Enterprise Security News
- http://www.bizjournals.com/washington/blog/techflash/2016/08/another-sourcefire-threatquotient-raises-12m-to.html?ana=RSS%26s%3Darticle_search&utm_campaign=Feed%3A%2Bbizj_washington%2B%28Washington%2BBusiness%2BJournal%29&utm_medium=feed&utm_source=feedburner - This is how they define what they do: Reston-based ThreatQuotient vacuums up data from public, private and internal sources and analyzes it to help companies react in the aftermath of cyberattacks and to predict future ones. Agree? I think its one way to potentially solve the problem, and obviously investors see it as such.
- http://www.marketwired.com/press-release/cloudpassage-halo-now-in-solution-specific-packages-2152829.htm - Halo Protect reduces the software attack surface of workloads by ensuring proper security configuration, discovering software vulnerabilities, and controlling administrative access. Halo Segment reduces the network attack surface through traffic discovery, host firewall orchestration, and multi-factor network authentication. Halo Detect alerts you if any of your workloads have been compromised by monitoring whether important files have changed and by monitoring important server log files.
- http://presswire.com/content/1779287/crowdstrike-s-machine-learning-engine-becomes-first-signature-less-engine-be - This actually sounds like the correct usage of threat intel data: CrowdStrike offers a new approach and an additional information source to VirusTotal’s users by integrating the first pure machine learning engine into the service. The full machine learning engine is unique as it is also the first engine in VirusTotal to provide a confidence level as a result of its analysis.
- http://www.prnewswire.com/news-releases/the-password-is-dead-mobileiron-and-entrust-datacard-partner-on-derived-credentials-for-next-generation-multi-factor-authentication-300317935.html - I'd love to know how this actually works: MobileIron Derived Credentials with Entrust IdentityGuard Mobile Smart Credential ("Derived Credentials") will provide government agencies that want to use mobile technologies the ability to protect sensitive data while eliminating the need for passwords and hardware tokens.
- http://www.businesswire.com/news/home/20160825005196/en/RingCentral-Okta-Partner-Enable-Future-Work-Seamless - Your phone is in the cloud, and you authenticate to it using Okta: The RingCentral and Okta integration makes it seamless for IT to administer provisioning, while allowing users to use Single Sign-on to securely access RingCentral’s solution, regardless of device or their location.
- http://www.networkworld.com/article/3112628/cloud-computing/experts-challenge-skyhighs-patent-for-cloud-based-encryption-gateway.html - Prior art? "The master keys never leave the customer premises, the derivation happens on premises," said Kaushik Narayan, Skyhigh's co-founder and CTO. "And we have all kinds of protections on our proxy so that you can't dump memory, you can't inspect memory." but: "There is no shortage of prior art," said Dave Lewis, global security advocate at Cambridge, Mass.-based Akamai Technologies Inc. "I'm actually surprised that they got the patent. There's really nothing new here."
- http://www.prnewswire.com/news-releases/research-and-markets---global-deception-technology-market-2016-2020-with-graudicore-attivo-networks-cymmetria--trapx-security-dominating-the-1-billion-market-300318190.html - Thoughts on this industry?
To MSSP or not to MSSP
Goal: Implement security in my organization so that I don’t have to or I can’t, shift the liability
Fit: We should be able to call them and make them do security for us
Measure: We don’t get hacked
Goal: Provide monitoring and detection service to remediate the low-hanging fruit
Fit: Integrates with our current security policies, procedures and processes (SLA!)
Measure: We prevented X number of incidents and saved X number of dollars on internal security systems by using an MSSP
Tip: If its cheaper to do it yourself, then do it…
Co-Manage vs. Managed
Firewall, IDS/IPS, VPN and SEIM = Good MSSP
Patch management, DNS = Bad MSSP
Endpoint security = Somewhere in the middle