Plugging the Holes in Your Endpoint Security

In a study of data breaches by the Verizon Business Risk Team (http://tinyurl.com/3gsqcv)  18% of the breaches reported came from known vulnerabilities, while only 5% came from unknown vulnerabilities. Furthermore, 90% of the exploited known vulnerabilities had been identified for 6 months or more. That same study showed that the category VZB classified as “error” – misconfigurations, omissions, non-compliance, process breakdowns – contributed directly or indirectly to two-thirds of all breaches, with missing or misconfigured software accounting for 94% of that two-thirds.

Zero day attacks may get the press, but there are plenty of cyber criminals making a handsome living by using vulnerabilities that have been known for months. Why? Because pragmatic hackers know that in any given population of endpoint computers there will be plenty of machines that are improperly configured and out of compliance with basic essential security practices. Keeping up with these issues are completely swamping security teams, and they need automated processes that help them stem the tide.

Our solution, Resolution Manager can help plug a lot of holes in any defense in depth strategy.

1. Detection and remediation of zero day attacks and the other attacks that traditional, anti-virus software does not see.
2. Holistic remediation to clean up all of the damage done by an attack – not just deleting the malicious executable – that may cause additional vulnerabilities.
3.  Security Configuration Management – ensuring that the defensive software you have deployed is really deployed, properly configured, and in working order. 
4.  Enforcement of Security Policies – start every day with every endpoint machine in compliance with organizational or mandated policies.
5.  Eliminating Unauthorized Software – making sure that endpoint machines are free from software such as the peer-to-peer application that caused the Marine One data breach.

I will be touching on each one of these in more detail over the next several days to explain how we perform these critical tasks in endpoint security and what benefits your organization could expect to see if you were to put these initiatives into action.