization algorithm and some data allowed these 2 white hats to recognize people with severe accuracy and reveal really personal info about them. This should make you think twice about what you have actually set up on your systems and individuals in your work environment. Most of the above raw metadata was collected through a popular browser add-on. The fine tuning occurred with the algothrim and public APIs. Do you understand what internet browser add-ons are running in your environment? If the response is no, then Ziften can assist.

This presentation was plainly about making use of Point-of-Sale systems. Although quite funny, it was a tad frightening at the quickness at which one of the most commonly utilized POS systems can be hacked. This specific POS hardware is most commonly utilized when paying in a taxi. The base os is Linux and although on an ARM architecture and safeguarded by tough firmware, why would a company risk leaving the security of client credit card details entirely up to the hardware vendor? If you seek extra defense on your POS systems, then look no further than Ziften. We secure the most typically used enterprise operating systems. If you wish to do the enjoyable thing and set up the computer game Doom on one, I can send you the slide deck.

This person’s slides were off the charts exceptional. What wasn’t exceptional was how exploitable the MacOS is throughout the installation procedure of typical applications. Generally every time you install an application on a Mac, it requires the entry of your intensified opportunities. But what if something were to slightly modify code a moment before you entering your Administrator qualifications? Well, most of the time, most likely something not good. Anxious about your Mac’s running malware wise enough to detect and modify code on common susceptible applications prior to you or your user base entering credentials? If so, we at Ziften Technologies can assist.

We help you by not replacing all your toolset, although we often discover ourselves doing just that. Our goal is to utilize the recommendations and current tools that work from numerous suppliers, guarantee they are running and installed, make sure the perscribed hardening is certainly intact, and ensure your operations and security teams work more effectively together to achieve a tighter security matrix throughout your environment.

Key Takeaways from Black Hat & Defcon 2017:

1) More powerful together

– Alex Stamos’s keynote
– Jeff Moss’s message
– Visitors from around the globe collaborating
– Black Hat need to preserve a friendly neighborhood spirit

2) More powerful together with Ziften

– Ziften plays great with other software vendors

3) Popular current vulnerabilities Ziften can help prevent and resolve

– Point-of-Sale accessing
– Voting machine tampering
– Escalating MacOS benefits
– Targeted specific attacks

Now Vulnerabilities In Subtitle Packages For Movie Apps Have Been Found – Charles Leaver

Written By Josh Harriman And Presented By Charles Leaver Ziften CEO


Do you like viewing movies with all the rage apps like Kodi, SmartTV or VLC on your devices? How about needing or desiring subtitles with those films and just getting the latest pack from OpenSubtitles. No problem, seems like a good evening in the house. Issue is, according to research by Check Point, you could be in for a nasty surprise.

For the hackers to take control of your ‘realm’, they require a vector or some way to get entry to your system. There are some common methods that happen nowadays, such as smart (and not so creative) social engineering techniques. Getting e-mails that appear to come from pals or co-workers which were spoofed and you opened an attachment, or went to some website and if the stars aligned, you were pwned. Generally the star positioning part is not that tough, only that you have some susceptible software running that can be accessed.

Given that the trick is getting users to work together, the target market can often be tough to find. However with this newest research study published, several of the major media players have a distinct vulnerability when it concerns accessing and decoding subtitle plans. The 4 primary media giants noted in the article are fixed to date, but as we have actually seen in the past (just take a look at the recent SMB v1 vulnerability problem) just because a fix is readily available, doesn’t imply that users are upgrading. The research study has also declined to show the technical information around the vulnerability as to enable other vendors time to patch. That is a great indication and the correct technique I think researchers ought to take. Inform the vendor so they can fix the issue and also announce it openly so ‘we the people’ are informed and understand exactly what to watch out for.

It’s difficult to keep up with the several methods you can get infected, however at least we have scientists who relentlessly try and ‘break’ things to discover those vulnerabilities. By conducting the appropriate disclosure techniques, they help everyone enjoy a much safer experience with their devices, and in this scenario, a fantastic night in viewing motion pictures.


With Ziften Endpoint Products Integration With Your Existing Architecture Is Easy – Charles Leaver

Written By Roark Pollock And Presented By Ziften CEO Charles Leaver


Security professionals are by nature a mindful bunch. Being cautious is a characteristic most folks likely have entering into this market given its objective, however it’s also undoubtedly a quality that is acquired over time. Ironically this is true even when it concerns adding extra security controls into an already established security architecture. While one may presume that more security is better security, experience teaches us that’s not always the case. There are actually various issues associated with releasing a brand-new security product. One that usually shows up near the top of the list is how well a brand-new product integrates with existing services.

Integrating concerns can be found in a number of flavors. Firstly, a brand-new security control shouldn’t break anything. But additionally, brand-new security products need to gracefully share threat intelligence and act on threat intelligence collected throughout a company’s entire security infrastructure. To put it simply, the new security tools need to work together with the existing ecosystem of tools in place such that “1 + 1 = 3”. The last thing that the majority of security and IT operations teams require is more siloed products/ tools.

At Ziften, this is why we have actually always focused on building and delivering an entirely open visibility architecture. Our company believe that any brand-new systems and security operations tools need to be developed with improved visibility and information sharing as essential design requirements. However this isn’t really a one way street. Creating easy integrations requires technology partnerships between industry vendors. We consider it our obligation to deal with other technology businesses to equally integrate our products, therefore making it easy on consumers. Regrettably, lots of vendors still believe that integration of security services, especially brand-new endpoint security services is incredibly challenging. I hear the issue constantly in consumer conversations. But data is now appearing revealing this isn’t necessarily the case.

Recent study work by NSS Labs on “sophisticated endpoint” products, they report that Worldwide 2000 clients based in North America have been pleasantly shocked with how well these kinds of services integrate into their existing security architectures. According to the NSS research titled “Advanced Endpoint Protection – Market Analysis and Survey Results CY2016”, which NSS consequently presented in the BrightTalk webinar listed below, respondents that had actually already deployed innovative endpoint products were much more positive regarding their ability to integrate into already established security architectures than were participants that were still in the planning stages of purchasing these services.

Specifically, for respondents that have actually already released innovative endpoint services: they rank integration with already established security architectures as follows:

● Excellent 5.3 %
● Good 50.0 %
● Average 31.6 %
● Poor 13.2 %
● (Horrible) 0.0 %

Compare that to the more conservative responses from people still in the preparation phase:

● Excellent 0.0 %
● Good 39.3 %
● Average 42.9 %
● Poor 14.3 %
● (Horrible) 3.6 %

These reactions are encouraging. Yes, as noted, security folks tend to be pessimists, however in spite of low expectations respondents are reporting favorable outcomes with respect to integration experiences. In fact, Ziften consumers usually exhibit the exact same preliminary low expectations when we initially go over integrating Ziften services into their existing ecosystem of products. However in the end, clients are wowed by how simple it is to share info with Ziften services and their existing infrastructure.

These study outcomes will ideally assist ease concerns as more recent product adopters may read and rely on peer suggestions before making purchase choices. Early traditional adopters are clearly having success releasing these products which will ideally assist to decrease the natural cautiousness of the real mainstream.

Certainly, there is substantial differentiation between products in the space, and companies need to continue to carry out appropriate due diligence in comprehending how and where products integrate into their broader security architectures. But, fortunately is that there are solutions not just fulfilling the requirements of consumers, but in fact out performing their preliminary expectations.