Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!
In Part 1, we built the case that SIEMs are ineffective for threat hunting, based on the following reasons:
To date, SIEM vendors have not provided the market with the functions needed for producing world-class threat hunting. Again, threat hunting is a method. In order to follow this method, we have to have tools that accelerate and amplify our human work, rather than using technologies that brush aside our method in favor of operating within their paradigm. Too many threat hunting programs are sputtering because we continue to believe that the method should conform to the technology, but that gets things backwards.
Threat hunting remains an undeveloped competency for far too many organizations. When surveyed, security professionals confess an overall lack of competency to detect and respond to advanced attacks that slip through their defenses. In my experience, many organizations still rely on alerts from a SIEM (among other prevention systems). Most security teams will painstakingly build models for indicators of compromise, receive alerts from their SIEM, and “do the best they can” to eliminate the intrusion. What are the results?
How do you know if your security posture is where it needs to be? Most organizations look at standards, be it national standards, industry standards or their own corporate standards. They may also look at their industry’s best practices. But if you aren’t looking at your risk vulnerability, you are likely not looking at the entire spectrum of your network’s security posture.
El nuevo paradigma de la automatización es la “Administración del Ciclo de Vida”
Te mostraremos cómo FireMon Intelligent Policy Automation utiliza la tecnología de automatización e inteligencia para reducir el esfuerzo e incrementar la eficacia en cada etapa del proceso de cambios.
Expands Participation in McAfee Security Innovation Alliance Program
OVERLAND PARK, Kan. — Oct. 2, 2013
FireMon, a leading provider of security management and risk analysis solutions, today announced an expanded profile in the McAfee® Security Innovation Alliance™ (SIA) program with full support for McAfee® Vulnerability Manager. The announcement was made in conjunction with McAfee FOCUS 13, where FireMon will be exhibiting in Booth #312.
FireMon continues to expand its partnership with McAfee and one of their solutions has achieved McAfee Compatible status for a second time by integrating FireMon Security Manager and Risk Analyzer with McAfee Vulnerability Manager. Previously, FireMon had integrated its FireMon Security Manager and Risk Analyzer with McAfee® Firewall Enterprise. FireMon has been a member of the McAfee SIA Sales Teaming Partner program since 2012. The integrated solution extends McAfee customers’ ability to increase the effectiveness and efficiency of security operations staff, ensure business continuity with secure access and reduce preparation time for compliance audits.
FireMon Security Manager identifies, continually assesses and remediates – in real-time – the impact of change or misconfiguration on the security policy and controls of all popular security and network devices. The Risk Analyzer module imports the vulnerabilities identified by McAfee Vulnerability Manager and assesses them against the unique configurations found in each individual network to identify the assets with vulnerabilities that are actually reachable. FireMon then quantitatively prioritizes the vulnerabilities for remediation according to which present the greatest overall risk to the organization.
FireMon continues its investment in the McAfee SIA partnership with the ongoing development of extensive support for the McAfee Next Generation Firewall, powered by Stonesoft. Upcoming support includes compliance and configuration auditing, automatic configuration retrieval, normalization and storage, and configuration analysis and visualization via FireMon Insight, and will be available in Q4 2013.
“McAfee’s efforts with SIA partners around building a robust ecosystem for comprehensive protection is a model for the industry,” said Jody Brazil, president and CTO of FireMon. “FireMon is a vanguard in making sure that the controls, policies and implementation of that ecosystem don’t conflict or create vulnerability. And just as new innovations like next-generation firewalls advance the state-of-the-art, FireMon’s innovations ensure the ecosystem is future proof.”
“A key goal behind the McAfee Security Innovation Alliance program is to accelerate the development of interoperable security products and simplify the integration of those products in complex customer environments,” said Ed Barry, vice president of the Security Innovation Alliance at McAfee. “We’re thrilled to see FireMon leverage McAfee’s investment in its security risk management platform and extend this value to customers.”
The McAfee Vulnerability Manager, with its Asset Manager feature, delivers unrivaled scalability and performance, actively or passively canvassing everything on the network. Now customers have the ability to uncover devices hidden on the network as well as smartphones, tablets and laptops that come and go between scheduled scans. What hasn’t been seen or scanned may be a surprise to some customers – and could jeopardize compliance. Thousands of organizations rely on the McAfee Vulnerability Manager to quickly find and prioritize vulnerabilities, with deployments ranging from a few hundred nodes to one continuously scanning more than four million IP addresses.
For more information on McAfee SIA please visit: http://www.mcafee.com/sia.
FireMon provides enterprises and government with security management software that gives them deeper visibility and tighter control over their network security infrastructure. The FireMon solution set – Security Manager, Policy Planner and Risk Analyzer – enables customers to identify network risk, proactively eliminate those vulnerabilities and strengthen security throughout the organization, and reduce the cost of security operations and compliance. Together, they create a highly-effective and consistent solution for efficiently managing security operations. For more information, visit http://www.firemon.com.
Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure
Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.