Office 365 has garnered widespread adoption from enterprises due to its advantages such as ease of deployment, lower TCO, and high scalability. Additionally, it enables end-users to work and collaborate from anywhere and on any device. Although Office 365 enables IT to shift the burden for app and infrastructure to the cloud vendor, data security remains the responsibility of the enterprise. Given the limitations of native malware protection on Office 365, should the enterprise rely on Office 365 to protect their data from malware and ransomware?
Join Bitglass and Cylance for a discussion on malware protection solutions for Office 365. We will cover the limitations of native Office 365 malware protection as well as the benefits of AI and machine learning based approaches. We will wrap up the session by discussing how CASBs, with Advanced Threat Protection (ATP) capabilities, are uniquely positioned to protect cloud apps and end-points from malware attacks and proliferation.
Mitigating the Top 5 Cloud Security ThreatsBitglass
By now you are likely familiar with Cloud Access Security Brokers (CASBs) and understand how they fit into your broader security and cloud strategy. What should organizations be looking for in a CASB? What capabilities are here or on the horizon that can provide improved data protection in the cloud?
Bitglass and (ISC)2 presents the final episode of the CASB series where we will examine where cloud security is headed, discussing agentless and agent-based solutions, the growing number of cloud apps in use and the importance of easy deployment. Learn why cross-app security will become increasingly valuable as organizations look to third-party solutions for deep visibility, behavior analytics, and more.
We are now three plus years into widespread adoption across industries of public SaaS apps like Office 365. Despite this momentum, security and compliance remain top challenges. This webinar, featuring Matt Hollcraft, CISO for Maxim Integrated, Dave Ruedger, Chief Security Architect for Maxim Integrated, and Rich Campagna, SVP of Products for Bitglass, will help you build a 2017 action plan to embrace public cloud without sacrificing security and compliance.
While offering practical, actionable advice for major apps like Office 365, Matt, Dave and Rich will address your top concerns, such as unmanaged device access, external sharing, and mitigating controls. They also will provide real world examples of how other organizations have securely navigated the public cloud.
Adoption of G Suite has increased year over year. Despite this increased adoption, securing data still remains a challenge as employees want access to cloud apps from any device, anywhere.
In this webinar, we will discuss the the security gaps within G Suite and how to give power back to your security team through tools that provide visibility and control of your data across all of your cloud apps.
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
As organizations transition from on-premise data storage and device-centric security to the cloud, the need for a data-centric solution becomes critical. Enterprises need to protect data in the cloud, at access, on the network, and across all devices. While cloud app vendors now offer robust functionality, they lack the level of granular control and deep visibility many organizations need, either for compliance purposes or simply to enable an increasingly mobile workforce.
Join Bitglass and CSA to learn how Cloud Access Security Brokers can protect data in the cloud by providing comprehensive security and real-time data protection. In this webinar, you will learn how CASBs leverage APIs and proxies to control data on both managed and unmanaged devices, enabling secure SaaS and BYOD.
The Future of CASBs - A Cloud Security Force AwakensBitglass
By now you are likely familiar with Cloud Access Security Brokers (CASBs) and understand how they fit into your broader security and cloud strategy. What should organizations be looking for in a CASB? What capabilities are here or on the horizon that can provide improved data protection in the cloud?
Bitglass and (ISC)2 presents the final episode of the CASB series where we will examine where cloud security is headed, discussing agentless and agent-based solutions, the growing number of cloud apps in use and the importance of easy deployment. Learn why cross-app security will become increasingly valuable as organizations look to third-party solutions for deep visibility, behavior analytics, and more.
Financial services firms face a unique set of challenges. Not only do they store large amounts of sensitive personal data, but they face heavier regulations than many other enterprises. As cloud adoption continues to spread within the industry, financial services firms must be particularly focused on ensuring cybersecurity. However, this means that they can no longer rely on traditional, on-premises security solutions. In this webinar, we will discuss cloud access security brokers (CASBs) and how they can help financial services firms solve their security, compliance, and deployment concerns.
5 Security Questions To Ask When Deploying O365Bitglass
Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and more. Particularly risky for organizations subject to compliance mandates. In this webinar, we'll detail the security gaps in Office 365 and explore how new approaches to cloud security can help mitigate the threat of data leakage with real-world use cases. Join our webinar to find out which questions you should be asking about Office 365 security.
Mitigating the Top 5 Cloud Security ThreatsBitglass
By now you are likely familiar with Cloud Access Security Brokers (CASBs) and understand how they fit into your broader security and cloud strategy. What should organizations be looking for in a CASB? What capabilities are here or on the horizon that can provide improved data protection in the cloud?
Bitglass and (ISC)2 presents the final episode of the CASB series where we will examine where cloud security is headed, discussing agentless and agent-based solutions, the growing number of cloud apps in use and the importance of easy deployment. Learn why cross-app security will become increasingly valuable as organizations look to third-party solutions for deep visibility, behavior analytics, and more.
We are now three plus years into widespread adoption across industries of public SaaS apps like Office 365. Despite this momentum, security and compliance remain top challenges. This webinar, featuring Matt Hollcraft, CISO for Maxim Integrated, Dave Ruedger, Chief Security Architect for Maxim Integrated, and Rich Campagna, SVP of Products for Bitglass, will help you build a 2017 action plan to embrace public cloud without sacrificing security and compliance.
While offering practical, actionable advice for major apps like Office 365, Matt, Dave and Rich will address your top concerns, such as unmanaged device access, external sharing, and mitigating controls. They also will provide real world examples of how other organizations have securely navigated the public cloud.
Adoption of G Suite has increased year over year. Despite this increased adoption, securing data still remains a challenge as employees want access to cloud apps from any device, anywhere.
In this webinar, we will discuss the the security gaps within G Suite and how to give power back to your security team through tools that provide visibility and control of your data across all of your cloud apps.
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
As organizations transition from on-premise data storage and device-centric security to the cloud, the need for a data-centric solution becomes critical. Enterprises need to protect data in the cloud, at access, on the network, and across all devices. While cloud app vendors now offer robust functionality, they lack the level of granular control and deep visibility many organizations need, either for compliance purposes or simply to enable an increasingly mobile workforce.
Join Bitglass and CSA to learn how Cloud Access Security Brokers can protect data in the cloud by providing comprehensive security and real-time data protection. In this webinar, you will learn how CASBs leverage APIs and proxies to control data on both managed and unmanaged devices, enabling secure SaaS and BYOD.
The Future of CASBs - A Cloud Security Force AwakensBitglass
By now you are likely familiar with Cloud Access Security Brokers (CASBs) and understand how they fit into your broader security and cloud strategy. What should organizations be looking for in a CASB? What capabilities are here or on the horizon that can provide improved data protection in the cloud?
Bitglass and (ISC)2 presents the final episode of the CASB series where we will examine where cloud security is headed, discussing agentless and agent-based solutions, the growing number of cloud apps in use and the importance of easy deployment. Learn why cross-app security will become increasingly valuable as organizations look to third-party solutions for deep visibility, behavior analytics, and more.
Financial services firms face a unique set of challenges. Not only do they store large amounts of sensitive personal data, but they face heavier regulations than many other enterprises. As cloud adoption continues to spread within the industry, financial services firms must be particularly focused on ensuring cybersecurity. However, this means that they can no longer rely on traditional, on-premises security solutions. In this webinar, we will discuss cloud access security brokers (CASBs) and how they can help financial services firms solve their security, compliance, and deployment concerns.
5 Security Questions To Ask When Deploying O365Bitglass
Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and more. Particularly risky for organizations subject to compliance mandates. In this webinar, we'll detail the security gaps in Office 365 and explore how new approaches to cloud security can help mitigate the threat of data leakage with real-world use cases. Join our webinar to find out which questions you should be asking about Office 365 security.
Office 365 and other SaaS apps offer a number of advantages over premises-based apps, from easy access and deployment to lower costs. A key advantage of SaaS apps is IT's ability to shift the burden for app and infrastructure security to the cloud vendor while data security remains the responsibility of the enterprise. Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and many more.
Bitglass and (ISC)2 presents Episode 2 of our CASB Wars webinar trilogy where we explore the security gaps in Office 365 and how a Cloud Access Security Broker (CASB) can help mitigate the threat of data leakage across all SaaS apps. Using real-world use cases, see where native Office 365 security falls short and how a CASB can protect data end-to-end, from cloud to device.
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
Watch this on-demand webinar with CloudLock and OneLogin to: Identify the top five cyber threats to your cloud environment; Protect against cloud security risks using advanced user and entity behavior analysis; Streamline identity and access management; Easily automate your cloud access management process.
Identity— Help protect against identity compromise and identify potential breaches before they cause damage
Devices—Enhance device security while enabling mobile work and BYOD
Apps and Data—Boost productivity with cloud access while keeping information protected
Infrastructure—Take a new approach to security across your hybrid environment
5 Highest-Impact CASB Use Cases - Office 365Netskope
Cloud app security is a top priority for many enterprises. Whether securing data in the Office 365 suite, ensuring compliance in Salesforce, or getting control over shadow IT, information security leaders are exploring how Cloud Access Security Brokers can make an impact in their organizations.
This presentation covers the top Office 365-specific five CASB use cases that have the highest impact on cloud-consuming enterprises.
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)Bitglass
Forrester analyst Andras Cser joins Bitglass for a webinar on Cloud Access Security Brokers and how they can help organizations protect data across any cloud app.
#ALSummit: Accenture - Making the Move: Enabling Security in the CloudAlert Logic
Bill Phelps (Managing Director of Security Programs, Accenture)'s presentation on observations of cloud security trends at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat PreventionIBM Security
View on demand webinar:
https://securityintelligence.com/events/introducing-ibm-cloud-security-enforcer-casb-idaas-and-threat-prevention/
Cloud Security Enforcer is the first solution to combine Cloud Access Security Broker (CASB) functionality with identity services (IDaaS), policy enforcement and dynamic threat prevention intelligence into a single integrated SaaS solution.
Join Daniel Wolff, Program Director Cloud Security Product Management, and Gonzalo de la Hoz, IAM European Segment Leader, as we discuss how IBM Cloud Security Enforcer has integrated multiple technologies crucial to enabling safe adoption of cloud applications in the enterprise:
- Cloud application discovery and risk
- Cloud identity services and application on-boarding
- Closing the mobile device gap
- Policy enforcement and threat prevention
Despite best efforts and substantial financial investment, costly breaches continue to happen at an alarming rate. The common approach to securing assets by purchasing sophisticated, layered security technologies is not working. These technologies are necessary, but not enough. A best practice model to minimize risk combines technology with continuous monitoring by security experts in a SOC. This session presents a model for effectively monitoring hybrid, multi-cloud environments. It covers the basic architecture of a modern SOC and proposes a pragmatic approach to providing complete visibility into all potential attack surfaces.
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
According to the latest IBM X-Force Research report, the average consolidated total cost of a single data breach is $3.8 million. And with data breaches up 22% so far in 2016, across every vertical imaginable, the threat must be addressed. Watch Google and CloudLock's discussion in this hands-on exploration of how your organization can combat these ever changing security threats.
Codeless Security for the Apps You Buy & Build on AWSCloudLock
Watch this webinar to learn what codeless security looks like for the cloud apps you build. Codeless - that means baking in security capabilities to defend your custom apps against data breaches without having to write a single line of code.
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
Para trabajar en un ecosistema digitalmente transformado, los directores de sistemas de información y otros líderes empresariales tienen que navegar en un entorno de amenazas a la seguridad en constante cambio. Las soluciones de Next Gen Security (NGS) son soluciones de seguridad optimizadas para trabajar mejor con la escala masiva y cobertura expansiva de la Tercera Plataforma. Aunque 7 de cada 10 empresas afirman estar en el proceso de implementar una solución más de seguridad de nueva generación, 3 de esos 7 no tendrá éxito por la falta de competencia interna, por lo que el tema de seguridad es cada día más crítico”. Akamai ofrece un rendimiento a escala con la solución de distribución en la nube más grande y confiable del mundo. Sus recursos se escalan de forma que sus clientes no tengan que hacerlo. Akamai tiene una visibilidad sin igual de las propiedades más atacadas en la web y obtiene inteligencia ante amenazas continuamente a partir de inspecciones avanzadas tanto del tráfico bueno como del malo.
#ALSummit: Architecting Security into your AWS EnvironmentAlert Logic
Ryan Holland (Cloud Platform Solutions Director, Alert Logic)'s presentation on securing your AWS environment at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Realities of Security in the CloudAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic)'s presentation on the reality of securing your digital transformation to the cloud at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
How to get deeper administration insights into your tenantRobert Crane
Microsoft Cloud App Security is a powerful reporting and alerting tool that provides deep analytics into your Microsoft 365 tenant. Combined with other agents it can be a central place to bring all your reporting and alerting together and even incorporate information from endpoints, servers and firewalls. Come and learn why Microsoft Cloud App Security provides administrators power beyond their wildest dreams when it comes to managing Microsoft 365.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Office 365 and other SaaS apps offer a number of advantages over premises-based apps, from easy access and deployment to lower costs. A key advantage of SaaS apps is IT's ability to shift the burden for app and infrastructure security to the cloud vendor while data security remains the responsibility of the enterprise. Migrating to Office 365 introduces several new avenues for data leakage: one-click sharing, desktop sync clients, unmanaged device access, and many more.
Bitglass and (ISC)2 presents Episode 2 of our CASB Wars webinar trilogy where we explore the security gaps in Office 365 and how a Cloud Access Security Broker (CASB) can help mitigate the threat of data leakage across all SaaS apps. Using real-world use cases, see where native Office 365 security falls short and how a CASB can protect data end-to-end, from cloud to device.
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
Watch this on-demand webinar with CloudLock and OneLogin to: Identify the top five cyber threats to your cloud environment; Protect against cloud security risks using advanced user and entity behavior analysis; Streamline identity and access management; Easily automate your cloud access management process.
Identity— Help protect against identity compromise and identify potential breaches before they cause damage
Devices—Enhance device security while enabling mobile work and BYOD
Apps and Data—Boost productivity with cloud access while keeping information protected
Infrastructure—Take a new approach to security across your hybrid environment
5 Highest-Impact CASB Use Cases - Office 365Netskope
Cloud app security is a top priority for many enterprises. Whether securing data in the Office 365 suite, ensuring compliance in Salesforce, or getting control over shadow IT, information security leaders are exploring how Cloud Access Security Brokers can make an impact in their organizations.
This presentation covers the top Office 365-specific five CASB use cases that have the highest impact on cloud-consuming enterprises.
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)Bitglass
Forrester analyst Andras Cser joins Bitglass for a webinar on Cloud Access Security Brokers and how they can help organizations protect data across any cloud app.
#ALSummit: Accenture - Making the Move: Enabling Security in the CloudAlert Logic
Bill Phelps (Managing Director of Security Programs, Accenture)'s presentation on observations of cloud security trends at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat PreventionIBM Security
View on demand webinar:
https://securityintelligence.com/events/introducing-ibm-cloud-security-enforcer-casb-idaas-and-threat-prevention/
Cloud Security Enforcer is the first solution to combine Cloud Access Security Broker (CASB) functionality with identity services (IDaaS), policy enforcement and dynamic threat prevention intelligence into a single integrated SaaS solution.
Join Daniel Wolff, Program Director Cloud Security Product Management, and Gonzalo de la Hoz, IAM European Segment Leader, as we discuss how IBM Cloud Security Enforcer has integrated multiple technologies crucial to enabling safe adoption of cloud applications in the enterprise:
- Cloud application discovery and risk
- Cloud identity services and application on-boarding
- Closing the mobile device gap
- Policy enforcement and threat prevention
Despite best efforts and substantial financial investment, costly breaches continue to happen at an alarming rate. The common approach to securing assets by purchasing sophisticated, layered security technologies is not working. These technologies are necessary, but not enough. A best practice model to minimize risk combines technology with continuous monitoring by security experts in a SOC. This session presents a model for effectively monitoring hybrid, multi-cloud environments. It covers the basic architecture of a modern SOC and proposes a pragmatic approach to providing complete visibility into all potential attack surfaces.
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
According to the latest IBM X-Force Research report, the average consolidated total cost of a single data breach is $3.8 million. And with data breaches up 22% so far in 2016, across every vertical imaginable, the threat must be addressed. Watch Google and CloudLock's discussion in this hands-on exploration of how your organization can combat these ever changing security threats.
Codeless Security for the Apps You Buy & Build on AWSCloudLock
Watch this webinar to learn what codeless security looks like for the cloud apps you build. Codeless - that means baking in security capabilities to defend your custom apps against data breaches without having to write a single line of code.
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
Para trabajar en un ecosistema digitalmente transformado, los directores de sistemas de información y otros líderes empresariales tienen que navegar en un entorno de amenazas a la seguridad en constante cambio. Las soluciones de Next Gen Security (NGS) son soluciones de seguridad optimizadas para trabajar mejor con la escala masiva y cobertura expansiva de la Tercera Plataforma. Aunque 7 de cada 10 empresas afirman estar en el proceso de implementar una solución más de seguridad de nueva generación, 3 de esos 7 no tendrá éxito por la falta de competencia interna, por lo que el tema de seguridad es cada día más crítico”. Akamai ofrece un rendimiento a escala con la solución de distribución en la nube más grande y confiable del mundo. Sus recursos se escalan de forma que sus clientes no tengan que hacerlo. Akamai tiene una visibilidad sin igual de las propiedades más atacadas en la web y obtiene inteligencia ante amenazas continuamente a partir de inspecciones avanzadas tanto del tráfico bueno como del malo.
#ALSummit: Architecting Security into your AWS EnvironmentAlert Logic
Ryan Holland (Cloud Platform Solutions Director, Alert Logic)'s presentation on securing your AWS environment at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Realities of Security in the CloudAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic)'s presentation on the reality of securing your digital transformation to the cloud at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
How to get deeper administration insights into your tenantRobert Crane
Microsoft Cloud App Security is a powerful reporting and alerting tool that provides deep analytics into your Microsoft 365 tenant. Combined with other agents it can be a central place to bring all your reporting and alerting together and even incorporate information from endpoints, servers and firewalls. Come and learn why Microsoft Cloud App Security provides administrators power beyond their wildest dreams when it comes to managing Microsoft 365.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Failed Ransom: How IBM XGS Defeated RansomwareIBM Security
View on-demand webinar: http://event.on24.com/wcc/r/1238398/409AE8848D4FF1210B56EC81538788EB
Ransomware is a growing threat impacting organizations across all industries. But not all is lost. There are preventative measures that can be taken to help protect against ransomware attacks, including deploying a next-generation intrusion prevention system (IPS), such as the IBM XGS.
Join our webinar to:
Understand the current threats associated with ransomware
Learn how leading-edge research from IBM X-Force powers the XGS to stop ransomware
Hear how IBM XGS proactively blocked ransomware at a large healthcare insurance organization
Malware evolution and Endpoint Detection and Response Adrian Guthrie
As malware evolves into targeted Advance Persistent Threat the response has to change to more proactive security model.
Automated Prevention Block malware and exploits to prevent Automated Detection -Targeted and zero-day attack are block in real time
Automated Forensics - Forensic information for in-dept analysis of every attempted attack
Automated Remediation - Automated malware removal
all made possible by Big Data analytics and Collective Intelligence .
Malware evolution and Endpoint Detection and Response TechnologyAdrian Guthrie
As Malware evolves into targeted Advance Persistent Threat the response has to be layered, proactive response, and highly visible
Automated Prevention- Block Malware and exploits prevent future attacks
Automated Detection- Targeted and Zero-day attacks are block in real time without signature files.
Automated Forensic- Forensic information for in-dept analysis of every attempted attack
Automated remediation- Automated malware removal to reduce burden on administrator.
All made possible by big data analytic and collective intelligence
Everything you really need to know about IDS (Intrusion Detection Systems) Combining with HoneyPots. Deployment and usage techniques used in the past and today. How to setup and deploy onto any network including the cloud. Reasons why this should be used in all networks. How to bring BIG DATA down to Small Data that is easy to understand and monitor.
It’s all over the news that data breaches occur daily! I asked WHY these hackers can download terabytes of data in timespans of months without being noticed. What are these companies paying their SOC team millions of dollars for? How come all the money is going to devices to prevent breaches and little to none in detecting when they occur? Don’t people know there are only two types of companies “those that been hacked, and those that don’t know they been hacked”. What can I do to detect a breach within seconds on any network scale? I think I figured it out. In my talk you’ll learn how you and your clients can benefit by applying my exclusive techniques, which I’ve successfully deployed. So the next time you get hacked the hacker would not be able to steal all those credit cards and photos of that Halloween party.
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
How can mobile device data be protected? This SANS webcast reviews the current and emerging services and practices designed to help secure and protect the data on these devices, and identifies areas where solutions are needed to fill the remaining gaps and provides recommendations for a holistic approach including mobile threat protection.
Endpoints are everywhere, and endpoint security is evolving. Endpoints also remain the most attractive target for hackers as a point of entry for attacks because they’re connected to the weakest link in enterprise data protection: humans.
View the SlideShare to learn:
--Why evolving threats require increased endpoint defense capabilities.
--What organizations can do to protect against known and unknown threats, while reducing manual processes for administrators.
--The primary capabilities of endpoint detection and response (EDR) tools, and how you can find the right fit for your business.
--Where your organization sits on the endpoint security maturity scale.
--Keys to maturing your endpoint security strategy.
A new generation of products and services is helping organizations keep pace with modern threats and advance beyond traditional, prevention-oriented endpoint protection to a more comprehensive — and realistic — focus on detection and incident response.
Improve Situational Awareness for Federal Government with AlienVault USMAlienVault
Securing your network from threats is a constantly evolving challenge, especially for federal government agencies with much valuable data to protect, and where IT security resources are often limited. AlienVault has helped many government organizations get complete security visbility for effective threat detection and response, without breaking the bank.
Join us for a live demo to see how AlienVault USM addresses these key IT security needs:
Discover all IP-enabled assets to get an accurate picture of attack surface
Identify vulnerabilities like insecure configurations and unpatched software
Improve situational awareness with real-time threat detection and alerting
Speed incident containment & response with built-in remediation guidance for every alert
Investigate anomalies in protocol usage, privilege escalation, host behavior and more
Generate fast & accurate reports for compliance & management
Looking to understand how hackers and other attackers use cyber technology to attack your network and your executives? This slide set provides an overview and details the anatomy of a cyber attack, and the strategies you can use to manage and mitigate risk.
Panda Adaptive Defense - The evolution of malwarePanda Security
We analyze the evolution of malware and the next generation of Enpoint Protection agaings targeted attacks: Adaptive Defense.
More info: http://www.pandasecurity.com/enterprise/solutions/advanced-threat-protection/
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14IBM Sverige
Michael Andersson, säkerhetsexpert på IBM, berättar om hur en intelligent och automatiserad säkerhet kan göra din organisation mer proaktiv mot dagens allt mer sofistikerade hot.
Beyond Prevention: Cisco's Next Generation Endpoint Security
The only way to defeat today’s security threats is to address them holistically across the full attack continuum—before, during, and after an attack. Cisco’s approach of continuous endpoint analysis in combination with an integrated, architectural approach to security is foundational to this model
Similar to Security O365 Using AI-based Advanced Threat Protection (20)
IaaS applications are now more widely used than ever, with sensitive data stored in AWS and Azure, and now accessible from more connected apps and endpoints. Learn how to secure IaaS with a CASB in our webinar.
6 essentials for secure BYOD in healthcareBitglass
In this webinar, we explore alternatives to MDM that protect mobile data and devices without impeding on employee privacy. We'll also explore 6 critical capabilities for securing BYOD to help your firm achieve compliance.
For enterprises looking to protect cloud app data, Cloud Access Security Brokers (CASBs) have quickly emerged as the go-to solution. But how have CASBs matured and encompassed critical pieces of the security puzzle, from identity management to data leakage prevention?
Join Bitglass and (ISC)2 for Episode 1 of the CASB Wars webinar trilogy for a discussion about the evolution of CASBs from app discovery to complete cloud security suites and basic API-based controls to more capable multi-protocol proxies.
Enterprises are migrating to the cloud in droves, taking advantage of lower costs, easy deployment, and improved infrastructure security. Protecting data in the cloud, however, remains a challenge as employees push to access cloud apps from any device, anywhere.
In this webinar, Michael Ball, CISO at AGF Investments and Rich Campagna, VP of Products at Bitglass, will discuss the evolution of Cloud Access Security Brokers (CASBs), from app discovery tools to mature solutions that now provide deep visibility and control over data across all cloud apps. Michael and Rich will also highlight real-world CASB deployments and how major organizations are leveraging these solutions to protect data end to end, from cloud to device.
Office 365 Security: How to Safeguard Your DataBitglass
Greg Schaffer, CISO at FirstBank and Rich Campagna, VP of Products at Bitglass, provide practical cloud security advice that you can apply immediately in your organization.
Focusing on O365 but offering a broad view, Greg and Rich will cover top concerns, mitigating controls and give examples of how your peers have responded to the cloud security challenge.
The Security Gap: Protecting Healthcare Data in Office 365Bitglass
One in three healthcare organizations had a cloud app like Office 365 deployed in 2015, driven by ease of deployment, cost effectiveness, and improved productivity among employees. While cloud app vendors like Microsoft have built robust infrastructure-level security, data security is the enterprise's responsibility. Healthcare organizations need a cloud security solution that protects PHI end-to-end, from cloud to device.
As more organizations look to deploy new or additional cloud apps to enable employee productivity, securing corporate data becomes a challenge. Cloud Access Security Brokers (CASBs) have emerged as the go-to solution for organizations that need end-to-end data security, from cloud to device.
Data-Centric Protection: The Future of BYOD SecurityBitglass
Enabling secure BYOD has long been a challenge for IT. Attempts to secure these devices with agents and device management tools like MDM have been met with widespread employee concerns about privacy and usability, and as a result, organizations see low rates of adoption. Requiring that employees use these install these cumbersome device management tools or access data solely from managed devices are solutions fraught with issues. Employees need the flexibility to work from any device, anywhere.
In this webinar, we'll discuss how IT can limit risk of data leakage amid changing user habits. Learn how organizations across all industries are enabling secure mobility and productivity with a zero-touch, agentless solution.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
2. Agenda
1. Cloud and mobile require new security strategy
2. Overview of CASB architecture
3. How malware infects O365?
4. Attack stages of Advanced Persistent Threat?
5. AI-based approach to Advanced Threat protection
6. O365 Advanced Threat Protection
7. Use cases protected by CASBs
8. Q & A
3. The Perfect Storm
exponential growth in malware samples and cloud app adoption
source: https://www.okta.com/blog/2015/05/okta-the-perfect-complement-to-google-for-wsource: https://www.av-test.org/en/statistics/malware/
4. cloud & mobile drive data outside the firewall...
...leaving traditional security technologies ineffective
Problem
5. CASB Security
a data-centric approach
the new data reality requires a new security
architecture
■ cross-device, cross-platform data protection
■ granular controls for protecting data at rest and
in motion
■ contextual access control
■ detailed logging for compliance and audit
7. Attack stages of Advanced Persistent Threat
CASBs offer holistic protection
Delivery
• URL filtering: Block malicious sites and links
Exploitation
• Identify and block exploits
Installation
• Block known and zero-day malware
• Block unwanted file types (e.g: executables)
Command&
Control
• Block malware domains
• Deny access to compromised Users and devices
Actions on
Objectives
• Prevent malware spread
• Prevent data exfiltration by enforcing DLP and access control policies
CASB persistent threat detection and prevention capabilities
8. Poll:
How are you protecting
your O365 instances
from malware attacks?
1. Deployed 3rd party AV
2. O365 advanced threat protection
3. CASB/proxy-based solutions
4. No malware protection
5. Did not deploy O365
9. O365 Advanced Threat Protection (ATP)
reactive, slow, limited
Sandbox-based detection adds significant
latency
E5 is required for ATP.
75% more expensive than E3.
Requires a minimum deployment of 500 seats
Protected by AV engines built on legacy
detection technologies, such as signature and
heuristics, that are reactive
10. MALWARE’S VICIOUS
INFINITE LOOP
Malware mutations are the norm
Malware authors use polymorphism,
obfuscation and automation to create
390,000 new malicious programs per day
AV engines can’t keep up
Using signatures, whitelists,
rules/heuristics or execution to detect
malicious behavior doesn’t scale
Detection misses lead to…
Incident response
Increased hunting
More cleanup & re-imaging
More risk
11. HUMANS ARE A FINITE RESOURCE
It’s a question of scale, speed, breadth, and correlation.
Which approach meets the modern challenge?
• Linear ability to combat attacks
• Human correlated feature sets
• Algorithmic ability to combat attacks
• Machine correlated feature sets make
connections that humans can’t see
12. Leverage the power of
machines,not humans, to
dissect malware’s DNA.
Artificial intelligence then
determines if the code is
safe to run.
Never have an unknown file
threat because the AI
prediction doesn’t change.
AI IS NOTAI-BASED APPROACH IS
Rely on AI
and ML
Analyze Malware
at the DNA-level
Advanced Threat
Prevention
Minimal
Updates
PredictiveAutonomous
Decision
Rely on Human
Classifications
Require Constant
Updates
Behavioral
Analysis
Require On-Premise
Infrastructure
Wait for Threats
to Execute
Signatures
Micro-
Virtualization
Heuristics
Sandboxing
13. WHAT’S SO SPECIAL ABOUT PREDICTING ATTACKS?
Predictive analysis provides highly effective detection and prevention of never before
seen threats
GLASSRAT
• Undetected for Years
• Human Discovered Nov
23, 2015
Cylance –
Blocked as of April 2014:
18 months prior to human
discovery
ZCRYPTOR
• Spear-Phishing
• Human Discovered April
2016
Cylance –
Blocked as of Oct 2015:
6 months prior to human
discovery
SAURON/STRIDER/
REMSEC
• Espionage Backdoor
dating back to 2011.
Human Discovered
August 2016
Cylance –
Blocked as of Jan 2015:
18 months prior to human
discovery
GOLDENEYE
RANSOMWARE
• Weaponized Excel and
PDF Files
Cylance –
Blocked as of Oct 2015:
14 months prior to human
discovery
GOLDENEYE
RANSOMWARE
• Weaponized Excel and
PDF Files
Cylance –
Blocked as of Oct 2015:
14 months prior to human
discovery
WANNACRY/
WANNACRYPT
• New ransomware variant
exploiting MS
vulnerability
Cylance –
Blocked as of Jan 2015:
17 months prior to
discovery
14. Business Areas
Endpoint Security
Consulting Services
OEM / Technology Partnerships
Unprecedented Market Acceptance
1,089% Year-Over-Year Growth
1,000+ Clients
4 Million+ Endpoints
BUSINESS SNAPSHOT
V E R T I C A L
M A R K E T
A G N O S T I C
“
”
Cylance is easily the
fastest-growing EPP
startup in the last ten
years…
16. Use Case 1:
real-time malware protection
■ block malware before it reaches cloud app
■ leverage proxies to control access to any
app from any device
■ quick detection with low-latency
■ whitelisting mechanism for false-positives
17. Use Case 2:
protect managed devices
■ block malware before it reaches end-point
■ prevent sync clients from downloading
malicious content
■ Layered anti-malware strategy
18. Use Case 3:
protect unmanaged devices
■ protect unmanaged with no or poor EPP
solutions
■ enable access to enterprise apps on
BYOD
■ block malware on unmanaged devices
spreading to cloud apps
19. Use Case 4:
prevent spread of malware via interconnected cloud apps
■ It is common to connect cloud apps to
other apps (i.e: O365 and Box)
■ Interconnected cloud services provide new
paths for malicious files to make their way
into cloud services and devices
■ Delete or quarantine files that are deemed
malicious
20. Poll: What is your
primary O365 use case
that needs malware
protection?
1. Protect unmanaged devices
(PC/Mac)
2. Protect managed / corporate-
owned devices
3. Protect mobile devices
(iOS/Android)
4. Prevent spread of malware via
interconnected cloud services
21. STORYBOAR
omni citadel harbor
data protection on
any device
high-performance
advanced DLP
patented cloud
encryption
only bitglass
agentless, cloud-based solution
deploys in minutes
threat
known- and unknown-
malware
protection
Personal cloud apps are outside of the scope of IT monitoring via CASB due to privacy concerns, inability to monitor on BYOD, and the intractable nature of trying to chase tens of thousands of applications for a very small risk of corporate data leakage. These apps do, however, pose a threat risk via things like malware infecting managed devices. Enterprises should leverage existing tools - endpoint protection suites and perimeter controls (SWG, NGFW) to counter the threat risk posed by personal cloud apps.
AV products use signatures, heuristics and hand crafted rules that do not scale well
Using polymorphism and obfuscation, malware authors can circumvent signature and rules based detection techniques
Signature-based tech does not address today’s problem of unique malware variants
Customers are forced to detect then respond
Resources are spread thin
Risk to information disclosure is huge
AV Engines Can’t Keep Up
Signatures Don’t Scale
Mutations are the Rule not the Exception
Humans are Required
Network Encryption Makes You Blind
Cybercrime is easy
Lacks extradition and attribution
Anonymous currencies
Using an AI-based approach means it doesn’t have to know something is bad to prevent it. The technology does not look for a signature or behavior match.
We analyze ALL portable executables at the “DNA” level to extract 1000’s of features and combinations of features. The AI produces a confidence score.
We map and classify these many features with our AI-powered math engine that sits on the device itself—no need to send the file anywhere. Works online or offline.
We predict what’s bad and overly powerful. These are threats that can subvert the endpoint or be used against you in lateral movement.
Neither signatures nor behaviors are used.
We are able to identify the previously unseen (targeted) malware.
Updates are minimal. Though we have monthly updates, many customers elect to only update every few months.
Speaker Notes:
Some examples:
GLASSRAT:
November 23, RSA discovered the presence of GlassRAT – it had been around for a LONG time before a human discovered it – Someone noticed some odd call backs and after many human hours/days they discovered what would become known as GlassRAT.
Cylance is interesting because we took all of those hashes that were in the RSA report – some were as old as 2012.
We took all those hashes and ran it against one of our oldest algorithms – from April 2014 – in this way Cylance is able to look back in time and say would we have been able to predict the presence of this threat or at least detect it – before humans could have.
The answer is yes! In fact, by nearly 18months!
This threat has been around longer than Cylance has been a company and that’s too bad for all of us.
We were still 18 months ahead of the spear in this case and be able to block/prevent.
ZCRYPTOR:
Another example, Zcryptor – came out about mid this year. Ransomware is every where and this is a particularly bad one.
Zcryptor was really bad because it would just blow through Microsoft’s EMET for the first time – EMET was supposed to be a saving grace.
We ran these files against our October 2015 model – a full six months ahead of the rest of the human race’s discovery of Zcryptor.
This was far enough ahead, before the code was even compiled, that Cylance may have even been ahead of the entire threat campaign itself in this case. This is what I call “dead on compile.” Cylance was able to detect and prevent Zcryptor before it was even compiled.
6 months might not sound like a lot, but in today’s malware it’s nearly a life time – especially when you consider the fact that the ”life time” of a specific malware file hash is only about 58 seconds - according to a report from Verizon’s Data Breach Investigation Report.
SAURON/ STRIDER/ REMSEC:
Last example because it’s a very powerful example – most advanced and evasive APTs that the human race has found in the last few years.
Both reports break on the same day – 1 Symantec and and 1 from Kaspersky.
Again, we took the files that came out in these reports and ran them against a Cylance model from January of 2015 – sure enough – we stopped every single one of them from the Symantec report.
We were able to predict a full 18 months ahead of the rest of human race being able to discover the presence of this malware.
Think about all the work that human researchers have to do when researching a new APT or threat actor campaign like this. It’s a TREMENDOUS amount of work – there’s all sorts of problems with the human approach to this
http://www.symantec.com/connect/blogs/strider-cyberespionage-group-turns-eye-sauron-targets
IOC’a: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Symantec_Remsec_IOCs.pdf
PETYA:- A new variant of the notorious ransomware Petya is back, and with yet another James Bond reference for a name: Goldeneye. In this past week, the new ransomware variant has been almost exclusively attacking hosts in Germany. Numerous organizations have already been hit.
- Presumably from the same author of Petya, first seen in December 2015, and the Petya-Mischa combo, which hit users back in July 2016, Goldeneye overwrites the master boot record (MBR) in order to block access to both the user’s files and operating system.
- Goldeneye infects hosts primarily via malicious email attachments containing macros. Once the ransomware executes, the user’s machine will crash, restart, and show a skull-and-crossbones animation before displaying a ransom note asking for a payment in bitcoin of $1,000.
- As with most malicious Microsoft Office documents, before the embedded macro can execute, user intervention is required. All MS Office documents since MS Office 2007 that contain macros present a security warning to the user as default, so the malware author provides some instructional text in an attempt to fool the user into clicking the “Enable Content” button.
- Cylance’s Research team tested over 300 samples of the Goldeneye ransomware against our endpoint protection product, CylancePROTECT. Our artificial intelligence powered mathematical model was able to prevent the execution of Goldeneye right out of the gate, stopping it dead.
- Watch CylancePROTECT® do battle with live Goldeneye ransomware and block it, pre-execution.
- To make things more challenging, the Research team did not use a recent version of CylancePROTECT in our demo. We demonstrate the predictive nature of Cylance by using a version of CylancePROTECT created one full year before Goldeneye was released – built in October 2015. Even though the version of CylancePROTECT we used is a year old, it completely prevents Goldeneye from executing and protects the system from ransomware.
- With most legacy AV solutions, it may take days to weeks to provide updated signature protection. In the meantime, many users will become victims of the Goldeneye ransomware.
- Ask yourself this: would you trust your existing security solution to keep you fully protected after not updating it for a year? What about a week?
Cylance, based in Irvine, CA, is fastest growing private cyber security company in the 2015 Inc. 5000 (#26 overall with >7000% growth over 3 years)
The company has achieved $177M in funding (with $100M from series D). Investors include: Fairhaven Capital, Khosla ventures, BlackStone, DFJ, KKR, CapitalOne, Dell, In-Q-Tel, and BlackStone Tactical
1200+ customers; 2,500,000+ endpoints
Cylance was selected as a Gartner Visionary: “Cylance is easily the fastest-growing EPP startup in the last ten years…”
Cylance provides network OEMs with a unique machine learning based malware detection engine
Competitors: Symantec/Blue Coat, McAfee, TrendMicro, SentinelOne, Crowdstrike
Endpoint Prevention Platform (EPP) is Gartner’s term for AV and related security products http://www.gartner.com/it-glossary/endpoint-protection-platform-epp/
Endpoint Detection and Response (EDR) is a related market. Unlike EPP, EDR is reactive. Gartner sees these two markets merging.
At the core of our solution are three key technologies
Omni - multimode proxies that enable data protection on any device, agentlessly. AJAX-VM means we’re futureproof. Can rapidly be adapted to support new apps.
Citadel - native advanced, adaptive DLP for cloud and mobile. Results in faster inline inspection + remediation vs using external DLP
Harbor - encryption / tokenization of data at rest within cloud applications. With patented preservation of frontend / backend application functionality and full strength encryption
These technologies are packaged in an agentless, cloud-based solution that deploys rapidly and is used to protect mission critical applications in more enterprises than any other CASB.