We’re chuffed to announce that our EnCase® Endpoint Security product was given a five-star rating in this month’s SC Magazine Endpoint Security group product review. Those of us working in security for a few years have known that “endpoint security” doesn’t equal antivirus anymore, and it’s taken a little while for that to be unanimously accepted. We believe this review validates the need for endpoint detection and response to aid perimeter, network and log tools – and is something of a turning point as well.
You can read the full review here, but here are a few of the highlights:
- "A unique forensic approach to endpoint security – effective especially when investigating an incident.”
- “If you are an EnCase shop already, do not hesitate to add this tool to your quiver. If not, give it a close look. It can tell you things about an attack that nothing else can.”
- “Everything is based on the observations of a kernel-level agent at the endpoint. This prevents an attacker or malware from obfuscating its activities.”
- “EnCase Endpoint Security plays very well with others. For example, it can exchange information with such organizations as Splunk, QRadar, FireEye, Palo Alto, Intel Security, Sourcefire and Cisco ThreatGrid. Agents can be managed using Intel Security's McAfee ePolicy Orchestrator.”
Our approach to endpoint security focuses on building upon the foundation security teams have in place today, enhancing productivity of people, processes and technology where it matters the most - detecting and responding to organizational threats.
When used in conjunction with our Inside-Out Security Framework, EnCase Endpoint Security can help you move away from a traditional passive defense strategy that relies heavily on alert-monitor-block scenarios to “protect” your network, and move towards an active defense strategy. An active defense strategy enables security teams to understand the strengths, weaknesses, and use of their networks, then defend it from a position of knowledge. There is a great write-up by Rob Lee on active defense here, and if you're looking for a strategy to help get you there, try this high-level framework.
Have you been living and breathing inside-out security as a team? Have some best practices to share? Let us know in the comments section below.
Mitchell Bezzina is the security product evangelist at Guidance Software.When used in conjunction with our Inside-Out Security Framework, EnCase Endpoint Security can help you move away from a traditional passive defense strategy that relies heavily on alert-monitor-block scenarios to “protect” your network, and move towards an active defense strategy. An active defense strategy enables security teams to understand the strengths, weaknesses, and use of their networks, then defend it from a position of knowledge. There is a great write-up by Rob Lee on active defense here, and if you're looking for a strategy to help get you there, try this high-level framework.
Have you been living and breathing inside-out security as a team? Have some best practices to share? Let us know in the comments section below.
No comments :
Post a Comment