Virtualization Technology News and Information
Fighting Ransomware and Malware Attacks with Improved Security and IT Ops--Endpoint Visibility and Management Identified as Key Factors

Ransomware has gone from "on the radar" to a Code 5 level threat since May 2017 with the rise of "ransomworms" snaking through global corporate networks in hundreds of countries. The problem being that nobody knows how the next strain will take shape and IT teams are rarely, if ever properly coordinated to tackle them.

Systems and Security Operations (SysSecOps)

Ziften today is focused on helping enterprise, government, and managed security service providers with a concept called SysSecOps- empowering both IT and Security Operations teams with endpoint visibility and control, security hygiene monitoring, threat detection, and incident response.

Ransomware specifically is an enterprise management challenge that requires improved coordination in securing and managing risk for all connected devices, from the cloud to data center and edge. The size and viral spread of ransomware in the last 90 days show that a new approach is needed.

With Ziften, once disparate teams can better work together to make sure that deployed network assets, including servers, and user devices are in fact, reliable, safe, and secure. Ziften's security platform, Zenith supports every endpoint connected to the network, from PCs, to virtual machines and servers, and even cloud based VMs.

Futuriom, a leading research firm focused on cyber security, issued a new report concluding that "SysSecOps (systems and security operations) for endpoints is built on a foundation of endpoint visibility, control and integration within a broader security ecosystem." What does this mean in the context of the next ransomware threat? It can put it down within minutes across the enterprise.

New Ziften Zenith Ransomware Capabilities

Ziften, today announced new ransomware features on its Zenith security platform empowering security and IT operations teams in the fight against ransomware attacks. The new features include:

  • Find Vulnerable Systems: Identification of devices with unpatched application and operating system vulnerabilities known to be the root of ransomware variants.
  • Disable Vulnerable Services: Custom Extensions to automate disabling known vulnerable services on unpatched systems (e.g. Windows SMB service exploited by WannaCry).
  • Patching Vulnerable Systems: Automated patching of systems with vulnerabilities known to be exploited by ransomware attacks.
  • Ransomware Detection: New ransomware behavioral detection techniques including monitoring for quiet volume shadow copy service (VSS) deletions.

Ransomware is only a tiny example of threats enterprises face; insider employees stealing data, applications in the cloud, and mobile devices at home require continuous monitoring.

IT and security teams require technology and process coordination to respond. Ziften brings it all together with a foundational platform providing visibility and control across the entire IT environment - for any asset, anywhere. Any asset means client devices, servers, VMs, and cloud instances.

  • Visibility for Any Asset: Ziften deploys on client devices, data center servers, or in virtual machines (VMs), or containers. Ziften is agnostic to the hypervisor in use. And Ziften works in the enterprise cloud. No matter what cloud environment - AWS, Azure, etc.
  • Visibility Anywhere: Ziften provides visibility of endpoints anywhere. On the network - absolutely. Working remote - definitely. Offline altogether - yes again. In the cloud - no doubt. Ziften provides visibility where your devices operate.

"Today, stovepipe cyber security tools and limited endpoint management just don't work. They only provide partial, point-in-time data that leaves gaps for IT and security teams to piece together manually. And in the end, this doesn't happen due to constraints on budget and time," said Roark Pollock, SVP of Marketing for Ziften. "IT simply can't keep up with every connected device, investigate all the alerts, or patch every machine, and thus are exposing their organizations to unacceptable risks."

Published Monday, July 24, 2017 10:54 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2017>