Posts

Combat the Staggering Rise of Zero-Day Threats

With the devastating rise of targeted, evasive, zero-day threats hitting IT infrastructures, computers, individuals and their devices, it is critical to have a multi-layer and revolutionary security solution. Today, at RSA Conference 2016, Feb. 29-Mar. 4 in San Francisco, we have launched the  SonicWall Capture Advanced Threat Protection (ATP) Service, our multi-engine or triple layer approach, which advances sandboxing beyond detection to deliver end-to-end prevention.

For SonicWall’s next-generation firewalls, we offer a multi-engine advance persistent threat analysis sandboxing service that has broad OS and file type analysis. Once a threat is identified, it not only detects but blocks it from entering the network. Come by SonicWall booth 1007 in the South Hall, where we will showcase this extraordinary SonicWall Capture sandboxing service with our worldwide customers and partners.

The RSA conference is the premier security event for thousands of experts gathering to gain greater in-depth knowledge of cyber criminal techniques and plans of attack to stop these catastrophic threats. Such threats are evolving quickly to disguise themselves, as we recently learned in the 2016 SonicWall Security Annual Threat Report. For this threat report, SonicWall leveraged its Global Response Intelligence Defense (GRID) network and telemetry data, gathered from SonicWall sensors. We continue to provide secure environments for our customers, stopping 2.17 trillion IPS attacks and blocking 8.19 billion malware attacks, up from 4.2 billion attacks last year.  Virtual sandboxes and other advanced threat detection techniques have been developed by security professionals to more effectively analyze the behavior of suspicious files and uncover hidden malware.

Detecting zero-day threats is critical, but it is not enough; technology is required that not only inspects traffic for suspicious code but also gives IT control to block suspicious code from entering the network until after it’s analyzed.  This protects the network from infection, eliminating time-consuming remedial tasks necessary to remediate damage. Additionally, follow-on attacks can be prevented with quickly generated IP signatures blocking newly discovered malware from automatically being distributed across network security devices.

This superior  SonicWall Capture Advanced Threat Protection (ATP) Service is a cloud-based service for SonicWall next-generation firewalls and Unified Threat Management Firewalls (UTM) that detects and blocks until the verdict is determined. SonicWall Capture is the only advanced threat protection offering that starts at the gateway, and includes multi-layer sandbox technologies that use system emulation, virtualization, and memory analysis techniques that not only detects but can block based on verdict before it infects the defended network. Our customers and partners benefit from high-security effectiveness, fast response times, and reduced total cost of ownership. This system is available in beta.

If you come to the booth, you will not only get to experience this ground breaking technology, but you will also talk to SonicWall experts and see live demonstrations of the SonicWall Firewall Sandwich, SonicWall Safeguard Privileged Management and other SonicWall One Identity Solutions, SonicWall Secure Mobile Access solutions, SonicWall Email Security Encryption in booth 1007. For our commercial PCs, SonicWall Data Protection and Encryption and Data Security will also be showcased.

Finally, join me and my SonicWall Security and SonicWall SecureWorks colleagues for these inspiring speaking sessions:

  • March 2 at 10:20 – Threat Actor Pivoting and the Underground Market for your Data.
  • March 4 at 11:30 – Are you worthy? Laws of Privileged Account Management.

Join the conversation on Twitter @SonicWall and follow the #SonicWallGovernProtect this week at RSA.

Avoid Making a Costly Network Security Shortlist Decision

Living the life of a chief security officer (CSO), chief information security officer (CISO) or any title with the word “security” in it nowadays is surely a heart-wrenching experience each day. Far too often, yet another data breach in the news reminds you of the obvious notion that it’s not a matter of if but when you’ll be called upon to manage and contain a security incident in your organization. Regardless of its depth and severity, this has to be very disturbing and there seems to be no end. As a result, you find yourself regularly worrying if you’ve done a thorough job at vetting your cyber-defense system, and determining if it is really doing its job to prevent avoidable attacks on your networks. You understand the stakes. If any part of your security strategy is not functioning at its optimal level, you know your organization is susceptible to countless security risks. The bottom line is you don’t ever want to stand in front of the executives explaining why the company is breached, and dealing with the after-math as a result of a failure in one or more of your security layers. There is a way, however, to help you avoid such a disaster.

Limited resources and shortage of security staff can constrain your ability to carry out a rigorous vendor vetting process. The fundamental question then is what alternatives are there to help you efficiently select potential technologies that can put you in a position of strength and success against evolving threats. As a security leader, you’ve been down this road many times. You‘re aware that choosing the right technology partner with capable solutions to support your security strategy for the long-term is one of the most nerve-wracking but crucial task you must undertake. The range of capabilities and factors impacting your choice are overwhelming. You understand very well that making a poor choice could end up costing your organization millions in breach remediation expenses, immeasurable brand damage, loss of public confidence and possibly even your career. To help avoid such a costly decision when shortlisting possible vendors and their solutions for proof of concept (PoC) consideration or making the purchase, there are highly specialized market research companies that are well-recognized by the security industry for their reputable and impartial validation of network security quality and effectiveness that you can confidently use when making your selections.

The difficulty here is that there are many market research companies available. Most have specialization in a variety of technologies including network security. And to make things a little more complicated, each has it its own definition, criteria and approach to how vendors are evaluated and graded for their security effectiveness, performance and cost of ownership. The results often vary among them especially those that are vendor-sponsored research. Subsidized research and testing are always skewed to make one vendor’s product more favorable than its rival. And as such, these kind of reports lack objectivity, are seldom reliable from a technical perspective, and should not be viewed as serious research. So who should I depend on? Who do I need to stay clear of? Should I trust its finding completely? Where do I start? These are some good questions to help set clear direction and decision points. From our point of view, a good place to start is to give greater attention to independent research companies that are self-funded, has zero connection to any one vendor and focus exclusively on cyber-security. More importantly, you would also want the research to be fully verified by extensive public testing using different permutation of actual real-world use cases that best match your unique security environment requirements.

One particular company has differentiated itself in the IT security category over the past few years: NSS Labs. It is now broadly recognized as the world’s trusted authority in providing unbiased, independent, security product test reports and security intelligence services. NSS Labs reporting can help you shortlist vendors and their products based on empirical laboratory test results as opposed to fuzzy marketing, product surveys, opinion based analysis and/or peer-to-peer recommendation. The NSS Labs Test report is the ultimate validation of network security performance, resiliency and efficacy under various network traffic mixes and loads that mimic real-world use cases.  Download a free copy of the NSS Labs Test Report to gain knowledge of key performance indicators essential to the success of your cyber-defense strategy.