T.E.N. Knowledge Base

ISE® North America 2017

On the Radar: Attivo Networks offers deception, vulnerability assessment, and response automation  > Download Whitepaper
Attivo Networks develops technology for threat deception, with products for network and endpoint, as well as threat visibility/vulnerability assessment and incident response. Its deception capability works across a company's user network, data center, cloud infrastructure, remote office/branch office (ROBO), industrial control systems (ICS), Internet of Things (IoT), and point-of-sales (POS) networks. Decoys can be made to look like a wide variety of targets, including a human-machine interface (HMI) device in operational technology (OT), an IoT node, or a POS terminal.

The number and variety of apps that are being adopted by organizations—from on-premises apps, cloud-based apps, to mobile apps — is rapidly increasing. While IT continues to deliver new and varying apps, lines of business and even individuals are now also adopting apps independently of IT at an astonishing rate. As a result, employees typically need to authenticate with a dizzying array of systems, from a variety of PC and mobile devices, with each app representing another silo of identity for IT to manage. Identity-as-a-Service (IDaaS) is an emerging solution category for managing and simplifying access to apps, but there are a number of feature, architecture and maturity considerations when selecting an IDaaS. This paper will discuss six of the top considerations.

Security Analytics and More: Putting Together an Effective Incident Response Plan  > Download Whitepaper
In this white paper, IT and security team members will learn about the necessary components of an effective incident response plan:

  • Understanding why current incident response plans are failing
  • Putting together the right incident response team
  • Developing successful response procedures
  • Selecting appropriate security technologies
  • Dramatically improving incident response and forensics with NetFlow and security analytics

Stop the Cybersecurity Guessing Game  > Download Whitepaper
The great contradiction in cybersecurity today is that the more enterprises spend on their security and risk controls, the less sure they are that it will all work as advertised.

Year after year, organizations invest more and more into detection systems, response systems, event management systems, rewalls, secure web gateways, and more. According to Gartner, the cybersecurity industry will break another record in 2017 for spending—analysts predict organizations worldwide will shell out $90 billion.

Enterprise Phishing Susceptibility and Resiliency Report  > Download Whitepaper
Welcome to PhishMe’s 2016 Enterprise Phishing Susceptibility and Resiliency report. The report we published in 2015 focused solely on susceptibility, only telling half of the story. Now, with over 5 million active installations of PhishMe ReporterTM across the globe, we can publish statistically significant metrics about the rate and accuracy of humans reporting phishing emails. We are excited to share this data as it has been missing from phishing studies in the past. Armed with this new data, we hope that security organizations focus their attention on the ratio of Report-To-Click instead of dwelling on susceptibility metrics.

Cloud-Based IT Asset Inventory: A SOLID FOUNDATION FOR INFOSEC INFRASTRUCTURE  > Download Whitepaper
Complete, unobstructed visibility of your IT environment is the foundation for e ective cybersecurity. Without a full, detailed inventory of all your IT assets, your InfoSec team won’t be able to properly protect your organization because the things that pose the highest risk are the ones that you don’t know are there.

For a long time, this basic requirement was fairly simple to ful ll. Network perimeters were well-de ned and IT environments were tightly encapsulated. Accounting for and monitoring all the hardware, software and networking elements in these self-contained and sealed IT environments was straightforward.

Leveraging the Cloud to Achieve Comprehensive Asset Visibility, Tracking, and Security  > Download Whitepaper
As more organizations embrace public cloud, mobile, and DevOps, the fundamental concept of an asset changes and significantly impacts how security teams interact with their colleagues and do their jobs. The traditional approach of scanning a network is no longer effective because the flux of assets prohibits security teams from gaining an accurate snapshot of their environment. By leveraging the cloud and new technologies that deliver greater visibility, organizations can gain an accurate picture of their assets and overall risk posture. This is a critical step toward addressing the current landscape where attackers are using a wide variety of vectors such as mobile, social, and cloud-based attacks to infiltrate organizations and steal data. This Technology Spotlight examines the evolution of vulnerability management and the need for organizations to achieve greater visibility into all of their assets and vulnerabilities, including new asset types such as containers. This paper also details the advantages provided by cloud-based vulnerability management as exemplified by Tenable.io, an approach that enables end users to leverage the elastic and scalable nature of the cloud to monitor changing corporate assets.