Over The Last 12-18 Months, the way we run our business and manage our teams has Changed. Our data, applications, users are everywhere. We are more reliant on The Cloud than ever before. As a result, many security leaders globally are turning to zero trust, as protecting the scattered ecosystem requires a correlation of real-time security context across all security domains.

Why has zero trust become a huge cyber priority now?
How to align zero trust to business initiatives?
Can zero trust help address internal threats, especially with employees working remotely?
How do I enable zero trust across complex, hybrid cloud environments?
How do I leverage zero trust to ensure data privacy?
How to get started with zero trust?

About Speaker

Shivaswaroop NS, Consulting and Delivery Lead - Security Services, IBM India

Ketan Solanki, Security Architect, Infrastructure and Endpoint Services, IBM India

Webinar (Recorded)

The ‘SolarWinds hack’, a cyberattack recently discovered in the United States, has emerged as one of the biggest ever targeted against the US government, its agencies and several other private companies.

About Speaker
Sudhakar is Progressive CEO and Board member with nearly 25 year track record of delivering strong business results in startup, mid-size and large companies. Created and scaled businesses in enterprise software, Cloud/SaaS, Mobile Platforms and Applications, Software Defined Networking, Security, Unified Communications and Collaboration and Service Provider segments.

Bikash Barai is the Co-Founder of FireCompass, an AI assistant for IT security decision makers. Earlier he founded iViZ an IDG Ventures backed company which was later acquired by Cigital. He is also an early advisor at CISO Platform

Fireside Chat (Recorded)

As enterprises battle to conquer the new normal, an old concept of ‘Zero Trust’ has come to the fore. What is zero trust and how pertinent is it for the situation that businesses find themselves? What is the right approach to implement this framework?

About Speaker
Bob Kalka, CRISC, is a Vice President in the IBM Security Business Unit. He has been involved in the information security industry for 20 of his 25 years with IBM. He has held a number of leadership positions in product management, sales, business development, marketing management and product development. He is a frequent international speaker on the relationship of business with Information Technology, cloud computing and security, and has had numerous papers and articles published on these topics. He also holds a United States Patent related to secure distributed computing software.

Keynote (Recorded)

We are very excited about the 13th year of the Summit. Here's a quick glance to help you see what's the excitement about.

Date & Venue : 2-3 June, 2021. Virtual Platform

Register here : https://bit.ly/3b56OaY

Keynotes By International Experts

• Trends In Modern Security Operations - Dr Anton Chuvakin
• There Is No Magic In Cyber - Florian Hansemann
• The As, Bs And Four Cs Of Testing Cloud-Native Applications - Dan Cornell
• Cybersecurity Challenges Of IoT - Chuck Brooks
• The Tale Of The APT - Raj Samani
• The Entire Security Industry - Richard Stiennon

Fireside By International Experts

• Continuous Security Validation And Practical Strategies - Brad LaPorte
• 10 Emerging Threats To Enterprise Applications - Mike Spanbauer
• How to Present Cyber Security Risk To Senior Leadership - Allan Alford

Panel By International Experts

• Guide To Ransomware Prevention, Response And Recovery - Ziauddin Ansari, Raghvendra verma, Mohammed Siddiq, Mohammed Azmathulla Shaik
• How Nation State Attacks Are Fundamentally Changing Cybersecurity - Matthew Rosenquist , Herb Kelsey
• How To Protect Against The Latest Threats - Ravi kumar, J. Gokulavan, Dilip Panjwani
• Next Generation Red Teaming - Securing The Security Posture Of Your Organization - Vijay kumar Verma, Milind Mungale

Workshops By International Experts

• Python OSINT Collection from Geographic Hot Spots – Live While They Happen
• Red and Blue Team Joint Operations Learning the Offensive/Defensive TTPs
• Practical Mobile App Attacks By Example
• CEMA and CEWO - Weaponized RF And It's Role In Warfare Operations
• An Introduction To The OWASP ModSecurity Core Rule Set
• Threat Hunting 360 – Where To Look
• A Stroll Through The Kill Chain
• Privacy Aspects, When Providing Digital Products And Services
• Framing The Importance Of Cybersecurity To Non-Technical people
• Every CISOs First 90 Days On The Job
• Learning Vendor Governance
• Challenges of Shadow IT In The Post Covid World
• Security Transition – A New Perspective On Security For The Board By The CISO
• Defending Docker Implementations
• Cyber Security In The Power Grid
• DPO The New Destination For CISOs
• Internet Security For Kids

Register Now : https://bit.ly/3b56OaY

In keeping with the latest happenings in Information security, this article is on the 10 finalists  of RSA innovation sandbox contest held at the RSA Security conference, the world's leading Information security conference. Companies with innovative products and disruptive technologies are given platform to pitch their product. This competition promotes innovative thinking and encourages out-of-the-box  ideas.

The finalist have to demonstrate  their products and deliver a 3 minute long presentation in front of attendees and Judging panel. The judges based on participants demonstration and presentation decides the winner.

List of Finalists:

• AppOmni
• Blu Bracket
• Elevate Security
• ForAllSecure
• INKY Technology
• Obsidian Security
• SECURITI.ai
• Sqreen
• Tala Security
• Vulcan Cyber

Winner of RSA Innovation sandbox 2020 contest : 

SECURITI.ai

Headquarters: San Jose, California

Founded: 2018

Current CEO: Rehan Jalil

SECURITI.ai is a leader in AI-powered PrivacyOps. Its PRIVACI.ai solution automates privacy compliance with patent-pending People Data Graphs™ and robotic automation. It enables enterprises to give rights to people on their data, comply with global privacy regulations and build trust with customers.

Other Finalists

AppOmni

Headquarters: San Francisco

Founded: 2018

Current CEO: Brendan O'Connor

AppOmni is a leading software-as-a-service (SaaS) security and management platform providing data access visibility, management, and security of SaaS solutions. AppOmni's patent-pending technology deeply scans APIs, security controls, and configuration settings to secure mission-critical and sensitive data.

Blu Bracket

Headquarters: PALO ALTO, California

Founded: 2019

Current CEO: Prakash Linga

BluBracket is an enterprise security solution for code in a software-driven world. BluBracket gives companies visibility into where source code introduces security risk while also enabling them to fully secure their code—without altering developer workflows or productivity.

Elevate Security

Headquarters: Berkeley, California

Founded: 2017

Current CEO: Robert Fly

Elevate Security solves for the human element. Using data companies already have, Elevate Security scores employee risk based on their security actions, showing actionable trends while delivering personalized communications that nudge employees to better security habits. 

ForAllSecure

Headquarters: PALO ALTO, California

Founded: 2012

Current CEO: David Brumley

ForAllSecure aims to secure the world’s software. Using patented technology from CMU research, ForAllSecure delivers a next generation fuzzing solution to Fortune 1000 companies in telecom, aerospace, automotive and more. DARPA named ForAllSecure a Cyber Grand Challenge winner and MIT Tech Review named it one of the 50 Smartest Companies. 

INKY Technology

Headquarters: Maryland

Founded: 2012

Current CEO: David Baggett

INKY is an industry leader in mail protection powered by unique computer vision, artificial intelligence, and machine learning. The company's flagship product, INKY Phish Fence, uses these novel techniques to "see" each email much like a human does, to block phishing attacks that get through every other system.

Obsidian Security

Headquarters: California

Founded: 2017

Current CEO: Glenn Chisholm

Obsidian Cloud Detection and Response delivers frictionless security for SaaS. Using a unique identity graph and machine learning, Obsidian stops the most advanced attacks in the cloud. Unified visibility across applications, users, and data provides threat detection, breach remediation, and security hardening with no production impact.

Sqreen

Headquarters: Paris

Founded: 2015

Current CEO: Pierre Betouin

Sqreen is the application security platform for the modern enterprise. Organizations of all sizes trust Sqreen to protect, observe and test their software. As opposed to pattern-based approaches, Sqreen analyses in-app execution in real time to deliver more robust security without compromising performance.

Tala Security

Headquarters: Fremont, California

Founded: 2016

Current CEO: Aanand Krishnan

Tala safeguards the modern web against client-side risk. Tala’s AI-driven analytics engine continuously interrogates site architecture to work in concert with an advanced automation engine that activates standards-based security to prevent a broad range of client-side attacks like magecart, XSS, session re-directs, and client-side malware. 

Vulcan Cyber

Headquarters: Israel

Founded: 2018

Current CEO: Yaniv Bar-Dayan

Vulcan is a vulnerability remediation and orchestration platform that is modernizing the way enterprises reduce cyber risk. With its remediation-driven approach, Vulcan automates and orchestrates the vulnerability remediation lifecycle, enabling security, operational and business teams to effectively remediate cyber risks at scale.

(Source: RSA USA 2020, San Francisco)

IoTForum and CISOPlatform co-organized IoTSecurity Panel brings together CyberSecurity veterans from large security consulting companies, Fortune 1000 securityvendors, startups, academicians and end users. Panelists will delve on the state of the art products and ongoing research to secure devices, network and embedded applications.

They will discuss the organizational changes required going from a segregated IT and OT to a hybrid world and the investments happening in IoT Security, regulations and laws that are upcoming, especially, the new IoT Security law sitting on the current US President's desk. The Panelists will focus on the recent development in AI aiding both the attacker and defenders. With the current broad MNC, consulting and startup ecosystem already thriving in India, how and what are the specific areas of research, products and consulting opportunities in IoT Security the panelists see emerging from India

Panelists : 
Arnab Chattopadhayay (moderator) Associate Director IBM
Kingshuk Banerjee SVP Hitachi Research
Sandeep Shukla Poonam and Prabhu Goel Chair Professor and Head of Computer Science and Engineering Department, Indian Institute of Technology, Kanpur, India IIT Kanpur
Scott Hankins CEO & Co-Founder Priatta Networks
Khiro Mishra Global Head-Cybersecurity NTT
Brian de Lemos VP Palo Alto Networks

Recorded Session : 

Key Areas We Try To Address In The Session : 

- IoT security impact on healthcare
- How is customer's perception changing for IoT security
- How is business getting impacted due to this change of perception

1. Federated learning, due to real-time anomaly detection need in a federated manner using signature based methods
2. Consolidation
3. Orchestration
4. Malware Detection
- IIoT in India PSU, especially in power sector
- Impact of AI in IoT
- Lack of appreciation of cyber security
- Research at scale
- AI impact on IoT
- Shift focus to network for securing IoT devices
- Identifying device behavior
- Focus on enterprise IoT e.g. HVAC, Smart City, distributed enterprises
- Geography wise and industry maturity wise: what are the key pain points regarding adopting IoT security

- How do companies like NTT working with the companies to address those challenges

We are hosting a session and would request all interested to join us and have your security team members join us too. You could also share it with others who would find value

Workshop : How To Perform Penetration Testing On Industrial Control Systems And Operational Technology Safely

17th December, Thursday (6:30 PM India or 8 AM EST)

Duration : 6 hour

About Session : 

Industrial control systems (ICS), including supervisory control and data acquisition (SCADA) are found in many national critical infrastructure industries such as oil and natural gas, electric utilities, transportation, petrochemical and refining, water and wastewater, pharmaceutical, and manufacturing. Due to the high availability nature of these systems, any security testing must ensure that these systems are not affected operationally. Traditional IT Penetration Testing techniques are too harsh and potentially damaging to these sensitive systems. This educational presentation will first provide an overview of how ICS systems work, their vulnerabilities, and threats to these systems. The second part of this short training course will dive into proven methodologies and tools that our team has used to safely perform penetration testing on these systems. Lastly, this talk will conclude with best practices to secure and defend ICS and OT systems from cyber incidents.

( Link To Register Click Here )

Agenda

• ICS Systems Overview
  • ICS Inputs, Outputs, and Sensor Networks
  • Controllers, Embedded Systems and Protocols
  • SCADA and ICS Protocols
    
    
• Penetrating ICS Systems Safely
  
  • Recent Threats to ICS-SCADA Systems
  • ICS System Testing Methodology
  • Penetration Testing ICS Systems - OSINT and Internet Layer
  • Penetration Testing ICS Systems - Corporate Layer
  • Penetration Testing ICS Systems - OT DMZ and HMI Layers (3 and 2)
  • Penetration Testing ICS Systems - ICS Protocols and Controllers Layer
    
    
• ICS Defense-in-Depth and Risk Management Strategy
  • SCADA DMZ Design and Network Segmentation
  • SCADA Remote Access Design Considerations        
  • Deployment of IDS/IPS - Including Custom Signatures
  • Security Event Monitoring and Logging for SCADA
  • Overview of Security Frameworks that impact SCADA (NIST 800-53, NIST 800-82, ISA S99, CFATS, NERC CIP)

( Link To Register Click Here )

Speaker Details : 

Jonathan Pollet
Founder at Red Tiger Security, Black Hat USA Trainer

He has over 20 years of experience in both Industrial Process Control Systems and Cyber Security. In 2001 he began to publish several white papers that exposed the need for security for Industrial Control Systems (ICS). Pollet and his team have conducted over 300 security assessments of live Industrial Control Systems globally. Throughout his career, he has been involved with SANS, IEEE, ISA, ISSA, EEI, UTC, CSIA, NERC, and several other professional societies and has spoken in over 200 conferences and workshops around the world. He has also been featured on Fox News, CNN, CNBC, Vanity Fair, Popular Mechanics, CIO Magazine, and several security publications.

Hello,
We're excited to bring to you some awesome security minds who generously contributed to make security knowledge accessible to the community. We're giving free passes for the community. We request you to tag your security peers and everyone to sign up

All workshops can be found here Click here

Below is a few featured workshops

[Nullcon Training] (1/2 Day) Unlocking Secrets of Android Application Hacking

• Speakers : Rewanth Cool (Nullcon Trainer) & Hrushikesh Kakade (Nullcon Trainer)
• Includes : Linux Internals, Boot Process, Android Architecture, Security Architecture, Application Components, Android Debugging, Static Analysis, Application reversing, Analysing SMALI codes, Dynamic Analysis ... Know More

[DEFCON Training] (1/2 Day) The Kill Chain Workshop

• Speakers : William Martin (CISSP, Trainer @DEFCON)
• Includes : Penetration Testing Types & Methodologies; Preparing For A Test; External Network Attacks & Killchains; Endpoint Compromise, Evasion, and Enumeration; Internal Network Attacks & Killchains; Environment Hardening & Detection Tuning ... Know More

[Blackhat Training] (1 Day) Penetration Testing On ICS & Operational Technology

• Speakers : Jonathan Pollet (Blackhat Trainer)
• Includes : ICS System Overview; SCADA & ICS Protocols; Penetrating ICS Systems; Testing Methodology (OSINT, Corporate Layer, ICS protocols, Controllers Layers); ICS Defense-in-depth and Risk Management Strategy; Event Monitoring.& Logging; Security Frameworks... Know More

[OWASP Training] (1/4 Day) API Security Workshop

• Speakers : Inon Shkedy (OWASP Trainer, Contributor)
• Includes : Understand the underlying implementation of the application from the API traffic; Detect potential vulnerable points in APIs; Advanced exploitation techniques for: BOLA(IDOR), Mass Assignment, BFLA, Excessive Data Exposure and more; Examples for complex API exploits, which involve many steps; Perform a successful and effective pen test in modern applications ... Know More

[Industry Expert Training] (1/2 Day) How To Build Effective SOC Workshop

• Speakers : Amit Modi (Renowned Expert | Blockchain Enthusiast)
• Includes : What is SoC - including three pillars of SoC; What is Expected Out of SoC; Technologies Involved; SIEM Evaluation Criteria; How to Increase SoC Maturity; How to Define the Use Case; How to Build the Use Case; How to Build the SoC Processes; How SoC can be a Business Enabler; MSSP Vs. On Premise SoC; Key Consideration to run it Effectively; How to Perform Incident Management; How to Automate Incident Management; Challenges of SIEM; Evolution & Role of SOAR in Incident Management; Advantages of SOAR; Key Elements to Look For in SOAR; SOAR Evaluation Criteria ... Know More

For More Workshops Click Here: Go To Workshops

I am highly excited to tell you the 'Call For Speakers' for 'Best Of The World In Security' Conference is now open 
We are more excited because now is the time when we will receive your innovation, those billions of papers and the most exciting hacks of this year. 

>> Link to apply for call for speaker here

Below I will share a few details that could help you submit your papers-

Step 1 - Choose Your Speaking Slot

We believe in sharing knowledge which is short, great and impactful. We don't believe in restricting oneself from thoughts and sharing them, thus your talk will win the speaking slot most apt to your needs.

• TED Style (30 minutes) - this will invite top speakers and security researchers across the world who made significant contribution in the field of security in recent past
• Deep Dive (4 hour+) - this is a deep dive workshop style session where a particular topic is dwelt in details

Step 2 - Choose The Domain Of Your Talk

You can select any cyber security domain at free will from 'Technology' or 'Security Metric and Management'. Here's a list to help you click here

However, we are particularly keen this year on below domains 

• Secure coding
• API security
• Cloud security
• Pentesting
• SOC (SIEM)

Step 3 - Create An Awesome Topic

For this, previous topics can always be very helpful in understanding both your best area of communication and the audience expectations. Here are a few-

• (Deep Dive) The 'Dark Web' Workshop (1 day)
• (Deep Dive) Workshop On 'Windows Malware 101: Reverse Engineering And Signature Generation' (6 hour)
• (Deep Dive) Workshop In SDN Security (4 hour)
• (Deep Dive) 'Practical Exploitation of IoT Networks & Ecosystem' Workshop (1 day)
• (Ted Style Talk) The Notorious 9 in Cloud Security Architecture in Business
• (Ted Style Talk) Security Landscape for CISO Post Covid
• (Ted Style Talk) FOMO in Cyber Security: Top 10 CISO Learnings
• (Ted Style Talk) A Sprint to Protect POS

Step 4 - You Did It, Sit back and Relax

Submit your application and relax. Great, You're done! Our review board will review the content and get back to you via email. Make sure you've used an email you check frequently

P.S. - We are unable to allot speaking slot to everyone right now. We hope it's possible in future. For now our review board selects the speakers as mentioned above.  

Important Date & Links

Last date of submission 30th September

Call for speakers submission link here

Conference Page link here

What Are Researchers Saying ?

Ensiko is a PHP WebShell that can affect Windows, macOS and Linux systems. Trend Micro analyst Aliakbar Zahravi explains how the newly-discovered malware can remotely control the system and infect the machine.

Security researchers at Trend Micro reported a new malware with a host of capabilities including remote server control and encryption. Dubbed Ensiko, the malware is a WebShell security threat, capable of performing malicious activities at the behest of its operator.

Aliakbar Zahravi, Malware Analyst at Trend Micro wrote in a blog that Ensiko is written in PHP and can victimize any internet-facing server or system running on an environment that supports PHP. This makes Windows, macOS as well as Linux susceptible to Ensiko attacks. As is the case with typical WebShell, Ensiko can execute code and scripts to gain remote server administration and control.

Once a system is infected, Ensiko can exhibit ransomware capabilities by encrypting stored files. It implements PHP RIJNDAEL_128 with block cipher mode of operation to encrypt files.

Once encrypted, the malware, now acting as a ransomware, attaches files with .bak extension.

Malicious Capabilities

Ensiko’s malicious capabilities can also be misused to disrupt services like website defacing, exfiltrate and disclose sensitive server data. It can also be used to carry out brute-force attacks against file transfer protocol (FTP), cPanel, and Telnet.

A threat actor can potentially load additional tools for malicious activity from the Pastebin, which it stores in tools_ensikology. Furthermore, an image file’s EXIF data headers are leveraged for hiding and later extracting code using the Steganologer function. Zahravi illustrates this with the image below.

Password Protected Malware ??

One of the unconventional characteristics of Ensiko is that it can be password protected for authentication. It also incorporates a hidden input form for login as shown below.

This article was originally published here

(Please check sources and detailed blog on the same)

This blog was originally contributed by Apoorv Saxena, technical team, FireCompass over here

Technical Analysis

SMBGhost Inadvertently Revealed

On March 12, Microsoft published an out-of-band advisory for CVE-2020-0796, a remote code execution (RCE) flaw in SMBv3 that was inadvertently revealed in Microsoft’s March 2020 Patch Tuesday release. Within one day, security researchers from KryptosLogic and SophosLabs published proof-of-concept (PoC) scripts that could trigger a blue screen of death (BSoD) on vulnerable systems. At the time there was an expectation that a PoC achieving RCE would be released.

Gaining RCE using CVE-2020-0796

In April, a report from researchers at Ricerca Security states they were able to construct a PoC for CVE-2020-0796 to gain RCE. However, the researchers opted not to publicly share their script to “avoid abuse,” instead offering it to their paying customers.

At the end of May, a researcher known by the pseudonym “chompie” published a tweet that showed a working PoC for CVE-2020-0796 capable of gaining RCE.

https://www.firecompass.com/wp-content/uploads/2020/06/Screenshot-2020-06-23-at-10.06.55-AM-300x273.png 300w" sizes="(max-width: 625px) 100vw, 625px" />

https://www.firecompass.com/wp-content/uploads/2020/06/Screenshot-2020-06-23-at-10.08.23-AM-300x178.png 300w" sizes="(max-width: 562px) 100vw, 562px" />

https://www.firecompass.com/wp-content/uploads/2020/06/Screenshot-2020-06-23-at-10.08.30-AM-300x247.png 300w" sizes="(max-width: 561px) 100vw, 561px" />

Wait and SMBleed

On June 9, Microsoft released an advisory for CVE-2020-1206, an information disclosure vulnerability in SMBv3 due to an issue in handling compressed data packets. It was discovered and disclosed by researchers at ZecOps, who have dubbed the flaw “SMBleed.”

https://www.firecompass.com/wp-content/uploads/2020/06/Screenshot-2020-06-23-at-10.10.10-AM-300x206.png 300w" sizes="(max-width: 547px) 100vw, 547px" />

https://www.firecompass.com/wp-content/uploads/2020/06/Screenshot-2020-06-23-at-10.30.15-AM-300x217.png 300w" sizes="(max-width: 629px) 100vw, 629px" />

https://www.firecompass.com/wp-content/uploads/2020/06/Screenshot-2020-06-23-at-10.13.55-AM-300x254.png 300w" sizes="(max-width: 520px) 100vw, 520px" />

As a caveat, the blog post mentions that using SMBLost to gain RCE “seems conceivable,” but they believe it will be “difficult to make it reliable.” In the case of SMBGhost, a similar situation occurred where the only PoCs to emerge initially were for a DoS and Local Privilege Escalation (LPE). While there is no RCE currently available for SMBLost, it is possible that determined researchers or attackers could find a way to develop a reliable PoC to gain RCE in the near future.

How FireCompass Can Help ?

Firecompass has a continuous monitoring system which looks at the complete attack surface of the organization and all the exposed services. It notifies the organization in case of rise of new vulnerability through released CVE or through misconfiguration. Get a free scan here

https://www.firecompass.com/wp-content/uploads/2020/06/Screenshot-2020-06-23-at-10.16.17-AM-300x210.png 300w" sizes="(max-width: 626px) 100vw, 626px" />

Get A free scan to Know Your "SMBleed Attack Surface"

Mitigation - How Can You Fix It ?

There are several ways to mitigate the risk from the SMBleed vulnerability.

1. Windows Update

The most recommended solution is to apply Windows updates: 

Windows Version	KB
Windows 10 Version 1903	KB4560960
Windows 10 Version 1909	KB4560960
Windows 10 Version 2004	KB4557957

 

Mitigation through workarounds

However, we realize that applying an update is not always an option. This is why we’ve attached several workarounds, which could help mitigate the risk immediately.

2.  Disabling SMB 3.1.1 compression

You can disable compression to block unauthenticated attackers from exploiting the vulnerability against an SMBv3 Server with the following PowerShell command:

Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” DisableCompression -Type DWORD -Value 1 -Force

Notes: 

1. No reboot is needed after making the change. 
2. This workaround does not prevent exploitation of SMB clients; please see item 2 under FAQ to protect clients. 
3. SMB Compression is not yet used by Windows or Windows Server, and disabling SMB Compression has no negative performance impact.

You can disable the workaround with the following PowerShell command:

Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” DisableCompression -Type DWORD -Value 0 –Force  smb

3. Block TCP port 445 at the enterprise perimeter firewall

TCP port 445 is used to initiate a connection with the affected component. Blocking this port at the network perimeter firewall will help protect systems that are behind that firewall from attempts to exploit this vulnerability. This can help protect networks from attacks that originate outside the enterprise perimeter. Blocking the affected ports at the enterprise perimeter is the best defense to help avoid Internet-based attacks. However, systems could still be vulnerable to attacks from within their enterprise perimeter. 

 

4. Blocking port 445 inside the enterprise where not needed

Where it is not needed, block port 445 on the relevant assets. This will stop lateral movements using these vulnerabilities.

Get A free scan of your organization's SMBleed Vulnerability

At Firecompass we have a continuous monitoring system which looks at the complete attack surface of the organization and all the exposed services. It notifies the organization in case of rise of new vulnerability through released CVE or through misconfiguration. Get a free scan here