Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!
In Part 1, we built the case that SIEMs are ineffective for threat hunting, based on the following reasons:
To date, SIEM vendors have not provided the market with the functions needed for producing world-class threat hunting. Again, threat hunting is a method. In order to follow this method, we have to have tools that accelerate and amplify our human work, rather than using technologies that brush aside our method in favor of operating within their paradigm. Too many threat hunting programs are sputtering because we continue to believe that the method should conform to the technology, but that gets things backwards.
Threat hunting remains an undeveloped competency for far too many organizations. When surveyed, security professionals confess an overall lack of competency to detect and respond to advanced attacks that slip through their defenses. In my experience, many organizations still rely on alerts from a SIEM (among other prevention systems). Most security teams will painstakingly build models for indicators of compromise, receive alerts from their SIEM, and “do the best they can” to eliminate the intrusion. What are the results?
How do you know if your security posture is where it needs to be? Most organizations look at standards, be it national standards, industry standards or their own corporate standards. They may also look at their industry’s best practices. But if you aren’t looking at your risk vulnerability, you are likely not looking at the entire spectrum of your network’s security posture.
El nuevo paradigma de la automatización es la “Administración del Ciclo de Vida”
Te mostraremos cómo FireMon Intelligent Policy Automation utiliza la tecnología de automatización e inteligencia para reducir el esfuerzo e incrementar la eficacia en cada etapa del proceso de cambios.
OVERLAND PARK, Kan., June 26, 2014 –
FireMon, the industry leader in proactive security intelligence solutions, today announced that it was named Best Security Solution in the Government Technology Research Alliance’s (GTRA) GOVTek Executive Government Technology Awards program. A total of 25 industry-leading technology providers competed for top honors in this highly competitive category. FireMon was recognized on Monday, June 23 at GTRA’s GOVTek Awards Gala, a celebration of government and industry IT leaders whose vision, innovation and accomplishments have improved efficiency, the delivery of government services, citizen engagement, information sharing and national security.
“We are honored to be chosen by GTRA as the Best Security Solution. This prestigious award is a testament to the innovation and dedication of the entire FireMon team, and underscores our collective commitment to delivering strategic cybersecurity solutions to the federal sector to secure our homeland,” said Al Nieves, vice president, federal solutions for FireMon. “America must have the best equipped and best trained cyberdefenders in the world. We are continually expanding the FireMon Security Intelligence Platform to help agency IT security teams automate manual processes and proactively strengthen their overall security posture to increase resource effectiveness and reduce their attack surface in the face of a relentless threat landscape.”
Providing continuous, real-time visibility into network security infrastructure, policy effectiveness and underlying IT risk, the FireMon Security Intelligence Platform allows organizations to remediate exposed vulnerabilities and optimize their existing defenses. The Platform allows federal agencies to automate security device management and vulnerability risk analysis – two key requirements of the $6 billion Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) program – by quickly identifying, understanding and managing changes in overall security posture.
Unlike reactive approaches that simply log past events, FireMon Security Manager – the foundation of the Security Intelligence Platform – enables users to understand and fix configuration, policy and risk exposures in real-time. Complementing Security Manager, Risk Analyzer offers patented risk analysis capabilities that identify and prioritize vulnerabilities on key IT assets that are reachable by adversaries, ensuring that the greatest impact risks are mitigated first. Security Manager and Risk Analyzer are currently listed as “In Evaluation” for Common Criteria NIAP certification.
Earlier this month, FireMon introduced the new Policy Optimizer module, designed to help government entities rapidly improve network security device rules and policies in response to changing threats, emerging management challenges and evolving compliance requirements. Used in conjunction with Security Manager, this new module automates what traditionally has been a manual and fragmented process, empowering security teams with the ability to engage directly with key stakeholders – e.g., line-of-business, audit/compliance and IT risk management – to gather data and validate rule requests, eliminate unneeded rules and make implemented rules more targeted, productive and effective, while maintaining the highest levels of security control.
FireMon is the industry leader in proactive security intelligence solutions for large organizations that deliver continuous control of infrastructure, policy and IT risk. The FireMon Security Intelligence Platform is a massively scalable, high-performance foundation for network risk detection, change workflow automation, firewall rule base clean-up, compliance audit assessment and security operations cost reduction. For more information, visit http://www.firemon.com.
Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure
Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.