Skip to main content
Tag

Endpoint Security

Analyst Insights: Strengthening Security Posture

By Endpoint Security, Video, WebinarsNo Comments

In this webinar, we have Dave Gruber, Principal Analyst at Enterprise Strategy Group, Gabe Kanuth, Senior Analyst at Enterprise Strategy Group, and Ashley Leonard, CEO and founder of Syxsense. These industry experts will discuss strengthening your security posture through the convergence of endpoint management and security.

Syxsense is the leading provider of innovative, intuitive technology that sees all and knows everything about every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. It combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen.

The Syxsense Endpoint Security Cloud always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm.

Securing Your Cyber Kill Chain Part 2

By Endpoint Security, Masterclass, VideoNo Comments
syxsense Masterclass

Understanding how to secure your cyber kill chain is critical to protect your network from attacks. Click to hear from Rob Brown, Chief Customer Success Officer at Syxsense and Graham Brooks, our Director of Threat Lab, as they discuss the WannaCry cybersecurity attack through the lens of the Cyber Kill Chain, giving new perspective to vulnerability and endpoint management.

You’ll learn:

  • How do you establish your attack surface.
  • How to hunt down specific vulnerabilities.
  • How to kill vulnerabilities.

If you missed Part 1: The Cyber Kill Chain, click here to watch.

The Cyber Kill Chain Part 1

By Endpoint Security, Masterclass, VideoNo Comments
syxsense Masterclass

The Cyber Kill Chain is a great way to see how an attacker will take hold of your network. Sit down with Rob Brown our Chief Customer Success Officer and Graham Brooks our Director of Threat Lab as they break down the steps of an attack and help you to make sure you are prepared.

To watch Part 2: Securing Your Cyber Kill Chain, click here.

6 Vulnerabilities That You Should Be Remediating Right Now

By Endpoint Security, Masterclass, VideoNo Comments
syxsense Masterclass

Email phishing scams are a common initial entry point, but are you considering other attack vectors in your environment? Once someone has a foothold on one device, there are many other areas of vulnerability companies do not think about. Sit down with Rob Brown our Chief Customer Success Officer and Graham Brooks our Director of Threat Lab as they discuss the main areas you need to be inspecting for vulnerabilities. The goal of this masterclass is to create actionable takeaways for you to start using today in your business now.

Managing the Endpoint Vulnerability Gap: Key Findings

By Endpoint SecurityNo Comments

Syxsense is pleased to be a sponsor of Enterprise Strategy Group’s latest survey on the Endpoint Management Vulnerability Gap. Respondents of this survey included IT and cybersecurity professionals involved with endpoint management and security technologies and processes. These professionals work for companies with 100 employees or more and cover a variety of industries.

The objectives of this research are to:

  • Identify challenges, strategies and trends in endpoint management and security
  • Determine if and how endpoint management and security functions and systems are converging
  • Highlight opportunities for improving endpoint management and security fueled by functional convergence

Fill out the form below to get your copy of the eBook.

6 Rules for Securing Your Endpoints

6 Simple Rules for Securing Your Endpoints

By Patch ManagementNo Comments

6 Simple Rules for Securing Your Endpoints

It's never been more critical to manage and secure your endpoints. Here are six important rules for protecting your organization from IT security threats.

1. Always Be Patching

Managing software updates—and specifically patching endpoints—secures your organization from known threats. The appearance of new endpoint types—such as Internet of Things (IoT), Bring Your Own Device (BYOD), and other operating system and software vulnerabilities—requires countless patches. Always be patching if you want to stay ahead of the bad actors.

2. Seek Out All Endpoints

Think about your company’s network—how many devices are out there? Is the number of staggering? You had better give it some thought, because endpoints account for the vast majority of security breaches—estimates put the number at about 70 percent. And if you don’t know you have them, you can’t secure them.

3. Stay Current

You must adapt to the increasing complexity of hackers and their cyberattacks. Bad actors never sleep—they continually work to improve their cyberattacks, constantly evolving the threat landscape. Your organization, therefore, must deploy endpoint security solutions that will keep up with the deluge of malware that can be expected in the future.

4. Be Resilient

Experts suggest that companies must aim to be resilient, assuming that breaches are inevitable. Since endpoints are said to account for about 70 percent of all breaches, being able to find and fix an attack at an endpoint while continuing to operate your business effectively is the key to resilience. A threat or breach to an endpoint must not be allowed to demobilize your entire business.

5. Be Strategic

Many organizations have an inconsistent approach to endpoint security. Companies, today, must manage endpoint security strategically and begin to fully comprehend the risks associated with all endpoints. Not doing so can result in inadequacies in processes and procedures leaving endpoints open to attack and breaches.

6. Make It a Priority

Overall, endpoint security and cybersecurity need to become a priority in your organization’s business plans. Endpoint security doesn’t just protect your business—it preserves your reputation, reassures your customers, and streamlines your business processes. Without the necessary prioritization that cybersecurity demands, your endpoint security will most likely fail.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

Syxsense Shines at the Stevies’ 2022 American Business Awards

By NewsNo Comments

Syxsense Shines at the Stevies’ 2022 American Business Awards

Syxsense has been honored at the Stevies’ 2022 American Business Awards across two categories.

Syxsense Honored at Stevies’ Awards

We’re excited to announce that Syxsense has been honored at the Stevies’ 2022 American Business Awards across two categories, highlighting our unique approach to unified endpoint security and IT management. This prestigious awards program recognizes the achievements and positive contributions of organizations and working professionals worldwide.

Syxsense Secure placed Silver in the Best Endpoint Security Management Solution category, with one judge calling it a “user-friendly solution to IT security management.” Another lauded Secure for its “promising customer reviews and performance metrics.”

Additionally, the Bronze for Best Emerging Technology went to Syxsense Cortex. Several judges praised Cortex, calling it one of the “better products they’d seen,” and shined a spotlight on its various features:

“The videos were beneficial to get a sense of the product. The product reviews are amazing… The workflow building and drag-and-drop UI helps differentiate the solution and move from IT administration to the emerging trend of IT orchestration.”

More than 3,700 nominations from organizations of all sizes and in virtually every industry were submitted this year for consideration in a wide range of categories. Over 230 professionals worldwide participated in the judging process to select this year’s winners.

To learn more details about the Stevies’ American Business Awards and see the complete list of 2022 winners can be found here.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

President Warns of Russian Cyberattacks and Demands Greater Cybersecurity Preparedness

By Blog, NewsNo Comments

President Warns of Russian Cyberattacks and Demands Greater Cybersecurity Preparedness

President Biden issued a warning this week about the likelihood of attacks on U.S. government and corporate targets emanating from Russia.

Russian Cyberattacks on the Rise

President Biden issued a warning this week about the likelihood of attacks on U.S. government and corporate targets emanating from Russia.

“This is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience. I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook. Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks,” he said.

Earlier announcements had mainly been about bolstering the cybersecurity profile of governmental agencies. However, this message took a different tone. It focused on the need for private organizations to increase their level of alertness and cybersecurity preparedness.

“But the Federal Government can’t defend against this threat alone,” said the President. “Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors. If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year.”

CISA Issues Urgent Cybersecurity Alert

Just before this announcement, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a Shields Up alert that included mitigation guidance for any suffering an attack, as well as laying the best practices noted by the President.

Such best practices include keeping patches up to date and scanning network and devices regularly for any signs of malicious or anomalous behavior.

As CISA said among its key guidelines:

  • Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.
  • Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.

Unfortunately, too many businesses either neglect these functions or let them fall behind. In a great many breaches, attackers take advantage of known vulnerabilities that organizations have failed to patch. In many other attacks, the signs of incursion are not difficult to spot. Yet absent or inadequate scanning fails to uncover them.

No one wants to experience a cyberattack. That is why it is so important to scan constantly for vulnerabilities and keep patches up to date. Syxsense is the only product that combines automated patching, vulnerability scanning, and IT management.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||||||

Syxsense Changes Game with Introduction of New Mobile Device Management Solution

By News, Patch TuesdayNo Comments

Syxsense Changes Game with Introduction of New Mobile Device Management Solution

Syxsense's MDM solution broadens the reach of IT managers to mobile devices running iOS, iPadOS, and Android.

Mobile Device Management Added to Syxsense

ALISO VIEJO, Calif., March 29, 2022 /PRNewswire/ –– Syxsense, a global leader in IT and security management solutions, announced today the availability of their solution for Mobile Device Management (MDM).

Available immediately, the MDM solution from Syxsense is the first solution on the market that broadens the reach of IT managers to now include mobile devices running iOS, iPadOS, and Android, in addition to previously supported Windows, Linux and Mac environments.

The ongoing trend of remote and hybrid work models has increased the criticality of bringing mobile devices under the umbrella of IT managed security, both company issued as well as BYOD (bring your own device.) MDM is now recognized by analyst firm Gartner as a key requirement of an effective Unified Endpoint Management (UEM) strategy, which has seen a surge in investment recently. Gartner writes “UEM investment has grown in response to the greater acceptance of remote working and the requirement to manage, patch and support Windows 10 and macOS PCs as well as mobile devices, regardless of location.”

Syxsense’ MDM offering includes all the tools necessary to apply effective management to mobile endpoints, including Device Enrollment, Inventory and Configuration Management, Application Deployment and Rollback, Data Containerization, and Remote Device Lock/Reset/Wipe, making it possible for IT to wipe sensitive data from lost or stolen devices.

“The Syxsense approach of unifying management of all IT devices into a single console that spans device management, device security and vulnerability remediation, has resonated with our customers, and is the catalyst for our recent explosive growth,” explains Ashley Leonard, founder and CEO of Syxsense. “This industry-first ability to now manage mobile devices within the same platform and methodology as other IT assets has been hugely popular with our early adopters.”

Syxsense Mobile Device Management is available as an add-on module to Syxsense Secure, which already includes management and security tools for servers, desktops, laptops, and virtual machines. It will also be included in an upcoming release of a bundled offering targeted at enterprise customers who wish to manage the broad scope of their IT devices from within a single console.

Other Included Features

Syxsense has also released updates to their existing offerings to now provide integration with Active Directory (AD) allowing IT managers to manage on-premise AD devices from the cloud. Syxsense discovers devices as they are added to OUs (organizational units) and automatically applies the appropriate policies.

This union of Syxsense Cortex™ and AD enables cradle to grave lifecycle management based on OU membership, rather than having to manually apply tasks to new devices and is a huge time saver to the IT team.

Newly updated Syxsense Manage is now also the first patch management product on the market that offers active Patch Tuesday scheduling for phased deployments. The recurring windows are set relative to the moving target of the second Tuesday, making it easy to deploy new content automatically. Missing a deployment of Microsoft’s recommended patches is a major factor in unprotected or under-protected environments and leaves the door open for attack.

Syxsense products support iOS, iPadOS, Android, Windows Servers, Windows Desktop, MacOS devices, and a variety of Linux distributions, now also including the enterprise-friendly Rocky Linux.

Information and pricing on these new Syxsense products is available on the Syxsense website. Qualified customers are also able to schedule a personalized demo of the existing products and the new MDM module, and receive a $100 gift card in return, by registering here.

More Information

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

WhisperGate and HermeticWiper: Critical Public Aware Vulnerabilities

By BlogNo Comments

WhisperGate and HermeticWiper: Critical Public Aware Vulnerabilities

WhisperGate, a new malware, is being used to target organizations in Ukraine and companies with connections to the country.

WhisperGate Malware Is Targeting Ukraine

The Microsoft Threat Intelligence Center (MSTIC) has disclosed that malware known as WhisperGate is being used to target organizations in Ukraine and companies with connections to the country. According to Microsoft, WhisperGate is intended to be destructive and designed to render targeted devices inoperable.

Additionally, several cybersecurity researchers disclosed that malware known as HermeticWiper was being used against organizations in Ukraine. According to SentinelLabs, the malware targets Windows devices only by manipulating the master boot record resulting in subsequent boot failure.

These attacks are not intended to be used to extract a ransom, but to cause the maximum IT outage possible in an organization, by turning all devices into expensive door stops.

The National Cyber Security Centre in the UK are not aware of any current specific threats to UK organizations in relation to events in and around Ukraine, but there has been a historical pattern of cyberattacks on Ukraine with international consequences.

Threat actors have deployed destructive malware, including both WhisperGate and HermeticWiper against organizations in Ukraine to destroy computer systems and render them inoperable.

A joint Cybersecurity Advisory (CSA) between the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) provided information on WhisperGate and HermeticWiper malware as well as open-source indicators of compromise (IOCs) for organizations to detect and prevent the malware.

This data has been provided to help secure the maximum number of organizations around the world.

Identifying WhisperGate

The following payloads are used to both infect and launch the WhisperGate attack. These are files which have known file hashes.

Even if the file name has changed, Syxsense can still detect this threat and keep your endpoints secure. The infection comes in 2 parts, first a stage file is copied to the PC which then launched stage 2 which causes the end result.

Name File Category File Hash
WhisperGate stage1.exe a196c6b8ffcb97ffb276d04f354696e2391311db3841ae16c8c9f56f36a38e92
WhisperGate stage2.exe dcbbae5a1c61dbbbb7dcd6dc5dd1eb1169f5329958d38b58c3fd9384081c9b78

Identifying HermeticWiper

Any of the following payloads could be used to both infect and launch the HermeticWiper attack. These are files which have known file hashes, even if the file name has changed Syxsense can still detect this threat.

Similar to WhisperGate, these are files delivered initially as a Trojan, and from there it downloads and launches the sophisticated attack.

Name File Category File Hash
Win32/KillDisk.NCV Trojan 912342F1C840A42F6B74132F8A7C4FFE7D40FB77
61B25D11392172E587D8DA3045812A66C3385451
HermeticWiper Win32 EXE 912342f1c840a42f6b74132f8a7c4ffe7d40fb77
HermeticWiper Win32 EXE 61b25d11392172e587d8da3045812a66c3385451
RCDATA_DRV_X64 ms-compressed a952e288a1ead66490b3275a807f52e5
RCDATA_DRV_X86 ms-compressed 231b3385ac17e41c5bb1b1fcb59599c4
RCDATA_DRV_XP_X64 ms-compressed 095a1678021b034903c85dd5acb447ad
RCDATA_DRV_XP_X86 ms-compressed eb845b7a16ed82bd248e395d9852f467
Trojan.Killdisk Trojan.Killdisk 1bc44eef75779e3ca1eefb8ff5a64807dbc942b1e4a2672d77b9f6928d292591
Trojan.Killdisk Trojan.Killdisk 0385eeab00e946a302b24a91dea4187c1210597b8e17cd9e2230450f5ece21da
Trojan.Killdisk Trojan.Killdisk a64c3e0522fad787b95bfb6a30c3aed1b5786e69e88e023c062ec7e5cebf4d3e
Ransomware Trojan.Killdisk 4dc13bb83a16d4ff9865a51b3e4d24112327c526c1392e14d56f20d6f4eaf382

Increase Your Endpoint Security with Syxsense

Using the power and intelligence of the vulnerability scanning engine within Syxsense Cortex, you can detect these malicious threats before it damages your devices.

You may configure the actions to keep your environment safe, such as simply deleting the file or to completely isolate the device from the network — this can stop a widespread attack in its tracks.  You decide on the risk you are prepared to take!

These can be found within the extensive library of security scripts under “WhisperGate” and “HermeticWiper.”

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo