Skip to main content


Education Sector Remains a Major Target for Ransomware Attacks

By BlogNo Comments

The education sector has been in the crosshairs of cybercriminals for years. If anything, it is getting worse. According to a study by Comparitech, almost 1000 schools were affected by ransomware in 2021, impacting about a million students. Total price tag? The estimates of the cost to education institutions is around $3.5 billion in downtime alone, not to mention the ransomware payments themselves.

In many cases, the ransom is paid. Otherwise, schools and colleges face days or weeks of shutdowns, often at critical periods such as during exam or enrollment for the new year. In some cases, these attacks are fatal. Lincoln College, attacked in late 2021 has now permanently closed its doors due to fallout from the attack that led to a lack of enrollments. To make matters worse, the college paid the ransom.

Ransomware payouts from educational institutions vary widely. They range from $100,000 to as much as $40 million. Hackers typically do their homework in advance and have become skilled in knowing the means of the institution and the business impact of being shut out of systems. They set their ransoms accordingly.

Further tactics include double-extortion attempts: hackers encrypt systems and demand a fee to hand over the encryption key. But they also threaten to post sensitive data online. This double-whammy kind of treatment has been meted out to the likes of Broward County Public Schools, Clover Park School District, Somerset Independent School District, Union Community School District, and the Affton School District. Top targets include New York, Texas, Florida, and Arizona.    

Vice Society

The most recent headlines about school cybercrime have centered around a threat group known as Vice Society. It specifically goes after K-12 school systems. It successfully breached the LA County Unified School District (LAUSD) in September 2022. Timed to disrupt the district at the beginning of the academic year, hackers hoped to extort funds due to around 640,000 students being impacted by the ransom attack.

Vice Society targets schools as they are thought to be relatively soft targets. As well as being more likely to pay a ransom due to possessing a strong desire to serve their students, they are also not known to have strong security.

At LAUSD, Vice Society exfiltrated 500 GBs of personal information. They asked for a ransom and threatened to leak sensitive personal data to the public. In this case, the school district decided not to pay up. They reasoned a) there was no guarantee hackers wouldn’t end up leaking the data and b) the money could be put to better use by funding student needs.

That is part of a growing trend. While some organizations continue to pay ransoms, a many others are now refusing to do so.

Schools Need Help

Educational institutions have been late to the cybersecurity party as their focus is always on attending to the needs of their students. But recent events have forced them to pay more attention to security. However, it is not their core competency.

Thus, schools are encouraged to seek outside help in combating cybercrime. Vendor-based Software-as-a-Service (SaaS) security offerings are widely available. Alternatively, managed security service providers (MSSPs) can provide robust security safeguards that combat ransomware, safeguard systems, and free up the IT departments within educational bodies to focus on tools and systems that serve an educational purpose.

Syxsense Enterprise offers the educational sector real-time vulnerability monitoring, automated patch management, instant remediation, and IT management across all endpoints on one console. It can scan for all vulnerabilities on any device, block communication from an infected device to the internet, isolate endpoints, and kill malicious processes before they spread. In addition, it can automatically prioritize and deploy OS and third-party patches to all major operating systems, as well as Windows 10 and 11 feature updates. It offers peace of mind for any and all desktops, laptops, servers, virtual machines, and mobile devices. Syxsense Enterprise is also available to MSPs via our MSP Partner Program.

For more information, visit:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Managing the Endpoint Vulnerability Gap: Key Findings

By Endpoint SecurityNo Comments

Syxsense is pleased to be a sponsor of Enterprise Strategy Group’s latest survey on the Endpoint Management Vulnerability Gap. Respondents of this survey included IT and cybersecurity professionals involved with endpoint management and security technologies and processes. These professionals work for companies with 100 employees or more and cover a variety of industries.

The objectives of this research are to:

  • Identify challenges, strategies and trends in endpoint management and security
  • Determine if and how endpoint management and security functions and systems are converging
  • Highlight opportunities for improving endpoint management and security fueled by functional convergence

Fill out the form below to get your copy of the eBook.

Password Managers: To Use or Not to Use

By BlogNo Comments

A series of recent incidents has led to debate concerning the value of password managers.

  • PayPal sent out breach notifications to thousands of users that had their accounts accessed through credential stuffing attacks that exposed some personal data. Some linked the attack to password reuse across systems. As many people use the same password on multiple accounts, they run the risk of their accounts being breached by bad actors who compromise one account and use that same password to enter other systems used by the user.
  • Credential stuffing attacks are becoming more common. Attackers use bots to attempt thousands of logins a second.
  • The popular password manager LastPass has been hacked multiple times over the past year or two. This has people wondering whether they should use such a tool or not.

So, should you use a password manager or not? The short answer is yes, they need to be used. Why? According to KnowBe4, the average user accesses more than 170 different sites and services. Each one needs a password. This number may seem excessive. But take a moment to add it all up. Every bank account, all the work-related sites, social media, Amazon and other cloud services, travel sites, hotel sites, and on and on. (I added mine up and came up with over 200 logins). That’s part of the problem. What do users typically do to cope with this ridiculous number of passwords? They reuse passwords over and over and that opens the door to more widespread breaches.

When security policies are implemented forcefully concerning passwords, users are forced to change them every quarter, and in recent times have had to move from 6 characters to eight to ten or more. They have also been required to add capitals, numbers, and symbols. What is the user response? The average person without a password manager has less than 10 passwords (or password patterns) that they use across all the sites they deal with.

To make matters worse, many of these passwords are relatively weak. They can be broken quickly using brute force techniques. The consequence? If a hacker breaks one password, they can try it in many other places. Perhaps they only compromise Facebook at first. From there, however, they can try bank account logins using the person’s email and preferred password. They often strike gold. Crypto accounts, Amazon, and work accounts are also exposed to attack.

Password Manager Failings

Password managers, then, should be used. They provide strong, random passwords that are different for every site or service. Unlike eight-character passwords that can be cracked via brute force in short order, these passwords are unguessable by any known technology. But as the LastPass hacks made clear, password managers are not infallible. Those that store your passwords in the cloud are especially susceptible to attack. Those that store them locally are better such as on a device where you use your password manager. Yet there remains a single point of failure on that local machine. If the bad guys gain access to it, they can get inside the password manager if the user leaves it unlocked. That allows them to see stored passwords and export them. Users are advised to configure password managers to automatically lock after a very short time.

Keyloggers can also be employed to steal the master password used to access any password manager. A good way around it is to require multi-factor authentication to unlock the password manager, such as receiving a text to your phone.

And like any software or system, password managers contain software vulnerabilities. They can be used by attackers to access or exploit password managers, sometimes even when they are locked. Vendors issue patches to fix these exploitable bugs.

Lack of encryption can be another weakness. Choose password managers that use strong encryption of stored passwords, logon names, URLs, and other sensitive data.

There are many other ways that hacking can occur. But like any other online system, the basics still apply:

1. Use a reputable password manager that applies the safeguards noted above.

2. Include multifactor authentication as part of the login process.

3. Update all password managers with the latest fixes and patches to keep them secure.

4. Include password managers in vulnerability scans to ensure no weaknesses are left undiscovered.

5. Keep systems in general fully patched and up to date. Password managers employ browser extensions and interface with other systems. Those other systems and extensions need to be patched, too.

Syxsense automates the process of installing patches, performing vulnerability scans, and remediating any issues found.

For more information, visit:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Who is Being Victimized by Cyber – Crime? And Should You Be Worried?

By BlogNo Comments

There is so much news about cybercrime that you might get the idea that it is happening to everyone everywhere – to all organizations of all sizes and across all industries. Certainly, there is some truth to the statement that all are at risk. But it remains a generality.

Orange Cyberdefense’s Security Navigator 2023 report makes it clear that specific industries, company sizes, and architectures are far more likely to be targeted and breached than others. So, should you be worried? Let’s take a closer look at the areas that pose the most risk, and the targets cybercriminals are most likely to go after.

Most Likely to Be Victimized

The report delivered insights from around 100,000 incidents worldwide. Here are the major findings:

  • Asia and Europe are surging as hot cyber-extortion destinations, but North America remains a key target. From 2021 to 2022, an increase was observed in the number of victims from Europe (+18%) the UK (+21%), East Asia (+44), and especially the Nordic countries (+138%). North America, too, remains heavily attacked, but a little less so than before. 2022 showed the USA down by 8% and Canada by as much as 32%. 
  • Small businesses are under the gun. The study found that 4.5x more small businesses fell victim to cyber extortion than medium and large businesses combined. This indicates a clear shift in tactics by cybercriminals as they have noted the lax defenses that often exist in the SMB sector. That said, large businesses can’t rest easy. In terms of sheer volume of attacks, they suffered by far the most attacks, and were also the most heavily impacted when they did get breached.
  • The manufacturing sector is in danger. The report found that manufacturers were the most likely to fall victim to cyber-extortion. It attributed this fact to poor IT vulnerability management among large manufacturers and the fact that they often rely on legacy infrastructure. As a result, they possess a lot of non-IT operational technology (OT) systems that are rarely as well secured as IT infrastructure.
  • Malware was the most prominent attack vector, appearing in 40% of all incidents processed. Network and application anomalies were the second highest incident type but dropped in frequency from 22% down to 19%.
  • 47% of all security incidents detected originated from internal actors. Whether deliberate or accidental, insider threats are growing. As well as from sheer malice, this can be due to misconfiguration, unpatched systems, or other errors made within companies.
  • Criminal groups are evolving fast. From the top 20 actors list observed in 2021, 14 are no longer in the top 20 of 2022. After Conti disbanded in Q2 2022, Lockbit2 and Lockbit3 become the biggest cyber extortion actors in 2022 with over 900 victims combined.

How to Avoid Becoming a Victim

The report laid out a series of key steps that organizations can take to ensure they do not land on the naughty list (also known as the cybersecurity victims list):

  • Implement multifactor authentication (MFA) on authentication interfaces
  • Frequently backup business-critical assets and complement this with offline backups.
  • Test the integrity of these backups regularly by restoring critical functions.
  • Implement or upgrade endpoint protection and anti-malware systems.
  • Install defenses against Distributed Denial of Service (DDoS) attacks.
  • Configure firewalls and other perimeter equipment to allow only the minimum of outbound traffic to the internet.
  • Monitor outbound traffic closely for anomalies. 
  • Identify trust boundaries and implement tight controls for services and users that want to cross into those zones. Least privilege and Zero Trust concepts can also apply here as well as network segmentation. 
  • Identify and patch any internet-facing technologies, especially Remote Access like VNC and Microsoft RDP, Secure Remote Access like VPNs, and other security technologies like firewalls.
  • Continuous vulnerability management
  • Prioritize patches based on whether vulnerabilities have known working exploits. This is applicable to infrastructure as well as end-user software or devices. Internet-facing services with known vulnerabilities must be patched.

Syxsense Enterprise takes care of the last three points while providing a Zero Trust framework. It offers automated patch testing, deployment, and prioritization, as well as continuous vulnerability scanning, mobile device management (MDM), IT management, and automated remediation.

For more information, visit:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Sloppy CVE Handling Could Mean its Time to Update Your CV – Unless you Bring in an MSP

By BlogNo Comments

There are hundreds of Common Vulnerabilities and Exposures (CVEs) in existence, some more serious than others. All need attention, yet many organizations have gotten sloppy about how they take care of CVEs. Some take months to deploy urgent patches as covered in CVEs. Sometimes in can take years. In a few cases, there are CVEs unresolved in organizations that are more than a decade old.

Those in IT and cybersecurity that are guilty of ignoring or taking far too long to remediate CVEs are advised to either update their CVs and resumes and start sending them out – or bring in an MSP that can completely take care of patch management and vulnerability management. It’s the easy way to ensure no CVEs are unaddressed anywhere in IT systems.

CVEs in Neglect

Let’s take a look at some of the important CVEs that are largely neglected in many organizations. These are only a few examples out of many that could be lurking:

CVE-2018-13379 FortiGate VPNs: The CVE title includes the year of release. This one from 2018 is still being exploited despite regular alerts being issued about it.  Advanced Persistent Threat (APTs) groups continue to use it in attacks. It is such a severe risk that anyone using this VPN without the patch deployed should assume they are now compromised and to begin incident management procedures. Remediation steps include removing these VPNs from service, returning them to factory default settings, reconfiguring them, installing all patches, and once done, returning them to service. An upgrade to the latest FortiOS version is also recommended. Further action indicated is to scan all hosts and networks that are in any way connected to the VPN to look carefully for any signs of malicious activity.

There are also several high-priority patches from 2019 that are often unpatched in enterprise systems:

CVE-2019-19781 about Citrix NetScaler from 2019 has been used to compromise, among others, an Australian defense database.

CVE-2019-11510 relates to Pulse Secure Connect. It can result in arbitrary file disclosure and leaks of admin credentials. This one has been used in attacks via VPNs and by nation-state actors.

CVE-2019-3396 for Atlassian Confluence is a remote code execution bug.

CVE-2020-0688 for Microsoft Exchange. Dating back to early 2020, it leaves server data unencrypted and open to attack. Nearing its third anniversary, it remains a potent vulnerability for the bad guys to exploit.

This is just a partial list. Others that are deemed serious from 2019 include CVEs related to a Cisco router, Oracle WebLogic Server, Kibana, Zimbra software, the Exim Simple Mail Transfer Protocol. When you factor in the CVEs from 2020, 2021, and 2020, the list is very long indeed.

Watch Your Back

Anyone with vulnerabilities and CVEs unpatched dating back more than a couple of months in 2022 should watch their back as they are open to charge of neglecting their cybersecurity duties. Anyone with un-remediated CVEs from 2021, 2020, 2019, or even as far back as 2018 as in the case of FortiGate VPN, could well be soon looking for a new job. They better dig out their CV and get it updated fast.

Before the axe falls, a smart move would be to draft in help from an MSP to help eliminate these vulnerabilities, institute vulnerability management and attack readiness processes, and fully patch all applications, operating systems, and endpoints including mobile devices.

Syxsense offers managed security services for patch management, vulnerability management, and remediation. These services provide real-time, 24-hour security coverage. Syxsense also offers an MSP/MSSP program with a world-class platform. Both are built on the foundation of Syxsense Enterprise, an automated patch management, vulnerability scanning, mobile device management (MDM) and IT management platform. It detects outdated patches and threats in real time and can be used to implement updates before bad actors can take advantage of exploits. Syxsense Enterprise incorporates Zero Trust practices and includes features such as patch supersedence, patch roll back, and a wealth of automation and configuration features. In addition, it provides a three-hour turnaround for the testing and delivery of new patches as well as technology to send software and patches across the wire once, using peer-to-peer within the network for local distribution.

For more information, visit:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
Syxsense Blog

Long Patching Delays Haunt Enterprise Cybersecurity

By BlogNo Comments

Imagine a kingdom facing invasion from a hostile and determined foe. The citizens band together to build the highest and widest walls possible. They erect battlements, dig deep moats filled with water, forge mighty gates of the strongest metal, and spend countless thousands of hours making sure they are fully secure – only for all to be lost as someone forgot to lock the back gate being used to take out the garbage.

A similar situation is haunting modern enterprise “kingdoms.” Businesses are spending a fortune on cybersecurity – as much as 20% of the overall IT budget. They are deploying intrusion detection and remediation systems, endpoint management technology, Security Information and Event Management (SIEM), threat detection, ransomware prevention, next generation firewalls, Zero Trust Network Access (ZTNA), multifactor authentication (MFA), Secure Access Service Edge (SASE), and a host of other solutions to remain free of breaches. But the entire team is being let down by one little patch that was never deployed on a critical server. Result: the bad guys get in, hold the organization to ransom, extort millions, and live to wreak havoc another day.

This situation is far closer to reality than fairytale in many organizations. Orange Cyberdefense’s Security Navigator 2023 report revealed many startling findings. But by far the most shocking was the state of enterprise patching. Researchers found that businesses are taking an astonishing 215 days to patch a reported vulnerability. Even for critical vulnerabilities, it generally still takes more than 6 months to deploy a patch.

Take the Log4j vulnerability. Originally discovered on 9 December 2021, that means that on average, most organizations hadn’t deployed the many patches released to counter Log4j until July of 2022. How could it be that this vulnerability was labeled by many as one of the most serious that had appeared in years, yet so many chose to ignore the warnings and left the patches gathering dust?

Why So Long to Patch?

What might be the reasons why it could possibly take so long for organizations to deploy urgent patches? Complacency and neglect are certainly factors to consider. Functions like patching and backup are often taken care of as routine and non-emergency duties. Perhaps initially, they are given importance.

New patch management software or services are obtained. Best practices are discussed and implemented. All is well for a while. But over time, these functions receive less and less attention. They are perhaps still done, but fewer eyes are on them, no one bothers to check whether patching was deployed correctly, whether new systems and devices were added to the patching schedule, how long patches took to deploy, or how many patches are currently backlogged.

Testing is another area where organizations can inadvertently cripple patching effectiveness. Once upon a time, they may have suffered some problems due to a glitchy patch that caused downtime. They institute a lengthy and laborious patch testing protocol which, in reality, means that every patch has to go through testing before being sent anywhere. As a result, some patches take an age to be deployed.

There is no time to lose in installing priority patches. Syxsense provides a three-hour turnaround for the testing and delivery of new patches as well as technology to send software and patches rapidly across the wire once and then use peer-to-peer within the network for local distribution. This ensures there are no network bottlenecks blocking patch delivery. In the case of a patch or update that causes incompatibilities in other systems, patch roll back features allow you to return systems to the state that existed before the implementation of a new patch.

Lack of Automation in Patching

Lack of automation, too, can dead-end organizational patching. If it remains a manual process, it becomes all too easy for someone to forget to deploy patches or omit transmitting them to half the devices in the network. With hundreds or even thousands of endpoints to manage, lack of automation can delay the implementation of critical patches. Automation saves time as IT no longer has to formulate scripts, hop from one screen to another, or manually push out patches to various destinations.

Additionally, there are factors such as incomplete inventorying of devices and poor reporting. It is one thing to say all systems are patched and fully updated. But it is another to be able to prove it. Comprehensive inventorying and reporting are vital.

Syxsense lets you easily manage unpatched vulnerabilities with the click of a button. It includes patch supersedence, patch roll back, and a wealth of automation features. In addition, it provides immediate turnaround for the testing and delivery of patches as well as peer-to-peer technology that delivers patches to all devices fast.

For more information, visit:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Syxsense Predictions Critical Infrastructure Attacks, More Cyber-Regulation, Faster Zero-Day Exploitation, and Slow but Steady Growth of Zero Trust in 2023

By BlogNo Comments

Jonathan Cassell, Senior Solutions Architect at Syxsense, gazed into the cyber-crystal ball and came up with several predictions for 2023. These include more cyberattacks on critical infrastructure, increased cyber-regulation, faster zero-day exploits, and growing adoption of zero trust, though not at a pace necessary to significantly reduce the quantity of successful cyberattacks.

Here goes:     

Attacks on Critical Infrastructure

2021 and 2022 saw the appearance of serious attacks on critical infrastructure. The famous ones included: The Colonial Pipelines breach that took down east coast fuel supplies for a few days and sent gas prices soaring; and the largest meat processing firm in the world JBS suffering a ransomware attack that disabled beef and pork slaughterhouses and impacted facilities in the U.S. Canada, and Australia. Expect more of the same in 2023, and perhaps even bigger targets getting hit.

More Cyber-Regulation

The FBI’s Cybersecurity and Infrastructure Security Agency (CISA) has had quite a year. It was regularly in the news through issuance of alerts about Common Vulnerabilities and Exposures (CVEs), Shields-Up notifications to guard against Log4j and other threats, and actions taken on a bypass of many enterprises to fix vulnerabilities deemed to be a severe threat. Don’t think that the higher profile of the CISA isn’t going to ripple into other facets of government. Therefore, more cybersecurity legislation is probably on the cards. There is also talk about a potential federal-level privacy regulation similar to the EU’s GDPR.

Regardless of regulatory pressure, insurers are turning the screws on businesses, demanding that they institute stronger cybersecurity safeguards if they want to be given cyber-insurance. Some are being turned down, some given high premiums, and others given less than comprehensive coverage as they were not deemed to have sufficient layers of protection in place.

Faster Zero-Day Exploits

The term zero day relates to recently discovered security vulnerabilities that a vendor or developer has only just learned about. Hence the term – they have zero days left to remediate it. Zero-day attacks are particularly worrying as they can be exploited by cybercriminals before developers have addressed them by issuing patches and figuring out remediation steps. These exploits, therefore, can cause serious damage and data theft until fixed.

When Log4J was discovered, for example, it led to a scramble by a great many vendors and a rash of patches and remediation protocols.

The bad news is that 2023 will probably bring even quicker zero-day exploits leading to shorter time frames between attacks. It may even lead to manufacturers and other victims not discovering such vulnerabilities for longer periods, and not disclosing them promptly either.

Zero-Trust Grows, But Slowly

There is great hope in the cybersecurity community that zero-trust network access (ZTNA) will solve a lot of ongoing difficulties. Certainly, ZTNA is growing and should grow more in 2023. However, we don’t yet see the market traction for it to be deployed widely in enough businesses to make a serious dent in the number of cyberattacks and breaches.

ZTNA encompasses technologies that enable secure access to internal applications. It grants access on a least-privileged basis via granular policy management to give verified users secure connectivity to private applications while protecting the network and avoiding exposing apps to the internet. Thus, Zero Trust is all about securing IT infrastructure and data via a framework that can tackle safeguard remote workers, hybrid cloud environments, and IT in general. It works on the assumption that any network is always at risk of either internal or internal attacks. In essence, Zero Trust means an individual is not just trusted because they are on the network. They must prove who they are and are given only limited access to the systems they need. Beyond safeguarding and vetting individual identities, the next frontier is now verifying machine identities such as the specific device and browser being used for access.

The Syxsense Zero Trust module, part of Syxsense Enterprise, provides hundreds of parameters IT can use to report and act on device compliance. For example, it can determine if a is laptop accessing a NetSuite server after hours from an IP address in an unfamiliar location. If so, it blocks it. It also has the power to enforce compliance with Zero Trust policies prior to granting access on an asset-by-asset basis. And it includes automated remediation of non-compliant endpoints, which could include patching the system, enabling an antivirus tool, and making sure it is up to date on patterns, emailing IT about unauthorized access, and more.

For more information, visit:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
IT managers device management

How System Administrators and IT Managers Can Get More Sleep

By BlogNo Comments

Those working in IT grow accustomed to pagers or smart phones going off in the middle of the night. That means they must get dressed, grab a quick coffee, and head into the office to resolve the latest security alerts, server outages, or network glitch. It can happen on weekends, too. Instead of a relaxing lie in bed for some much-needed hours of extra slumber, an alert comes in – or it happens during precious leisure hours with family and friends. The IT staffer must pack up the beach towels or turn off the barbeque or the game, kick off the flipflops, and take that long commute the work.

By deploying Syxsense for automated patch management, mobile device management (MDM), vulnerability scanning, IT management, and remediation, IT personnel can greatly increase their number of hours of undisturbed sleep AND feel far less resistance about meeting each new day. Here’s how:

Morning Slumbers

A fascinating study by Best Mattress Brand revealed that the job one does and the industry worked in have a definite influence on the number of minutes people lie in bed after the alarm sounds. Regardless of the time you need to be at work, you’re going to set an alarm depending on how long it takes you to get up, get ready, and get to your workplace. These times are often influenced by factors such as the stress one has to endure, the type of responsibility each person has, and the way each one of us decides to face the day ahead.

Those who stay in bed the least seems to be working in transportation and warehousing (8 minutes), homemaker (8 minutes), construction (7 minutes) and manufacturing (7 minutes). Medical and healthcare, finance and insurance and IT all stand at an average of 11 minutes of lying in bed after the alarm, while government and public administration, education and wholesale and retail workers take in average 10 minutes.

The study found that job satisfaction was somewhat correlated to the length to time people want to linger in bed. Those the least happy at work tended to lie in bed for around 11 minutes – the same as IT.

Certainly, there may be other factors. Nevertheless, all those late night and weekend alerts, and the intense stress of working in a stressful malware-saturated environment seem to be taking their toll on system administrators and IT managers. They either want to remain in bed a few extra minutes to make up for lack of sleep, or they stay under the covers longer as they try to muster the courage to face another hectic day of ransomware threats, phishing alerts, and data breaches.

Syxsense Can Help You Get More Sleep

Experts say sleep is as important for good health as diet and exercise. A good night’s sleep improves brain performance, mood, and health. Not getting enough quality sleep regularly raises the risk of many diseases and disorders.

Syxsense is a sure way for system administrators, IT managers, and cybersecurity personnel to get more sleep, improve their mood, and improve productivity. It automates the entire process of patch management, vulnerability scanning, and mobile device management (MDM). As it protects organizations from breaches by blocking users on untrusted devices, it helps organizations create a security posture that encompasses the various criteria necessary to be granted trusted access. It can also automatically apply fixes and remediate issues in real time to enable proper access. Remediation actions might include deploying an urgently needed security patch, updating the anti-virus signature database, and alerting IT about unauthorized access attempts.

By deploying Syxsense Enterprise, IT personnel gain peace of mind. They get go to bed at night confident that they are extremely unlikely to be distributed by the strident sound of a pager. They can engage in activities with family and friends at the weekend without the specter of yet another interruption due to the latest emergency. By sleeping better, they can wake up refreshed and increase their level of happiness and job satisfaction.

For more information, visit:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
syxsense scores high in gigaom report

Syxsense Scores High in GigaOM Patch Management Report

By BlogNo Comments

Vendors often fight over whose solution is best. They set up their own tests to prove that they are better than the competition. Unfortunately, vendor sponsored tests sometimes include a certain bias. Say vendor X knows its software works well a specific volume of traffic running application A and that a competitor’s solution doesn’t perform as well on that specific workload. The test can be rigged to focus on those parameters. Hey, presto! Vendor X scores much better than its rival “proving” its superiority.

Hence, it is always best to look for independent evaluations of different products with no bias of any kind (such as vendors sponsoring the study). Research firm GigaOM operates in this way. Its studies are done in a way to maintain objectivity.

Recently, GigaOM evaluated 18 patch management vendors to determine which solutions were the strongest. That put Syxsense up against some long-established giants such as Ivanti, BMC, and Tanium that are more than ten times our size. The analyst firm graded Syxsense as a Leader in patch management and a Fast Mover in a challenging marketplace.

This high rating came about due to the breadth and depth of the Syxsense offering when it comes to identifying, acquiring, verifying, and installing patches to physical and virtual devices, and software systems. GigaOM analyst Ron Williams carefully looked into areas such as patch characterization, prioritization, testing, implementation tracking, and verification to determine the robustness and comprehensiveness of each patch management solution. He checked the range of operating systems (OSs), applications, and environments they can work with.

How Syxsense was Graded

Syxsense gained an outstanding rating from GigaOM for all market segments: small & midsized businesses (SMBs), large enterprises, and as something service management service providers (MSPs) can use to provide patch management to their clientele.

While some vendors specialize in one OS or one environment and some don’t have the ability to patch mobile devices, Syxsense performed well in GigaOM tests due to its extensive range of coverage. As well as Syxsense, only other two other vendors out of 18 were given an outstanding rating against all areas of patch coverage: desktop and server Windows and Linux, desktop macOS, mobile, and remote systems.

GigaOM makes particular use of what it calls its key evaluation criteria to compile these detailed comparison reports. Syxsense was graded by the analyst firm as being very capable in inventorying, tested sources and patching architecture, and outstanding in lifecycle management, patch testing, patch deployment, path prioritization, and patching of third party and in-house applications. Further, when graded against the evaluation metrics of flexibility, management capabilities, resource load management, security, usability, and patch reporting, Syxsense came as outstanding on all categories. No other solution scored higher on these metrics.

GigaOM’s Opinion of Syxsense

Beyond its Leader and Fast Mover rating, GigaOM went into detail about how Syxsense patch management fared during the evaluation process. It explained that the company’s customers range from 100 to 100,000 endpoints and that the platform consists of a larger set of tools focused on intelligent (AI-based) endpoint management. With full coverage of Windows, macOS, and Linux desktops and servers, as well as mobile devices and remote systems, Williams stated:

“Syxsense provides a strong patch management solution, especially when the rest of the portfolio is considered. It covers all identified patching targets. Its strengths lie in lifecycle management, patch testing, patch deployment, patch prioritization, and a large number of third-party applications. Syxsense also supports an API, allowing integration with other systems such as ITSM and CMDB.”

In terms of challenges, he noted that Syxsense uses only a trusted repository of vendors. In Williams opinion, this disallows the use of distributed repositories and may present a bottleneck when a large number of endpoints are patched in the same physical location, though there are methods to mitigate this issue. Syxsense addresses the patch deployment bandwidth challenge by intelligently distributing applications and patches without tying up bandwidth across the enterprise. This is accomplished using technology that sends software and patches across the wire once, using peer-to-peer within the network for local distribution.

You can find out more about it and download the report here:

Syxsense Named a Fast Mover in GigaOm Radar Report for Patch Management Solutions

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
endpoint security

2023 Predictions from the Endpoint Security Experts

By BlogNo Comments

Ashley Leonard, CEO of Syxsense, provides his thoughts on the world of cybersecurity and what to expect in 2023. He touches on diverse areas such as Zero Trust, artificial intelligence (AI), cloud-based attack vectors, autonomous endpoints, and the vital need for orchestration and automation in security.   

Zero Trust Comes of Age

Zero Trust has been a huge buzzword in 2022. However, the actual application of Zero Trust technology within corporate infrastructure has been limited. According to Dell’s Global Data Protection Index, only 12% of large organizations have implemented a Zero Trust architecture, though 91% say they are either aware of or are planning to deploy it soon.

My prediction for 2023, therefore, is that we will finally see Zero Trust concepts implemented broadly within corporate IT environments. Accordingly, we have added a new Syxsense Zero Trust module within Syxsense Enterprise that enables endpoint compliance with Zero Trust Network Access policies (ZTNA). It serves as an organization’s “Trust Evaluation Engine” for endpoints, offering and control over network access policies, and enables security teams to build sophisticated access policies and remediation workflows to ensure ZTNA compliance.

AI Brings Both Good and Evil

Another technology that has been talked up for years yet has somewhat limited implementations is AI. My prediction for 2023 is that we will see an AI arms race, with both the good and the bad guys utilizing AI far more heavily.

The good guys will harness it in many way: for real-time threat monitoring; to add more even power and speed to patch and vulnerability scanning; and to coordinate logs and data sources across the enterprise in real time to spot the patterns that indicate a Distributed Denial of Service (DDos) attack, a phishing outbreak, compromised accounts, ransomware, or data breaches. AI will take security systems to a higher level of pace, sophistication, and capability. And it is coming just in time.

Why? The bad guys are harnessing AI, too. They are using it to find ripe ransomware targets, to figure out the best attack vectors that will bring the biggest payout, and to assess the potential worth of targets automatically. For example, it is well known that Common Vulnerabilities and Exposures (CVEs) scored 8 and above are given high priority for patching and remediation in many businesses. AI is being used to figure out combinations of low and high priority CVEs to find the easiest way into a business. By beginning with a 6 or 7-rated CVE, cyber gangs known that some of these patches might not be deployed in many organizations. From there, they can enter and then exploit more serious vulnerabilities. The morale is clear: Patch all your system religiously and perform regular vulnerability scans.

Cloud Attacks Multiply

As many IT departments have moved critical business functions to the cloud such as those for email, accounting, and customer relationship management (CRM), this has resulted in the cloud becoming a bigger attack target. My prediction is that we will see a major increase in cloud security breaches in the coming year.

Data from Microsoft shows Azure deployments rising at a rate of 33% a year. Cybercriminals know this, and they have realized that enterprises often have a blind spot when it comes to cloud security. Some businesses think the cloud provider is responsible for the protection of their data when it is actually their own responsibility. The cloud provider is only responsible for the integrity of its own cloud infrastructure. Hence, cloud breaches are common and they are going to become even more frequent until cloud data security is prioritized.

Autonomous Endpoints

In recent years, there has been tremendous focus on the cloud as a way to centralize compute and storage resources. This has certainly been a great leap forward. But think about it for a moment. Businesses possess incredibly powerful processors inside storage equipment, servers, and desktops. These systems are underutilized in many cases. A prediction for 2023 is that many of the tasks managed today by the cloud could be better performed at the endpoint – and we will begin to see some functions decentralized onto endpoints to take advantage of this untapped compute potential.

More Orchestration and Automation

IT departments can expect to be stretched to the limit in 2023 as inflation and a global recession put additional pressure on IT budgets. Hiring freezes are likely in some quarters. IT will be told yet again to do a lot more with fewer people. The only way to survive in such a climate is to add more orchestration and automation capabilities. Expect, therefore, that orchestration and automation technologies we be more heavily used in the coming year to enable IT to maintain security and service.

Syxsense offers automated patch management, vulnerability scanning, mobile device management, remediation, and IT management in one integrated suite. This enables IT to orchestrate a great many functions from one console, eliminating manual labors that can easily consume many hours.

For more information visit  

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo