Skip to main content
Tag

Syxsense Secure

||

Why Endpoint Detection and Response is Getting Harder in 2020

By Patch ManagementNo Comments

Why Endpoint Detection and Response is Getting Harder in 2020

As the severity of cyberthreats increases, the demand for endpoint detection and response solutions across the globe is growing.
[vc_empty_space]
[vc_single_image image=”36847″ img_size=”full”]

The demand for endpoint detection and response solutions across the globe is currently quite strong, with no signs of slowdown any time soon: Recent research by London-based firm Technavio predicts that the market for this type of cybersecurity software will grow by $7.67 billion between 2020 and 2024, representing a compound annual growth rate of 10%.

Why such robust growth in this space? The answer is both simple and unfortunately discomforting. It’s becoming more difficult for businesses, government departments and other organizations to feel secure with the endpoint protections they have in place.

No wonder, given that the severity (and sheer number) of cyberthreats out there is constantly growing. Today, we’ll take a look at what challenges organizations aiming to bolster the effectiveness of their information security may face — and how they might be able to overcome such hurdles.

More Devices = More Potential Weaknesses

Analysis from the researchers at Gartner projected in August 2019 that there would be 5.8 billion open endpoints to the internet of things around the world by the end of the following year: a 21% uptick from 2019’s number.

There’s no denying the utility and communicability that the IoT fosters for so many, but while marveling at those positive attributes you must also note the risks it poses. As the number of endpoints increases across your network — both inside and outside of the IoT realm — so do the potential points of weakness.

In fact, Infosecurity magazine reported in October 2019 that there had been more than 100 million attacks on IoT-connected devices in the first half of that year. Applications run on such devices can be particularly vulnerable.

According to TechRadar, facing up to the security threat represented by IoT device proliferation requires use of an endpoint security solution that can offer comprehensive visibility of all internal and external vulnerabilities. This vigilance must be constant and in real time.

Mounting Danger of New and Established Cyberthreats

IoT-focused cyberattacks, while relatively new in the cyberthreat landscape, have already done plenty of damage, with Wired citing the Mirai and Reaper botnet attacks of 2016 and 2017, respectively, as major examples of such malicious campaigns. The latter of those infected more than 1 million networks. The new versions of the threats coming through IoT endpoints will have the ability to be even more devastating, manifesting as complex dedicated denial of service attacks.

Other attack styles that are even more well-established, like phishing, are becoming even more dangerous in similar ways, according to Security Boulevard. Malicious actors have diversified and variegated the former’s capabilities so that these social engineering scams are no longer confined to emails that are relatively easy to detect: They can be deployed via text messages and even phone calls. AI plays a significant role here, as hackers are using it to mimic an organization’s in-house jargon and speech and thus make phishing expeditions harder to discover.

Last but not least, ransomware looks to pose a more grave threat than ever before. The extortionists using this malware saw plenty of success in 2019, attacking local governments all over the U.S., including Atlanta, Baltimore and New Orleans.

In one particularly brazen, widespread attack, hackers simultaneously hit the municipal networks of 22 Texas cities and towns, disabling countless web-based civic services and operations.

Although not all of those attacks netted hackers the ransom sums they demanded, the disturbing effectiveness of such efforts has likely emboldened cyber attackers, so bigger and more devastating ransomware campaigns are surely on the horizon for 2020. The same is almost certainly true for IoT-based and social engineering attacks. Only the strongest, most versatile threat detection and solutions will be capable of meeting major cyberthreats head-on, be they new attack types or updated versions of old standbys.

The Need for Quicker Responses to Threats

Opinions vary on how long it takes cyber attackers to breach a target that they’ve picked to bear the brunt of their hacks. Some say it falls between 15 and 10 hours, while others consider it more a matter of minutes, according to TechTarget. Either way, that’s an effectively minuscule time frame.

In an interview with Dark Reading, Dan Basile, executive director of security operations at Texas A&M University, noted that it while it’s ideal to find cyberthreats before they can do any harm — like removing a tumor before cancer metastasizes uncontrollably — this perfect-world plan of action isn’t always possible. Therefore the focus switches to quickly directing infosec defenses at a detected threat before permanent damage occurs. EDR needs to be a part of a quick-response strategy, along with application firewalls, network traffic analysis and other systems.

EDR Can’t Do It Alone

That last sentence in the section above represents another key point: EDR is (and will continue to be) more difficult if you expect it to carry the weight of all infosec responsibilities on its own. It must be deployed in concert with firewalls, encryption, multi-factor authentication, threat hunting and other tools. The support of an organizational culture aware of and focused on the gravity of contemporary cybersecurity threats is also essential.

Choosing Syxsense as your EDR solution gives businesses a considerable head start on their journey to crafting a reliably secure environment for your digital assets. Coupled with our comprehensive managed IT and patch management services, Syxsense can provide your organization the peace of mind it deserves. Contact us today to learn more or sign up for a free trial.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

December Patch Tuesday Fixes Actively Exploited Zero-Day

By Patch Management, Patch TuesdayNo Comments

Microsoft’s December 2019 Patch Tuesday Fixes Actively Exploited Zero-Day

The final Patch Tuesday of the decade fixes 36 vulnerabilities, including 7 that are rated "Critical."
[vc_empty_space]
[vc_single_image image=”35985″ img_size=”full”]

What’s in December’s Patch Tuesday Update?

Microsoft has given users an easier holiday season by releasing only 36 updates today. There are 7 Critical, 28 Important and 1 Moderate updates to deal with.

If you’re counting the small number of patches, that would appear to be accurate, however, underneath this list is a number of updates you should be very concerned about.

Hello XP, My Old Friend

Can it be true? Yes, in fact—an important Remote Desktop Protocol vulnerability for Windows XP has been identified (CVE-2019-1489) in this release. The problem is that updates are not actually available for this operating system as it became end of life in 2014.

Robert Brown, Director of Services for Syxsense said. “Windows XP is still in used today, many organizations which use legacy software or hardware that only supports this operating system should pay particular attention. One of the attacker’ favorite methods of entry is via the Remote Desktop Protocol. If your organization is large enough, please take all reasonable steps to protect your environment.”

CVE-2019-1458 has been released to solve a bug which is being weaponized! This vulnerability should be treated as an ‘Out-of-Band’ as it impacts Windows 7 onwards and has no known countermeasure to mitigate your risk. This type of vulnerability has regularly appeared throughout this year, so patch this as soon as possible.

Not Critical Severity, But Still High Priority

CVE-2019-1476, CVE-2019-1477, CVE-2019-1478, CVE-2019-1483, CVE-2019-1484, CVE-2019-1453, CVE-2019-1485 and CVE-2019-1384 have only been ranked as Important by Microsoft, however the independent CVSS Score has ranked these between 7.5 and up to 7.8 which would indicate these are important enough to prioritize.

Based on those CVSS scores, they rank alongside some of Critical ones ranked by Microsoft.

New Adobe Updates

Adobe released a record number of 25 updates for Adobe Reader, Bracket, Fusion and Photoshop. Adobe Reader has the bulk of these fixes however Photoshop and Fusion contain the Critical updates. Both Syxsense and Adobe recommend these Critical updates be deployed within the next 7 days.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

December 2019 Patch Tuesday Update

Based on the vendor severity and CVSS score, we have made a few recommendations for what to prioritize this month.

 

CVE Ref. Description Vendor Severity CVSS Base Score Counter-measure Publicly Aware Weaponised Syxsense Secure Recommended
CVE-2019-1458 Win32k Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2019-1468 Win32k Graphics Remote Code Execution Vulnerability Critical 8.4 No No No Yes
CVE-2019-1471 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.2 No No No Yes
CVE-2019-1476 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1477 Windows Printer Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1478 Windows COM Server Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1483 Windows Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2019-1484 Windows OLE Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2019-1453 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability Important 7.5 No No No Yes
CVE-2019-1485 VBScript Remote Code Execution Vulnerability Important 7.5 No No No Yes
CVE-2019-1349 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1350 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1352 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1354 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1387 Git for Visual Studio Remote Code Execution Vulnerability Critical TBA No No No Yes
CVE-2019-1470 Windows Hyper-V Information Disclosure Vulnerability Important 6 No No No
CVE-2019-1465 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1466 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1467 Windows GDI Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1469 Win32k Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1472 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1474 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1480 Windows Media Player Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1481 Windows Media Player Information Disclosure Vulnerability Important 5.5 No No No
CVE-2019-1488 Microsoft Defender Security Feature Bypass Vulnerability Important 3.3 No No No
CVE-2019-1332 Microsoft SQL Server Reporting Services XSS Vulnerability Important TBA No No No
CVE-2019-1400 Microsoft Access Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1461 Microsoft Word Denial of Service Vulnerability Important TBA No No No
CVE-2019-1462 Microsoft PowerPoint Remote Code Execution Vulnerability Important TBA No No No
CVE-2019-1463 Microsoft Access Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1464 Microsoft Excel Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1486 Visual Studio Live Share Spoofing Vulnerability Important TBA No No No
CVE-2019-1487 Microsoft Authentication Library for Android Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1489 Remote Desktop Protocol Information Disclosure Vulnerability Important TBA No No No
CVE-2019-1490 Skype for Business and Lync Spoofing Vulnerability Important TBA No No No
CVE-2019-1351 Git for Visual Studio Tampering Vulnerability Moderate TBA No No No

Verismic Software Launches Rebrand to Syxsense and New Product Offerings, Reinforcing its Mission to Strengthen Endpoint Security

By News, Press ReleaseNo Comments

Verismic Software Launches Rebrand to Syxsense, Reinforcing its Mission to Strengthen Endpoint Security

[vc_empty_space]
[vc_single_image image=”35306″ img_size=”full”]

The New Name, Syxsense, Expresses Company’s Focus on Protecting the Endpoint with Powerful AI-enabled Solutions That “Know All”

ALISO VIEJO, Calif. (November 4, 2019) – Verismic Software, a global leader in IT- and security-management solutions, announced today a comprehensive rebranding and repositioning of its products and messaging. This major initiative makes Syxsense the world’s first IT and security-solution provider to offer patch management, vulnerability scans, and Endpoint Detection and Response (EDR) capabilities in a single console.

Syxsense has created innovative and intuitive technology that sees-–and knows—everything, making it able to secure every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. Artificial intelligence (AI) helps security teams predict and root out threats before they happen—and to swiftly make them disappear when they do.

“Syxsense combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen,” commented Ashley Leonard, CEO of Syxsense.

“By owning an IT management tool, IT professionals can patch to reduce the risk of a problem,” Leonard continued. “By owning an EDR tool, you can monitor a breach and quarantine a device. By combining both, Syxsense allows IT and security teams to eliminate many breaches by patching, track and quarantine potential breaches, and then remediate the environment after a security event—all in real-time.”

At the heart of the rollout is Syxsense Manage, a cloud-native offering that does the heavy lifting by collecting and collating a library of patches and updates. This allows IT professionals to deploy updates with AI-driven natural language and voice control. When the need arises, users have access to dashboards, query builders, and remote-control functions that provide insight into device health, inventory, and timelines allowing IT managers to troubleshoot and diagnose issues.

Syxsense Manage, therefore, becomes the IT managers’ “endpoint everything,” allowing them to see and manage all endpoints both inside and outside the network as well as in the cloud, with coverage for all major operating systems and endpoints, including IoT devices, physical and virtual devices, and all major cloud vendors. More importantly, they can complete day-to-day tasks and updates with ease and efficiency.

The companion offering, Syxsense Secure, brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams responsible for protecting businesses from cyber-attacks. It is the only cloud-native product on the market that truly combines endpoint management and endpoint security into a single unified offering. What’s more, it is tailored to the exact needs of companies that have limited resources and consolidated IT management and security functions in the same department.

Syxsense Secure includes proactive, always-on monitoring for malicious processes, automated device quarantine, real-time alerting, and live data that delivers insights in real-time to provide even greater visibility into the health of all the endpoints across your network. It is built on endpoint management technology that creates a baseline defense against known threats by ensuring devices are current with the latest software updates and security patches. This provides total visibility into the enterprise and eliminates blind spots so security managers can immediately detect anomalies that indicate an imminent or active threat.

By analyzing endpoint activity, Syxsense Secure predicts threats before they become breaches. Built on real-time, always-on endpoint monitoring, when breaches do happen, Syxsense knows how the attack entered the environment, how it spread, which data, files, and devices were impacted, and whether the threat has been neutralized in its entirety to prevent future vulnerabilities.

“Organizations are now able to combine and strengthen cybersecurity and IT management across their enterprise, enabling IT-SecOps convergence and digital transformation, improving enterprise performance while reducing the cost of cybersecurity,” concluded Leonard. “The Syxsense Endpoint Security Cloud, the overarching platform for Secure and Manage, provides multiple industry-proven capabilities in a single dashboard to simplify cybersecurity management and better protect people, businesses and assets from evolving cyber threats.”

About Syxsense

Syxsense is the leading provider of innovative, intuitive technology that sees all and knows everything about every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. It combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen. The Syxsense Endpoint Security Cloud always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm. https://www.syxsense.com

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]