Blog Elements

Half Sized Blog Element (Single Author Style)

Half Sized Blog Element (Multi Author Style)

3 Lessons From Layered Defense’s Missed Attacks

2013-05-29/0 Comments/in Vulnerability Assessment/by fdesir

a posting from Dark Reading in there Vulnerability Management section: Layering security measures typically protects systems better: Research) by three University of Michigan graduate students in 2008, for example, found that using multiple antivirus engines result in much better protection than using a single program. Yet, recent analysis by NSS Labs highlights that layering security devices rarely catches all […]

Gathering More Security Data From Your Endpoints

2013-05-29/0 Comments/in Vulnerability & Threat Report/by fdesir

A posting from Dark Reading in there Endpoint Security section: Even though many of the most troublesome and advanced threats hitting enterprise networks originate from the endpoint, most organizations today aren’t investing in the same kind of visibility and control over these devices as they spend on network-based controls. This disparity is leaving organizations with […]

3 Lessons From Layered Defense’s Missed Attacks

2013-05-29/0 Comments/in Vulnerability Assessment/by fdesir

Gathering More Security Data From Your Endpoints

2013-05-29/0 Comments/in Vulnerability & Threat Report/by fdesir

Full Sized Blog Element (Big Preview Pic)

3 Lessons From Layered Defense’s Missed Attacks

2013-05-29/0 Comments/in Vulnerability Assessment/by fdesir

a posting from Dark Reading in there Vulnerability Management section:

Layering security measures typically protects systems better: Research) by three University of Michigan graduate students in 2008, for example, found that using multiple antivirus engines result in much better protection than using a single program.

Yet, recent analysis by NSS Labs highlights that layering security devices rarely catches all attacks, and the attacks that manage to dodge defenses do so with regularity. The analysis–a survey of the company’s past tests of next-generation firewalls, intrusion prevention systems, and endpoint protection software–found that the tested products tended to fail in similar ways. While two products always performed better together than individually, their combined performances varied tremendously.

Overall, the lesson is that companies need to carefully select technologies to derive the greatest benefits from overlapping security measures, says Stefan Frei, research director at NSS Labs and the author of the analysis.

To read more click here:

Gathering More Security Data From Your Endpoints

2013-05-29/0 Comments/in Vulnerability & Threat Report/by fdesir

A posting from Dark Reading in there Endpoint Security section:

Even though many of the most troublesome and advanced threats hitting enterprise networks originate from the endpoint, most organizations today aren’t investing in the same kind of visibility and control over these devices as they spend on network-based controls. This disparity is leaving organizations with a huge blind spot where they need it most, experts say.

“We’ve seen this advancement in techniques for network-based detection, but we haven’t seen quite that much advancement on the endpoint,” says Scott Crawford, research director for Enterprise Management Associates. “And, yet, if you look at what the target is in most of these cases, the strategic target may be the users’ privileges to sensitive data, so the tactical objective in a lot of cases is the endpoint. You’re going to focus on compromising endpoint functionality to gain visibility into the users’ activities and get access to their credentials.”

According to Crawford, enterprises are missing this to a large degree, with most organizations maintaining a huge dependence on legacy techniques, such as antivirus. Part of it is the scale and distribution of endpoints — it is much more difficult to deploy technology that will give centralized views of what’s happening across the endpoint infrastructure, compared to network visibility. But if organizations don’t try, they’re going to miss a lot of the threat detection picture.

To read more click here: