Monthly Archives: September 2015

We Are So Proud At Ziften To Be A Red Herring Award Winner – Charles Leaver

Published by:

Written By Rachel Munsch And Presented By Charles Leaver CEO Ziften

There is some amazing news to share: For 2015 Ziften has actually been picked as a Top 100 North America award winner. There were around 1200 businesses from the USA and Canada evaluated in the yearly competition and our Endpoint Detection and Response solution was able to raise us into the leading 100.

It is well known that the Red Herring 100 Awards are extensively understood to be among the industry’s more distinguished acknowledgments. Those that reach the finals have to go through an extensive selection procedure which is based upon over 20 criteria that includes technological innovation, addressable market, business model, client footprint and level of specialty. Alex Vieux, CEO and Red Herring Publisher, felt that the competition was very strong this year and the procedure of choice was difficult:

“But after much thought, rigorous reflection and discussion, we narrowed our list down from large numbers of prospects from across North America to the North America winners. Our company believe Ziften embodies the vision, drive and innovation that define an effective entrepreneurial endeavor. Ziften should be proud of its achievement, as the competition was extremely strong.”

Here at Ziften we are really proud to be selected as a Red Herring award winner. It’s always gratifying to have our work confirmed and be acknowledged, specifically when you think about the prestigious list of finalists. Our dedication to helping organizations secure themselves from the sophisticated risks that exist today stays strong, and this award will act as an inspiration moving on as we continue to make every effort to be the leader in endpoint security and protection.


Charles Leaver – Be Sure To Protect Yourself Against Increasing Vishing Scams

Published by:

Written By David Shefter And Presented By Ziften CEO Charles Leaver

I was watching TV in August, 2015 and I had a call from a 347 location code contact number. I believed that it was an organization coworker of mine who lives in the outer boroughs, so I answer the call.

The call was a complete surprise, “Roy Callahan from the New York City Police Department” threatens me with a warrant for my arrest within minutes, and specifies that I need to turn myself into the regional police department. So, I talked with my friend Josh Linder. He states that it’s widespread in the area where he lives and similarly happened to him, however they threatened him if he didn’t comply by buying a $9000 Green Dot prepaid card.

If You Believe This Sounds Embellished …

This occurs thousands of times every day. Law enforcement agencies (LEA’s) ranging from regional towns to the FBI, and everything between are under immense pressure. They cannot contend – poor actors are quick, smart, and ahead of the curve.

These lawbreakers likewise understand how budget, talent and resource constrained the LEA’s are. The regional ones are best at catching thieves and stopping speeding vehicles, not tracking terrorists to their origin across federal or state borders. With little coordination or interest and a lack of tools, over 99% of these scams go unresolved.

How Did They Discover Me?

Initially, social networking has actually developed a bonanza of details. People entrust their name, address, telephone number, work history, academic background, and social circles to the public domain. This is where the threat lies, not the much publicized hacks at government agencies, banks, health care organizations and merchants.

Nevertheless, the big exposures at retailers like Home Depot, Target and Michael’s in addition to the more current hacks at the United States Office of Personal Management (OPM), United Airlines and Anthem ought to be of remarkable concern. This info permits wrongdoers the ability to triangulate data, and construct an abundant persona of individuals like you and me.

Putting this into context, 10s of millions of records were exposed, which could be utilized to go far beyond extortion payments, and move towards the exploit physical susceptibilities in military workers, executives or perhaps normal people.

How Quickly Will I Be Exposed?

In accordance with a 2014 FBI fraud alert, victims reported having cash illegally withdrawn from their accounts within ten minutes of getting a vishing call, and another of having hundreds or thousands of fraudulent withdrawals in the days following.

What Can I Do About The Problem?

As a citizen, it is best to be alert and use common sense. Despite what a “vishing” caller ID says, the United States Internal Revenue Service will not demand cash or account numbers. Don’t fall victim to Vishing’s evil cousin Phishing and click links in e-mails which might take you to a malware site – invest an additional 2 seconds validating that the email is in fact who it is from, not simply a name that is familiar.

Second, it’s best to secure your social profiles on the Internet. Facebook, LinkedIn, Twitter, and the trove of other tools have most likely currently exposed you. Carry out a basic Google search, then move to tidy up the public aspects of your online persona.

Third, imitate a business to secure your workers as if they were your relatives. Big companies have actually invested greatly in anti-viruses, drive encryption, email security, and next generation firewall programs. None of this matters – phishing and vishing rip-offs go right around these. You need training, ongoing education, vigilance, and technology which is smarter. An essential technique to this is implementing continuous endpoint visibility on your devices. At Ziften, our software application plugs security exposures to form a more durable wall.

The battle for cyber security protection is consuming your resources, from your people to your budget. Threats are quicker, more intelligent, and more focused than ever before, and working their way around traditional prevention solutions and getting straight to the point; your endpoints. Once breached you have less than an hour before the cyber attack finds additional victims within your company. Time is of the essence, and given that we cannot create more of that, we focus on optimizing continuous intelligence so your group can make the correct decision, right now.

In Conclusion

Today, individuals are so concentrated on fraudulent payment card charges, and companies are locking down endpoints at a record pace.

More needs to be done. The crooks are much faster, smarter, more equipped – and outside the bounds of the law. While news will always arrive relating to the success of catching massive fraudsters and untouchable foreign nationals in China and Russia, there will be thousands of small exploits every day.

At Ziften, we have one mission, to make endpoint security rapid and easy for the end user to not only deploy, however handle and drive daily worth. By integrating real-time user, device, and behavior tracking with powerful analytics and reporting, Ziften immediately empowers any organization to view, examine, and respond to the very latest attacks.

My thanks to Josh Linder for his discussions on this topic.


Charles Leaver – Ziften Can Deliver Your Gartner SOC Nuclear Triad

Published by:

Written By Dr Al Hartmann And Presented By Charles Leaver Ziften CEO

Anton Chuvakin, VP and security analyst at Gartner Research posted about the 3 essential Security Operations Center (SOC) tools required to provide effective cyber attack visibility. Chuvakin compared them to the cold war’s “nuclear triad” concept of siloed, airborne, and nuclear submarine capabilities required to guarantee survival in a total nuclear exchange. Similarly, the SOC visibility triad is vital to making sure the survival of a cyber attack, “your SOC triad seeks to considerably lower the opportunity that the enemy will operate on your network long enough to accomplish their objectives” as Chuvakin wrote in his post.

Now we will take a look at the Gartner designated essentials of the SOC triad and how Ziften supports each ability.

SIEM (Security Information and Event Management) – Ziften Open Visibility ™ extends existing security, event monitoring tools and system management by delivering important open intelligence of any enterprise endpoint. Ziften’s Open Visibility platform now includes integration with Splunk, ArcSight, and QRadar, as well as any SIEM supporting Common Event Format (CEF) alerts. Unlike competing product integrations that only offer summary data, Ziften Open Visibility exposes all Ziften collected endpoint data for full highlighted integration exploitation.

NFT (Network Forensics Tools)– Ziften ZFlow ™ extends network flow based cyber security tools with essential endpoint context and attribution, considerably boosting visibility to network events. This new standards based innovation extends network visibility down within the endpoint, collecting essential context that cannot be observed over the wire. Ziften has an existing product integration with Lancope, and also has the ability to quickly integrate with other network flow collectors using Ziften Open Visibility architecture.

EDR (Endpoint Detection and Response)– The Ziften Endpoint Detection and Response solution constantly examines user and device behaviors and highlights anomalies in real time, permitting security analysts to focus on advanced threats faster and lessen Time To Resolution (TTR). Ziften EDR enables organizations to more rapidly figure out the origin of a breach and decide on the necessary restorative actions.

While other security tools play supporting roles, these are the three basics that Gartner asserts do make up the core protector visibility into attacker actions within the targeted organization. Arm up your SOC triad with Ziften. For a no obligation free trial, visit: to learn more.


Cut The Cost Of Incident Response By Enabling Visibility – Charles Leaver

Published by:

Written By Kyle Flaherty And Presented By Ziften CEO Charles Leaver


It was rather a day on July 9 2015 in the world of cyber security. The first thing to take place was the grounding of flights by United Airlines due to a technical glitch, this was followed just later on by the New York Stock Exchange (NYSE) announcing they needed to stop trading. This report originated from the Wall Street Journal as you would anticipate, and they went offline just after this.

This led to complete panic on the Internet! There was an enormous buzz on Twitter and there were a great deal of rumors that a well collaborated cyber attack was happening. People were jumping off the virtual bridge and stating a virtual Armageddon.

There was overall mayhem up until the 3 organizations stated in public that the problems were not related to cyber attacks however the dreadful unknown “technical glitch”.

Visibility Is The Issue For Cyber Attacks Or Glitches

In today’s world it is assumed that “glitch” indicates “attack” and it is true to say that an excellent group of hackers can make them look the same. There are still no information about the events on that day and there most likely never will (although there are rumors about network resiliency concerns with one of the biggest ISPs). At the end of the day, when an occurrence like this happens all companies need answers.

Stats recommend that each hour of incident response might cost thousands of dollars an hour, and when it comes to services such as United and NYSE, downtime has not been considered. The board of directors at these companies don’t want to hear that something like this will take hours, and they may not even care how it took place, they simply want it dealt with quickly.

This is why visibility is constantly in the spotlight. It is vital when emergency situations strike that a company understands all of the endpoints in their environment and the contextual behavior behind those endpoints. It might be a desktop, a server, a laptop computer and it might be offline or online. In this modern-day age of security, where the principle of “avoid & block” is no longer an appropriate method, our capability to “rapidly identify & react” has actually ended up being increasingly more critical.

So how are you making the shift to this new era of security? How do you lessen the time in determining whether it was an attack or a glitch, and what to do about it?