Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!
This week, a credit service in India called Creditseva suffered a data breach which exposed details of some 48,000 citizens – including driver’s licenses, home addresses and credit reports. The company was notified by Kromtech security researchers of the breach when they noticed the information on an insecure Amazon S3 bucket.
To date, SIEM vendors have not provided the market with the functions needed for producing world-class threat hunting. Again, threat hunting is a method. In order to follow this method, we have to have tools that accelerate and amplify our human work, rather than using technologies that brush aside our method in favor of operating within their paradigm. Too many threat hunting programs are sputtering because we continue to believe that the method should conform to the technology, but that gets things backwards.
Vulnerability scanning has its place but I’ve often found that it produces a mountain of data with little guidance for prioritizing updates other than a relative high/medium/low risk rating of the exploit itself and of the device’s value.
El nuevo paradigma de la automatización es la “Administración del Ciclo de Vida”
Te mostraremos cómo FireMon Intelligent Policy Automation utiliza la tecnología de automatización e inteligencia para reducir el esfuerzo e incrementar la eficacia en cada etapa del proceso de cambios.
Patented technology simulates cyberattacks, helping companies reduce the time to prioritize risk and refine firewall policies by 90%
OVERLAND PARK, KANSAS and DALLAS, TEXAS – July 13, 2017 – FireMon, the industry leader in intelligent security management, has released its patented Risk Analyzer technology that helps customers accurately simulate cyber risk and allocate resources where they can have the greatest risk reduction impact. The innovative technology extends FireMon’s uniquely scalable automation and analysis platform to risk vulnerability management, calculating the risk of network attack angles and scoring firewall rules to allow network managers to efficiently reduce their exposure to risk.
From the ransomware attacks and sophisticated malware threats of late to simple user configuration error, security practitioners need to be able to see the full picture of where the weaknesses lie in their network infrastructures. FireMon Risk Analyzer was developed for large enterprises and federal agencies in response to the overwhelming number of vulnerabilities on the network at any given time that could be exploited to reach business-critical assets.
To achieve best-in-class risk and vulnerability management, Risk Analyzer overlays vulnerability data from leading scanner technologies on network security configurations collected with the FireMon Security Manager platform to identify exploitable hosts. With this analysis, the application is able to:
In a recent report from Gartner, When You Can’t Patch It, Protect It From the Network (Nov 2016), by Claudio Neiva, Adam Hils and Prateek Bhajanka, the analyst firm states: “Most organizations face a series of challenges to keep all systems patched, and need to plan on alternative measures to reduce the risk of vulnerabilities being exploited when security patches cannot be installed in a timely manner.” FireMon agrees that security and risk management leaders need to broaden their threat and vulnerability management strategies to apply alternate risk mitigation measures to critical systems and applications that cannot be patched.
“Effectively, cyber attacks today start inside the network via spear phishing or other means. Many network teams have undertaken segmentation as a way to limit accessibility of data from those potential scenarios. However, that is only effective if the implemented policies correctly control access. Determining which systems are vulnerable and accessible through the segmented network is now a critical exercise,” said Matt Dean, Vice President of Product Management for FireMon.
With the continued impact of more sophisticated cybersecurity attacks, enterprise and government security leaders are looking for new technology to help them identify where in their complex network infrastructure attacks would succeed. FireMon’s second-generation Risk Analyzer product combines data from disparate systems in a new powerful way that makes eliminating attack vectors easier and more effective.
“We hear all the time from customers and potential customers the value of being able to assess risks before they become real nightmares for the organization,” explained Dean. “CISOs want to quickly identify the weakest points in the network and remediate them appropriately in accordance with business priorities. For example, if it is a retail organization, then any attack threatening payment card data will be scored the highest and given immediate priority.”
With the technology, available only from FireMon, users can view a map of possible vulnerable paths attackers might use to move across the network layout and see how each asset is exposed or accessible to an attacker.
From there, they can calculate how easy it would be for an attacker to reach the network through different network hosts and internet-facing segments to assess the potential damage, score attack simulations for risk impact and re-score once improvements have been made. Crucially, Risk Analyzer allows for patching systems virtually with the ability to re-run a complete analysis in seconds and compare various patch scenarios to ensure the safest impact is achieved.
FireMon is the No.1 provider of Intelligent Security Management solutions worldwide, combining advanced benchmarking, simulation, and analysis to deliver next generation security intelligence. Since creating the first-ever network security management solution 15 years ago, FireMon solutions have continued to deliver visibility into and control over complex network security infrastructure, policies, and risk to over 1,500 customers around the world.
Using the FireMon Intelligent Security Management platform, today’s leading enterprise organizations, government agencies, and managed security providers have dramatically improved effectiveness of network defenses, accelerating business agility and optimizing return on investment. For more information or a free 30-day trial, visit www.firemon.com.
FireMon’s Intelligent Security Management platform enables users with Cisco Systems switches, routers and firewalls (Pix, ASA, FirePower) to work smarter, applying intelligence to the entire security program
Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure
Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.