Written By Michael Vaughan And Presented By Charles Leaver Ziften CEO
More customized products are required by security, network and operational groups in 2017
Much of us have gone to security conventions for many years, but none bring the same high
level of excitement as RSA – where security is talked about by the world. Of all the conventions I have actually attended and worked, absolutely nothing comes close the enthusiasm for brand-new innovation people exhibited this previous week in downtown San Francisco.
After taking a couple of days to digest the lots of discussions about the requirements and constraints with present security tech, Ihave actually had the ability to synthesize a singular theme amongstattendees: Individuals want customized solutions that fit their environment and will work across multiple internal groups.
When I describe the term “individuals,” I indicate everyone in attendance regardless of technological sector. Operational professionals, security professionals, network veterans, as well as user behavior analysts often visited the Ziften booth and shared their stories with us.
Everybody appeared more ready than ever to discuss their needs and wants for their environment. These attendees had their own set of goals they wished to attain within their department and they were desperate for answers. Since the Ziften Zenith solution provides such broad visibility on enterprise devices, it’s not surprising that our cubicle remained crowded with people excited for more information about a new, refreshingly simple endpoint security innovation.
Participants came with complaints about myriad enterprise centric security issues and sought much deeper insight into what’s really happening on their network and on devices taking a trip in and out of the office.
End users of old-school security products are on the hunt for a more recent, more pivotal software applications.
If I could select simply one of the frequent concerns I received at RSA to share, it’s this one:
” What exactly is endpoint discovery?”
1) Endpoint discovery: Ziften exposes a historical view of unmanaged devices which have actually been connected to other business endpoints at some point in time. Ziften allows users to discover known
and unidentified entities which are active or have been interactive with known endpoints.
a. Unmanaged Asset Discovery: Ziften utilizes our extension platform to reveal these unknown entities operating on the network.
b. Extensions: These are custom-fit solutions customized to the user’s specific wants and
requirements. The Ziften Zenith agent can execute the assigned extension one time, on a schedule or persistently.
Generally after the above explanation came the real reason they were going to:
People are searching for a wide variety of services for numerous departments, including executives. This is where operating at Ziften makes answering this concern a real treat.
Just a part of the RSA attendees are security specialists. I talked with lots of network, operation, endpoint management, vice presidents, general supervisors and channel partners.
They plainly all utilize and comprehend the requirement for quality security software however
apparently discover the translation to organization value missing out among security suppliers.
NetworkWorld’s Charles Araujo phrased the concern quite well in an article a short article last week:
Organizations should also rationalize security data in a business context and manage it holistically as part of the total IT and organization operating model. A group of suppliers is also attempting to tackle this challenge …
Ziften was amongst only 3 businesses highlighted.
After paying attention to those wants and needs of people from different business-critical backgrounds and discussing to them the capabilities of Ziften’s Extension platform, I typically described how Ziften would modulate an extension to resolve their need, or I provided a short demonstration of an extension that would permit them to overcome a difficulty.
2) Extension Platform: Customized, actionable solutions.
a. SKO Silos: Extensions based upon fit and requirement (operations, network, endpoint, etc).
b. Customized Requests: Require something you do not see? We can repair that for you.
3) Boosted Forensics:
a. Security: Threat management, Threat Assessment, Vulnerabilities, Metadata that is suspicious.
b. Operations: Compliance, License Rationalization, Unmanaged Assets.
c. Network: Ingress/Egress IP movement, Domains, Volume metadata.
4) Visibility within the network– Not just exactly what enters and leaves.
a. ZFlow: Finally see the network traffic inside your enterprise.
Needless to say, everyone I talked to in our cubicle quickly understood the crucial benefit of having a product such as Ziften Zenith running in and across their business.
Forbes writer, Jason Bloomberg, said it very well when he just recently explained the future of enterprise security software applications and how all signs point toward Ziften blazing a trail:
Maybe the broadest interruption: vendors are improving their capability to comprehend how bad actors behave, and can hence take steps to prevent, discover or mitigate their malicious activities. In particular, today’s suppliers comprehend the ‘Cyber Kill Chain’ – the actions a competent, patient hacker (known in the biz as an innovative relentless risk, or APT) will require to attain his/her dubious objectives.
The product of U.S. Defense contractor Lockheed Martin, The Cyber Kill Chain consists of 7 links: reconnaissance, weaponization, shipment, exploitation, setup, establishing command and control, and actions on goals.
Today’s more innovative suppliers target several of these links, with the goal of preventing, discovering or mitigating the attack. Five suppliers at RSA stood out in this classification.
Ziften provides an agent based method to tracking the behavior of users, devices, applications, and
network components, both in real-time along with across historic data.
In real time, experts use Ziften for danger identification and prevention, while they use the historic data to uncover steps in the kill chain for mitigation and forensic functions.