Subscribe

DT Asia Security Solution Summary

OneIdentity Syslog-Store Box – Centralized log collection and management solution

The syslog-ng Store Box™ (SSB) is a high-performance, high-reliability log management appliance that builds on the strengths of syslog-ng Premium Edition. With SSB, you can search logs, secure sensitive information with granular access policies, generate reports to demonstrate compliance and forward log data to third-party analysis tools. By leverage on syslog-ng log processing and filtering features you can improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.

syslog-ng Store Box™ (SSB) Key features:

-Collect and index

-Search and report

-Store and forward

-Secure log data

 

Fidelis Cybersecurity: Threat Detection & Response Solutions

Fidelis network:

Identifying threats and data leakage requires deep inspection and analysis of all forms of content, including unpacking and extracting deeply embedded files. Fidelis Network bi-directionally scans all network traffic, regardless of port or protocol, to reveal the network and application protocols, files, and content.

By conducting real-time network analysis and identifying behaviors that indicate compromises, Fidelis Network provides automated detection for the proactive discovery of attackers, suspicious hosts, and malware.

Including multiple sensors that can be placed throughout your network to enforce prevention policies. These sensors can be placed inline or out-of-band based on your network configuration and prevention tolerance.

Fidelis Network detects and prevents data theft by utilizing our industry-best content decoding and inspection engine. Get ultimate visibility of exfiltration attempts and keep your sensitive data safe.

Endpoint:

Fidelis Endpoint provides visibility into all endpoint activity including process actions, logged in users, registry writes, file system activity, and memory. Detect threats by applying Fidelis Insight threat intelligence, custom alert rules, YARA and OpenIOC formats to analyze, alert, and collect system events. Fidelis visibility is always on, whether the endpoint is on-network or off.

Automatically respond to any detection by executing tasks either shipped with the system or customized for your environment. Response tasks include endpoint isolation, creating and using restore points, process termination and file wiping. You can also jumpstart investigations including memory analysis, vulnerability scans, and system inventory. Integrate with Fidelis Elevate to execute response actions to threats detected in the network.

Fidelis Endpoint can be enhanced with Fidelis AV so you can see exactly where threats originate. Fidelis AV provides both traditional signature and heuristic-based detection and prevention of threats on the endpoint. Process scanning allows users to block execution of processes by hash or with easily created YARA rules.

Deception:

Classify all network assets, communication paths, and network activity to profile your users, services, and assets. The result is a network profile that includes all assets including servers, workstations, enterprise IoT devices, and shadow-IT. The profile is continuously adapted as changes occur within your environment.

From automated discovery of an environment, accurate information is utilized to auto-generate decoys for deception layers. Decoys have profiles, services and activity matching the environment, plus recommended breadcrumbs for placement on nearby real assets to act as lures to decoys. Configuration options are available to customize the deception layer.

Learn what attackers do once inside your network after compromising a foothold system often from phishing or social engineering attacks. Attractive breadcrumbs placed on real assets are quickly found by attackers to lure them to decoys, interactive services and fake data. Divert attacks from real resources and data to quickly detect and defend against post-breach attacks.

Deception defenses provide a proactive opportunity to lure, detect and defend early within post-breach compromise incidents with no risk to resources or data, or impact to users and operations. Alerts come from deception layers unknown to users and partners resulting in high fidelity with no false positives. The result is a low friction, low risk accurate alarm system to detect post-breach attacks.

SSH CryptoAuditor and PrivX – PAM with Zero-password security

CryptoAuditor: Priviledge Access Management

CRA is an easily implemented privileged access management (PAM) solution which allow you to see, control, and record what happens inside encrypted privileged sessions to your corporate resources. It can be used to monitor and control encrypted secure connections from third party accessing to your system, enforces your corporate security policy also on privileged users or compliance such as PCI DSS, HIPAA, SOX . Often being deployed in hours and requiring no agent, it doesn’t change your IT infrastructure and can integrate with other systems easily. Compared to other competitors in the market, CRA is not jump-host based and is a centrally managed solution. This grants CRA the flexibility to be able to monitor all corners of your network and not just based on a specific host.

Certificate Base PrivX Privileged Access management

SSH PrivX is a Browser-based PAM solution. No software on target servers. No agents. No software on desktops. No passwords. No rotation. No vaults.

Static credentials are no longer stored on machines, in a central vault, or anywhere. Credentials are now instantly provisioned on-demand, according to company policy, and only valid as long as needed.

No static credentials means no rotating, managing, or vaulting (PAM) of credentials is required. These credentials are important, but also the bottleneck to cloud efficiency and a persistent vulnerability.

Yubico: 2FA token that is more than just OTP

 The YubiKey is a strong two-factor authentication for compliance with GDPR, PSD2, DFARS, and FIPS. Unphishable secure multi-factor authentication, protect your organization from costly security breaches with unphishable security that eliminates account takeovers. The YubiKey is the trusted secure authentication choice for the largest technology, finance, and retail companies in the world.

RCDevs – Enterprise MFA Security Solution

The RCDevs main product Two-Factor: OpenOTP™ stands for a very powerful Multi-Factor authentication solution providing secure and reliable authentication of remote users to online services, Cloud, VPNs, Citrix, RDP, SSH, Intranet and much more.

Main Feature to look at:

All-in-one security solution with Two-Factor, SSO, IAM, PKI

No SaaS / Cloud and no connection to any external services

Device independent with supports for open security standards

Integrations for VPNs, Microsoft, Linux, Web, Cloud

Integrates seamless with Enterprise directories and multiple LDAP

Advanced redundancy and HA with active-active clusters

Scalable from hundreds to millions of users

Automated user / device provisioning with self-services

Complies with highest security standards (PCI-DSS, HIPAA)

KnowBe4 – Security Awareness Training solution

KnowBe4 is a security awareness training and phishing platform to enhance an organization’s cyber security by training your employees to be last line of defense. It is designed to mitigate the ongoing problem of social engineering threats by going through a cyclical process of training the users, phishing them and seeing the results. Users can be easily included by syncing with your current Active directory. With legitimate looking phishing email templates to phish your users available with logos, difficulty levels can be adjusted to suit your users’ knowledge on phishing. Educating your users using training modules are readily available, covering a wide range of topics. These can all be easily done with the simple and user friendly Graphical User Interface. Tracking of the organization’s and individual’s progress can be carried out with just a few clicks.

WebArgus – Web defacement detection and recovery solution

WebArgus is a web defacement detection and recovery system. Contrary to other similar web defacement products in the market, WebArgus provides 24/7 monitoring, instant recovery and is able to defend against zero day attacks targeting monitored files and directories.

WebArgus is designed with low overhead in mind, and is coupled with a simple and easy to use user interface, which is easy to configure.

With WebArgus, engineers need not take down the website to remove the defaced materials, and can now focus on defensive measures against future attacks.