Written By Michael Vaughan And Presented By Chuck Leaver Ziften CEO
More customized solutions are needed by security, network and functional groups in 2017
A lot of us have participated in security conventions for many years, but none bring the very same high
level of excitement as RSA – where the world talks security. Of all the conventions I have actually attended and worked, absolutely nothing comes close the enthusiasm for new innovation individuals displayed this past week in downtown San Francisco.
After taking a few days to digest the dozens of conversations about the needs and constraints with present security tech, I’ve had the ability to synthesize a particular style amongguests: People want customized services that fit their environment and will work throughout numerous internal groups.
When I refer to the term “people,” I suggest everyone in attendance regardless of technological section. Functional professionals, security professionals, network veterans, as well as user habits experts frequented the Ziften booth and shared their experiences.
Everyone appeared more prepared than ever to discuss their needs and wants for their environment. These participants had their own set of objectives they wanted to obtain within their department and they were desperate for responses. Because the Ziften Zenith solution offers such broad visibility on business devices, it’s not unexpected that our booth remained crowded with people eager for more information about a new, refreshingly basic endpoint security innovation.
Guests included complaints about myriad enterprise-centric security problems and looked for much deeper insight into exactly what’s really taking place on their network and on devices traveling in and out of the workplace.
End users of old-school security solutions are on the look out for a newer, more essential software applications.
If I could choose simply one of the regular questions I got at RSA to share, it’s this one:
” What exactly is endpoint discovery?”
1) Endpoint discovery: Ziften reveals a historic view of unmanaged devices which have been linked to other
enterprise endpoints at some point in time. Ziften permits users to find recognized and unidentified entities which are active or have actually been interactive with known endpoints.
a. Unmanaged Asset Discovery: Ziften utilizes our extension platform to expose these unknown entities operating on the network.
b. Extensions: These are custom fit solutions tailored to the user’s particular wants and needs. The Ziften Zenith agent can execute the appointed extension one time, on a schedule or on a continuous basis.
Usually after the above description came the real reason they were attending:
People are looking for a wide variety of solutions for various departments, including executives. This is where working at Ziften makes addressing this question a real treat.
Just a portion of the RSA participants are security experts. I talked with dozens of network, operation, endpoint management, vice presidents, general supervisors and channel partners.
They clearly all utilize and comprehend the requirement for quality security software applications however
apparently find the translation to business worth missing out amongst security suppliers.
NetworkWorld’s Charles Araujo phrased the issue quite well in an article a short article last week:
Organizations needs to also justify security data in an organization context and manage it holistically as part of the general IT and business operating design. A group of suppliers is also attempting to tackle this obstacle …
Ziften was among just 3 businesses discussed.
After listening to those needs and wants of people from numerous business critical backgrounds and discussing to them the capabilities of Ziften’s Extension platform, I generally described how Ziften would modulate an extension to solve their requirement, or I provided a short demo of an extension that would allow them to overcome an obstacle.
2) Extension Platform: Tailored, actionable solutions.
a. SKO Silos: Extensions based on fit and need (operations, network, endpoint, etc).
b. Custom Requests: Require something you can’t see? We can fix that for you.
3) Boosted Forensics:
a. Security: Danger management, Risk Assessment, Vulnerabilities, Suspicious metadata.
b. Operations: Compliance, License Justification, Unmanaged Assets.
c. Network: Ingress/Egress IP motion, Domains, Volume metadata.
4) Visibility within the network– Not simply exactly what goes in and goes out.
a. ZFlow: Finally see the network traffic inside your business.
Needless to say, everyone I spoke with in our booth rapidly understood the important benefit of having a solution such as Ziften Zenith running in and throughout their business.
Forbes writer, Jason Bloomberg, said it very well when he recently described the future of business security software applications and how all signs point toward Ziften blazing a trail:
Possibly the broadest disturbance: suppliers are improving their ability to comprehend how bad actors behave, and can hence take steps to prevent, discover or reduce their harmful activities. In particular, today’s vendors comprehend the ‘Cyber Kill Chain’ – the actions a proficient, patient hacker (understood in the biz as an innovative consistent risk, or APT) will require to accomplish his or her dubious objectives.
The product of U.S. Defense professional Lockheed Martin, The Cyber Kill Chain contains 7 links: reconnaissance, weaponization, shipment, exploitation, installation, establishing command and control, and actions on goals.
Today’s more innovative vendors target several of these links, with the objective of avoiding, finding or reducing the attack. Five vendors at RSA stood out in this classification.
Ziften provides an agent based method to tracking the behavior of users, devices, applications, and network aspects, both in real-time in addition to throughout historical data.
In real-time, analysts use Ziften for hazard recognition and prevention, while they use the historic data to reveal steps in the kill chain for mitigation and forensic functions.