SlideShare a Scribd company logo

Ivanti Security Controls.pptx

Download as PPTX, PDF
F
FarhanSaifudin2

This document provides information on Ivanti Security Controls for reducing risk from known exploited vulnerabilities. It discusses prioritizing vulnerabilities based on risk and deploying patches in an automated fashion. Ivanti Security Controls allows for discovering all endpoints and assets, continuously deploying and validating patches, and monitoring patch status across physical, virtual, and cloud infrastructure. The document also addresses the growing threat of ransomware and challenges of patching complexity.

Technology
1 of 11
MAY 18, 2023 Ivanti Security Controls
Copyright © 2023 Ivanti. All rights reserved. BOD 22-01 Reducing the Significant Risk of Known Exploited Vulnerabilities
Copyright © 2023 Ivanti. All rights reserved. Prioritize vulnerabilities based on risk. Test, schedule, and deploy patches in an automated fashion. Apply Risk Based Vulnerability Management practices Continuously deploy patches, reducing mean time to patch for Windows, Linux, MacOS, and Mobile on physical, virtual, and cloud- based infrastructure Verify patches are installed, configured, and validated with agent or agentless technologies. Central dashboard on patch status for all endpoints and SLAs Through automation, continuously validate and monitor the patches are in place on all endpoints Discover all endpoints and software assets along with their version and vulnerability information. Display system security health and risk scoring. Continuous Patch Management for Enterprise Applications Helps Agencies meet NIST SP 800-40 Rev. 4 - Enterprise Patch Guidance Software Vulnerability Management Life Cycle Risk Response Execution Deploy the Patch Verify the Patch Monitor the Deployed Patches Inventory Your Software and Assets https://csrc.nist.gov/publications/detail/sp/800-40/rev-4/final
Copyright © 2023 Ivanti. All rights reserved. Ransomware attacks are increasing in frequency and severity every year. The impact on companies is devastating.
Copyright © 2023 Ivanti. All rights reserved. Ransomware costs* Detection and escalation Notification Lost business Post breach response * Source: IBM Security, “2021 Cost of a Data Breach Report” $4.62M Average total cost of a ransomware breach – excluding the cost of the ransom
Copyright © 2023 Ivanti. All rights reserved. The situation is getting worse No deterrents (25,000 ransomware attacks, <20 arrests)* Ransomware as a Service (RaaS)** CVEs quadrupled** Attackers targeting midmarket* * Source: Coveware, “Ransomware attackers down shift to 'Mid-Game' hunting in Q3 2021” ** RiskSense, CSW, “Ransomware Through the Lens of Threat and Vulnerability Management”
Copyright © 2023 Ivanti. All rights reserved. 71% 71% of IT and security professionals find patching to be overly complex and time- consuming.* Patching is key – but not always easy OF IT & SECURITY PROFESSIONALS * Source: Ivanti, “Patch Management Challenges: Survey Results and Insights as Organizations move to Everywhere Workplace”
Copyright © 2023 Ivanti. All rights reserved. Ivanti Security Controls Secure Ivanti Security Controls Simplifies security with unified and automated prevention, detection, and response techniques that target your biggest attack vectors. Strengths Patch your virtual servers – Discover, inventory, and patch physical servers, VMs, and templates, regardless of power state or if they are on or offline. Patch your Windows and Linux machines – Detect and remediate OS and third-party app vulnerabilities on systems running Windows, Red Hat Linux, and CentOS. Agentless scanning for rapid startup and zero footprint. Manage off-network devices. Use Case • Mix of workstations and servers to patch, mix of online and offline workstations and servers • Agentless technology supports assessment and deployment to workstations and servers connected to your network while minimizing the impact on both your team and system workloads • Agent policies provide a higher degree of accuracy in environments where devices are not continuously connected to the network • Air-Gap Network Support for classified environments • Common Industries: Federal / Banking / Finance / Insurance, Business Service, Manufacturing / Warehousing Integrate & automate with other products.
Copyright © 2023 Ivanti. All rights reserved. Ivanti Security Controls (ISEC) Architecture
Copyright © 2023 Ivanti. All rights reserved. Extensive Catalog Advanced Capability Cross Platform Functionality Vulnerability Intelligence Ivanti offers one of the largest catalog of patches on the market today. • Microsoft • Mac • Linux • 3rd party • Custom Definitions Ivanti patch solutions offer unmatched advanced functionality • Impact Analysis • Granular reboots • Custom Patches • User Feedback • Automation • Compliance • Seamless patching of edge devices • 360° view of your organizations patch posture Ivanti patch solutions allow for patching cross platform from a single solution (on-prem and Cloud based) • Windows • MAC • Linux Ivanti Risk-Based Vulnerability Management (RBVM) • Infrastructure, application, bug-bounty, and pen testing vulnerability findings brought together into a centralized view • Insight into what vulnerabilities are RCE, Weaponized, and trending • Vulnerability Risk Rating (VRR) Competitive Advantages
Copyright © 2023 Ivanti. All rights reserved. We make the Everywhere Workplace possible.

Recommended

Comparison Review Forticlient x Kaspersky.pdf
Comparison Review Forticlient x Kaspersky.pdfComparison Review Forticlient x Kaspersky.pdf
Comparison Review Forticlient x Kaspersky.pdf
ImamBahrudin5
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
Qualys
 
IBM Security Software Solutions
IBM Security Software Solutions IBM Security Software Solutions
IBM Security Software Solutions
Thierry Matusiak
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and Risk
SecPod Technologies
 
CISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICSCISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICS
Muhammad FAHAD
 
Seven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber securitySeven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber security
CTi Controltech
 
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control SystemsNCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
Miller Energy, Inc.
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
CTi Controltech
 

Recommended

Comparison Review Forticlient x Kaspersky.pdf
Comparison Review Forticlient x Kaspersky.pdfComparison Review Forticlient x Kaspersky.pdf
Comparison Review Forticlient x Kaspersky.pdf
ImamBahrudin5
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
Qualys
 
IBM Security Software Solutions
IBM Security Software Solutions IBM Security Software Solutions
IBM Security Software Solutions
Thierry Matusiak
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and Risk
SecPod Technologies
 
CISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICSCISA GOV - Seven Steps to Effectively Defend ICS
CISA GOV - Seven Steps to Effectively Defend ICS
Muhammad FAHAD
 
Seven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber securitySeven recommendations for bolstering industrial control system cyber security
Seven recommendations for bolstering industrial control system cyber security
CTi Controltech
 
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control SystemsNCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
NCCIC - Seven Steps for Achieving Cybersecurity for Industrial Control Systems
Miller Energy, Inc.
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
CTi Controltech
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
Mountain States Engineering and Controls
 
Defending industrial control systems from cyber attack
Defending industrial control systems from cyber attackDefending industrial control systems from cyber attack
Defending industrial control systems from cyber attack
Analynk Wireless, LLC
 
Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
IRJET Journal
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
HCLSoftware
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
Andrew Kanikuru
 
productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
Sagren Naidoo
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
Mike Rizzo
 
Automated patch management in Freshservice
Automated patch management in FreshserviceAutomated patch management in Freshservice
Automated patch management in Freshservice
Freshservice
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And Risk
Chandrashekhar B
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygiene
Thiagu Haldurai
 
Vulnerability Assesment
Vulnerability AssesmentVulnerability Assesment
Vulnerability Assesment
Dedi Dwianto
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
David Patterson
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
richarddxd
 
SanerNow platform-datasheet
SanerNow platform-datasheetSanerNow platform-datasheet
SanerNow platform-datasheet
SecPod Technologies
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
Tawnia Beckwith
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
GE코리아
 
Veracode - Overview
Veracode - OverviewVeracode - Overview
Veracode - Overview
Stephen Durrant
 
Types of Vulnerability Scanning An in depth investigation.pdf
Types of Vulnerability Scanning An in depth investigation.pdfTypes of Vulnerability Scanning An in depth investigation.pdf
Types of Vulnerability Scanning An in depth investigation.pdf
Cyber security professional services- Detox techno
 
Globally.docx
Globally.docxGlobally.docx
Globally.docx
GermanERuizCorrales
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 

More Related Content

Similar to Ivanti Security Controls.pptx

Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
Mountain States Engineering and Controls
 
Defending industrial control systems from cyber attack
Defending industrial control systems from cyber attackDefending industrial control systems from cyber attack
Defending industrial control systems from cyber attack
Analynk Wireless, LLC
 
Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
IRJET Journal
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
HCLSoftware
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
Andrew Kanikuru
 
productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
Sagren Naidoo
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
Mike Rizzo
 
Automated patch management in Freshservice
Automated patch management in FreshserviceAutomated patch management in Freshservice
Automated patch management in Freshservice
Freshservice
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And Risk
Chandrashekhar B
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygiene
Thiagu Haldurai
 
Vulnerability Assesment
Vulnerability AssesmentVulnerability Assesment
Vulnerability Assesment
Dedi Dwianto
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
David Patterson
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
richarddxd
 
SanerNow platform-datasheet
SanerNow platform-datasheetSanerNow platform-datasheet
SanerNow platform-datasheet
SecPod Technologies
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
Tawnia Beckwith
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
GE코리아
 
Veracode - Overview
Veracode - OverviewVeracode - Overview
Veracode - Overview
Stephen Durrant
 
Types of Vulnerability Scanning An in depth investigation.pdf
Types of Vulnerability Scanning An in depth investigation.pdfTypes of Vulnerability Scanning An in depth investigation.pdf
Types of Vulnerability Scanning An in depth investigation.pdf
Cyber security professional services- Detox techno
 
Globally.docx
Globally.docxGlobally.docx
Globally.docx
GermanERuizCorrales
 

Similar to Ivanti Security Controls.pptx (20)

Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
 
Defending industrial control systems from cyber attack
Defending industrial control systems from cyber attackDefending industrial control systems from cyber attack
Defending industrial control systems from cyber attack
 
Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
 
productsheet_csi70_brief
productsheet_csi70_briefproductsheet_csi70_brief
productsheet_csi70_brief
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
 
Automated patch management in Freshservice
Automated patch management in FreshserviceAutomated patch management in Freshservice
Automated patch management in Freshservice
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And Risk
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygiene
 
Vulnerability Assesment
Vulnerability AssesmentVulnerability Assesment
Vulnerability Assesment
 
David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016David Patterson IT Security Resumes 2016
David Patterson IT Security Resumes 2016
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
 
SanerNow platform-datasheet
SanerNow platform-datasheetSanerNow platform-datasheet
SanerNow platform-datasheet
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
 
Veracode - Overview
Veracode - OverviewVeracode - Overview
Veracode - Overview
 
Types of Vulnerability Scanning An in depth investigation.pdf
Types of Vulnerability Scanning An in depth investigation.pdfTypes of Vulnerability Scanning An in depth investigation.pdf
Types of Vulnerability Scanning An in depth investigation.pdf
 
Globally.docx
Globally.docxGlobally.docx
Globally.docx
 

Recently uploaded

Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
fredae14
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
Pravash Chandra Das
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
flufftailshop
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 

Recently uploaded (20)

Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 

Ivanti Security Controls.pptx

  • 1. MAY 18, 2023 Ivanti Security Controls
  • 2. Copyright © 2023 Ivanti. All rights reserved. BOD 22-01 Reducing the Significant Risk of Known Exploited Vulnerabilities
  • 3. Copyright © 2023 Ivanti. All rights reserved. Prioritize vulnerabilities based on risk. Test, schedule, and deploy patches in an automated fashion. Apply Risk Based Vulnerability Management practices Continuously deploy patches, reducing mean time to patch for Windows, Linux, MacOS, and Mobile on physical, virtual, and cloud- based infrastructure Verify patches are installed, configured, and validated with agent or agentless technologies. Central dashboard on patch status for all endpoints and SLAs Through automation, continuously validate and monitor the patches are in place on all endpoints Discover all endpoints and software assets along with their version and vulnerability information. Display system security health and risk scoring. Continuous Patch Management for Enterprise Applications Helps Agencies meet NIST SP 800-40 Rev. 4 - Enterprise Patch Guidance Software Vulnerability Management Life Cycle Risk Response Execution Deploy the Patch Verify the Patch Monitor the Deployed Patches Inventory Your Software and Assets https://csrc.nist.gov/publications/detail/sp/800-40/rev-4/final
  • 4. Copyright © 2023 Ivanti. All rights reserved. Ransomware attacks are increasing in frequency and severity every year. The impact on companies is devastating.
  • 5. Copyright © 2023 Ivanti. All rights reserved. Ransomware costs* Detection and escalation Notification Lost business Post breach response * Source: IBM Security, “2021 Cost of a Data Breach Report” $4.62M Average total cost of a ransomware breach – excluding the cost of the ransom
  • 6. Copyright © 2023 Ivanti. All rights reserved. The situation is getting worse No deterrents (25,000 ransomware attacks, <20 arrests)* Ransomware as a Service (RaaS)** CVEs quadrupled** Attackers targeting midmarket* * Source: Coveware, “Ransomware attackers down shift to 'Mid-Game' hunting in Q3 2021” ** RiskSense, CSW, “Ransomware Through the Lens of Threat and Vulnerability Management”
  • 7. Copyright © 2023 Ivanti. All rights reserved. 71% 71% of IT and security professionals find patching to be overly complex and time- consuming.* Patching is key – but not always easy OF IT & SECURITY PROFESSIONALS * Source: Ivanti, “Patch Management Challenges: Survey Results and Insights as Organizations move to Everywhere Workplace”
  • 8. Copyright © 2023 Ivanti. All rights reserved. Ivanti Security Controls Secure Ivanti Security Controls Simplifies security with unified and automated prevention, detection, and response techniques that target your biggest attack vectors. Strengths Patch your virtual servers – Discover, inventory, and patch physical servers, VMs, and templates, regardless of power state or if they are on or offline. Patch your Windows and Linux machines – Detect and remediate OS and third-party app vulnerabilities on systems running Windows, Red Hat Linux, and CentOS. Agentless scanning for rapid startup and zero footprint. Manage off-network devices. Use Case • Mix of workstations and servers to patch, mix of online and offline workstations and servers • Agentless technology supports assessment and deployment to workstations and servers connected to your network while minimizing the impact on both your team and system workloads • Agent policies provide a higher degree of accuracy in environments where devices are not continuously connected to the network • Air-Gap Network Support for classified environments • Common Industries: Federal / Banking / Finance / Insurance, Business Service, Manufacturing / Warehousing Integrate & automate with other products.
  • 9. Copyright © 2023 Ivanti. All rights reserved. Ivanti Security Controls (ISEC) Architecture
  • 10. Copyright © 2023 Ivanti. All rights reserved. Extensive Catalog Advanced Capability Cross Platform Functionality Vulnerability Intelligence Ivanti offers one of the largest catalog of patches on the market today. • Microsoft • Mac • Linux • 3rd party • Custom Definitions Ivanti patch solutions offer unmatched advanced functionality • Impact Analysis • Granular reboots • Custom Patches • User Feedback • Automation • Compliance • Seamless patching of edge devices • 360° view of your organizations patch posture Ivanti patch solutions allow for patching cross platform from a single solution (on-prem and Cloud based) • Windows • MAC • Linux Ivanti Risk-Based Vulnerability Management (RBVM) • Infrastructure, application, bug-bounty, and pen testing vulnerability findings brought together into a centralized view • Insight into what vulnerabilities are RCE, Weaponized, and trending • Vulnerability Risk Rating (VRR) Competitive Advantages
  • 11. Copyright © 2023 Ivanti. All rights reserved. We make the Everywhere Workplace possible.

Editor's Notes

  1. Welcome… Let’s talk about the rapidly changing business environment…
  2. 15 days to patch critical vulnerabilities The need for risk-based patch management has even been substantiated by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). On November 3, 2021, CISA issued Binding Operational Directive (BOD) 22-01, “Reducing the Significant Risk of Known Exploited Vulnerabilities”, to drive urgent and prioritized remediation of vulnerabilities that are being actively exploited by adversaries. The Directive establishes a CISA-managed catalog of known exploited vulnerabilities and requires federal civilian agencies to remediate such vulnerabilities within specific timeframes. With this Directive, CISA is imposing the first government-wide requirements to remediate vulnerabilities affecting both internet-facing and non-internet facing assets. While this Directive technically applies only to federal civilian agencies, CISA strongly recommends that private businesses and state, local, tribal and territorial (SLTT) governments prioritize mitigation of vulnerabilities listed in its public catalog.
  3. Enterprise patch management is the process of identifying, prioritizing, acquiring, installing, and verifying the installation of patches, updates, and upgrades throughout an organization. Patching is more important than ever because of the increasing reliance on technology, but there is often a divide between business/mission owners and security/technology management about the value of patching.
  4. Ransomware attacks are increasing in frequency and severity every year. The impact to companies is devastating.
  5. Ransomware attacks typically lead to lost business for companies as they tend to cause increased system downtime, diminished reputation, customer turnover and other adverse side effects. On top of that, there are also costs associated with detecting and escalating a ransomware breach, notifying data subjects, data protection regulators and other third parties, and post-breach response activities, such as paying out compensation for victims and regulatory fines. When combined, these costs average a total of $4.62 million per ransomware breach – and that’s excluding the cost of the ransom.
  6. Unfortunately, the situation is likely to get worse before it gets better. In 2020, less than 20 arrests were made globally in connection with ransomware attacks despite the fact there were an estimated 25,000 attacks of impact in the same year – a ratio that is hardly a deterrent for would-be ransomware actors. In addition, the barriers to entry to becoming a ransomware actor are eroding as well. Ransomware as a service (RaaS) enables just about anyone to get in on the action – no security knowledge or coding expertise required. To top it all off, the number of Common Vulnerabilities and Exposures (CVEs) into networks nearly quadrupled in 2020 alone, and ransomware attackers are increasingly targeting midmarket companies to avoid the media attention that comes with attacking large enterprises. It seems no one is safe and there’s nowhere to hide.
  7. Until ransomware attacks and other data breaches are a thing of the past – a day that may never come based on their current trajectory – organizations must take steps to protect against them. Patching to fix CVEs is one of the best things an organization can do to counter ransomware attacks. Unfortunately, 71% of IT and security professionals find patching to be overly complex and time-consuming.
  8. Thank you!