Skip to main content
Tag

cybersecurity

Syxsense Joins Microsoft Active Protections Program (MAPP) Expanding Company’s Threat Intelligence Capabilities

By News, Press ReleaseNo Comments

Early access to Microsoft vulnerability information allows the company to provide updated protections to customers faster

ALISO VIEJO, Calif. – [May 17, 2022] – Syxsense, a global leader in IT and security management solutions, today announced it has joined an elite group of cybersecurity software providers partnering with Microsoft to receive early vulnerability information through the Microsoft Active Protections Program (MAPP). This partnership further builds on capabilities Syxsense already provides when helping customers scan, patch, and secure endpoints. As a member of MAPP, Syxsense will receive early access to threat intelligence, allowing faster deployment of protections, and enabling customers to stay even further ahead of emerging threats.

“The threat landscape changes and evolves at an incredibly rapid pace, so providing our customers with the most up to date information is paramount when working to stay ahead of new attacks,” said Ashley Leonard, Founder and CEO of Syxsense. “As a member of MAPP, we’re now able to combine Microsoft’s early vulnerability information with our instant endpoint detection and prevention capabilities to provide customers with a more comprehensive picture of their threat environment. This ultimately helps them strengthen their security posture when scanning for vulnerabilities, managing patch cycles, dealing with endpoint compliance and more.”

“Syxsense is a valuable addition to our list of trusted security partners in the Microsoft Active Protections Program,” said Al Brown, Senior Security Strategist, Microsoft Security Response Center. “The visibility insights and management capabilities gained from their unified endpoint management technology along with the early access to threat intelligence they now have enables them to offer their customers some of the most robust defense strategies in the industry.”

Syxsense recently announced Syxsense Enterprise™, the world’s first IT management and endpoint security solution that delivers real-time vulnerability monitoring and instant remediation for every endpoint across an organization’s entire network environment. Syxsense Enterprise combines Syxsense Secure, Manage, and Mobile Device Manager, and then layers on a powerful workflow automation tool called Syxsense Cortex™, to deliver a completely unified platform that scans and manages all endpoints, resolves problems in real-time, and reduces the risks associated with system misconfigurations. This enables organizations to better predict, identify, and remediate vulnerabilities.

For more details, visit: https://www.syxsense.com/. To see this integration, as well as Syxsense’s Enterprise solution or MDM capabilities in action, visit the company’s booth (#466 in the South Hall) at the RSA Conference, June 6-9, 2022.

About Syxsense

Syxsense is a leading provider of innovative, intuitive endpoint security and management technology that combines the power of artificial intelligence with industry expertise to help customers predict and remove security threats across all devices including mobile. Syxsense is the first unified endpoint security management platform that centralizes the three key elements of endpoint security management (vulnerabilities, patch and compliance) and layers on a powerful workflow automation tool called Syxsense Cortex,™ all through a single cloud-based platform, enabling greater efficiency and collaboration between teams. The always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm. For more information, visit www.syxsense.com

About the Microsoft Active Protections Program (MAPP)

MAPP is a program from the Microsoft Security Response Center (MSRC) that provides vulnerability information to security software providers in advance of Microsoft’s monthly security update release. By receiving vulnerability and threat information earlier, security providers can deploy protections ahead of publicly available vulnerability details.

https://www.microsoft.com/en-us/msrc/mapp

About the Microsoft Security Response Center (MSRC)

The Microsoft Security Response Center is part of the defender community and on the front line of security response evolution. For over 20 years, we have been engaged with security researchers working to protect customers and the broader ecosystem.

https://www.microsoft.com/en-us/msrc

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Business Email Compromise Attacks on the Rise

By BlogNo Comments

Business Email Compromise Attacks on the Rise

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

Increased BEC Attacks

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. The FBI’s Internet Crime Complaint Center (IC3) reports that Business Email Compromise (BEC) schemes within the U.S rose to nearly $2.4 billion in 2021, up 33% from the previous year and up tenfold since 2015.

These attacks typically begin with a security breach of some sort – an unpatched system, an unaddressed vulnerability, or a phishing email that someone clicks on. Once the perpetrators are inside, they then rely on spoofing emails that impersonate executives, financial personnel, CEO, vendors, or partners. The goal is to request what appears to be legitimate business payments from authentic-looking emails from a known authority figure. Done well, employees comply without thinking and transfer large sums of money to an untraceable account.

Example: The CEO is in Asia working on the latter stages of an acquisition. A BEC scam might involve sending legitimate-looking emails from actual corporate email addresses (or addresses that look similar to legitimate email accounts). These messages give authorization to transfer funds NOW to a certain bank account. But it isn’t always money. Sometimes the goal is to steal an employee’s personally identifiable information, or wage, financial, or tax forms.

Nail Salon Scammer

The owner of a nail salon in California scored big with BEC by tricking a public school district in Michigan into wiring its monthly health insurance payment to its bank account. $2.8 million was stolen. Banks managed to recall about half of it.

Investigators discovered that a hacked HR identity began the event. By masquerading as the HR staffer, the person convinced the finance department to send the money to a new account. But the plot thickens in this case. The nail salon owner claimed someone in Europe convinced him to accept the funds and forward them to other accounts. The FBI countered that this is a ruse to escape conviction.

In other examples, major deals have been hijacked by scammers. A U.S. nonprofit was fooled into sending an approved grant for $650,000 to a fake account. Again, email phishing was the culprit. The email of someone in accounts was taken over by a thief, and wire details were changed at the last minute. The money went to an account in Texas and was moved on from there. Law enforcement actions to date have failed to locate the money or bring the perpetrators to justice.

Further BEC tactics utilize “deep fake” audio and video messages generated by artificial intelligence that pretend to be from executives, enticing subordinates to sending funds.

In many cases, criminals hack into corporate systems months before, using known but unmitigated vulnerabilities. They then sit tight, quietly monitor traffic, and note the best opportunity. As a deal is unfolding, they take control of an email account, send an urgent request to someone in finance, and divert the funds to the wrong destination. By the time the scam is suspected, typically the next day, the money has disappeared.

Even the federal government can fall for such tricks. The U.S. State Department was another recent target. $200,000 allocated to farmers in Tunisia was redirected to who knows where.

What to Do to Prevent BEC Attacks

To prevent this happening to you or your organization, employee education is vital, particularly about phishing and other social engineering trickery. Multi-factor authentication is another important element.

Specific to BEC, warning signs include sudden urgency injected into financial transfers, requests to use new accounts, or email addresses and domains that are almost, but not quite right. Scammers often set up fake websites and email addresses that look genuine until you look more carefully. Where money or major changes are involved, always verify using another communication method than email.

The Power of Syxsense

And back up these sensible actions with comprehensive Unified Security & Endpoint Management (USEM) protection. Syxsense Enterprise can detect and remediate breaches automatically. It can scan for all vulnerabilities on any device, block communication from an infected device to the internet, isolate endpoints, and kill malicious processes before they spread.

It can automatically prioritize and deploy OS and third-party patches to all major operating systems, as well as Windows 10 feature updates. IT and security teams can use Syxsense Enterprise to collaborate on the detection and closing of attack vectors. It offers management, control, and security for any and all desktops, laptops, servers, virtual machines, and mobile devices.

 

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Who Is Securing Our Systems?

By BlogNo Comments

Who Is Securing Our Systems?

With distributed cloud-oriented environments, confusion is inevitable on the IT security side.

The Question of Security

With compute environments being so distributed and so cloud oriented, confusion is inevitable, particularly on the security side. Within organizations, applications and data are split between on-premises systems and the cloud. Not just one cloud. Many organizations operate multiple clouds or subscribe to services from a great many providers.

And then there is the software and services supply chain. It is no longer usual for one provider to take care of everything. A great many vendors are typically involved in various workflows and systems. Providers like Kaseya and SolarWinds, for example, provide underlying systems that other software relies upon. Remote monitoring and management systems like these are used by countless enterprises and vendors as part of their external or internal offerings.

Managed service providers (MSPs), too, rely on such applications to take care of software delivery and general remote operation. This enables them to focus on their core competencies such as backup, security, or CRM. Even internally within organizations, there tends to be a reliance on a variety of systems to be able to remote into employee devices, deliver updates, and more.

Bottom line: This labyrinth is so pervasive that it is very hard to keep track of who is exactly doing what. And who is responsible for which functions.

Cloud Insecurity

This is bad enough on general IT management. But when it comes to security, the repercussions can be disastrous. The lines of demarcation on security duties must be well known.

This problem has already come to head following some well publicized cloud breaches. Some enterprises blamed their cloud providers for attacks, only to be quoted the fine print about what the cloud provide was actually responsible for. Yes, they secure their own clouds. Yes, they provide a series of cloud features. And yes, they promote these in ways that may make it seem that they cover all aspects of security. But they don’t.

The user is usually responsible for the integrity of the files being sent to the cloud i.e., ensuring no malware lurks inside. Further, some cloud providers hold the user organization responsible for encryption of files being sent to the cloud.

In other words, the delineation of duties isn’t always clear. Hence, someone in IT might be asked, “who is securing our systems and our data?” And the response might be, “I thought the cloud provider was doing that.”

Cybercriminals Taking Advantage

The software and IT services supply chain now sprawls across all corners of the web. And the cybercriminals are capitalizing on the grey areas between providers and client organizations to find zones that “fall between chairs.” Each party thinks the other one is taking care of that security function. The Kaseya and SolarWinds hacks were only the beginning. They showed the bad guys that it was far smarter to hack one company and have its supply chain network distribute that software to large numbers of organizations.

No wonder supply chain breaches are exploding. An NCC Group paper found that cyberattacks on supply chains increased by 51% between July and December 2021, based on a survey of 1,400 cybersecurity decision-makers at organizations with over 500 employees in 11 countries. 36% believe they’re more responsible for preventing, detecting, and resolving supply chain attacks than their suppliers.

However, 53% say both their company and its suppliers are equally responsible for the security of supply chains. Nearly half say they don’t stipulate security standards for their suppliers, and a third don’t regularly monitor and risk assess their suppliers’ cybersecurity arrangements.

As more supply chain breaches happen, though, awareness of this problem area is rising. More companies are recognizing supplier risk as a key challenge. They plan to increase security budgets by an average of 10% this year.

Take Charge of Your Own IT Security

Anyone utilizing the cloud is advised to carefully weed out any ideas within the IT ranks that someone else takes care of cloud security duties. It is up to IT to secure its own systems, data, devices, and identities. And to define exactly what providers do and don’t do with regard to security. Assume it is NOT secured unless you have a guarantee in writing from the provider. Be tenacious in hunting down the facts about the division of duties.

Syxsense provides SaaS and MSP-based security services that automatically take care of functions such as endpoint management, mobile device management, patch management, vulnerability scanning, and remediation.

To take one example: In patch management, Syxsense guarantees to test and critical patches within four hours of their release. It automatically deploys patches based on a priority system to safeguard all organizational systems and devices by providing the correct updates and patches.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Gartner Predicts the Future of Endpoint Security

By BlogNo Comments

Gartner Predicts the Future of Endpoint Security

Gartner recently completed an in-depth review of the entire endpoint security landscape. What should organizations be aware of?

What’s Coming for Endpoint Security?

Gartner recently completed an in-depth review of the entire endpoint security landscape. The analyst firm delved into every facet of endpoint security to determine which technologies were rising, which were being eclipsed by more modern approaches, and what the future holds.

Researchers pointed to unified endpoint security (UES) and unified endpoint management (UEM) as being among the major waves of the security future. While these technologies are still evolving they are rising rapidly in adoption as more and more vendors manage to unite their various endpoint offerings under one fully integrated umbrella.

Traditional Endpoint Detection and Response (EDR)

Traditional endpoint detection and response (EDR) systems have become a popular way to protect enterprise endpoints from attacks and breaches, and as a means of achieving secure remote access. Some vendors are adding to EDR capabilities via extended detection and response (XDR) suites.

What is the difference? EDR focuses on protecting endpoints only. XDR takes a wider view. It integrates security across endpoints, cloud computing, email, and other areas. This is particularly important in light of the larger trend of more and more people working from home. XDR offers a broader zone of protection.

Gartner notes that endpoint security innovators have been focusing on better and more automated prevention, detection, and remediation of threats. One of the goals is to protect endpoints while enabling access from any device to any application over any network and with a good user experience in terms of performance and low latency.

Vendors are introducing, for example, UES and UEM suites that combine elements of EDR, endpoint protection platforms (EPP), and mobile threat defense (MTD) into one integrated toolset. UES suites focus on endpoint security and provide some management features. UEM, on the other hand, stresses management and typically includes good security functionality, too.

What’s changing?

The lines are blurring. These products can secure workstations, smartphones, and tablets and manage it all from a single console. They offer a way for businesses to achieve some degree of vendor consolidation, at least on security. Instead of having one vendor for patch management, another for EDR, another for mobile device management, and others for MTD, EPP, and other functions, it can all be rolled into one consolidated system.

According to Rob Smith, an analyst at Gartner, UES offers plenty of benefits and is now on the radar for up to 20% of its target market.

“Unified endpoint security brings together endpoint and protection, as well as MTD under a unified platform, with tight links to endpoint management infrastructure for end user facing devices, such as Windows 10, macOS, iOS, Android and — in some cases — also extending to Linux and Chrome OS,” said Smith. “UES has the potential to be a single best-of-breed solution for all endpoint security, provided that the unified product’s cross-device data analytics is strong.”

He recommends that organizations evaluate UES adoption based on three goals:

  • Extend detection and response beyond the laptop and desktop to mobile devices.
  • Unify endpoint security and management workflows from a single console.
  • Allow for complex, posture-based policy application along with supporting technology like secure remote access.

Organizations, therefore, should harness tools such as UES and UEM to consolidate all endpoint security onto a single suite to lower support costs and improve threat prevention and detection, and incident response.

The Power of Syxsense

Syxsense Enterprise bring the best of UEM and UES together. It is the world’s first Unified Security and Endpoint Management (USEM) solution, delivering real-time vulnerability monitoring and instant remediation for every single endpoint in your environment, as well as IT management across all endpoints.

This represents the future of threat prevention. Breaches can now be detected and remediated within one endpoint solution. It can scan for all vulnerabilities on any device, block communication from an infected device to the internet, isolate endpoints, and kill malicious processes before they spread.

Syxsense Enterprise can automatically prioritize and deploy OS and third-party patches to all major operating systems, as well as Windows 10 feature updates. IT and security teams can use Syxsense Enterprise to collaborate on the detection and closing of attack vectors. It offers management, control, and security for any and all desktops, laptops, servers, virtual machines, and mobile devices.

 

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Ransomware Continues to Wreak Havoc

By BlogNo Comments

Ransomware Continues to Wreak Havoc

With ransomware attacks growing in volume, organizations need all the help they can get with managing these threats.

The Rise of Ransomware

Ransomware has been in the headlines for a couple of years now. One day, stories will be written that explain how the ransomware epidemic is now over. That day has not arrived.

Yet with all the media coverage ransomware attacks constantly attract, it would be reasonable to assume that its effectiveness and impact would lessen due to greater overall awareness of the problem. The opposite appears to be true, according to a new study by Enterprise Strategy Group (ESG). Gaps in readiness continue to make it difficult for many organizations to manage and recover from attacks.

Here are some of the statistics uncovered by ESG: 73% of organizations that experienced a ransomware attack in the past 12 months were negatively impacted. i.e., three quarters didn’t deal with it well.

Even in those organizations with big security budgets and mature security processes in place, 75% suffered significant operational disruption. These numbers call into question how organizations are defending themselves against ransomware via effective detection, prevention, mitigation, and recovery.

Bargaining with the Devil

Blackmail is one of those crimes that just won’t go away. If the victim pays, it is rare that the perpetrator doesn’t return again and again to extort yet more money. It is the same with ransomware.

According to ESG, 61% of those who paid a ransom were subjected to further extortion attempts resulting in extra payments being made on top of initial sums. The FBI’s warning never to pay a ransom clearly makes sense. You are striking a bargain with devil but paying a ransom. Yes, they said they would leave you alone, but:

  1. They usually want more money within a short time
  2. They often leave some malware inside your systems even when they provide you with decryption keys.

Among those meeting ransom demands, only 14% said they retrieved all their lost data. The only guarantee there is when paying a ransom is that more trouble from the same cybercriminals lies just over the horizon.

IT Skills Gap

Part of the reason why ransomware remains so potent is the difficulties organizations are experiencing with IT staffing. Many organizations just don’t have trained staff knowledgeable enough to effectively address the ransomware scourge. According to ESG, 45% admit to struggling to acquire or retain the skills needed to respond to ransomware breaches.

“Unfortunately, many organizations remain seriously under-prepared to effectively mitigate against the risks and impact of ransomware attacks,” said Christophe Bertrand, practice director at ESG. “This results in a significant number concluding they have no alternative but to pay ransom demands in the hope their data will be returned. Instead, leaders should be focusing on ransomware strategies that emphasize effective, rapid, and complete recovery.”

Finding The Right Kind of Help

With ransomware attacks growing in volume and severity and paying the ransom no longer a guarantee of recovering your data, organizations need all the help they can get in dealing with this ever-present danger.

Syxsense Enterprise provides comprehensive defense against ransomware that encompasses prevention methods, detection, and remedial action. It is the world’s first IT management and Unified Security and Endpoint Management (USEM) solution that delivers real-time vulnerability monitoring and instant remediation for every single endpoint in your environment.

This represents the future of threat prevention. Breaches can now be detected and remediated within one endpoint solution. It can scan for all vulnerabilities on any device, block communication from an infected device to the internet, isolate endpoints, and kill malicious processes before they spread. It can automatically prioritize and deploy OS and third-party patches to all major operating systems, as well as Windows 10 feature updates.

IT and security teams can use Syxsense Enterprise to collaborate on the detection and closing of attack vectors. It offers management, control, and security for any and all desktops, laptops, servers, virtual machines, and mobile devices.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||||

How Cloud Anarchy Leads to Insecurity

By BlogNo Comments

How Cloud Anarchy Leads to Insecurity

Cloud is getting crowded — that poses a problem in the IT security space and it's continuing to get worse.

The Issue of “Overclouding”

The scope of some cities in Asia boggles the mind. There are places in China you never heard of that are already bigger than Los Angeles, New York, or London. Seoul, Manila, Shanghai, and Delhi all have at least 25 million people in their metropolitan sphere. Tokyo metro is up to more than 37 million. Jakarta and Delhi are rapidly catching up. One of them may soon take over as the largest urban center in the world.

There are a great many advantages to urban living. Everything is close to hand, labor is available, and economies of scale can be generated. But if you have ever driven in any of these Asian cities or in LA, New York, Houston, or London for that matter, you will have been shocked by the volume of traffic. These cities are crowded. Commutes are long. Freeways are jammed. Gridlock is the norm. Crime tends to soar in dense urban settings.

The cloud is heading in a similar direction. Laura DiDio, an IT and security analyst at ITIC, notes that that the cloud is getting crowded. Public and hybrid cloud markets are hotter and more competitive than ever. 2022 will see $1.3 trillion in cloud spending, rising to $1.8 trillion by 2025 according to Gartner, outpacing non-cloud IT spending. DiDio predicts that hybrid cloud adoption will accelerate in the coming years. Thus, IT systems will continue to be split between internal and increasingly dispersed external cloud components.

The Issue of IT Security

That poses a big problem of security. ITIC’s 2022 Global Server Hardware Security survey found that businesses suffered an 84% surge in security incidents like ransomware, email phishing scams, and targeted data breaches over the last two years. Each successful breach has a financial cost of $4.24 million, according to the Ponemon Institute. The price tag has risen by 20% in the past two years. The problem has only gotten worse as organizations deploy more cloud services across multiple clouds and as they try to support a vast network of mobile and work-from-home employees.

Overclouding Multiplies Risk

More than half of all business malware is aimed at work-from-home employees using cloud applications. Like a modern, rapidly expanding and gridlocked city, “overclouding” greatly increases the risk of a security incident.

Inside many enterprises, IT struggles to stay on top of the scope and extent of the organization’s overall cloud footprint. Never mind staying in control; some IT departments have no idea how many cloud applications are being run from various parts of the enterprise.

With cloud apps being so accessible and traditional IT procurement practices being so time consuming, cumbersome, and bogged down in red tape, line of business heads have been taking matters into their own hands. They are signing up for SaaS, and other as-a-Service options in record numbers. This is a nightmare for security vendors. How can you track, monitor, and safeguard systems and applications if you are not even aware they are running, and don’t know on how many devices?

Relieving City Congestion

Massively congested cities like Jakarta and Cairo have come up with a novel solution to the overcrowding problem. They are building new capital cities. Egypt, for example, is close to completing its new administrative capital about 45 km east of Cairo to ease congestion and make it easier to conduct the business of government. Traffic was so bad that government meetings often failed to materialize. The new capital should solve that problem and make the administration of government smoother.

IT doesn’t have that option. Until a new, wholly secure internet is invented, security issues are a fact of life. Risk and threat lurk in every email, webpage, or connection to the cloud. The best approach is to up your security game.

The Syxsense Advantage

Syxsense Enterprise is the world’s first IT management and Unified Security and Endpoint Management (USEM) solution that delivers real-time vulnerability monitoring and instant remediation for every single endpoint in your environment. This represents the future of threat prevention.

Breaches can now be detected and remediated within one endpoint solution. It can scan for all vulnerabilities on any device, block communication from an infected device to the internet, isolate endpoints, and kill malicious processes before they spread. It can automatically prioritize and deploy OS and third-party patches to all major operating systems, as well as Windows 10 feature updates.

IT and security teams can use Syxsense Enterprise to collaborate on the detection and closing of attack vectors. It offers management, control, and security for any and all desktops, laptops, servers, virtual machines, and mobile devices.

 

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Syxsense Enterprise Unifies Endpoint Security and IT Management for Real-Time Vulnerability Monitoring and Remediation

By News, Press ReleaseNo Comments

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

IT Teams can now manage, detect, and secure all endpoints with 100% visibility across desktop, laptop, server, and mobile devices

 

ALISO VIEJO, Calif. – [May 3, 2022] – Syxsense, a global leader in IT and security management solutions, today announced Syxsense Enterprise™, the world’s first IT management and endpoint security solution that delivers real-time vulnerability monitoring and instant remediation for every endpoint across an organization’s entire network environment. Syxsense Enterprise combines Syxsense Secure, Manage, and Mobile Device Manager to deliver a completely unified platform that scans and manages all endpoints, resolves problems in real-time, and reduces the risks associated with system misconfigurations. This enables organizations to better predict, identify, and remediate vulnerabilities.

“As threats get more complex, it’s important that IT teams have consolidated solutions for IT management and endpoint security. Syxsense Enterprise is designed to give them a centralized cloud-based platform for scanning, patching, recognizing, and remediating vulnerabilities that could lead to attack or exploitation of endpoints,” said Ashley Leonard, Founder and CEO at Syxsense. “By offering our customers a unified cloud solution, we enable complete control over every endpoint device on the network so they can secure business-critical resources quickly and streamline security operations.”

Syxsense Enterprise is the industry’s first Unified Security and Endpoint Management (USEM) solution that addresses the three key elements of endpoint security – vulnerabilities, patch, and compliance. It layers on a powerful workflow automation tool called Syxsense Cortex™ that remediates and eliminates endpoint security weaknesses – all through a single cloud-based, drag and drop management interface, with hundreds of prebuilt workflows. This includes the ability to identify software vulnerabilities in both OS and 3rd party applications, misconfigurations from open ports, disabled firewalls, ineffective user account polices and more.

It also includes Syxsense’s recently launched Mobile Device Management (MDM) solution, which allows IT to manage devices running on iOS, iPadOS, and Android, in addition to previously supported Windows, Linux and Mac environments. Syxsense MDM includes all the tools necessary for Device Enrollment, Inventory and Configuration Management, Application Deployment and Rollback, Data Containerization, and Remote Device Lock/Reset/Wipe (making it possible for IT to wipe sensitive data from lost or stolen devices).

“As the market shifts to a hybrid workforce, the number of endpoints is growing exponentially, with corporate network connected mobile endpoints soaring,” said Charles Kolodgy, principal at advisory firm Security Mindsets. “The need to manage and secure an increasing number of endpoints, including desktops, mobile phones and other devices, is becoming more apparent every day as sophisticated threats grow exponentially. Syxsense Enterprise is offering a solution that solves the need to both secure and manage a vast collection of endpoints. The key is the ability to scan for vulnerabilities and patch without losing business continuity.”

The key features of Syxsense Enterprise include:

  • Vulnerability Scanning – Prevent cyberattacks by identifying scanning authorization issues, security implementation problems, and antivirus status.
  • Patch Everything – Automatically deploy OS and third-party patches to remediate all endpoint vulnerabilities inside the network and on roaming devices outside the network.
  • Prove Compliance and Device Health – Document patching with reporting for risk assessments, vulnerable devices, task summaries and more. And scan and prioritize patching relative to risk exposure.
  • Quarantine Devices – Block communication for an infected device, isolate endpoints, and kill malicious processes before they impact the network.
  • Control All Mobile Devices – Oversee devices remotely, silently push OTA configurations, applications, and policies from iOS to Android to Windows and more.
  • Collaborate with Ease – IT and security teams can now collaborate in a single console to identify and close endpoint attack vectors quickly.

For more details or to schedule a demo, visit: https://www.syxsense.com/gc-demo-syxsense

 About Syxsense

Syxsense is a leading provider of innovative, intuitive endpoint security and management technology that combines the power of artificial intelligence with industry expertise to help customers predict and remove security threats across all devices including mobile. Syxsense is the first unified security and endpoint management platform that centralizes the three key elements of endpoint security management (vulnerabilities, patch and compliance) and layers on a powerful workflow automation tool called Syxsense Cortex,™ all through a single cloud-based platform, enabling greater efficiency and collaboration between teams. The always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm. For more information, visit www.syxsense.com

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
Top 4 Cybersecurity Trends for 2022

Top 4 Cybersecurity Trends for 2022

By BlogNo Comments

Top 4 Cybersecurity Trends for 2021

There are a great many influences at work in the cybersecurity sector, and many security trends impacting organizations. Gartner recently listed seven key trends. But let’s narrow it down further. Here are four of the top trends at play:

Top Four Cybersecurity Trends for 2022  

There are a great many influences at work in the cybersecurity sector, and many security trends impacting organizations. Gartner recently listed seven key trends. But let’s narrow it down further. Here are four of the top trends at play:  

1. Expanded Attack Surface

Every day it seems, we hear about yet another breach, yet another zero-day vulnerability, yet another strain of ransomware. The reality is that enterprise attack surfaces are expanding. This may appear to be old news. But attack surfaces are continuing to expand, and the pace of that expansion is accelerating.

As more digitalization takes root, the Internet of Things (IoT) gains momentum, and mobility/remote platforms grow more sophisticated, it becomes tougher and tougher for IT to know what it is they are supposed to safeguard. The concept of protecting the data center and anything within the corporate firewall has been muddied by a multitude of risks. Whether it is a tighter union between IT and facility systems, a greater reliance on the cloud and open-source code, or the labyrinth that social media has become, it is harder to control enterprise assets. Thus, organizations must be more vigilant than ever and ensure their systems are fully patched so they will be able to detect anomalous behavior that may indicate a new encroachment or vulnerability.   

“Organizations worldwide are facing sophisticated ransomware, attacks on the digital supply chain and deeply embedded vulnerabilities,” said Peter Firstbrook, an analyst at Gartner. “The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise – all while dealing with a shortage of skilled security staff.” 

2. Supply Chain Exposure  

Supply chains were never easy to manage. But these days, they have turned into a nightmare. The free flow of goods from manufacturers in Asia and elsewhere has been interrupted. Ships are stuck in long backlogs at ports, and truck-based freight has been delayed due to new regulations and driver shortages. The conflict in Ukraine is going to do more than send oil and gas prices soaring. Russia and Ukraine are major producers of commodities like fertilizer and wheat. Those supplies are now shut off and the food supply of many nations is going to suffer badly as a result.  

Within IT, chips, cabling, and servers are in short supply. At the same time, digitalized supply chains are under attack. The SolarWinds and Kaseya breaches highlighted the repercussions of being able to hack a provider of digital services to a large number of enterprises. Why insert malicious code in one victim at a time, when you can infiltrate the systems of a provider whose software is downloaded by a large number of sites? It’s no wonder that Gartner predicts that by 2025, 45% of organizations will experience attacks on their software supply chains.  

What is to be done? Clearly, vulnerability scanning and threat monitoring efforts must be stepped up to catch incursions and strange behavior at the earliest possible point.  

3. Identity Theft  

Just as ransomware attackers are going after providers such as SolarWinds instead of individual organizations, those engaged in identify theft have upped their game. Yes, they still are happy to catch phishing victims randomly across the organization. But what they are really after are administrative privileges and executive/finance credentials. That’s why they are targeting identity and access management (IAM) infrastructure. They might start small, gain a user login, and then sit quietly for a while they reach up higher into the hierarchy. Credential misuse, therefore, has become a primary attack channel. Multifactor authentication and the improvement of password management can help organizations reduce the chances of a high-level identity breach.  

4. Human Error  

Gartner noted that human error continues to be a factor in many data breaches. Whether through clicking on malicious links or attachments, or leaving passwords on sticky notes in employee cubicles, human error is on the rise. Comprehensive security awareness training is a key aspect of defense against such errors. By educating employees on how to avoid falling victim to phishing scams and how to protect their passwords, the frequency of incursions can be greatly reduced.  

That said, compromised credentials and human error are inevitable. That’s why an automated patch management and vulnerability scanning system is vital. By deploying software updates, plugging security holes, and regularly scanning for signs of malicious behavior, Syxsense provides an extra layer of protection against stolen credentials and the repercussions of human error. In a world where the attack surface has expanded and danger lurks across the software supply chain, Syxsense provides a way to keep systems free from ransomware and malware.  

||

Why IT Security Must Become More Automated

By NewsNo Comments

Why IT Security Must Become More Automated

IT automation needs to be stepped up in order to make real process, alleviate workloads, and prevent burnout.

[vc_empty_space]
[vc_single_image image=”365698″ img_size=”full”]

The Case for IT Automation

There was a time when manual security and manual IT tasks were workable. But that day passed a long time ago. Yet many in IT and security find themselves still trawling through logs, conducting manual triage of security events, or burdened by grunt work.

That’s why areas such as machine learning, Artificial Intelligence (AI), Security Information and Event Management (SIEM), and threat intelligence are so popular of late. They promise to bring a greater degree of automation to IT. And they give security personnel hope that their days of manual drudgery may be coming to an end.

But automation in IT and security has a long way to go. IT staff are still overworked, often having to work evening and weekends with no end in sight. A 2019 survey from the Ponemon Institute found that 73% of organizations said they were experiencing burnout due to an increasing workload that made working in a security operations center (SOC) painful. Most respondents to the survey at that time felt that automation of workflows would be the most beneficial measure to alleviate the pain.

Two years on, the situation in IT and security is little changed. Yes, there is more automation. But also, the sheer volume of work placed upon fewer shoulders, coupled with the rise of malware and ransomware, means that the implementation of automation has done little more than prevent the manual work burden from increasing.

Automation needs to be stepped up markedly in order to make real process, alleviate workloads, and prevent burnout.

Automating Patch Management

Let’s take a look at one area where automation has made real progress – patch management.

Patch management is one of those simple basics, that if properly used, could drastically reduce the likelihood of a cyberattack. Yet it is applied sloppily in too many enterprises.

Just about all users have seen automatic Windows updates. You leave your system online and updates are implemented automatically. That same level of automation can be applied to across the enterprise to patches from a large number of vendors.

With hundreds or even thousands of endpoints to manage, lack of automation can delay the implementation of a critical patch. It saves time if IT does not have to formulate scripts, hop from one screen to another, or manually push out patches to various destinations.

The best patch management solutions provide drag-and-drop features, as well as automation of processes and multistage tasks: for example, automating a sequence such as patching VM guests and rebooting them, then patching their host, and performing a separate reboot. Syxsense operates in this way.

How to Make Patching More Efficient

Beyond the automation of actual patch deployment, there are many other ways to add automation and efficiency to patching processes. Consider just how fast cybercriminals move. When a new point of weakness is discovered, word spreads rapidly around the dark web. There is no time to lose in installing patches.Yet delays in testing and distributing patches are not uncommon.

IT often falls behind in reviewing patches from a great many application providers. Or laborious testing requirements act as a severe bottleneck for patch deployment. The result is weeks and often months before an important patch is ever deployed. Some organizations never seem to get round to it. Patches need to be tested and distributed within a few hours of their release. The turnaround time at Syxsense is three hours.

Another situation that can crop up is rigid automation. The organization works on a first in, first out system for patches. It receives a patch from Vendor X. It takes a certain number of weeks to process, test, and approve Patch A. By the time it is ready to go, Vendor X has released two more patches (B & C).

Oftentimes, Patch C not only addresses the latest bug, it also fixes, as well bugs A & B. Yet procedure can dictate that Patch A isn’t implemented for many months while the organization cogs are turning to deploy it then laboriously approve and deploy Patch B and finally Patch C.

IT Automation and Patching with Syxsense

Syxsense uses what is known as patch supersedence to avoid such delays. It detects and automatically deploys the most important patch and avoids rolling out Patch A when Patch C is the more comprehensive fix. Additionally, Syxsense lets you easily manage unpatched vulnerabilities with the click of a button.

Find yourself a patching solution with built in efficiency and automation.

[vc_single_image image=”331859″ img_size=”full” css=”.vc_custom_1613682412229{padding-right: 200px !important;padding-left: 200px !important;}”]

Start Your Free Trial of Syxsense

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

The List of Breaches Lengthens: McDonald’s, Volkswagen and Audi

By Blog, NewsNo Comments

The List of Breaches Lengthens: McDonald’s, Volkswagen and Audi

Several new high-profile breaches from McDonald's, Volkswagen and Audi are making headlines. What can we learn from the cyberattacks?

[vc_empty_space]
[vc_single_image image=”365475″ img_size=”full”]

High-Profile Corporate Breaches Making Headlines

Hardly a day goes by, it seems, without another high-profile victim of hacking being exposed. The latest ones are McDonald’s, Volkswagen, and Audi.

The McDonald’s breach took place in South Korea and Taiwan. Customer and employee information was exposed such as e-mails, phone numbers, and delivery addresses. No payment information was compromised, according to the company. The exact number of records involved was not mentioned, but it was not said to be large number.

That wasn’t the case with a breach of the systems of carmakers Volkswagen and Audi. 3.3 million recorded were impacted. These comprise a database of buyers and prospects between 2014 and 2019, 95% in the United States and the rest in Canada.

The worrying aspect is that this data was left online and unprotected for a period sometime between 2019 and 2021. That’s a lengthy window for confidential data to be unsecured. The attack vector has been traced to another vendor, but the exact method of breach has not been revealed.

In this case, the data leaked is far more severe: Names, addresses, email, phone, and vehicle ID, make, model, year, and color. To make matters worse, purchase and lease eligibility financial data was also compromised. This consists of driving license numbers, dates of birth, Social Security numbers, account or loan numbers, and tax identification numbers.

Those individuals impacted by the exposure of this sensitive information could becomes victims of identify theft. The companies are offering free credit monitoring to those concerned.

Breaches Will Happen

This latest rash of announcements from McDonald’s, Audi, and VW followed statements from the likes of VMware, Adobe, Microsoft, and many others. And, of course, we have recent ransomware victims such as Colonial Pipeline and meat processor JBS.

The obvious conclusion from these announcements is that breaches can and will happen. They are inevitable. Therefore, organizations need to devise a two-pronged strategy to deal with them.

How to Manage Breaches

  1. Figure out what they are going to do to mitigate the impact of a breach, root out any remaining malware, deal with ransom demands, and be able to recover and resume service in a timely manner.
  2. Step up preventive measures to detect potential threats, spot strange traffic, and other anomalies, scan for vulnerabilities, and in general do all that can be done to minimize the chances of attack.

For 2 above, there are a great many standard security tools that should be deployed. These include IDS/IPS, threat intelligence, SIEM, AV, anti-malware, access control, and more. What should be well understood is that the bad guys tend to follow the line of least resistance.

Just as muggers look for people walking alone at night in a deserted area, hackers prefer to attack organizations that have a poor security perimeter, an outdated IT infrastructure, and most importantly, unpatched systems. They actively send bots around looking for such low-hanging fruit. Once found, they can easily enter and cause havoc.

Therefore, it is vital to always patch your systems. In many ways, this should be top of the list of immediate actions to take to greatly reduce the chances of attack. Perhaps one day we will see a court room drama play out where the defendant claims he took every precaution to prevent a cyberattack.

The prosecutor leans forward suspiciously and says, “But did you ensure that all critical patches were up to date using an automated patch management platform?”

“IT is undermanned, so we had months of undeployed patches that we intended to get to eventually.”

Prosecutor: “I rest my case.”

Judge: “Guilty!”

How Syxsense Can Help

Syxsense provides that first line of defense against cyberattack by automating the patching of all systems. Systems are continually breached due to well-publicized patches not having been deployed across the network.

Syxsense combines IT managementpatch management, and security vulnerability scanning in one powerful solution.

Syxsense Cortex simplifies complex IT and security processes with a drag-and-drop interface. Pre-built templates keep organizations secure and without needing large teams, specialists, or scripting.

[vc_single_image image=”331859″ img_size=”full” css=”.vc_custom_1613682412229{padding-right: 200px !important;padding-left: 200px !important;}”]

Start Your Free Trial of Syxsense

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]