These Information Security Tips when Working from Home are posted on behalf of Bhushan Deo, CISO for Thermax Limited. 

Connection & Access

1. Avoid connecting to unsecured Wi-Fi / networks for internet.
2. Use only company provided VPN / Citrix connection. Avoid use of any other utility for accessing applications / data.
3. Check & ensure latest antivirus updates on our laptop regularly.
4. Strictly avoid sharing our usernames and passwords to others.

 Data sharing & Collaboration

1. Adopt all proper & sensible precautions when handling Company data.
2. Save & share data from Company O365 One Drive.
3. Use Company O365 Teams to conduct meetings, to share information, screens etc.
4. Avoid use of social media like WhatsApp while discussing / sharing sensitive business information.
5. Do not give PRINTs at default printer of office, where the print-out may remain unattended (in absence of secure print) & may be misused.
6. Ensure adequate security provisions of your mobile phones to protect Company information being accessed.
7. Ensure that Company confidential information is not shared with unauthorised users, vendors, family, friends or members of the public.

 Phishing Emails and Websites

1. Strictly avoid opening e-mails, URLs & file attachments received from unsolicited or unreliable sources.
2. Fake emails are sent by hackers about Corona virus. Do not open such mails / URLs / attachments. Forward suspicious mails to _____ ID
3. Also avoid the use of various maps / graphics showing the spread of Corona. There are incidents of computer hacking through them.

 Physical protection

1. Avoid eating or drinking in the vicinity of our laptops / computers.
2. Avoid exposing the laptop / computer to sudden impacts or shocks, humidity, sunlight, water etc.
3. Do not repair, configure or change of system settings of the laptop / computer. Report to IT.
4. Lock laptop / computer screen when left unattended, to prevent alteration / deletion of data.
5. Ensure the physical protection of our laptops / computers.

 Other important points

1.  Do not install any software on any Company computer. Do not download / copy any type of unauthorised / pirated software.
2. Do not access Internet sites containing foul / obscene / illegal / unethical / adult / violence / rumours related content from Company computers
3. Do not use external, web-based e-mail services (e.g. gmail.com, yahoo.com, hotmail.com) for Company business communication.
4. Ensure to have written approval from Business authorities, prior to transferring the business information to anyone.
5. Do not copy Business data on removable media like USB storage.
6. Do not access others’ emails directly by using their passwords.
7. IT continuously monitors the technical & security usage of the IT Resources, to prevent & correct any performance issues & any misuse.
8. If you come across any misuse of Company information / asset, then bring to the notice of our business authorities, Functional Risk Officer (FRO), IT & HR; or mail to _____ email ID.
9. Use our IT resources in a legal, ethical & responsible manner. Do not use them for unauthorised commercial activities or unauthorised personal gain.
10. Report the Security incidents through IT tool / sending mail to _____ email ID.

P.s: Some details are gathered from our ISMS ISO 27001 policies

This is posted on behalf of Ashish Khanna, Assistant Vice President - Corporate IT for EIH Limited (Oberoi Group).

Due to CORONA virus most of the organizations are allowing their employees to work form home.Here is a checklist for work from home amidst COVID-19.

Check list for Work from Home Amidst COVID 19:

• First thing IT should check is the remote working capability in case of Work From Home (WHF) is required
  
  
• Segregate laptop and desktop users first.
  
  
• Desktop users should be allowed for “use your own device” or company-owned or rented laptops
  
  
• Deploy the endpoint monitoring agents and restrict the access as per the role, responsibility and company policies 
  
  
• Segregate and define productive applications
  
  
• Check readiness of access of all critical application over on Web/VPN
  
  
• Use messenger, file sharing, VC Meeting and screen sharing solution to avoid the travelling. (i.e. Team, Webex, GoTo Meeting, Skype etc.)
  
  
• Use WhatsApp so that people get update for the quick task
  
  
• Refer all organization email communications very seriously
  
  
• Vendor, Buyers/Suppliers should also enable for digital platform like VC meeting and emails
  
  
• Organizations must enable digital payment capability immediately if it is not there
  
  
• Use Wifi/Data Card/Hot Spot for the network connectivity
  
  
• To support above action items data Security and access management must be reviewed and validated by IT Team
  
  
• Single source of information handled by HR & Corporate
  
  
• Communication Team: Organization should have dedicated hotline/email id for emergency services (Employees can share their health condition and seek emergency support and care services) in case of any emergency

We wanted to share with you some of the amazing moments from “Annual Summit, India 2020” @ Bangalore on 21 & 22 Feb. We had over 700+ attendees including CISO and SACON attendees sharing knowledge through Taskforce Presentations, Panel Discussions Round Tables, Workshops and more making the conference a huge success.

Some Exciting Sessions & Task Force Meetups:

1. Keynote Session & Turbo Talks:

• Keynote By Nandan Nilekani: Democratizing India's Digital Economy - 3 big ideas of the last decade Aadhar, UPI, Account Aggregator
• Keynote by James Stanger: Surfing today's emerging tech - A policy based approach
• KeynoteTurbo Talk: Leadership -The Power of Influence 
• Turbo Talk: State of Security of Indian Companies
• Keynote Turbo: Minimalism to Mindfulness - Practical Strategies & Tactics for stress management
• Keynote By Monojit Choudhury: Evolution of AI : Past, Present, Future

2. Fellowship Program 

We launched the fellowship program which is a unique program focussed to groom the next generation security leaders by the security veterans.

• Board & Stakeholder Management (Prabhakar Mallya)
• Building CyberSecurity Strategy (Gupta Boda)
• RiskManagement Frameworks (Rajiv Nandwani)
• CISO Mind Set, Role, Board & Management Expectation and Capacity Building (Dr Lopa Mudraa Basu)

3. 1000+ Product Comparison (Open Source)

• We are glad to inform that security Product Discovery & Comparison Platform is now part of CISO Platform
• We launched it as a open source community driven project
  
• For more details: http://products.cisoplatform.com/security/home

4. Kids Awareness Initiative

• Post our kids awareness pilot training for last 2 years this year we are working to get 100 schools signed up for this program, pan-India
• Under the collaboration of CISO Platform & Cyber Peace Foundation we will sign up 100 schools for the ‘Kids Cyber Safety Initiative’. We launched the collaboration at the conference along with Rakesh Maheshwari (Group Co-ordinator Cyber Laws and e-Security Ministry of Electronics and Information Technology (MeitY)), Vineet Kumar (Cyber Peace Foundation)

5. Startup Award Recognition

• In our cyber security community one of the biggest pain-point is to know what startups have to offers. As a community initiative, we have tried to make it easier for CISOs to discover security products.
  
• Startups presented in a closed door session to the jury member
• Based on the jury's collective decision, the Top 3 CyberSecurity startups were selected and felicitated during the after noon session

6. Launched Top 20 Influencers (India)

• At CISO Platform we have initiated a recognition for Top 20 Security Influencers based purely on peer voting
• To see the list here is the link (please refer Top 20 Influencer Section): https://event.cisoplatform.com/top-100-ciso-awards-2020/

7. Panel Discussions & War Games

• Building SOC: Critical success factors & vendor Evaluation criteria
• Third Party Risk Management : Checklists, Frameworks & Tools
• Emerging Security Trends in 2020
• Cyber Security Best Practices for 2020
• Offensive Security : Frameworks, Tools & Best Practices
• First 90 days plan after joining as a CISO
• Reference Architecture for a Multi Cloud Environment

• Presenting Security to your Board & Managing your Stakeholders

8. Playbook Round Table:

• SDLC Security Gap Analysis: Discover the missing security links in your chain
• Ideas-Budgets-Reality :Speaking the language of the CEO and the Board
• Dynamic Cyber Defence Transformation
• Zeroing-In on Zero Trust Security
• Implementing Cloud Workload Protection Technology
• Offensive Security & Attack Surface Analysis
• Managing 3rd party & Supply Chain Risks
• Shadow IT Risk management

SACON Workshops:

• Threat Hunt
• Windows Malware 101: Reverse Engineering and Signature Generation
• Radio Communication
• The open group (CFS) - Zero Trust
• Building SOC Using Open Source Tools
• An introduction to Data Privacy
• Personal Data Discovery & Mapping - Challenges faced, Methodologies & Tools employed
• India's Personal Data Protection Bill - an overview
• An Architectural Approach to Data Privacy
• Security vs Privacy - A Zero-Sum Game?
• Implementing a Privacy Program in a large Conglomerate: Challenges & Learnings
• Challenges & Approach
• Privacy in Technology: Kickstart of the Hackathon
• Darkweb 
• The Power of API
• Kubernetes hacking demo
• Practical exploitation of IoT Networks & Ecosystems

Fun Sessions:

• Mentalist Show
• Caricature Artist
• Book signing by - Nirmal John : "BREACH"

Photo Album

Some great photographs have been compiled into an album. Help us Tag you ( Tag yourself ) and let us know if you want to add some pictures you took at the event. Email - shital.singh@cisoplatform.com

• Here's the Photo Album link - Click Here
• Here's the CISO Platform 100 Recognition Photo Album Link - Click Here
• Please upload any good event picture we missed and you took (Community Folder) - Click Here

P.S. We are yet to collect some of the presentations, post collection we will send you the links to presentations too

What will you learn:

• How is deception technology different from honeypots ?
• Deception v/s EDR, UEBA and NTA
• A hacker’s view of deception across the kill-chain
• Key technology capabilities or key components of deception technology

About Speaker:

• Sahir started his security career as an ethical hacker and is a serial cybersecurity entrepreneur. His companies have investigated several high-profile data breaches with clients that include critical national infrastructure, global financial institutions and Fortune 500 companies. His work has been featured as a cover story in Fortune India magazine, and his thoughts on technology risk management appear regularly in print and television media.

• Well if you are a tech enthusiast, you must have come across these words just like I have a lot of times! But I had never looked so deeply into finding out the differences as I thought deep web and darknet are the same, but it’s not. So, let’s understand the difference between Surface Web, Deep Web, Dark Web and Darknet. Also understand what darknet browsers are needed to enter darkweb and darknet.

What is Surface Web?

• Let me tell you one thing, if you are reading this blog then you are exploring the surface part of the web. The websites, webpages and information that you find using web search engine like Google, Yahoo, Bing, etc. only portray that you are exploring just the surface of the web. Search Engines use the crawling process to index the webpages. Thus, the general public access only surface web. Now, let’s go little deeper.

Did you know?

• 4% of the content is only available for the general public in the entire ocean of the web.

What is Deep Web?

• The content that you cannot find using the search engine is termed as deep web. For example- If you search for something specific in the search engine it will give you many links and you will only find the content that you are looking for after clicking those links. Every website has its own search box. Thus the search engine’s search is limited to navigate the website. It won’t give you the links that are deep inside the website even if your search is specific. You have to go through different websites to find the particular link.
• In simple terms, there are places in web that cannot be accessed by search engines but can be accessed if you have an address.

Did you know?

•  96% of the content is available in the entire ocean of web.

What is Dark Web?

• The data that are purposefully unrevealed and is not attainable through any standard web browsers is termed as dark web. Dark Web is mostly used for illegal and nefarious activities. The content inside Dark Web is usually found using the Tor network.

Did you know?

• Have you heard of the Silk Road? It is an online black market, infamous for selling and purchasing illegal drugs. In October 2013, FBI shutdown the website and arrested the owner but still in November 2013 Silk Road 2.0 came online. It was shutdown again by the FBI in 2014.

What is Darknet?

• A different network that is encrypted and is created upon the existing internet is Darknet. It can only be accessed by using some specific configuration of the tools and software.

Darknet browsers:

• Some of the popular darknet browsers are Freenet, Tor, GNUnet, I2P, OneSwarm, RetroShare, etc.
• Two types- i. Friend-to-friend networks (used for sharing files using peer-to-peer connection) ii. Privacy networks (such as Tor). Darknet is mainly used for doing illegal activities- computer crime, Purchase or sell illegal goods and services, news leaks, mass surveillance, pirated movies, child pornography, etc.

Difference between Surface Web, Deep Web, Dark Web and Darknet

Note: Dark Web and Darknet are not the same.

Did you know?

• Tor Browser is not totally secure and has vulnerabilities through which attackers may be able to find who is using a Tor Browser. Maximizing the Tor Browser can reveal the window and screen size.

What is Blockchain?

• Conventionally, we had a habit of maintaining everything in a centralized repository and safeguarding it by applying perimeter security. Blockchain is a current breakthrough technology which eliminates centralized concept and show cases the shared, distributed updated records of who is doing what. Although it is decentralized, it supports access rights and is secured by nature. Being immutable as one of its characteristics, it gives us more trust.

Application of Blockchain in Cyber Security

• Cyber security needs much more attention to fight against adversary; blockchain will really be helpful to achieve this. Already some organizations have started addressing the loopholes in security. At present we are using PKI (Public Key Infrastructure) structure to verify the parties in network communication, but Guardtime went further and implemented KSI (Keyless Signature Infrastructure) through that we can see this as the next step of evolution in cyber security.

• Identity and Access Management is the important factor to authenticate the legitimate user, but this as the solution will not be adequate for the current scenario, hence we need a better solution because of spoofing. To address this, REMME came up with the solution by using blockchain technology to authenticate user in a distributed manner.

• Right now all major vendors understand the importance of blockchain and are trying to address various issues with the help of blockchain technology. Some of them are Microsoft Azure providing Blockchain as a Service (BaaS), IBM Blockchain Platform and even banks are trying to implement this, to do transactions using this essential technology.

Will Blockchain Redfine Cyber Security?

• By default blockchain provides us integrity but the question arises whether CIA (Confidentiality, Integrity, and Availability) is attainable or not because we can’t achieve full-fledged security with integrity alone. Using blockchain as an underlying technology Bitcoin is being widely used without any inconvenience, this is one of the proofs of concept showing that we can successfully implement blockchain in cyber security.

• So with this we can say that blockchain can revolutionize the cyber security by applying it in network communication and IoT (internet of Things). It all depends on the security protocols and algorithms which we are using to build blockchain in cyber arena. But we can clearly see that blockchain is one of the most trending technologies and it will change the way we use the internet.

• Bitcoins are one of the most popular cryptocurrency which is growing rapidly for one of its unique feature where Nobody controls the transactions physically.

Prologue  

• It was on November 8, 2016 when the Prime Minister Narendra Modi broke the news of Demonetization and billions of Indians were gobsmacked, and gradually many things happened. Lines snaked around the ATM’s, few political parties protesting outside bank while few trying to adapt to this sudden storm hoping to make India go completely Digital.

Upswing for CryptoCurrency

• Most of us have heard of  crypto currencies like Bitcoins, Zecash, Litecoin, Ripple (XRP that is open source but nobody handles it and it is public. Bitcoin is one of those thousands cryptographic currencies that is rapidly changing the world.
• Earlier the value of one bitcoin was 437$ and now it has escalated to 4554$ says a report.
• While in India these bitcoins are fast gaining favors, there is a record of 35,648 downloads dating from the launch of Bitcoins on 9 November 2008.Ever since the bitcoins began to gain attentions from all the corners, financial regulators tried to stop and even tried to ban the concept of cryptocurrency.
• Also in the mid of 2013 the Reserve Bank of India raised warning to the public of not using cryptocurrency considering the risk and no underlying value. Eventually, after all the discussions on 8^th of April, the monastery for state of finance declared these virtual currency as legal, followed by a committee for regulating the bitcoins.

Functionality of  BitCoins

• Bitcoins work on a lays backbone termed as BLOCK CHAIN TECHNOLOGY– this is a technology where a shared public ledger is generated in this way all the transactions are stored in one main document(ledger). The implementation of this Technology can be used from financial sectors, cloud to internet of things.
• Basically, An algorithm is used to maintain the record which reduces the human dependencies to verify the transaction.  This method of using an online ledger is much on a safer side because each block in the chain uses a cryptographic signatures for second change of the ownership.
• The USP of this technology is two entities can transact  successfully with a tamper-proof architecture.

Block Chain Technology basically works on three concepts:

• Private Key Cryptography
• P2P Network
• Program – Block chains Protocol

Through this any digital transactions can be performed without any centralizes third party.

Ransomware attack -To mine cryptocurrency

• Wanna Cry- On 12^th May Friday the attack was fired like bullets to various parts of the world. It was a crypto worm that targeted the systems which was running Microsoft Windows as their operating systems. The main Plan of Action of this attack was to encrypt the data residing on the computers, disabling access to the information through which the demand for the payment was put front in the form of bitcoins.
• Petya–It is a ransomware attack which took place on 2016 attacking on the windows affecting the master boot record and thereby executing the payload which results in encrypting the file system. The major cyber-attack took again in 2017 targeting Ukrainian companies later the attack was carried on to France, Italy, Germany, Poland and U.S.

Worth of these “digital gold”

• Bitcoins cannot be stolen– As the address of the owner can be changed by the owner itself. It requires a Physical access to the user’s computer to steal.
• No third-party interference– Transaction databases will be stored in multiple copies where the government cannot freeze your money.
• Tax free-As there is no entry for the third party intervention there is no taxation for bitcoins.
• No-Transaction costs-Transaction between the clients requires them to be connected to the nodes, contributing to the network. Thus sharing will reduce the cost of transaction.
• Elimination of paper work– Since all the transactions are online/network based clients may not have to keep the record of the flow which also reduces the attack like MITM and physical theft.

Bitcoins 2020- What predictors have to say……..

• According that the bitcoin will be closer $3,000 by the end of 2017.With no degree of certainty financial experts say that “The Future is Bright” for Indians who invest and make financial transaction digitally.
• The Buying process of Bitcoins will  be made much simpler than it is at the present. All indications point that the process will get more streamlined, so that the investors or any general public can blindly choose digital money over paper money
• Thus the Scepticism about these digital currency will be dissolved  into a clear picture and provides the road map efficiently.

Equifax Breach Postmortem: Top Mistakes Enterprises Should Avoid

• Equifax hack needs no introduction. One third of American lost their social security number due to this single breach. Here’s some of the top mistakes/learning from Equifax breach from my perspective. I would invite all of you to also add your comments and thoughts.

1. Patch on time (Yawn ..)

• Most of the breaches happen not because of zero days but because of known vulnerabilities. Build a strong vulnerability management and patching program in place. It is the low hanging fruit in terms of finding the vulnerabilities. It is much tougher to patch due to operational reasons despite knowing due to potential business downtime.

2. If you can’t patch, build compensatory controls 

• Sometime patching could be difficult or less feasible. However you can have compensatory controls like having a Web Application Firewall configured. You can create special rules for your SOC to detect early triggers related to the known unpatched vulnerability. There are other new and emerging technologies like RASP and many more.

• Getting hacked is common and we should assume that it will happen. Encryption is an absolute must.

4. Use Open Source with Care

• If you are using open source then conducting analysis on source code, or software composition analysis is a good idea. Open source doesn’t necessarily mean that you are more or less secure. It is how you handle it.

9. Invest in Application security program

• Application security program can have as many as 70+ activities. Check out OWASP OPENSAMM. It is not just about pen testing. Consider other aspects like vendor risk management, Testing like SAST/DAST/IAST, Architecture Review, Training and many more.

10. Hire strong security leadership

11. Management Awareness and Involvement

• CEO, Board and the management needs to be aware of the security risks. It is important to create an alignment in terms of understanding the risks, deciding on the acceptable risks so that the technology and business is aligned. Management should ask the right questions to the CISO. It may not be a bad idea to have an advisor/board member who is experienced in security.

12. Last but not the least

• Tell me what’s your thought. What did I miss?

• Vulnerability assessment is a process that defines, identifies, and classifies the security holes in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use. This article provides you a list of popular Vulnerability assessment vendors for Q1 2017.

• Here are the top 5 Vulnerability assessment vendors to watch out for:

Tenable

• Tenable Nessus protects your IT environment by running vulnerability scans, configuration and compliance checks, malware detection, web application scanning and more
• To Know More:  Visit Tenable Nessus Product Page

Rapid7

• Rapid7 Nexpose is the industry-leading vulnerability management solution that enables you to focus on risk that matters while greatly reducing the time required to run a successful vulnerability management program.
• To Know More:  Visit Rapid7 Nexpose Product Page

• (Read More: Open-Source Security Management and Vulnerability Impact Assessment)

Qualys

• Qualys Vulnerability Management (VM) is a cloud-based service that gives you immediate, global visibility into where your IT systems might be vulnerable to the latest Internet threats and how to protect them. It helps you to continuously identify threats and monitor unexpected changes in your network before they turn into breaches.

Beyond Trust

• AVDS is a complete network scanning solution available in a broadproduct line. AVDS was designed for continent spanning networks with tens of thousands of IPs, but that same, powerful scanning engine is available in an entry level version for small networks run by a single administrator. It is also available as a hosted solution for the scanning of one to one thousand external IPs or web sites.
• To Know More:  Visit Beyond Trust AVDS Product Page

Mcafee (Now Intel)

• (Product is discontinued/End of Life) McAfee® Vulnerability Manager with the McAfee Asset Manager feature—part of the Intel® Security product offering—delivers unrivaled scalability and performance, actively and passively canvassing everything on your network. If a device or asset has an IP address or is using your network, McAfee Vulnerability Manager can discover and assess it, automatically in real time, revealing the compliance of all assets on your network.
• To Know More:  Visit McAfee® Vulnerability Manager Product Page

Disclaimer: Vendors in the list are selected based on real users’ activities in Vulnerability Assessment Market at Product Comparison Platform.

• Security services of a network are often outsourced to an outside or third party service provider. Such an outsourced security service is called Managed Security Services (MSS) and the service provider provider is called Managed Security Service Provider (MSSP). This article provides you a list of top 5 Managed Security Service Provider (MSSP) for Q1 2017.

• Here are the top 5 Managed Security Service Provider (MSSP) to watch out for:

IBM

• IBM Managed Security Services are network security services that IBM offers to its clients to deliver the infrastructure, knowledge resources and on demand expertise that can help organizations safeguard their systems from Internet attacks—all at a fraction of the cost of typical in-house security resources.
• To Know More:  Visit IBM Managed Security Services Page

Dell

• Dell Managed Security Services enable a completely secure infrastructure, so that you can focus on running your business. Acting as a natural extension of your IT,Dell will manage day-to-day security operations and proactively address the real threats to your networks. Its IT security services limit and remove the costs of business disruption and data loss by reducing and eliminating exposure to threats.
• To Know More:  Visit Dell Managed Security Services Page

Symantec

• Through Symantec’s Managed Security Services (MSS), companies receive 24 x 7 x 365 security monitoring and real-time security analytics, equipping them with the strategic insights needed to prioritize and respond to the most critical incidents and build strategies to protect the assets, reputations and viability of their organizations. Symantec MSS is a comprehensive, advanced threat detection service that is built on a close partnership between our MSS analyst teams and each customer.

(Read More: Build vs Buy – Forrester’s Security & Risk Practice Playbook)

Wipro

• Wipro providessecurity event monitoring and incident response, infrastructure security operations, threat andvulnerability management, and other security services under the ServiceNxt MSS brand.Services are delivered from six SOCs in the Asia/Pacific region, two in Europe and one inNorth America.offers managed network security analytics and threatdetection services using commercial solutions deployed on the customers’ premises.
• To Know More:  Visit Wipro Managed Security Services Page

Verizon

• Using both cognitive and automated security monitoring and analysis methods, managed services of Verizon uncover indicators of compromise in network traffic and security logs that can help keep your organization ahead of would-be attackers—identifying gaps, weaknesses, and areas of vulnerability across your infrastructure. The heightened intelligence allows us to offer valuable insights into evolving risks and attack patterns affecting enterprises today.
• To Know More:  Visit Verizon Managed Security Services Page

Disclaimer: Vendors in the list are selected based on real users’ activities in Managed Security Service (MSS) Market at Product Comparison Platform.

• Unified Threat Management (UTM) is an all in one security solution that integrates firewalls, anti-viruses, content filtering, spam filtering, VPN protection, anti-spyware and other security system you need to protect your network. It can perform many security functions simultaneously to provide layered protection to all sizes of organization. This article provides you a list of top 5 Unified Threat Management (UTM) Vendors for Q1 2017.

• Here are the top 5 Unified Threat Management (UTM) vendors to watch out for:

Sophos

• Sophos UTM’s simple, intuitive user interface (UI) is designed to let you quickly protect your network and users. It offers the latest next-gen firewall protection including mobile, web, endpoint email encryption and DLP
• To Know More:  Visit Sophos SG Series firewall/UTM appliances Product Page

Check Point

• Check Point has one of the best united threat management, or UTM, approaches, providing solid products — both for the high and low ends of the market — with the essential features enterprises look for.
• To Know More:  Visit Sophos SG Series firewall/UTM appliances Product Page

 Cisco

• The Meraki dashboard provides deep visibility and control over all of your Security Appliances from any Internet-accessible device, anytime, anywhere. View networked clients, bandwidth consumption, and application usage across all sites—and push policies to block, shape, or whitelist activity to optimize performance and user experience.

(Read More: Machine Learning & Analytics For Threat Detection)

Fortinet

• FortiGate UTM solutions are compact, cost-effective, all-in-one security appliances ideal for small businesses, remote, and retail networks. They include high-performance next generation firewall, VPN, IPS, application control, web filtering, antivirus, antispam, data loss prevention, and more—easily managed via a single console.
• To Know More:  Visit FortiGate UTM Product Page

Dell

• Unified threat management (UTM) technology delivers comprehensive protection and simplifies security management, all without slowing your network. Get gateway antivirus, anti-malware, anti-spam, intrusion prevention, content/URL filtering, SSL VPN and application control capabilities in a single package.
• To Know More:  Visit Dell SonicWALL Product Page

READ MORE >>  Top 6 Emerging Endpoint Detection & Response (EDR) Vendors at RSAC 2017To Know More:  Visit Cisco Meraki MX appliances Product Page

Disclaimer: Vendors in the list are selected based on real users’ activities in Unified Threat Management (UTM) at Product Comparison Platform.

• Encryption is a process of protecting your sensitive data by converting it into encoded information which could be read only with a key. Endpoint Encryption ensures data privacy by encrypting data stored on your endpoints—including PCs, Macintoshes, DVDs, and USB drives, which can easily be lost or stolen. This article provides you a list of Best Encryption Softwares for Q1 2017.

• Here are the Top 5  Encryption Vendors to watch out for:

Sophos

• Sophos SafeGuard Enterprise Encryption 7 introduces the most complete data protection solution on the market today, protecting data on multiple devices and operating systems. Whether data resides on a laptop, a mobile device, or being collaborated upon via the cloud or other file sharing method, SafeGuard Encryption is built to match organizational workflow and processes without slowing down productivity.
• To Know More:  Visit Sophos SafeGuard Enterprise Encryption Product Page

McAfee (Now part of Intel)

• McAfee Complete Data Protection secures critical data on endpoints with powerful enterprise-grade drive encryption. This endpoint encryption suite also enables management of native encryption on Macs and Windows systems.
• To Know More:  Visit Mcafee complete data protection – Advanced Product Page

(Read More: Crypto 101: Encryption, Codebreaking, SSL and Bitcoin (RSA Conference 2016)

Symantec

• Symantec’s encryption portfolio includes endpoint, file and folder and email encryption. Integration with Symantec Data Loss Prevention automatically encrypts sensitive data being moved onto removable media devices or residing in emails and files. Robust management features include individual and group key management, automated policy controls, and out-of-the-box, compliance-based reporting.
• To Know More:  Visit Symantec endpoint encryption Product Page

Kaspersky

• Data encryption with highly integrated security policies that can be aligned with application and device controls protects your data if devices or files are lost or stolen
• To Know More:  Visit Kaspersky Endpoint Security – Advanced Product Page

Vaultize

• Vault KNOX technology uses a (U.S. patented) methodology to perform military-grade encryption of your data together with de-duplication on user devices at the source itself. Vaultize’s unique data containerization process provides unprecedented security down to the file level, liberating users form relying on third-party security protocols.
• To Know More:  Visit Vaultize Knox Product Page

Disclaimer: Vendors in the list are selected based on real users’ activities in Encryption at Product Comparison Platform.

• Before talking about the top 5 vendors providing DNS Security (Domain Name System Security), let us first fully understand what DNS Security does and if security is not implemented how can it be harmful.

What is DNS (Domain Name System)?

• DNS (Domain Name System) is the most important part of Internet. When entering any website’s address (e.g. www.firecompass.com- easy to remember), the address is converted into machine readable numbers i.e. IP Address (e.g. 64.383.372.190 – not easy to remember). Thus, DNS converts the human-readable address into machine-readable IP Address. ICANN manages the DNS Root Servers.

What can an attacker do?

• Hackers found some weakness in DNS which can allow attackers to create a fake DNS records. These fake records can trick users to visit fake websites, downloading malicious files and software’s. Attacker can gain the control and redirect the domain name to another or fake domain.

Types of Attack:

• DNS Cache Poisoning and Spoofing, Dos, DDos, IoT botnet DDos, DNS amplification, Fast-flux DNS, NXDOMAIN flood, Slow drip, TCP SYN flood, Domain brute Force, Reverse lookup, Zone Transfer, Zone walking

Impact:

• Brand Damage: Imagine the mess that will happen in the company when your employees and/or customers are not able to access your website due to an attack.
• Imagine if online banking system was corrupted.
• Financial Loss: Imagine if your company’s payment site is redirecting to fake site and payment is made in that site.

Solution:

• Implement DNS Security.

Below are the Top 5 Vendors providing DNS Security: –

Infoblox:

• Infoblox security products enable you to mitigate security challenges that arise from DNS-based threats. Their DNS solutions combine automation, centralized reporting and policy management, enhanced visibility, and unique actionable intelligence drawn from the data residing in the core of your network.
• Product: DNS Traffic Control, DNS Firewall, Advance DNS Protection

Nominum:

• Nominum provides DNS-based security and services innovation. The Silicon Valley company provides an integrated suite of carrier-grade DNS-based solutions that enable fixed and mobile operators to protect and enhance their networks, strengthen security for business and residential subscribers and offer innovative value-added services that can be monetized. Nominum deliver a safe, customizable internet and promote greater value to over half a billion users.

EfficientIP:

• EfficientIP solutions offer a specialized layer of in-depth-defense to fill the gaps left by traditional security systems. Their 360° DNS Security provides a holistic approach to protect public and private DNS infrastructures from both internal and external DNS threats, regardless of the attack type. The 360° DNS Security solution is comprised of five products, which work together (or as standalone offerings) for a more reliable and secure network.
• Product: DNS Blast, DNS Guardian, DNS Cloud

BlueCat DNS:

• BlueCat DNS ensures your critical network infrastructure and business-critical core services are reliable, resilient and highly available and that no configuration change can cause an outage or leave stale or inconsistent DNS records. It delivers scalable, resilient and highly available DNS services across the enterprise, with the flexibility to deploy in high-throughput, centralized architectures, or fully distributed environments with thousands of service delivery points.
• Product: BlueCat DNS Integrity, BlueCat DNS Edge

Cisco:

• Cisco Umbrella provides the first line of defense against threats on the internet. As Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes. Cisco Umbrella uses the internet’s infrastructure to block malicious destinations before a connection is ever established. By delivering security from the cloud, not only do you save money, but we also provide more effective security.
• Product: Cisco Umbrella

• Before talking about the top 5 vendors providing DNS Security (Domain Name System Security), let us first fully understand what DNS Security does and if security is not implemented how can it be harmful.

What is DNS (Domain Name System)?

• DNS (Domain Name System) is the most important part of Internet. When entering any website’s address (e.g. www.cisoplatform.com- easy to remember), the address is converted into machine readable numbers i.e. IP Address (e.g. 64.383.372.190 – not easy to remember). Thus, DNS converts the human-readable address into machine-readable IP Address. ICANN manages the DNS Root Servers.

What can an attacker do?

• Hackers found some weakness in DNS which can allow attackers to create a fake DNS records. These fake records can trick users to visit fake websites, downloading malicious files and software’s. Attacker can gain the control and redirect the domain name to another or fake domain.

Types of Attack:

• DNS Cache Poisoning and Spoofing, Dos, DDos, IoT botnet DDos, DNS amplification, Fast-flux DNS, NXDOMAIN flood, Slow drip, TCP SYN flood, Domain brute Force, Reverse lookup, Zone Transfer, Zone walking

Impact:

• Brand Damage: Imagine the mess that will happen in the company when your employees and/or customers are not able to access your website due to an attack.
• Imagine if online banking system was corrupted.
• Financial Loss: Imagine if your company’s payment site is redirecting to fake site and payment is made in that site.

Solution:

• Implement DNS Security.

Below are the Top 5 Vendors providing DNS Security: –

Infoblox:

• Infoblox security products enable you to mitigate security challenges that arise from DNS-based threats. Their DNS solutions combine automation, centralized reporting and policy management, enhanced visibility, and unique actionable intelligence drawn from the data residing in the core of your network.
• Product: DNS Traffic Control, DNS Firewall, Advance DNS Protection

Nominum:

• Nominum provides DNS-based security and services innovation. The Silicon Valley company provides an integrated suite of carrier-grade DNS-based solutions that enable fixed and mobile operators to protect and enhance their networks, strengthen security for business and residential subscribers and offer innovative value-added services that can be monetized. Nominum deliver a safe, customizable internet and promote greater value to over half a billion users.

EfficientIP:

• EfficientIP solutions offer a specialized layer of in-depth-defense to fill the gaps left by traditional security systems. Their 360° DNS Security provides a holistic approach to protect public and private DNS infrastructures from both internal and external DNS threats, regardless of the attack type. The 360° DNS Security solution is comprised of five products, which work together (or as standalone offerings) for a more reliable and secure network.
• Product: DNS Blast, DNS Guardian, DNS Cloud

BlueCat DNS:

• BlueCat DNS ensures your critical network infrastructure and business-critical core services are reliable, resilient and highly available and that no configuration change can cause an outage or leave stale or inconsistent DNS records. It delivers scalable, resilient and highly available DNS services across the enterprise, with the flexibility to deploy in high-throughput, centralized architectures, or fully distributed environments with thousands of service delivery points.
• Product: BlueCat DNS Integrity, BlueCat DNS Edge

Cisco:

• Cisco Umbrella provides the first line of defense against threats on the internet. As Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes. Cisco Umbrella uses the internet’s infrastructure to block malicious destinations before a connection is ever established. By delivering security from the cloud, not only do you save money, but we also provide more effective security.
• Product: Cisco Umbrella

Here is the list of top 5 vendors emerging Threat Hunting tools, but before that let us understand what threat hunting exactly refers to.