Written By Michael Vaughan And Presented By Chuck Leaver Ziften CEO
More customized options are needed by security, network and operational groups in 2017
Much of us have attended security conventions for many years, but none bring the exact same high
level of excitement as RSA – where security is talked about by the world. Of all the conventions I have participated in and worked, absolutely nothing comes close the enthusiasm for new innovation individuals displayed this previous week in downtown San Francisco.
After taking a couple of days to digest the dozens of conversations about the requirements and limitations with existing security tech, Ihave actually had the ability to synthesize a singular theme amongstparticipants: People desire tailored services that fit their environment and work well across numerous internal teams.
When I refer to the term “individuals,” I indicate everybody in attendance no matter technological segment. Operational experts, security professionals, network veterans, and even user behavior analysts frequented the Ziften cubicle and shared their stories with us.
Everyone appeared more ready than ever to discuss their needs and wants for their environment. These participants had their own set of goals they wished to obtain within their department and they were hungry for answers. Since the Ziften Zenith service offers such broad visibility on enterprise devices, it’s not surprising that our cubicle stayed crowded with individuals eager to find out more about a brand-new, refreshingly easy endpoint security technology.
Participants came with complaints about myriad enterprise-centric security issues and sought much deeper insight into what’s truly occurring on their network and on devices taking a trip in and out of the workplace.
End users of old-school security products are on the hunt for a newer, more pivotal software.
If I could choose simply one of the regular concerns I received at RSA to share, it’s this one:
” Exactly what is endpoint discovery?”
1) Endpoint discovery: Ziften reveals a historic view of unmanaged devices which have actually been connected to other business endpoints at some point in time. Ziften permits users to discover known
and unidentified entities which are active or have been interactive with recognized endpoints.
a. Unmanaged Asset Discovery: Ziften uses our extension platform to reveal these unidentified entities operating on the network.
b. Extensions: These are custom fit options tailored to the user’s specific wants and
requirements. The Ziften Zenith agent can run the designated extension one time, on a schedule or constantly.
Usually after the above explanation came the real factor they were participating in:
Individuals are looking for a large range of solutions for various departments, which includes executives. This is where operating at Ziften makes answering this question a real treat.
Just a portion of the RSA participants are security experts. I consulted with dozens of network, operation, endpoint management, vice presidents, general supervisors and channel partners.
They plainly all use and comprehend the need for quality security software applications however
relatively find the translation to business worth missing out among security vendors.
NetworkWorld’s Charles Araujo phrased the issue quite well in an article a short article last week:
Organizations must also justify security data in a service context and manage it holistically as part of the overall IT and service operating design. A group of vendors is likewise trying to tackle this difficulty …
Ziften was among just 3 companies highlighted.
After listening to those needs and wants of people from numerous business-critical backgrounds and explaining to them the capabilities of Ziften’s Extension platform, I generally described how Ziften would regulate an extension to solve their requirement, or I provided a short demonstration of an extension that would allow them to overcome a hurdle.
2) Extension Platform: Tailored, actionable solutions.
a. SKO Silos: Extensions based on fit and requirement (operations, network, endpoint, etc).
b. Custom Requests: Require something you do not see? We can fix that for you.
3) Enhanced Forensics:
a. Security: Threat management, Danger Evaluation, Vulnerabilities, Suspicious metadata.
b. Operations: Compliance, License Rationalization, Unmanaged Assets.
c. Network: Ingress/Egress IP movement, Domains, Volume metadata.
4) Visibility within the network – Not just exactly what goes in and goes out.
a. ZFlow: Lastly see the network traffic inside your business.
Needless to say, everyone I spoke to in our booth quickly comprehended the critical value of having a product such as Ziften Zenith running in and across their business.
Forbes author, Jason Bloomberg, stated it best when he recently explained the future of business security software applications and how all indications point towards Ziften blazing a trail:
Perhaps the broadest disturbance: suppliers are enhancing their ability to understand how bad actors behave, and can thus take steps to prevent, detect or alleviate their destructive activities. In particular, today’s vendors understand the ‘Cyber Kill Chain’ – the steps a skilled, patient hacker (known in the biz as an innovative consistent danger, or APT) will require to achieve his or her wicked goals.
The product of U.S. Defense specialist Lockheed Martin, The Cyber Kill Chain includes 7 links: reconnaissance, weaponization, shipment, exploitation, setup, developing command and control, and actions on goals.
Today’s more innovative vendors target one or more of these links, with the goal of preventing, finding or alleviating the attack. 5 vendors at RSA stood apart in this classification.
Ziften provides an agent based technique to tracking the habits of users, devices, applications, and
network components, both in real time as well as throughout historical data.
In real-time, experts utilize Ziften for danger recognition and avoidance, while they utilize the historical data to uncover steps in the kill chain for mitigation and forensic purposes.