Fighting Ransomware and Malware Attacks with Improved Security and IT Ops--Endpoint Visibility and Management Identified as Key Factors

Share Article

New Ziften Zenith features empower security and IT operations teams in the fight against ransomware attacks

Ziften
With Ziften, once disparate teams can better work together to make sure that deployed network assets, including servers, and user devices are in fact, reliable, safe, and secure.

Ransomware has gone from “on the radar” to a Code 5 level threat since May 2017 with the rise of “ransomworms” snaking through global corporate networks in hundreds of countries. The problem being that nobody knows how the next strain will take shape and IT teams are rarely, if ever properly coordinated to tackle them.

Systems and Security Operations (SysSecOps)

Ziften today is focused on helping enterprise, government, and managed security service providers with a concept called SysSecOps— empowering both IT and Security Operations teams with endpoint visibility and control, security hygiene monitoring, threat detection, and incident response.

Ransomware specifically is an enterprise management challenge that requires improved coordination in securing and managing risk for all connected devices, from the cloud to data center and edge. The size and viral spread of ransomware in the last 90 days show that a new approach is needed.

With Ziften, once disparate teams can better work together to make sure that deployed network assets, including servers, and user devices are in fact, reliable, safe, and secure. Ziften’s security platform, Zenith supports every endpoint connected to the network, from PCs, to virtual machines and servers, and even cloud based VMs.

Futuriom, a leading research firm focused on cyber security, issued a new report concluding that “SysSecOps (systems and security operations) for endpoints is built on a foundation of endpoint visibility, control and integration within a broader security ecosystem.” What does this mean in the context of the next ransomware threat? It can put it down within minutes across the enterprise.

New Ziften Zenith Ransomware Capabilities

Ziften, today announced new ransomware features on its Zenith security platform empowering security and IT operations teams in the fight against ransomware attacks. The new features include:

  • Find Vulnerable Systems: Identification of devices with unpatched application and operating system vulnerabilities known to be the root of ransomware variants.
  • Disable Vulnerable Services: Custom Extensions to automate disabling known vulnerable services on unpatched systems (e.g. Windows SMB service exploited by WannaCry).
  • Patching Vulnerable Systems: Automated patching of systems with vulnerabilities known to be exploited by ransomware attacks.
  • Ransomware Detection: New ransomware behavioral detection techniques including monitoring for quiet volume shadow copy service (VSS) deletions.

Ransomware is only a tiny example of threats enterprises face; insider employees stealing data, applications in the cloud, and mobile devices at home require continuous monitoring.

IT and security teams require technology and process coordination to respond. Ziften brings it all together with a foundational platform providing visibility and control across the entire IT environment – for any asset, anywhere. Any asset means client devices, servers, VMs, and cloud instances.

  • Visibility for Any Asset: Ziften deploys on client devices, data center servers, or in virtual machines (VMs), or containers. Ziften is agnostic to the hypervisor in use. And Ziften works in the enterprise cloud. No matter what cloud environment - AWS, Azure, etc.
  • Visibility Anywhere: Ziften provides visibility of endpoints anywhere. On the network - absolutely. Working remote - definitely. Offline altogether – yes again. In the cloud – no doubt. Ziften provides visibility where your devices operate.

“Today, stovepipe cyber security tools and limited endpoint management just don’t work. They only provide partial, point-in-time data that leaves gaps for IT and security teams to piece together manually. And in the end, this doesn’t happen due to constraints on budget and time,” said Roark Pollock, SVP of Marketing for Ziften. “IT simply can’t keep up with every connected device, investigate all the alerts, or patch every machine, and thus are exposing their organizations to unacceptable risks.”

About Ziften:
Ziften delivers all-the-time visibility and control for any asset, anywhere - client devices, servers, and cloud VMs – whether on-network or remote; connected or not. Our unified systems and security operations (SysSecOps) platform empowers IT and security operations teams to quickly repair user impacting endpoint issues, reduce their overall risk posture, speed security threat response, and increase operations productivity. Ziften’s secure architecture delivers continuous, streaming endpoint monitoring and historical data collection for large and mid-sized enterprises, governments, and managed security service providers (MSSP). And Ziften helps extend the value of incumbent tools, and fill the gaps between fragmented, siloed systems.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Gregory Cross
@rpollock
Follow >
Ziften
Like >
Visit website