[metaslider id=2951] … Read More
Archives for April 2015
When it comes to security, organizations needs to consider how today’s employees actually work – more and more of the workforce is moving towards mobile – laptops, tablets, smartphones and thumb drives, and most of these devices will eventually hold sensitive data. According to the Forresters Global Security Survey – device loss or theft precipitated 24% of all data breaches.
As such there is a move by to employing encryption on the endpoints, which will not only assist with compliance regulations, but should be considered an essential tool for data protection.
According to the Forrester Wave TM, Sophos was deemed the ”breakout star” for Encryption with strong hardware –based encryption support, external media encryption policy flexibility, and file level encryption functionality. In addition a commitment o supporting the MAC OS.
Sophos SafeGuard Enterprise is the complete encryption and data protection solution—from computers to networks, and the cloud.
Sophos uses a single console to manage full-disk encryption, removable-media encryption, file share encryption and cloud –storage encryption. For an evaluation of the product, please click here, or contact us for more information.
In April 2015, Sophos UTM v9 earned the Common Criteria (ISO 15408) certification under the German Common Criteria Evaluation and Certification Scheme by the German Federal Office for Information Security BSI (Bundesamt für Sicherheit in der Informationstechnik). As soon as we receive the certificate it will be available for download under the following link: https://www.sophos.com/en-us/support/knowledgebase/117713.aspx.
The certificate with the identification number BSI-DSZ-CC-0942 applies to the product Sophos UTM v9 Packet Filter Version 1.000, which is the firewall component of the UTM security solution Sophos UTM v9 and was delivered with Sophos UTM 9.305. The certification is based on the Common Criteria Version 3.1 Revision 4 for the security level EAL4+ and was accompanied by the accredited testing laboratory SRC (Security Research & Consulting GmbH) situated in Bonn, Germany.
What is Common Criteria?
Common Criteria is a standard for evaluating the security features and capabilities of information technology products and is accepted by many countries around the globe. The highest internationally, mutually recognized certification level EAL4+ requires an inspection of the development site, as well as close scrutiny of the complete source code by independent experts. The certification process also includes flaw remediation, which evaluates Sophos’ processes for supporting Sophos UTM with future security and maintenance updates.
The IT Security Certificate warrants to customers, especially to those within the government sector, that security requirements are properly implemented and that the processes used meet recognized standards. One particular benefit of a Common Criteria certification is its compliance with various purchasing policies (e.g., NSTISSP #11 in the U.S.), mandating that federal departments and agencies shall acquire, for use on national security systems, only those information technology products that have been validated according to Common Criteria.
Hexis Cyber Solutions Releases HawkEye G 3.0 with Real-Time Host Event Detection and Integration of Third-Party Security Technologies with Automated Threat Removal
HANOVER, Md., April 20, 2015 –Hexis Cyber Solutions, Inc.(Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (NASDAQ: KEYW), and a provider of advanced cybersecurity solutions for commercial companies and government agencies, today announced a significant new release of its integrated cybersecurity platform, HawkEye G. New capabilities include ThreatSync™ for evidence-based detection and validation of unknown and known threats, and integration with third-party security technologies such as Palo Alto Networks and FireEye for detection and Splunk for increased threat intelligence.
New Capabilities Provide Accurate Policy-Based Automated Threat Removal
Point security solutions and manual remediation processes cannot adequately address today’s increasingly complex cyber threats. Point solutions lack the features, depth and speed needed to stop the external threat actors as they penetrate the perimeter, install malware, establish persistence and move laterally to reach the target. Furthermore, these point solutions generate large quantities of alerts and false positives, leaving it to the inundated incident responders and security teams to find serious threats hidden in all the alerts – making today’s networks more vulnerable than ever.
“Most industry benchmarks have concluded that the time between exploitation and discovery of malicious activity is measured in weeks, if not months,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Reducing the time required for detection and removal of cyber threats is the priority for security professionals today. Protecting business critical data, coupled with the overwhelming advanced skills shortage, has created the need for a unified solution that can detect, verify and remove threats at machine speed.”
In a recent report1 Forrester analysts John Kindervag and Stephanie Balaouras concur stating, “Given the consequences of data breaches, businesses can no longer rely on passive, manual procedures to defend against them. The only way to protect the exfiltration of our data by hackers and cybercriminals is to provide our security teams with a set of rules that will incentivize automated response.”
Working in conjunction with HawkEye G’s policy-based, automated threat removal engine, ThreatSync™ will lower the time between perimeter breach, detection and threat verification, thus empowering security teams to quickly and confidently defend themselves using machine speed removal of sophisticated adversaries.
New Analytics and Third Party Integrations Add More Context Improving Organizations’ Ability to Detect and Remove Threats
Leveraging threat fusion and analytics capabilities from ThreatSync™, and threat intelligence from third-party security solution providers, HawkEye G 3.0 operates as an evidence-based threat removal platform that combats attacks at machine speed. This also enables the security operations teams to more effectively leverage existing security investments as HawkEye G removes the alerts and alarms generated by the third party security products.
Gartner2analyst Lawrence Pingree highlights the importance of “Bringing together system events, network activities and indicators of compromise mapped across a graphical kill-chain timeline and comprehensive analytics capabilities are essential to operationalize and simplify EDR [endpoint detection and response] for security operations personnel.”
HawkEye G 3.0 not only provides its own host-based and network-based detection capabilities, but also integrates with enterprises’ existing security infrastructure by consuming, fusing and verifying third-party alerts. The new ThreatSync™Unified Threat Scoring Model measures threat alerts based on how successfully the adversary is meeting its objectives. If the threat is confirmed to be engaged in malicious activity, the threat score is raised and incident responders can execute automated countermeasures or receive an alert that will allow them to follow machine-guided actions to remove the threat. HawkEye G also integrates transparently into security systems, applications, and processes already in place at organizations, sending threat alerts and response actions to third-party reporting, dashboard and event management systems including Splunk, SIEMs and HawkEye AP.
“The staggering amount of false positives and ghost alerts generated by perimeter-based security devices has left security teams searching for a way to cut through the overwhelming noise,” said Chris Carlson, senior director of Product Management, Hexis Cyber Solutions. “With HawkEye G’s new ability to corroborate actual endpoint behavior captured on the platform’s host detection sensors with third-party data, our continuous monitoring capabilities will help capture, analyze, and remove malicious activity before compromise in the enterprise. This is truly a second generation product, and the customer responses from our initial installations have been extremely positive.”
HawkEye G 3.0 will be available April 30 through Hexis Cyber Solutions’ network of channel partners.