ISSUE 02 I SEPTEMBER 2017
CYBER RESILIENT Innovative Security Technologies to Strengthen Your Cyber Security Posture
Published by
CONTENTS
Published by
18 BLOG
Varkeychan Davis, Technical Manager, Bulwark Technologies, details how enterprises can stay vigilant by raising their cybersecurity postures.
05
MD’s message Bulwark Technologies MD Jose Menacherry outlines the current security landscape and the firm’s go-to-market strategies for 2018.
07 Sophos Harish Chib, VP Middle East and Africa, Sophos, shares insights on the need for synchronized security.
09
Mimecast Brandon Bekker, Managing Director, Mimecast Middle East and Africa, explains the elements an email security framework needs to cover.
11 Acunetix Learn how Acunetix solutions ensure vulnerabilities in websites and web applications are detected before a hacker can exploit them.
For more information, please write to: info@bulwark.biz
13 Radware
Carl Herberger, Vice President, Security Solutions, Radware, on how automation will dictate the success of a business.
14 Teramind
Discover how the firm’s solutions gather data about user activity, in order to detect behavioral anomalies, conduct rule-based risk analysis, and perform IT Forensics.
15
Director’s note
Jessy Jose, Director, Bulwark Technologies, shares how critical customer satisfaction is in the distributor’s operations.
17 Meet the team Know more about the firm and the efficient personnel behind the distributor’s growth story.
21 Netwrix Michael Fimin, CEO and Co-Founder, Netwrix, examines, if employees play a role in ransomware attacks.
23 MailStore Wilm Tennagel, Corporate Communications Manager, MailStore, on IT security strategy calls for backing up the email server.
24 EnGenius AliShan Zaidi, Regional Sales Manager, EnGenius International, shares the firm’s regional channel and go-to-market strategies for 2018.
25 ESET
Dimitris Raekos, General Manager, ESET Middle East, on the firm’s cybersecurity offerings and trends in the security market.
• September 2017 • TheShield
3
T ERAMIND
Live View & History Playback Rule Based Risk Analysis
Email Monitoring IT Forensics
www.teramind.co
File Transfer Tracking Anomaly Detection
Welcome MD’s MESSAGE
Battling sophisticated security threats Jose Thomas Menacherry, MD, Bulwark Technologies, outlines the firm’s plans to continue addressing customers’ security concerns with a robust channel strategy in 2018.
T
he regional channel landscape has evolved significantly over the last two decades. However, only those firms who are in sync with the market changes have thrived. From traditional distribution models, most firms have now incorporated value-addition to their offering, understanding that it is a priority for partners and customers. Bulwark Technologies has been at the forefront of these industry shifts to ensure we are offering a comprehensive portfolio for our partner ecosystem. One of the driving forces behind our growth has been the uptake of emerging technologies and the region’s enhanced focus on cybersecurity solutions. Security has become the topmost priority and is increasingly becoming an important part of boardroom discussions within enterprises today. In the current security landscape, the endpoints have become more vulnerable. Alarmingly, we have seen a spike in malware and ransomware attacks happening globally, including in the Middle East region. With more and more devices getting connected in an exponential manner, organisations need to ensure that these devices and endpoints have adequate protection, not only for the data it handles, but also to assure that the hackers do not use them for other targeted attacks. Partners must look at investing in userbehavior analytics, data loss prevention and deep learning technologies, which are expected to govern the security space going forward. Once
For more information, please write to: info@bulwark.biz
a user’s credentials are compromised, it is only a matter of time before someone gets into the network and engage in malicious activities. Partners must be able to advise customers on how to protect their most critical assets from all angles. Deep learning comprises of several technologies, such as artificial intelligence and machine learning. While it may sound futuristic, partners must examine the opportunities present here from today itself. Deep learning can help identify factors, which could indicate that a cyber-attack is going on or will be launched, as these attacks follow patterns designed largely by humans. Understanding and identifying the opportunities around these elements, Bulwark aims to continue being a trusted partner for our channel ecosystem, to enable them to elevate the prospects and optimize it. Over the course of 2016, we have witnessed considerable increase in manpower through the recruitment of key sales and technical professionals for continued and dedicated support to regional partners and customers. We have also amplified our combined sales and marketing activities for regional partners. In the beginning of this year, we also inaugurated our new operation in India, headquartered out of Bangalore. We have signed up with new vendors such as Radware and Teramind, complementing our portfolio of products, to addresses DDoS attacks, Web Application Firewalls and User Behavior monitoring and Inside Threat Prevention.
“BY WORKING CLOSELY WITH US AND OUR VENDORS, PARTNERS CAN ENSURE THAT THE RIGHT SOLUTION WITH PROPER EXPERTISE BE OFFERED FOR ADDRESSING CUSTOMERS’ SECURITY REQUIREMENTS AND CHALLENGES.” We provide a wide array of data security products and solutions to protect the customer’s IT infrastructure and information. By working closely with us and our vendors, partners can be confident that their customers’ security requirements and challenges are addressed with the right solutions. Along with our partners, we are aiming to jointly tackle end-users’ security concerns, ensuring complete value and Return on Investment (ROI) in our solutions. • September 2017 • TheShield
5
Synchronized Security An innovation in threat protection
Firewall
Web
Wireless
Endpoint
Encryption
Mobile
Sophos Central
Provide your customers with a best-of-breed security system where integrated products dynamically share threat, health, and security information to deliver faster, better protection against advanced threats.
Join the innovation
For more information please contact salesmea@sophos.com
www.sophos.com/heartbeat
Server
Synchronized Security- An Innovation in Threat Protection By Harish Chib, Vice President Middle East and Africa, Sophos
A
ll businesses large, small or inbetween, must live and learn to thrive in a world with an ever-increasing threat of cyber risks. Those risks are rising for many reasons, from the growing attack surface to the increasing complexity and sophistication of such attacks To increase the impact of attacks, smart hackers coordinate their attacks across an entire IT system touching the firewall, endpoints, servers, data, and more. Point products can stop individual elements of these threats, but they work in isolation. In contrast, Synchronized Security is a best of breed security system that enables your defenses to work together to stop advanced attacks. It delivers unparalleled threat protection and slashes incident response time by 99.9%. The Need for Synchronized Security The Challenge Facing Today’s Organizations Organizations are struggling to stay ahead of today’s cyber threats. Specifically, they face four main issues: 1. Attack complexity The growth in complex and coordinated attacks is outpacing many organizations’ ability to protect themselves, leading to increased losses from cybercrime. 2. Uncoordinated defenses Point products work in isolation, unlike the coordinated attacks they need to stop, which often touch your firewall, email, endpoints, servers, and data. 3. Expanding attack surface Mobile devices, cloud applications, and IoT devices are being used by employees more and more, and organizations
For more information, please write to: info@bulwark.biz
of all sizes are deploying virtual and cloud infrastructure. This has increased the socalled “attack surface” dramatically. 4. Lack of resources Overstretched IT departments struggle to respond fast enough to threats entering their ever-expanding IT infrastructure. They don’t have the time or resources to manage the complex crossproduct correlation needed to identify and stop advanced threats. Benefits of Synchronized Security: By combining an intuitive security platform with award-winning products that respond automatically to threats, Synchronized Security enables you to stay ahead of the hackers. 1. Unparalleled protection Best-of-breed products packed with next-gen technology actively work together to detect and prevent advanced zero-day attacks like ransomware and botnets. 2. Automated incident response Security solutions share information and respond automatically to attacks, isolating infected endpoints before the threat can spread and slashing incident response time by 99.9%. 3. Real-time insight and control With Synchronized Security you can see everything that’s happening on your endpoints and network in real-time, enabling you to take immediate action. Plus you can manage all your security through Sophos Central, our intuitive, web-based security platform, saving time on a daily basis.
Synchronized Security Products and Technologies XG Firewall Blocks advanced threats before they get on your network. Automatically identifies and isolates compromised systems to prevent data loss and the infection from spreading. Endpoint/ Intercept X Identifies and blocks malware at the endpoint, including advanced, zeroday threats and ransomware, preventing infection. Automates clean-up Encryption Automatically revokes encryption keys on infected machines, keeping data safe Server Identifies and blocks advanced malware, including ransomware, at the server, preventing infection Sophos Central The intuitive security platform that enables products to share security information and automate threat response. Mobile Keeps data safe on mobile devices and takes action if a device is not secure. Web Endpoint agent and gateway synchronization reduces backhauling of web traffic Wireless ‘Unhealthy’ devices can be pushed to a restricted access, quarantine Wi-Fi network. Email Prevent compromised endpoints from sending or receiving mail to limit the impact of any security incident*. Synchronized security provides a best-ofbreed security system where integrated products dynamically share threat, health, and security information to deliver faster, better protection against advanced threats. It gives you unparalleled protection and ease-of-use, making life easier for today’s IT security professionals. • September 2017 • TheShield
7
.com
You’ve got mail An email security framework needs to identify, block and warn employees about malicious links, weaponized attachments and impersonation emails, Brandon Bekker, Managing Director, Mimecast Middle East and Africa, explains.
C
an you share regional cybersecurity trends? Middle East businesses experience cyber-attacks at least on par with the rest of the world but spend considerably less on cybersecurity which means they are likely to be more vulnerable to these kinds of threats. Underinvestment in email security for many years saw criminals refocus their efforts on evolving phishing into highly targeted attacks to steal money and valuable data. Cyber-attacks such as ransomware are also increasingly large risks to business continuity. Being prepared for natural disaster or political unrest is important but equally disruptive can be localised flooding, electricity blackouts or targeted cyber-attack. What element do you believe is lacking the most when it comes to an organization’s security strategy? Many organisations are struggling to evolve their security strategies in the move to cloud services. Traditional on-premise best practice dictated multiple layers of security alongside independent backup and recovery systems. But when migrating to large cloud services some firms are betting the farm on the security and uptime of these services. Recently Mimecast’s third quarterly Email Security Risk Assessment (ESRA), found that prominent cloud-based email service providers, including Google G Suite and Microsoft Office 365, were not blocking thousands of email-borne attacks. Meanwhile, there have been significant outages around the world for these services.
For more information, please write to: info@bulwark.biz
How can enterprises develop their email security frameworks? Email is both an organization’s most important communication platform and the application that is most susceptible to attack. Employees are direct targets for increasingly sophisticated attacks designed to steal money, credentials, customer data, and other valuable intellectual property. An email security framework needs to identify, block and warn employees about malicious links, weaponized attachments and impersonation emails used to attack organizations. Measures must be in place to identify malicious internally-generated emails alongside data leak prevention technologies to stop confidential data leaving an organization by error or rogue intent.
“EMAIL IS BOTH AN ORGANIZATION’S MOST IMPORTANT COMMUNICATION PLATFORM AND THE APPLICATION THAT IS MOST SUSCEPTIBLE TO ATTACK. EMPLOYEES ARE DIRECT TARGETS FOR INCREASINGLY SOPHISTICATED ATTACKS DESIGNED TO STEAL MONEY, CREDENTIALS, CUSTOMER DATA, AND OTHER VALUABLE INTELLECTUAL PROPERTY.”
How can organizations better prepare in case of future attacks like the ones we have seen recently? The WannaCry and Petya global attacks highlighted how disruptive it can be to simply lock access to files. But both were easily preventable with good security processes such as up-to-date patching and network hardening which dictates removing or disabling unnecessary services to reduce the potential attack surface. Adopting a cyber resilience strategy can also help organizations prepare for the worst, ensuring they can keep operating even if a serious attack does get through. What role can channel partners play to help customers deploy robust security solutions? Channel partners have the opportunity to take security discussions beyond just product supply and establishing themselves as the trusted business advisor. This can include developing a wide-ranging support strategy around managed security, compliance, employee training, continuity and archiving services. What plans can the market expect from Mimecast over the next year? Mimecast will continue to expand its focus on cyber resilience – that is, advanced prevention coupled with an ability to get back up and running quickly, with a minimum of disruption and zero data loss, in the event of a cyber-attack. Attackers will continue to evolve their techniques so Mimecast will be regularly updating its services to match each new challenge. • September 2017 • TheShield
9
5%
GITEX discount offer*
Is Your Website Hackable? 70% are. Detect & action with Acunetix
Hackers concentrate their efforts on web-based applications - shopping carts, forms, login pages, etc. Accessible 24/7 from anywhere in the world, insecure web apps provide easy access to backend corporate databases and allow hackers to perform illegal activities using the compromised site. Firewalls, SSL and Hardened Networks are futile against Web Application Hacking!
Audit Your Website Security with Acunetix Acunetix is available On Premise or Online • Scans for SQLi, XSS & 3000 other vulnerabilities • Detects DOM-based & Blind vulnerabilities • Full HTML5 & JavaScript analysis • Integrated Vulnerability Management • Advanced Penetration Testing Tools • Perimeter Server Security
Download or Register for a FREE Trial
www.acunetix.com
*Offer valid for all orders submitted through the whole month of October 2017
REACH US ON info@acunetix.com
+44 (0)330 202 0190
www.acunetix.com
Acunetix: An essential tool in your security arsenal Using a web vulnerability scanner like Acunetix ensures vulnerabilities in websites and web applications are detected before a hacker can exploit them.
W
ith the uptake of cloud computing and the advancements in browser technology, web applications and web services have become a core component of many business processes, and therefore a lucrative target for attackers. High profile cyber-attacks regularly make the headlines, exposing citizens to financial loss and worry, and costing organisations millions. The Middle East has not been spared, with hackers attacking key websites in Saudi Arabia’s Defense Ministry, Saudi Aramco and the General Authority of Civil Aviation, among others. Home to oil reserves and natural gas, the Middle East has become a magnet for some of the world’s costliest cyberattacks. According to Juniper Research, by 2019 it is estimated that the cost of
data breaches will rise to a whopping $2.1 trillion globally – nearly 4X the cost of breaches in 2015. However, research done by Symantec and Deloitte found that more than two-thirds of organizations in the region were incapable of protecting themselves from sophisticated cyber-attacks. Now is the time for business owners and organizations of any size to be proactive in their approach to website security. Enter Acunetix! Using a web vulnerability scanner like Acunetix ensures vulnerabilities in websites and web applications are detected before a hacker can exploit them. Acunetix is used to crawl all web-based business-critical assets, automatically analysing them for flaws that could expose the organisation. Acunetix can detect and report on over 3000 vulnerabilities in applications built
on architectures such as WordPress, PHP, ASP.NET, Java Frameworks and others. Crawling and Scanning A fundamental process during any scan is the scanner’s ability to properly crawl all pages of an application automatically. Acunetix features DeepScan Technology; an HTML5 crawling and scanning engine that fully replicates user interaction inside of a browser by executing and analyzing JavaScript. Vulnerability Detection Accurate vulnerability detection lies in the ability to detect anything from the most obvious to the most obscure vulnerability. Acunetix is the industry leader in detecting the largest variety of SQL Injection and XSS vulnerabilities including the detection of second-order vulnerabilities such as Blind XSS (BXSS), Server-side Request Forgery (SSRF), and out-of-band vulnerabilities such as Blind Out-of-band SQL Injection among others. Through its unique AcuSensor Technology, Acunetix enhances a regular dynamic scan through the deployment of sensors inside the source code, that relay feedback to the scanner during the source code’s execution. It pinpoints the vulnerable line of code and reports additional debug information. This greatly increases remediation efficiency and makes the developer’s task of fixing the vulnerabilities easier. Vulnerability Management, Reporting and Remediating In order to keep track of the vulnerabilities detected, Acunetix includes a web-based interface with a quick view of the website’s security posture. Complimenting this, are extensive Management, Compliance and Classification reports to help manage escalation and remediation of vulnerabilities, while assisting in task prioritization. About Acunetix Acunetix is the market leader in automated web application security testing, with customers in the Government, Military, Educational, Telecommunications, Banking, Finance, and E-Commerce sectors, including many Fortune 500 companies, the world over. In the Middle East, Acunetix has grown from strength to strength over the last 5 years, with licenses sold all over the region, with great success in UAE, Israel, Egypt, Iran, Jordan, Lebanon, Qatar and Saudi Arabia. The Acunetix Partner Program is proving popular giving partners the chance to sell Acunetix software at competitive margins. Some customers include: Qatar Airways, MOI Qatar, OmanTel, Jumeirah Group, TECOM, Dubai Holdings, Central Agency of Information Technology Kuwait, Etisalat UAE, Dubai Bank, Al Ahli Bank Kuwait, ANB Saudi Arabia, University of Jordan, and more.
For more information, please write to: info@bulwark.biz
• September 2017 • TheShield
11
Safeguarding applications THE COMPANY Radware understands that in business, every second counts. Service levels dramatically impact employee productivity, business reputation, and revenue. Today more than ever, time is money. That’s why our mission is to ensure application service levels are guaranteed at all times, in any operational scenario. Our holistic application delivery and security solutions optimize business operations, minimize service delivery degradation and prevent downtime. Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers. Our award-winning solutions portfolio delivers service level assurance for business-critical applications, while maximizing IT efficiency. Radware solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. MARKET LEADING SOLUTIONS Our Cyber Security and Application Delivery solutions are designed from the ground up to ensure optimal service-level at all times. They address data center application service level challenges and solve key challenges with application availability & response time, and data center availability. • Cyber Security Application security is one of the most vital components in maintaining a healthy business.
RADWARE SOLUTIONS DELIVER SERVICE LEVEL ASSURANCE FOR BUSINESSCRITICAL APPLICATIONS, WHILE MAXIMIZING IT EFFICIENCY. 12
TheShield • September 201 7 •
As cyber-attacks increase in frequency, sophistication, and severity, application security and network security solutions need to meet and surpass these ever changing threats. Radware’s suite of DDoS Protection and Web Application Security offerings provide integrated application security and network security solutions designed to secure data centers and applications everywhere. Complete with anti-DoS, network behavioral analysis, SSL attack mitigation, IPS, WAF and in-the-cloud DoS mitigation in one integrated system, the solution offers a multivector attack detection and mitigation solution, handling network layer and server based attacks, malware propagation and intrusion activities. • Application Delivery Organizations are on the hook to deliver quick response times, 24x7 availability, and security of mission-critical applications. Radware helps meet these challenges with application delivery and load balancing solutions that simplify operations while ensuring SLAs. Featuring a future-proof, application-aware approach to deploying and managing applications, Radware provides advanced and comprehensive application delivery capabilities to ensure optimal service levels for applications in virtual, cloud and software-defined data centers.
• Cloud Services Continuously adaptive, real-time protection for the most sophisticated DDoS and web security threats through best in class cloud WAF and DDoS protection technologies. Radware is delivering the widest security coverage and fastest Web acceleration service for best application service level. We provide enterprisegrade cloud services to protect from multi-vector threats and optimize application performance. • Management & Monitoring Deploying and managing globally distributed application delivery and network security services can be a highly complex task. But with Radware’s application management and application monitoring solutions, organizations can centrally manage and monitor the health, real-time status and performance of its application delivery structure. With complete visibility into the performance breakdown by application, location or transaction, businesses can increase operational efficiencies with solutions that enable quick and straightforward solutions to problems.
To learn more about how Radware’s integrated application delivery & security solutions can enable you to get the most of your business and IT investments, email us at info_india@radware.com or go to www.radware.com.
For more information, please write to: info@bulwark.biz
Automate and accelerate Carl W. Herberger, Vice President, Security Solutions, Radware, on global cybersecurity trends and how automation will dictate the success of a business.
I
t’s no surprise that security is a top priority for businesses, especially in 2017, where sensitive data breach incidents have dominated the global headlines throughout the year. While in previous years we have seen, many attacks aiming to cause internet pipe saturation or exhausting the firewall, this year there is a clear shift and the main network component suffering from cyber-attacks is the server. With or without correlation – hackers are increasingly targeting data more. The most prominent phenomenon was the ransomware. However, we have also observed that they are trading not only credit card data and PII but also medical records and identities over the Dark market. Another good example from 2017 are the social protests followed by doxing and dumping information about officials. Radware’s annual Global Application & Network Security report combines a comprehensive information security industry survey with our Emergency Response Team’s (ERT) in-thetrenches experiences combatting cyber-attacks and incorporate perspectives of two third-party service providers and real customer stories. Please visit www.radware.com for the full report. Importance of automation In such a scenario, a network environment and all its branches need to detect threats with high quality in one location and then react in all operating environments. Changes to the affected systems then must be orchestrated quickly and universally. Network defenses will continue to succumb to the endless barrage of complex attacks and the immeasurable onslaught of new techniques because we can’t keep up. Manual defenses can’t keep up.
For more information, please write to: info@bulwark.biz
The notion of humans deploying detection technologies and choreographed responses like attack mitigation in real time will fall away – because it has to. Human interaction with cyber defense will be better seen for what it currently is, imperfect and unreliable, in the face of attacks that are largely automated and mostly reliable, if not perfect. The fall of human cyber-defenses will be replaced with the security bots of the future. The future of security is not bleak for the security professional who understands how to
“IF YOU STRIVE TO EXCEL IN THE WORLD OF MODERN NETWORKS, THE FASTER YOU MIGRATE TO A HIGH QUALITY, AGILE DETECTION AND MITIGATION ENVIRONMENT, WHICH CAN BE CUSTOMIZED AND SELF-HEALED, THE BETTER FOR YOUR CONTINUED SUCCESS.”
put in place this automation and orchestrate and fix white-hat bot problems. However, if you are security “wrench-turner”, your wrenches are soon to be pixelated. As costs rise and concerns meet a crescendo, business executives are being met with new technologies designed to handle threats in an ever-increasing automated fashion. Automated ‘white-hat’ bots will slowly ebb the tide of hiring security professionals. If you strive to excel in the world of modern networks, the faster you migrate to a high quality, agile detection and mitigation environment, which can be customized and self-healed, the better for your continued success. Radware’s hybrid security solutions Radware’s attack mitigation service integrates on-premise detection and mitigation with cloud DDoS protection service and 24x7 emergency response team support. It combines the requisite technologies for making your business resilient to cyber-attacks with on-premise systems and the ability to scale on demand with a cloud-based scrubbing center. The service integrates fully-managed on-premise detection and mitigation with cloud-based DDoS protection service. Plans for 2018 Radware is growing fabulously and has plans to increase security scrubbing centers, pointsof-presence, colocation of security architects and experts in the region and development of numerous regional centers of excellence. We look forward to APAC being one of the best performing regions in our portfolio. • September 2017 • TheShield 13
Using User Behavior Monitoring to Secure Organizations’ Data The firm’s solutions gather data about user activity, which can be used to detect behavioral anomalies, conduct rule-based risk analysis, and perform IT Forensics.
W
ith all the terrifying news of data breaches, insider behavior has become an increasing threat. Think about all the types of employees that have access to your network and think about all the types of data they have access to. Now you understand how they can also expose your network to risk. These users, normally called insiders, often have some form of privileged access to sensitive information to do their daily work. If organizations are looking to avoid security incidents, they need to implement strong security solutions that address both malicious and negligent users. While malicious users intentionally seek to compromise company data, negligent users cause harm by being unaware or uneducated by the ramifications of their actions within the company network. One way to avoid these consequences is a robust security suite that provides user behavior monitoring. An Insider’s Greatest Threat User behavior monitoring is the core of Teramind’s technology, which is equipped with machine learning capabilities. Teramind gathers data about user activity, which can be used to detect behavioral anomalies, conduct rule-based risk analysis, and perform IT Forensics. Let’s explore why these features and capabilities are of benefit to your organization.
Anomaly Detection This technology is one of the central pillars of user behavior monitoring. Anomaly detection is based on machine learning algorithms that analyze employee behavior throughout your entire organization. This allows the software to automatically build out a “typical” employee profile (baseline) for each individual with access to your network. This will generate a User and Entity Behavior Analysis (UEBA), which unlocks Teramind’s other company features such as intelligent automated security 14
TheShield • September 201 7 •
TERAMIND PROVIDES A RISK EXPOSURE SNAPSHOT OF AN ORGANIZATION, GIVING NECESSARY INSIGHT FOR IDENTIFYING USERS THAT VIOLATE COMPANY POLICIES OR PUT YOUR ORGANIZATION IN HARM’S WAY. alerts, which can notify administrators of high-risk users and their activity patterns. This can then extend into automated responses based on the severity of the alert.
Rule Based Risk Analysis In addition to anomaly detection, Teramind provides a risk exposure snapshot of an organization, giving necessary insight for identifying users that violate company policies or put your organization in harm’s way. Organizations can proactively block undesirable actions and warn users to help promote safe IT practices. The ability to create customized rules on any observable behavior and automate responses allows this feature to be helpful for all industries.
IT Forensics Teramind records all user actions and allows administrators to recall any point in time and see a video of the session. Additionally, it provides users with logs of alerts, keystrokes, website and application monitoring, file transfer and email tracking, printed documents and instant messages. The solution provides administrators with evidence for their IT forensic investigation. With a security solution like Teramind’s your organization will find itself capable of preventing insider threats and eliminating risk. Ask yourself, are you willing to continue leaving your company’s data vulnerable?
For more information, please write to: info@bulwark.biz
Welcome DIRECTOR’S NOTE
Driving Business Growth with Enhanced Customer Satisfaction
Jessy Jose, Director, Bulwark Technologies, says, customer satisfaction is a critical element of the distributor’s operations and it aims to provide unprecedented channel support to help partners grow profitably into 2018.
A
chieving absolute customer satisfaction is the primary goal for all that we do in our business. This is the framework for the organization. As we enter the final quarter of the year, this is a vital element that we evaluate and set clear parameters on. The regional channel industry has seen its ups and downs over the last few years. While the market has been challenging due to various reasons like declining oil prices and credit related issues, Bulwark has been focused in its approach, which has helped us grow substantially. The firm’s well-laid out day-to-day operations ensure that the business accomplishes its objectives. As a company, we oversee purchasing, sales and distribution of products in order to hit sales and profit targets, including monitoring revenue margins and employee productivity. This is not possible without adequate planning. Along with other members from the leadership team, we set the organization’s strategic goals such as empowering and supporting partners. As part of the planning process, we also work out what resources, including people and money, are needed to achieve these objectives and ensure that they are utilized optimally
For more information, please write to: info@bulwark.biz
to assist partners with their daily business. Not only we do define the objectives but also ensure the activities planned in order to achieve them are well-managed. Part of the objective-setting process includes deciding on measures, or key performance indicators, to assess how the objectives are being achieved. Bulwark workforce goes above and beyond to ensure that all activities are monitored, and key performance indicators are reported on a regular basis so that along with our partners, we can exceed customer expectations. These activities also help us to raise a flag well in advance in case there are indications of anything going downhill. We make it a point to understand our partners’ challenges and help them grow their business. We believe these strategies in place will aid us in our aim to guarantee customer satisfaction together with our channel ecosystem. Besides staying focused in specialized areas within security, we encourage our partners to enhance their knowledge with the latest developments in the market. Only then, they will be able to effectively cater to customers’ evolving demands. As a niche security-centered value-added distributor, we are concentrating on bringing innovative solutions to market and providing our partners with the best-of-breed global vendors to choose from with dedicated support and resources.
“BESIDES STAYING FOCUSED IN SPECIALIZED AREAS WITHIN SECURITY, WE ENCOURAGE OUR PARTNERS TO ENHANCE THEIR KNOWLEDGE WITH THE LATEST DEVELOPMENTS IN THE MARKET. ONLY THEN, THEY WILL BE ABLE TO EFFECTIVELY CATER TO CUSTOMERS’ EVOLVING DEMANDS.”
We look forward to creating and sustaining long-term and profitable partnerships with our channel as we move into 2018. • September 2017 • TheShield
15
News
BULWARK OPENS A NEW OFFICE IN INDIA The expansion will help the firm to better serve the needs of a robust partner network and its growing customer base in India. Bulwark Technologies has announced its expansion plans in the Indian sub-continent region. The expansion plans are in response to the company’s growing business, robust partner network and strong demand for IT security solutions in India. “Over the last few years, Bulwark has seen a significant growth and a strong demand for our security solutions in the region. We are pleased to launch our new office in the Indian sub-continent region. Bulwark Technologies brings on board, immense experience, wide partner network and regional expertise to provide continuous and excellent value-added services to our channel
partners and customers. Our aim is to have a good penetration across different verticals and across different market segments in India,” said Jose Thomas Menacherry, Managing Director, Bulwark Technologies. Bulwark’s India office will help the company to better serve the needs of a robust partner network and its growing customer base in India. The company is investing in new talent and has recruited a strong team to drive sales and offer on ground technical support and services. In addition to this, the company is planning to invest in training programs for channel partners to enable them to sell and distribute its wide array of products better.
BULWARK ACCOLADES
Bulwark was honored the ‘Networking Distributor of the Year’ award in the prestigious Global Enterprise Connect (GEC) Awards by leading media player, Enterprise Channels MEA. The award pays tribute to Bulwark for providing and delivering value-added services, networking solutions design architecture, presales consulting, training, channel enablement programs, post-sales implementation and technical support and adding value at every stage of product life cycle.
Bulwark was awarded the ‘Best Partner Growth Initiative Award’ at the prestigious Reseller Hot 50 Awards 2016 organized by CPI Media Group. The award recognizes and honors Bulwark for being an eminent player and making significant contributions to the channel community.
16
TheShield • September 201 7 •
Bulwark Distribution along with EnGenius, an industry expert in wireless communications and radio frequency (RF) technology, have launched a Loyalty Programme for partners in the region. The programme focuses on providing lucrative incentives to partners based on the revenue generated and the exposure and opportunity they provide for the VAD in the region. Partners can now achieve the desired levels based on revenue generated through certification programs and partner enablement sessions being organized by Bulwark. Jose Thomas Menacherry, CEO, Bulwark Distribution, said, “Channel growth and development has been our constant and ongoing endeavor. With the introduction of the new Partner Loyalty Programme we want our channel community to be part of a mutually beneficial relationship and drive constant growth together.’’
NEW VENDOR PARTNERSHIPS
BULWARK HONORED AS ‘NETWORKING DISTRIBUTOR OF 2016’
BULWARK WINS ‘RESELLER ME HOT 50 BEST PARTNER GROWTH INITIATIVE AWARD 2016’
BULWARK AND ENGENIUS INTRODUCE PARTNER LOYALTY PROGRAM
RADWARE SIGNS DISTRIBUTION DEAL WITH BULWARK Bulwark Technologies has expanded its security specialized product portfolio by signing a distribution agreement with Radware, a leading provider of cybersecurity and application delivery solutions. Under the agreement, Bulwark will sell, implement and support Radware solutions through its wide network of channel partners in the region. Andrew Foxcroft, Regional Director, Northern Europe, Radware said, “Our aim is to penetrate different verticals and across different market segments in the Middle East region and this may be achieved through implementing a focused go-to-market strategy with Bulwark and its local resources to deliver support to our customers.”
BULWARK PARTNERS WITH TERAMIND Bulwark has partnered with Teramind, a player in Insider Threat Prevention, to provide one-stop shop for User Monitoring and Insider Threat Prevention services in the region. Bulwark will distribute Teramind’s full portfolio of security solutions to customers in the Middle East region. Eli Sutton, Vice President-Sales, Teramind, said, “This partnership is meaningful to both Teramind and Bulwark. By joining forces, we can deliver a complete and comprehensive value-added proposition to customers in the Middle East region. Our aim is to grow our reach across different verticals and market segments in this region, and we look to achieve this through a focused go-to-market strategy with Bulwark.”
For more information, please write to: info@bulwark.biz
Meet the team BULWARK TECHNOLOGIES
OUR EDGE
The team behind the growth story of Bulwark
B
ulwark –a specialized and ValueAdded Distributor is represented by a team of highly passionate and experienced cybersecurity professionals providing value-added services to the channel partners and end customers in terms of solution designing, architecture, enablement and trainings, implementation and 24/7 technical support. It is this constant endeavor to support its channel and improve the customer satisfaction, which has made Bulwark a name to reckon with when it comes to regional cybersecurity distribution. THE ENTITIES OF BULWARK: • Bulwark Distribution: Bulwark Distribution focuses on channel growth and development for fast moving security products. We have established an excellent track record in delivering world-class products and excellent customer service. The wide product portfolio includes everything an enterprise requires to secure their data.
For more information, please write to: info@bulwark.biz
• Bulwark Technologies: Bulwark Technologies focuses and implements high end enterprise security solutions through major systems integrators in the region. Working with a wide array of systems integrators, Bulwark Technologies aspires to provide right customized solutions to customers to meet their cybersecurity objectives. • Bulwark Technologies, India: Bulwark Technologies has expanded its operations in the Indian sub-continent by opening a new office in Bangalore, India. Bulwark’s India office provides continued and roundthe-clock support to a robust partner network and to its growing customer base in India.
• High end professional services in solution architecture, sales, marketing, implementation and support through team of certified security professionals. • Very innovative and rewarding partner loyalty programs • Training labs providing high end solution training and partner enablement • Dedicated and active 350+ reseller network in the region • Diverse customer experience giving us an edge to understand different industry verticals and their requirements.
LEBANON JORDAN KUWAIT
EGYPT
GEOGRAPHICAL REGIONS COVERED:
BAHRAIN
QATAR KSA
UAE
OMAN
Dedicated and active 350+ partner/ reseller network in the region covering: • September 2017 • TheShield
17
Blog CYBERSECURITY
Stand guard
Varkeychan Davis, Technical Manager, Bulwark Technologies, details learnings from recent ransomware attacks and how enterprises can stay vigilant by raising their cybersecurity postures.
T
he regional cybersecurity market is growing exponentially because of the increasing security needs of Internet of Things (IoT) and Bring Your Own Device (BYOD) trends, and bigger deployments of web and cloud-based business applications. While all other tech sectors are driven by reducing inefficiencies and increasing productivity, cybersecurity spending is determined by security requirements of the industry. The demand for application security solutions is rapidly increasing, as the emergence of IoT and BYOD trends have connected large number of devices and applications via internet, which are susceptible to Advanced Persistent Threats (APTs). Further, the protection of these devices and applications is the prime objective of organizations. Protection and prevention, followed by detection and response, are the top two operational spending areas for enterprise companies. When it comes to security, what most organizations lack is around employee-awareness. They underestimate the human factor that allows online criminals to infiltrate companies’ internal networks. The best way to make sure employees do not make costly errors regarding information security is to institute company-wide security-awareness training initiatives that include, but are not limited to, classroom style training sessions, security awareness website(s), helpful hints via e-mail, or even posters. These methods can help ensure staff have a solid understanding of company security policy, procedure and best practices. The recent ransomware attacks underpin how adversaries have become even more sophisticated over the years. Previously ransomware attacks would specifically target their victims. WannaCry was the first time we saw a large-scale ransomware that could worm its way through networks. The WannaCry ransomware attack predominantly 18
TheShield • September 201 7 •
targeted computers still running Windows 7. Although Microsoft had offered a patch to the exploit before WannaCry was so quickly propagated, many machines had not yet run the security update. Here comes the importance of endpoint protection such as Sophos which prevents the malicious spontaneous encryption of data by ransomware even trusted files or processes that have been hijacked. Using Advance persistent threat solutions such as Lastline on network level helps to detect the ransomware across the entire detection spectrum via Deep Content Inspection of malware samples; Domain/host reputation information from our Global Threat Intelligence Network, and network traffic analysis. It is critical to utilize security controls like Lastline Enterprise across your network and remote locations that can identify malicious activity targeting your unpatched systems before you can deploy the updates. Enterprises should educate their users on the importance of email security so that they do not access emails from unrecognized senders, and be alert on emails received from known users. These steps can help organizations improve their security posture. Email security solutions such as Mimecast Provides comprehensive protection from targeted
threats as a complement to Mimecast Attachment Protect, URL Protect and Impersonation Protect. It inspects email coming into, going out of and staying within an organization It is critical to not only educate users but also understand their behavior as reports suggest risks could exist internally as well. Teramind provides a user-centric security approach to monitor employee behavior. The software streamlines employee data collection to identify suspicious activity, detect possible threats, monitor employee efficiency, and ensure industry compliance. The company focuses on helping organizations understand the chain of events, shape user behavior and combat the internal threat via automated risk detection and prevention. With human error considered to be one of the biggest security threats, enterprises should be aware of who has access to what kind of information. Arcon’s Privileged Access Management solutions allow organizations to manage privileged accounts and help in meeting compliance requirements from a single platform. In case of a security breach, organizations must react promptly to contain it and be ahead of evolving cyber threats. Radware’s solutions are apt to help deliver quick response time, 24x7 availability and
“PROTECTION AND PREVENTION, FOLLOWED BY DETECTION AND RESPONSE, ARE THE TOP TWO OPERATIONAL SPENDING AREAS FOR ENTERPRISE COMPANIES.”
For more information, please write to: info@bulwark.biz
security of mission-critical applications. The firm’s suite of DDoS Protection and Web Application Security offerings provide integrated application security and network security solutions designed to secure data centers and applications. It provides advanced and comprehensive application delivery capabilities to ensure optimal service levels for applications in virtual, cloud and software-defined data centers. Another way for enterprises to be on top of security breaches is by regularly monitoring any alterations in their IT environments. By keeping track of these changes, they can detect security violations, troubleshoot issues, prevent downtimes and maintain continuous compliance with security standards and industry regulations. Netwrix solutions provide change and ‘state-in-time’ auditing for critical platforms and applications, including Active Directory, Group Policy, Exchange, file servers, storage appliances, VMware, Windows Server, SQL Server, SharePoint, and others and help to adhere to increasing security and compliance demands. Along with these solutions, we also have archival solutions from MailStore, managed file transfer from Linoma, web application vulnerability scanner from Acunetix and Unified Threat Management and Endpoint Security solutions from Sophos &
For more information, please write to: info@bulwark.biz
“ENTERPRISES SHOULD EDUCATE THEIR USERS ON THE IMPORTANCE OF EMAIL SECURITY SO THAT THEY DO NOT ACCESS UNRECOGNIZED EMAILS, AND BE MADE ALERT ON EMAILS RECEIVED FROM KNOWN USERS.”
Enterprise Data Governance Solutions from Varonis, to name a few. As a Value-Added Distributor providing complete solution to your IT Security requirements, we also offer ESET Endpoint Security Solutions providing pioneering antivirus protection & two-factor Authentication solutions from SecurEnvoy along with Appliance based gateway solutions from SendQuick. We enable in the distribution of Networking Switches/Access Points/Routers from EnGenius along with Secure Encrypted Flash Drives & Hard Discs from iStorage. iStorage is a trusted leader of PIN authenticated, hardware encrypted data
storage devices. The competitive classroom management solutions from Netsupport enable schools, colleges and training institutions to maximize their return from the IT infrastructure already in place. As a distributor focusing on IT security, we will continue to engage and introduce niche and innovative solutions to this market. Our constant endeavor is to work in a highly efficient manner to create mutual growth for our vendors, partners and customers and strive towards improving the security landscape in the region. • September 2017 • TheShield 19
Ransomware Survival Guide:
Defending Against Crypto-Ransomware According to FBI the number of ransomware attacks skyrocketed to 638 million in 2016, resulting in losses totaling $1 billion. Get a walkthrough on: • How ransomware is delivered to a user's computer • Stages of crypto-ransomware infection • Best practices that can be applied immediately Download. (pdf)
While ransomware attacks have been around for years, security experts say they've become far more dangerous recently because of advances in encryption and other technologies. A crypto-ransomware attack can take hostage not only data stored on a company's individual computers, but also the files on its servers and cloud-based file-sharing systems - leading to financial losses, stopping business in its tracks and potentially damaging the organization's reputation. According to FBI the number of ransomware attacks skyrocketed by 16,000 percent, from less than 4 million in 2015 to a staggering 638 million in 2016, resulting in losses totaling a billion dollars.
To learn more, click get.netwrix.com/ransomware
Are Employees Part of the Ransomware Problem? By Michael Fimin, CEO and Co-Founder, Netwrix
R
ansomware is most commonly spread by hackers. But we know from experience that employees also sometimes contribute - albeit unintentionally- to ransomware attacks. Notwithstanding recent ransomware attacks like WannaCry and NotPetya that exploit system vulnerabilities, most hackers prefer to use traditional phishing methods - as was the case with the original 2016 Petya ransomware attack. Such attacks put the onus on employees to be wary of potential threats. This means being on the look out for suspicious emails and immediately reporting them to IT support and/or management. Unfortunately, too often the complete opposite happens. Tricking employees into clicking on suspicious links or downloading attachments is easy. Sometimes they forget (or are too fearful) to warn IT professionals about what happened. This often results in system outages, loss of sensitive data and reputational damage. Studies like the 2017 IT Risks Survey confirm the role employees play in exposing organizations to security threats. Most organizations (66%) perceive their staff to be a bigger threat to security and system disruption than any other cause. Unfortunately, preventing ransomware attacks is almost impossible. You never know whether your organization will be targeted by a social engineering campaign or fall victim to a highly orchestrated attack like WannaCry. All you can do is minimize the potential damage. Some rules to follow are:
For more information, please write to: info@bulwark.biz
Cybersecurity should be everybody’s business – the first step is to bring the problem to the attention of senior management and provide evidence to support your case. According to Ponemon’s report on The Rise of Ransomware, 51% of the U.S. companies experienced at least one ransomware attack in 2016, paying out an average of $2,500 per an attack. With signs that ransomware attacks are increasing in scale, C-level executives need to do more to protect their organizations against financial and reputational loss. At grass roots level, all staff should be familiar with basic cybersecurity practices and know exactly what to do if they come across a potential attack. Develop a strategy for combating ransomware – this starts with immediate awareness of an attack. This is followed by identifying where the attack originates from and disconnecting this “patient zero” from the network. There are several measures to help with this. 1. Implement the least privilege principle. This involves granting rights to modify files only to those employees that need them to do their job. 2. Segregate your network into different zones and provide one-time password access to each one, thereby restricting the volume of resources that ransomware can access. 3. Make regular backups of your sensitive data and store copies offline in secure storage locations, to allow data to be restored easily should an attack ever occur.
“WITH SIGNS THAT RANSOMWARE ATTACKS ARE INCREASING IN SCALE, C-LEVEL EXECUTIVES NEED TO DO MORE TO PROTECT THEIR ORGANIZATIONS AGAINST FINANCIAL AND REPUTATIONAL LOSS.”
Have visibility into user behaviour – ransomware viruses use certain patterns of behaviour that, if detected, can provide early warning that an attack is in process. Useful clues include an unusually high number of file modifications in a short period of time, hundreds of failed access attempts and so on. Having a deep visibility into what users are doing in the IT environment helps organizations detect anomalous behaviour. Should a ransomware attack occur they can take steps to stop it from spreading and begin incident investigations before any serious harm is done. • September 2017 • TheShield 21
MailStore Server
©
The Standard in Email Archiving MailStore offers the most comprehensive market solutions in terms of performance, stability, functionality and simplicity to meet the specific email archiving needs of SMBs.
Reduce the workload of email servers Simplify backup and restore of emails Total protection against data loss Low cost and running right out of the box
Email Security Made in Germany
The Experts in Email Archiving www.mailstore.com
35,000
Customers in 100 Countries
Email: Backup Alone Is Not Enough
Emails are the number one means of business communication. As such, they contain business-related data. Wilm Tennagel, Corporate Communications Manager, MailStore, says, various national laws in many countries around the world require legally compliant archiving, while IT security strategy calls for backing up the email server.
E
mail remains the most important means of communication within organizations, despite the increasing use of instant messaging and social collaboration tools in companies. The Radicati Group reports that 269 billion emails will be sent and received every day around the world in 2017. The international technology market research firm predicts that the total email volume will increase to 319.6 billion by the end of 2021. In view of these numbers and the legal requirements for archiving business emails, IT decision-makers are required to integrate email archiving into their strategic IT planning. This is because the increase in electronic correspondence has resulted in large volumes of data that need to be backed up and archived in a legally secure manner due to their business relevance. When dealing with globally active companies, IT decision-makers should not overlook the fact that compliance requirements differ from country to country. The difference between backup and archiving IT supervisors are on thin ice when they rely on the following principle: “We already back up our email server, so there’s no need to archive separately.” Backup is no substitute for legally compliant archiving!
For more information, please write to: info@bulwark.biz
The basic idea behind every archiving operation is to ensure that data is retrievable and available, even over a long period of time. Companies process invoices, quotes, and requests for support and appointments via email day in, day out. Email archivings makes emails fully available at all times over many years in their original, tamper-proof form. This fact differentiates it fundamentally from a backup, whose sole purpose is to secure important data within a limited time period and to preserve it so that it can be restored as needed. Backups on external data storage devices cannot satisfy this requirement because they cannot ensure complete, tamper-proof storage of all emails, as the emails can be deleted immediately upon receipt or before a backup. In contrast, a professional email archiving solution stores exact copies of all emails in a central archive to ensure the availability of any amount of data for many years to come. Measures such as hash values and encryption ensure legally mandated protection against tampering. For example, users can also access their emails in Microsoft Outlook and quickly search, find, and restore them using full-text indexing, thanks to seamless integration. Conclusion: Backups cannot replace archiving and email archiving is not capable of replacing traditional
“THE BASIC IDEA BEHIND EVERY ARCHIVING OPERATION IS TO ENSURE THAT DATA IS RETRIEVABLE AND AVAILABLE, EVEN OVER A LONG PERIOD OF TIME.”
backup tasks. It goes without saying that backups remain important, as even legally compliant archives need to be backed up. There is no escaping the fact that the IT strategies of security-minded CIOs and IT supervisors should not fail to include backups as well as legally compliant email archiving in order to ensure swift and complete disaster recovery and to avoid legal risks. • September 2017 • TheShield 23
Prioritizing partners
AliShan Zaidi, Regional Sales Manager, EnGenius International, shares the firm’s regional channel and go-to-market strategies for 2018.
C
an you elaborate on the key elements of the loyalty programme launched with Bulwark? EnGenius is glad to introduce the new Channel programme for Partners along with distributor Bulwark. EnGenius has always been very innovative and look forward to constant channel growth and development through this lucrative partner programme. The EnGenius channel program is designed to offer our partners unique opportunities for revenue growth that sets them apart from the competition. Our partners benefit from sales promotion and incentive, training and marketing resources. EnGenius will work closely to manage and monitor channel activities with a focus on providing channel partners with expert knowledge to enhance service offerings to its partners. To engage the channel, EnGenius training and certification program is announced to the system integrators and partners. The certification program provides our system integrators and partners with valuable training to help them better understand the networking technology and features incorporated into our growing portfolios of products and solutions. Can you share your channel strategy for the region? We do see a lot of market opportunities in vertical industries such as hospitality, hotspot solution, retails and education sector. One of the key advantages of EnGenius is solution-focused networking vendor. This enables our channel partners propose the right and valuable proposal based on industry. Moreover, a wide range of product line and flexibility in our solution assist the partners meet various project requirement and deployment. 24
TheShield • September 201 7 •
Could you give an overview of the new product lines in your portfolio? New products and technologies are being introduced by networking vendors to address the challenges due to the rapid growth. EnGenius as long range wireless expert since 1979 is proud to be one of the market leader in providing the industry most comprehensive and latest 11AC wave 2 EnTurbo products into the enterprise market. Incorporated with quad-core processor, the overall performance of EnTurbo Series is 30% faster than 11AC wave 1 access points. In addition, we also bring in EnMesh technology into enterprise and consumer market to address the limitation on conventional wired and wireless networking solution. Which are the technologies partners need to bet on to grow profitably in the next year? EnGenius continuously brings out the technologies that brings the profitability to partners for e.g. Mesh Wi-Fi, 11AC wave 2 products, Triband Wireless and controller solution to ensure our partners in staying competitively in the market For instance: EnGenius EWS1025Cam The AP MeshCam is the industry’s first 11ac Mesh wireless access point with a 1080p IP surveillance camera Key Features and Benefits of the AP MeshCam • Expanded Camera Wireless Range – Combining the two technologies expands the wireless range of the security network, adding greater product flexibility. • Mesh Wi-Fi – High-performance, 11ac Mesh
Wi-Fi wireless with speeds to ensure ample capacity for multiple connected devices. • Simplifies Installations – Mesh networking simplifies installations in retrofit or for budget-conscious customers by not requiring homerun hardwiring for each device. Mesh’s auto-sensing setup and self-healing optimize the camera network’s reliability and efficiency. • Space-Saving Design – One installation is all that is needed for both the AP and camera, requiring only a single cable run for power via an Ethernet cable with Power-overEthernet or a DC power input. • No Fee Management Software – Manage the network alongside other EnGenius devices via ezMaster, locally, remotely or via a cloud service. View, record and setup alerts with the included Video Management Software and remotely view and manage video with the included EnVMS™ Mobile App. What is your go-to-market strategy for 2018? We continue the focus in channel and solution-oriented in year 2018. We launched various new models of wave 2 technology and Mesh Wi-Fi to deploy in vertical markets. Meanwhile to assist our partner to set them apart from the competition, we have continued to work closely with our channel partners to run loyalty program, regular sales visits, project POC and comprehensive training program. We are working on a brand building in SMB/ SME space big time across the region and will achieve our goal working closely with all the partners. Our aim is to serve partner better, faster and efficiently.
For more information, please write to: info@bulwark.biz
Next-Gen: Buzzword or Reality?
Dimitris Raekos, General Manager, ESET Middle East, on the firm’s cybersecurity offerings and trends in the security market.
R
ecently you may have heard AV companies throwing around the term “Next-Gen” and stating they are the Next Generation of AV. Is ESET a Next-Gen vendor? With 30 years of continuous IT Security innovation, an increasing amount of labs worldwide with constant research and development into new technologies, detection and prevention techniques, we pride ourselves on our award-winning multi-layered protection. We use a combination of various sophisticated detection techniques such as heuristics, behavioral analysis, threat intelligence & other layers of protection. Yet, we are still asked if we have the so-called “Next Gen” technology. What makes a vendor “Next-Gen”? According to “Gartner” any company that uses one of the following techniques: hardening (application control), memory prevention (exploit prevention), isolation, activity/behavior monitoring or algorithmic file classification for malware detection are considered “Next-Gen”. Signature Vs. Next-Gen. What does this mean? One of the first methods for detecting malware was a simple case of matching a string of code to a known string that’s bad. This simple form of detection required you to know what you’re looking for. In its simplest form, it’s like learning to read, unfortunately reactive detection means you have to be aware of what you’re looking for first and to combat today’s threats that are not fast enough.
For more information, please write to: info@bulwark.biz
Some would consider signature based attacks ‘dead’, would you say this is accurate? Everybody needs to understand one thing: there’s no endpoint security vendor that’s solely based on signatures anymore. Signatures continue to be a part of many of the endpoint security solutions that have been protecting businesses and consumer for decades, but they have become a very narrow part of the spectrum of available technologies. In ESET’s case, we focus on providing a multilayered approach in which security updates are relevant, but are not the only prevention method. ESET uses cloud-augmented, proactive and intelligent multilayered technology, combining automation and human knowledge based on more than 25 years of threat research experience. As a cyber-security approach, would you consider Next-Gen an evolution or revolution in the security market? To combat the modern threat of today’s malware you have to adapt, just like the criminals who want to infect you in the first place have to change how they do things to beat the detection methods. I would consider “Next-Gen” as a feature rather than a solution. Customers should be aware that many so called “Next-Gen” vendors focus on one of the techniques above: they sell one feature as a full product or a “silver bullet”, leaving a wide space open for possible attack vectors and allowing the possibility of threats going undiscovered. Securing our digital world comprises multiple levels of protection stacked to help keep you safe, as the bad guys evolve then so must we, and ESET has been evolving right from the very start.
“SECURING OUR DIGITAL WORLD COMPRISES MULTIPLE LEVELS OF PROTECTION STACKED TO HELP KEEP YOU SAFE, AS THE BAD GUYS EVOLVE THEN SO MUST WE.”
ESET is often considered a ’traditional’ security vendor as it is longstanding in the AV market, but does that make ESET outdated with 90’s technologies? Absolutely not, ESET is an established force in the combat of malware and our experience makes us formidable in that task. Features identified in the so-called “Next-Gen” vendors such as machine learning, behavior analysis and hardening are part of ESET solutions for many years now. Fighting the cyber criminals is not just about installing a piece of software and crossing your fingers. Experience, knowledge and a clear understanding of what we need to achieve ensure we are one of the best security vendors in the market. • September 2017 • TheShield 25
Events
Mimecast Partner Enablement Day-11th January 2017
Lastline EMEA Partner Technical Training – 9th February 2017
Lastline Defeat Advanced Malware Security Summit – 15th May 2017
Bulwark at GISEC 2017
The Sync with Sophos Series
EnGenius Partner Enablement Day – 26th April 2017
Mercithon : Walk of Mercy – 24th February 2017
26
TheShield • September 201 7 •
Bulwark Iftar – 20th June 2017
For more information, please write to: info@bulwark.biz
For Further Details, please contact us: 710, IT Plaza, Dubai Silicon Oasis, Dubai - UAE | Phone:04 3262722 E-mail : info@bulwark.biz