{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"_type":"localeString","en":"Vendor","ru":"Производитель"},"role-supplier":{"en":"Supplier","ru":"Поставщик","_type":"localeString"},"products-popover":{"en":"Products","de":"die produkte","ru":"Продукты","_type":"localeString"},"introduction-popover":{"ru":"внедрения","_type":"localeString","en":"introduction"},"partners-popover":{"en":"partners","ru":"партнеры","_type":"localeString"},"update-profile-button":{"_type":"localeString","en":"Update profile","ru":"Обновить профиль"},"read-more-button":{"en":"Show more","ru":"Показать ещё","_type":"localeString"},"hide-button":{"en":"Hide","ru":"Скрыть","_type":"localeString"},"user-implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"categories":{"en":"Categories","ru":"Компетенции","_type":"localeString"},"description":{"ru":"Описание","_type":"localeString","en":"Description"},"role-user":{"_type":"localeString","en":"User","ru":"Пользователь"},"partnership-vendors":{"ru":"Партнерство с производителями","_type":"localeString","en":"Partnership with vendors"},"partnership-suppliers":{"en":"Partnership with suppliers","ru":"Партнерство с поставщиками","_type":"localeString"},"reference-bonus":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus 4 reference"},"partner-status":{"ru":"Статус партнёра","_type":"localeString","en":"Partner status"},"country":{"ru":"Страна","_type":"localeString","en":"Country"},"partner-types":{"_type":"localeString","en":"Partner types","ru":"Типы партнеров"},"branch-popover":{"_type":"localeString","en":"branch","ru":"область деятельности"},"employees-popover":{"_type":"localeString","en":"number of employees","ru":"количество сотрудников"},"partnership-programme":{"ru":"Партнерская программа","_type":"localeString","en":"Partnership program"},"partner-discounts":{"en":"Partner discounts","ru":"Партнерские скидки","_type":"localeString"},"registered-discounts":{"_type":"localeString","en":"Additional benefits for registering a deal","ru":"Дополнительные преимущества за регистрацию сделки"},"additional-advantages":{"en":"Additional Benefits","ru":"Дополнительные преимущества","_type":"localeString"},"additional-requirements":{"_type":"localeString","en":"Partner level requirements","ru":"Требования к уровню партнера"},"certifications":{"ru":"Сертификация технических специалистов","_type":"localeString","en":"Certification of technical specialists"},"sales-plan":{"en":"Annual Sales Plan","ru":"Годовой план продаж","_type":"localeString"},"partners-vendors":{"_type":"localeString","en":"Partners-vendors","ru":"Партнеры-производители"},"partners-suppliers":{"en":"Partners-suppliers","ru":"Партнеры-поставщики","_type":"localeString"},"all-countries":{"en":"All countries","ru":"Все страны","_type":"localeString"},"supplied-products":{"ru":"Поставляемые продукты","_type":"localeString","en":"Supplied products"},"vendored-products":{"en":"Produced products","ru":"Производимые продукты","_type":"localeString"},"vendor-implementations":{"_type":"localeString","en":"Produced deployments","ru":"Производимые внедрения"},"supplier-implementations":{"ru":"Поставляемые внедрения","_type":"localeString","en":"Supplied deployments"},"show-all":{"ru":"Показать все","_type":"localeString","en":"Show all"},"not-yet-converted":{"en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString"},"schedule-event":{"ru":"Pасписание событий","_type":"localeString","en":"Events schedule"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"register":{"en":"Register","ru":"Регистрация ","_type":"localeString"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"auth-message":{"ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString","en":"To view company events please log in or register on the sit."},"company-presentation":{"_type":"localeString","en":"Company presentation","ru":"Презентация компании"}},"header":{"help":{"_type":"localeString","en":"Help","de":"Hilfe","ru":"Помощь"},"how":{"_type":"localeString","en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает"},"login":{"de":"Einloggen","ru":"Вход","_type":"localeString","en":"Log in"},"logout":{"_type":"localeString","en":"Sign out","ru":"Выйти"},"faq":{"ru":"FAQ","_type":"localeString","en":"FAQ","de":"FAQ"},"references":{"de":"References","ru":"Мои запросы","_type":"localeString","en":"Requests"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"_type":"localeString","en":"Bonus for reference","ru":"Бонус за референс"},"business-booster":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"companies":{"_type":"localeString","en":"Companies","ru":"Компании"},"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"for-suppliers":{"_type":"localeString","en":"For suppliers","ru":"Поставщикам"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"ru":"Сделки","_type":"localeString","en":"Deals"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"en":"Register","ru":"Зарегистрироваться","_type":"localeString"},"comparison-deletion":{"ru":"Удаление","_type":"localeString","en":"Deletion"},"comparison-confirm":{"en":"Are you sure you want to delete","ru":"Подтвердите удаление","_type":"localeString"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"ru":"Мои данные","_type":"localeString","en":"My profile"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"sub_it_catalogs":{"en":"Find IT product","_type":"localeString"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"en":"Find and compare IT products","_type":"localeString"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"en":"IT catalogs","_type":"localeString"}},"footer":{"copyright":{"ru":"Все права защищены","_type":"localeString","en":"All rights reserved","de":"Alle rechte vorbehalten"},"company":{"de":"Über die Firma","ru":"О компании","_type":"localeString","en":"My Company"},"about":{"de":"Über uns","ru":"О нас","_type":"localeString","en":"About us"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"en":"Subscriptions","de":"Tarife","ru":"Тарифы","_type":"localeString"},"contact":{"de":"Kontaktiere uns","ru":"Связаться с нами","_type":"localeString","en":"Contact us"},"marketplace":{"ru":"Marketplace","_type":"localeString","en":"Marketplace","de":"Marketplace"},"products":{"de":"Produkte","ru":"Продукты","_type":"localeString","en":"Products"},"compare":{"_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche","ru":"Подобрать и сравнить"},"calculate":{"ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen"},"get_bonus":{"de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"salestools":{"_type":"localeString","en":"Salestools","de":"Salestools","ru":"Salestools"},"automatization":{"en":"Settlement Automation","de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString"},"roi_calcs":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators","de":"ROI-Rechner"},"matrix":{"_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения"},"b4r":{"en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"ru":"Политика конфиденциальности","_type":"localeString","en":"Privacy Policy"},"user_agreement":{"en":"Agreement","ru":"Пользовательское соглашение ","_type":"localeString"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"en":"blog","ru":"блог","_type":"localeString"},"pay4content":{"en":"we pay for content","ru":"платим за контент","_type":"localeString"},"categories":{"_type":"localeString","en":"categories","ru":"категории"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"_type":"localeString","en":"This field is required","ru":"Это поле обязательное"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"_type":"localeString","en":"Subscribe","ru":"Подписаться"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"ru":"Имя Фамилия","_type":"localeString","en":"Last, first name"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"}},"breadcrumbs":{"home":{"_type":"localeString","en":"Home","ru":"Главная"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"registration":{"en":"Registration","ru":"Регистрация","_type":"localeString"},"b2b-platform":{"en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"ru":"Имя","_type":"localeString","en":"First name"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"en":"Position","ru":"Должность","_type":"localeString"},"actual-cost":{"ru":"Фактическая стоимость","_type":"localeString","en":"Actual cost"},"received-roi":{"ru":"Полученный ROI","_type":"localeString","en":"Received ROI"},"saving-type":{"en":"Saving type","ru":"Тип экономии","_type":"localeString"},"comment":{"ru":"Комментарий","_type":"localeString","en":"Comment"},"your-rate":{"ru":"Ваша оценка","_type":"localeString","en":"Your rate"},"i-agree":{"en":"I agree","ru":"Я согласен","_type":"localeString"},"terms-of-use":{"en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString"},"send":{"_type":"localeString","en":"Send","ru":"Отправить"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"en":"Thank you for your understanding","ru":"Спасибо за ваше понимание","_type":"localeString"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"title":{"ru":"ROI4CIO: Компания","_type":"localeString","en":"ROI4CIO: Company"},"meta":[{"content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg","name":"og:image"},{"name":"og:type","content":"website"}],"translatable_meta":[{"translations":{"en":"Company","ru":"Компания","_type":"localeString"},"name":"title"},{"name":"description","translations":{"en":"Company description","ru":"Описание компании","_type":"localeString"}},{"translations":{"ru":"Ключевые слова для компании","_type":"localeString","en":"Company keywords"},"name":"keywords"}]}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"appviewx":{"id":5297,"title":"AppViewX","logoURL":"https://old.roi4cio.com/uploads/roi/company/appviewX.png","alias":"appviewx","address":"","roles":[{"id":2,"type":"supplier"},{"id":3,"type":"vendor"}],"description":" AppViewX is the most advanced certificate management and key lifecycle automation platform. \r\nAppViewX CERT+ product discovers, enrolls, monitors, validates, sends expiry alerts, provisions, remediates, reports and revokes SSL/TLS certificates across enterprises’ network infrastructure thereby protecting enterprise from being exploited by cyber-criminals. \r\nAppViewX is revolutionizing the manner in which NetOps and SecOps teams deliver services to the rest of Enterprise IT. The AppViewX Platform is a modular, low-code software application that enables the automation and orchestration of network infrastructure using an intuitive, context-aware, visual workflow. \r\nLeveraging a vast library of pre-built tasks and workflows, the platform enables Ops teams to quickly and easily translate business requirements into automation workflows that improve agility, enforce compliance, eliminate errors, and reduce cost.\r\nAppViewX helps a significant number of Fortune 500 companies monitor and better their security each day.\r\nSource: https://www.linkedin.com/company/appviewx/about/","companyTypes":["supplier","vendor"],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{"44":{"id":44,"title":"IAM - Identity and Access Management","description":"<span style=\"font-weight: bold; \">Identity management</span> (IdM), also known as <span style=\"font-weight: bold; \">identity and access management</span> (IAM or IdAM), is a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources. IdM systems fall under the overarching umbrellas of IT security and Data Management.\r\nWith an IAM framework in place, information technology (IT) managers can control user access to critical information within their organizations. Identity and access management software offers role-based access control, which lets system administrators regulate access to systems or networks based on the roles of individual users within the enterprise. In this context, access is the ability of an individual user to perform a specific task, such as view, create or modify a file. Roles are defined according to job competency, authority and responsibility within the enterprise.\r\nSystems used for identity and access management include single sign-on systems, multi-factor authentication and privileged access management (PAM). These technologies also provide the ability to securely store identity and profile data as well as data governance functions to ensure that only data that is necessary and relevant is shared. IAM systems can be deployed on premises, provided by a third-party vendor through a cloud-based subscription model or deployed in a hybrid cloud.\r\n<span style=\"font-weight: bold; \">Basic components of IAM.</span> On a fundamental level, IAM encompasses the following components:\r\n<ul><li>How individuals are identified in a system.</li><li>How roles are identified in a system and how they are assigned to individuals.</li><li>Adding, removing and updating individuals and their roles in a system.</li><li>Assigning levels of access to individuals or groups of individuals.</li><li>Protecting the sensitive data within the system and securing the system itself.</li></ul>\r\nAccess identity management system should consist of all the necessary controls and tools to capture and record user login information, manage the enterprise database of user identities and orchestrate the assignment and removal of access privileges. That means that systems used for IAM should provide a centralized directory service with oversight as well as visibility into all aspects of the company user base.\r\nTechnologies for identity access and management should simplify the user provisioning and account setup process. User access management software should reduce the time it takes to complete these processes with a controlled workflow that decreases errors as well as the potential for abuse while allowing automated account fulfillment. An identity and access management system should also allow administrators to instantly view and change access rights.\r\nIAM systems should be used to provide flexibility to establish groups with specific privileges for specific roles so that access rights based on employee job functions can be uniformly assigned. Identity access management software should also provide request and approval processes for modifying privileges because employees with the same title and job location may need customized, or slightly different, access.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between identity and access management?</span></h1>\r\nAfter authentication, there needs to be an access control decision. The decision is based on the information available about the user. The difference between identity management and access management is thus:\r\n<ul><li>Identity Management is about managing the attributes related to the user.</li><li>Access Management is about evaluating the attributes based on policies and making Yes/No decisions.</li></ul>\r\nThere are three types of Access Control Systems: \r\n<ul><li>Discretionary Access Control (DAC)</li><li>Mandatory Access Control (MAC)</li><li>Role-Based Access Control (RBAC)</li></ul>\r\n<h1 class=\"align-center\">What are the main benefits of identity management?</h1>\r\nIdentity access and management are useful in many ways: it ensures regulatory compliance, enables cost savings, and simplifies the lives of your customers by enhancing their experience. These are the main benefits of having an IAM solution:\r\n<ul><li><span style=\"font-weight: bold; \">Easily accessible anywhere</span></li></ul>\r\nNowadays, people need their identities all the time to use services and resources. In that sense, they require access to any platform without limits using their IDs, thus eliminating barriers for customers to enter the platform anytime, anywhere.\r\n<ul><li><span style=\"font-weight: bold; \">It encourages the connection between the different parts</span></li></ul>\r\nThe digital transformation that is taking place among more and more organizations forces the need for people, applications and devices to stay connected to each other. And, as expected, all of these processes bring with them some security threats.\r\nHowever, IAM software is a solution that guarantees correct administration with the best identity providers, such as Salesforce, Twitter and Google. Authentication and security are two of the strengths of Identity and Access Management, as well as being extendable and ready for future advances.&nbsp; \r\n<ul><li><span style=\"font-weight: bold; \">It improves productivity</span></li></ul>\r\nIdentity software automates the entry of new personnel and facilitates access to all components of the system with which the company operates. This allows reducing times in the delivery of access so that they begin to produce immediately. For this reason, business agility is also increased by using the advantages that technology makes available to meet the demands of today’s world. \r\n<ul><li><span style=\"font-weight: bold; \">It optimizes user experience</span></li></ul>\r\nRemembering so many usernames and passwords to access social networks, banks and other services on the Internet becomes a challenge for people. Thanks to user identity management system, people can get an identity that provides access to different systems. Single sign-on (SSO) allows customers and partners to access different internal and external applications with the same access method. That way the user experience will not be affected.\r\n<ul><li><span style=\"font-weight: bold; \">Secure your brand at all levels</span></li></ul>\r\nThere will be no risk of security breach, regardless of whether a connection is made from multiple identity providers. Identity management software and access management software enables strong authentication to keep your business and brand secure. Detailed verification of all identities entering the system is performed, in addition to allowing various licenses to limit access levels. At the same time, it monitors through analysis, fraud detection and alert functions that indicate a possible real risk. In short, enterprise identity management system is a reliable tool that employs technology to support digital transformation. A software that provides agility, security and satisfaction to the company’s customers. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_IAM.png","alias":"iam-identity-and-access-management"},"204":{"id":204,"title":"Managed Detection and Response","description":" MDR, which stands for Managed Detection &amp; Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png","alias":"managed-detection-and-response"},"457":{"id":457,"title":"DDoS Protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png","alias":"ddos-protection"},"481":{"id":481,"title":"WAF-web application firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\">&nbsp;</p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png","alias":"waf-web-application-firewall"},"485":{"id":485,"title":"Web security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png","alias":"web-security"},"489":{"id":489,"title":"Network Security Policy Management","description":" <span style=\"font-weight: bold; \">Network security policy management </span>streamlines security policy design and enforcement. It applies rules and best practices to manage firewalls and other devices more effectively, efficiently, and consistently. Administrators need network security management solutions to get a high level of visibility into network behavior, automate device configuration, enforce global policies, view firewall traffic, generate reports, and provide a single management interface for physical and virtual systems.\r\nSecurity policies govern the integrity and safety of the network. They provide rules for accessing the network, connecting to the Internet, adding or modifying devices or services, and more. However, rules are only effective when they are implemented. Network security management policy helps organizations stay compliant and secure by ensuring that their policies are simplified, consistent, and enforced. It helps reduce manual tasks and human errors by simplifying administration with security policy and workflow tools through a centralized management interface.\r\nNetwork security management can reduce risk across the network and protect data by leveraging the information on threats, network vulnerabilities and their criticality, evaluating potential options to block an attack, and providing intelligence for decision support. Policy administration is improved by unifying common policy tasks within a single interface, automating policy change workflow, including compliance audits and the management of multiple firewall vendors. This simplified and automated security policy management enables IT teams to save time, avoid manual errors, and reduce risk. \r\nThere are the whole network security policy management market with different tools and solutions available. Businesses use them to automate administrative tasks, which can improve accuracy and save time. The solutions can make management processes less tedious and time consuming, and can free up personnel for higher-value projects. These solutions also help IT teams avoid misconfigurations that can cause vulnerabilities in their networks. And if problems arise, network security policy management solutions can ease troubleshooting and remediation. ","materialsDescription":"<h1 class=\"align-center\">Benefits of network security policy management</h1>\r\n<span style=\"font-weight: bold;\">Streamline security policy design and enforcement</span>\r\nA network security policy management solution can help organizations achieve:\r\n<ul><li><span style=\"font-weight: bold;\">Better security.</span> Network security policy management streamlines security policy design and enforcement.</li><li><span style=\"font-weight: bold;\">Ease of use.</span> Network security policy management tools orchestrate policy design and implementation.</li><li><span style=\"font-weight: bold;\">Consistency. </span>Solutions provide templates, model policies, and configurations.</li><li><span style=\"font-weight: bold;\">Time savings.</span> Deployments are faster, and automation helps empower staff to focus on other business priorities.</li><li><span style=\"font-weight: bold;\">Lower costs.</span>&nbsp; Cloud-based solutions scale to thousands of devices, requiring fewer resources and allowing for centralized management.</li></ul>\r\n<span style=\"font-weight: bold;\">Apply best practices to meet challenges in firewall management</span>\r\nOver time, firewalls collect more and more configuration rules and objects. Network security policy management solutions can help combat this bloat and improve security by addressing:\r\n<ul><li><span style=\"font-weight: bold;\">Object auditing.</span> Administrators need to merge and reduce duplicate objects, determine which unused objects should be deleted, and identify inconsistent objects. Network security policy management tools help them achieve a cleaner, more consistent configuration that is less of a nuisance to manage and less vulnerable to attacks.</li><li><span style=\"font-weight: bold;\">Policy inconsistencies.</span> The network security policy management tools locate unused or shadow policies and assist IT to fix possible problems.</li><li><span style=\"font-weight: bold;\">Version control and upgrades.</span> Network security policy management solutions ease these transitions with filters that simplify and automate processes and ensure high availability.</li></ul>\r\n<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Security_Policy_Management.png","alias":"network-security-policy-management"},"834":{"id":834,"title":"IoT - Internet of Things Security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each &quot;thing&quot; is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png","alias":"iot-internet-of-things-security"},"852":{"id":852,"title":"Network security","description":" Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.\r\nNetwork security starts with authentication, commonly with a username and a password. Since this requires just one detail authenticating the user name — i.e., the password—this is sometimes termed one-factor authentication. With two-factor authentication, something the user 'has' is also used (e.g., a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor authentication, something the user 'is' is also used (e.g., a fingerprint or retinal scan).\r\nOnce authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wireshark traffic and may be logged for audit purposes and for later high-level analysis. Newer systems combining unsupervised machine learning with full network traffic analysis can detect active network attackers from malicious insiders or targeted external attackers that have compromised a user machine or account.\r\nCommunication between two hosts using a network may be encrypted to maintain privacy.\r\nHoneypots, essentially decoy network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot. A honeypot can also direct an attacker's attention away from legitimate servers. A honeypot encourages attackers to spend their time and energy on the decoy server while distracting their attention from the data on the real server. Similar to a honeypot, a honeynet is a network set up with intentional vulnerabilities. Its purpose is also to invite attacks so that the attacker's methods can be studied and that information can be used to increase network security. A honeynet typically contains one or more honeypots.","materialsDescription":" <span style=\"font-weight: bold;\">What is Network Security?</span>\r\nNetwork security is any action an organization takes to prevent malicious use or accidental damage to the network’s private data, its users, or their devices. The goal of network security is to keep the network running and safe for all legitimate users.\r\nBecause there are so many ways that a network can be vulnerable, network security involves a broad range of practices. These include:\r\n<ul><li><span style=\"font-weight: bold;\">Deploying active devices:</span> Using software to block malicious programs from entering, or running within, the network. Blocking users from sending or receiving suspicious-looking emails. Blocking unauthorized use of the network. Also, stopping the network's users accessing websites that are known to be dangerous.</li><li><span style=\"font-weight: bold;\">Deploying passive devices:</span> For instance, using devices and software that report unauthorized intrusions into the network, or suspicious activity by authorized users.</li><li><span style=\"font-weight: bold;\">Using preventative devices:</span> Devices that help identify potential security holes, so that network staff can fix them.</li><li><span style=\"font-weight: bold;\">Ensuring users follow safe practices:</span> Even if the software and hardware are set up to be secure, the actions of users can create security holes. Network security staff is responsible for educating members of the organization about how they can stay safe from potential threats.</li></ul>\r\n<span style=\"font-weight: bold;\">Why is Network Security Important?</span>\r\nUnless it’s properly secured, any network is vulnerable to malicious use and accidental damage. Hackers, disgruntled employees, or poor security practices within the organization can leave private data exposed, including trade secrets and customers’ private details.\r\nLosing confidential research, for example, can potentially cost an organization millions of dollars by taking away competitive advantages it paid to gain. While hackers stealing customers’ details and selling them to be used in fraud, it creates negative publicity and public mistrust of the organization.\r\nThe majority of common attacks against networks are designed to gain access to information, by spying on the communications and data of users, rather than to damage the network itself.\r\nBut attackers can do more than steal data. They may be able to damage users’ devices or manipulate systems to gain physical access to facilities. This leaves the organization’s property and members at risk of harm.\r\nCompetent network security procedures keep data secure and block vulnerable systems from outside interference. This allows the network’s users to remain safe and focus on achieving the organization’s goals.\r\n<span style=\"font-weight: bold;\">Why Do I Need Formal Education to Run a Computer Network?</span>\r\nEven the initial setup of security systems can be difficult for those unfamiliar with the field. A comprehensive security system is made of many pieces, each of which needs specialized knowledge.\r\nBeyond setup, each aspect of security is constantly evolving. New technology creates new opportunities for accidental security leaks, while hackers take advantage of holes in security to do damage as soon as they find them. Whoever is in charge of the network’s security needs to be able to understand the technical news and changes as they happen, so they can implement safety strategies right away.\r\nProperly securing your network using the latest information on vulnerabilities helps minimize the risk that attacks will succeed. Security Week reported that 44% of breaches in 2014 came from exploits that were 2-4 years old.\r\nUnfortunately, many of the technical aspects of network security are beyond those who make hiring decisions. So, the best way an organization can be sure that their network security personnel are able to properly manage the threats is to hire staff with the appropriate qualifications.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_security.png","alias":"network-security"},"854":{"id":854,"title":"Security Orchestration and Automation","description":" SOAR (Security Orchestration, Automation and Response) is a solution stack of compatible software programs that allow an organization to collect data about security threats from multiple sources and respond to low-level security events without human assistance. The goal of using a SOAR stack is to improve the efficiency of physical and digital security operations. The term, which was coined by the research firm Gartner, can be applied to compatible products and services that help define, prioritize, standardize and automate incident response functions.\r\nSOAR solutions are gaining visibility and real-world use driven by early adoption to improve security operations centers. Security and risk management leaders should start to evaluate how these solutions can support and optimize their broader security operations capabilities.\r\nSecurity orchestration, automation and response (SOAR) defines as technologies that enable organizations to take inputs from a variety of sources (mostly from security information and event management [SIEM] systems) and apply workflows aligned to processes and procedures. These can be orchestrated via integrations with other technologies and automated to achieve a desired outcome and greater visibility. Additional capabilities include case and incident management features; the ability to manage threat intelligence, dashboards and reporting; and analytics that can be applied across various functions. SOAR tools significantly enhance security operations activities like threat detection and response by providing machine-powered assistance to human analysts to improve the efficiency and consistency of people and processes.\r\nMost SOAR tools are still strongest in their original &quot;home offerings&quot;, which are security incident and response platforms (SIRPs), security orchestration and automation (SOA), and threat intelligence platforms (TIPs). Currently, the most common use case for SOAR by an organization is to define incident analysis and response procedures in a digital workflow format — such as plays in a security operations playbook. Additionally, these tools facilitate the use and operationalization of threat intelligence in security operations, which enhances the ability to predict, prevent, detect and respond to the prevailing threat landscape that a company faces.\r\nTo understand the evolving SOAR market, it is necessary to define the specific terms used — namely, orchestration and automation — in the context of security operations:\r\n<ul><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Aggregation:</span></span> The ability to aggregate/ingest data across sources. This may take the form of alerts, signals or other inputs from other technologies such as an alert from a SIEM tool or an email sent to a group mailbox. Other data that is ingested may include user information from an identity and access management (IAM) tool or threat intelligence from multiple sources.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Enrichment:</span></span> Whether after incident identification or during data collection and processing, SOAR solutions can help integrate external threat intelligence, perform internal contextual lookups or run processes to gather further data according to defined actions.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Orchestration:</span></span> The complexity of combining resources involves coordination of workflows with manual and automated steps, involving many components and affecting information systems and often humans as well.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Automation:</span></span> This concept involves the capability of software and systems to execute functions on their own, typically to affect other information systems and applications.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Response:</span></span> Manual or automated response provides canned resolution to programmatically defined activities. This includes activities from a basic level — ticket creation in an IT service desk application — to more advanced activities like applying some form of response via another security control, like blocking an IP address by changing a firewall rule. This functionality is the most impactful but also applies to the most complex use cases.</li></ul>\r\nBuyers are expressing demand for SOAR for several reasons:\r\n<ul><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Staff shortages:</span></span> Due to staff shortages in security operations, clients describe a growing need to automate repeatable tasks, streamline workflows and orchestrate security tasks resulting in operational scale. For instance, if you have a team, SOAR can give them more reach — but this is not a tool to get instead of a team. Also, organizations need the ability to demonstrate to management the organization’s ability to reduce the impact of inevitable incidents.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Continued evolution of threats and increases in volume:</span></span> As organizations consider threats that destroy data and can result in disclosure of intellectual property and monetary extortion, they require rapid, consistent, continuous and more frequent responses with fewer manual steps.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Improving alert triage quality and speed:</span></span> Security monitoring systems (such as SIEMs) are known to cost a significant amount to run and generate a high number of alerts, including many found to be “false positives” or simply not relevant after additional investigation. Security and risk management leaders then treat alert triage in a very manual way, which is subject to mistakes by the analysts. This leaves real incidents ignored. SOAR helps improve the signal-to-noise ratio by automating the repeatable, mundane aspects of incident investigation. This creates a positive situation where analysts can spend more time investigating and responding to an event instead of spending most of their time collecting all the data required to perform the investigation.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Need for a centralized view of threat intelligence:</span></span> A large number of security controls on the market today benefit from threat intelligence. SOAR tools allow for the centralized collection, aggregation, deduplication, enrichment of existing data with threat intelligence and, importantly, conversion of intelligence into action.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Reducing time to respond, contain and remediate:</span></span> Organizations are dealing with increasingly aggressive threats, such as ransomware, where rapid response of only minutes at best is required in order to stand a chance of containing the threat that is spread laterally in your environment. This scenario forces organizations to reduce the time they take to respond to those incidents, typically by delegating more tasks to machines. Reducing the response time, including incident containment and remediation, is one of the most effective ways to control the impact of security incidents. Like a brush fire, the sooner you can get to it, the smaller it is, and therefore the easier it is to put out.</li><li><span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Reducing unnecessary, routine work for the analysts:</span></span> SOC analysts are often working with multiple tools. They are looking at a stream of row and column SIEM console alerts, threat intelligence (TI) service portals for information about the entities involved, and endpoint detection and response (EDR) for context on what is happening on the affected endpoint. They may even be using workflow tools to control the triage and investigation processes.</li></ul>\r\nThe SOAR market is still an emerging market and it is forecast to grow up to $550 million in the five-year (2018-2023) time frame. Many organizations implement SOAR tools with use cases primarily focused on making their SOC analysts more efficient such that they can process more incidents while having more time to apply human analysis and drive response actions much quicker. Historically, they were not aware of the existence of these types of solutions. There are now more clients aware of SOAR solutions, which is fueling further adoption. This awareness is broadening; even SOAR vendors claim to have less work evangelizing about the technology and more conversations about their capabilities and differentiators. However, improving detection and response activities is just one of several opportunities for the use of SOAR tools to support security operations activities.\r\nSince SOAR is often used as an umbrella term that covers security operations, security incident response and threat intelligence, many vendors are driving their existing solutions in the fight for market leadership.","materialsDescription":" <span style=\"font-weight: bold; \">What is SOAR?</span>\r\nCoined by research company Gartner, Security Orchestration, Automation and Response (SOAR) is a term used to describe the convergence of three distinct technology markets: security orchestration and automation, security incident response platforms (SIRP), and threat intelligence platforms (TIP).\r\nSOAR technologies enable organizations to collect and aggregate vast amounts of security data and alerts from a wide range of sources. This assists human and machine-led analysis, as well as the standardization and automation of threat detection and remediation.\r\n<span style=\"font-weight: bold;\">What are the activities of SOAR?</span>\r\nSOAR supports multiple activities for security operations decision making such as, but not limited to, the following:\r\n<ul><li><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Prioritizing security operations activities:</span></span> Use of a SOAR solution requires organizations to consider questions about their processes. Which are most critical? Which ones consume the most staff time and resources? Which ones would benefit from automation? Where do we have gaps in our documented procedures? The preparation and planning for SOAR, and its ongoing use, help organizations prioritize and manage where orchestration and automation should be applied and where it can help improve response. This response can then lead to improvements in security operations and showing a demonstrable impact on business operations (e.g., faster time to detect and respond to threats that could impact business operations and optimization of security operations staff and budget).</li><li><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Formalizing triage and incident response:</span></span> Security operations teams must be consistent in their responses to incident and threats. They must also follow best practices, provide an audit trail and be measurable against business objectives.</li><li><span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Automating response:</span></span> Speed is of the essence in today’s threat landscape. Attacks are increasing in speed (e.g., ransomware is now being automated to spread with worm functionality), but security operations are not automated. Having the ability to automate response action offers SOC teams the ability to quickly isolate/contain security incidents. Some responses can be fully automated, but at this time many SOAR users still inject a human to make the final decision. However, even this reduces the mean time to respond for the organization compared to being fully dependent on “human power.”</li></ul>\r\n<span style=\"font-weight: bold;\">SOAR Recommendations</span>\r\nSecurity and risk management leaders overseeing security operations should:\r\n<ul><li>Prepare for their SOAR implementations by having a starting set of defined processes and workflows that can be implemented. Out-of-the-box plays and integrations are a starting point but can rarely be implemented without some customizations.</li><li>Plan for the implementation and the ongoing operation and administration of SOAR tools by using a mix of professional services and internal resources.</li><li>Put a contingency plan in place in the event the SOAR tool is acquired by another vendor. Acquisitions are occurring with some frequency as the market evolves. Buyers should be prepared.</li></ul>\r\n<span style=\"font-weight: bold;\">Key Findings</span>\r\n<ul><li>The SOAR technology market aims to converge security orchestration and automation (SOA), security incident response (SIR) and threat intelligence platform (TIP) capabilities into single solutions.</li><li>Early adopters of SOAR technologies have been organizations and managed security service providers with mature security operations centers (SOCs) that understood the benefits of incorporating SOAR capabilities into their operations. However, use cases implemented by early adopters have not evolved over the last 12 months and are stuck in a rut, limiting the long-term potential for SOAR in security operations.</li><li>SOAR solutions are not “plug-and-play.” Even though solutions have a library of out-of-the-box use cases and integrations, buyers are reporting multiweek professional services engagements to implement their initial use cases, as every organization’s processes and technologies deployed are different.</li><li>Orchestration and automation are starting to be localized in point security technologies, usually in the form of predefined, automated workflows. This is not the same as a full-featured SOAR solution.<br /></li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/automation-engineering-management-computer-icons.png","alias":"security-orchestration-and-automation"}},"branches":"Information Technology","companySizes":"101 to 500 Employees","companyUrl":"https://www.appviewx.com","countryCodes":["CAN","GBR","IND","USA"],"certifications":[],"isSeller":true,"isSupplier":true,"isVendor":true,"presenterCodeLng":"","seo":{"title":"AppViewX","keywords":"","description":" AppViewX is the most advanced certificate management and key lifecycle automation platform. \r\nAppViewX CERT+ product discovers, enrolls, monitors, validates, sends expiry alerts, provisions, remediates, reports and revokes SSL/TLS certificates across enterpri","og:title":"AppViewX","og:description":" AppViewX is the most advanced certificate management and key lifecycle automation platform. \r\nAppViewX CERT+ product discovers, enrolls, monitors, validates, sends expiry alerts, provisions, remediates, reports and revokes SSL/TLS certificates across enterpri","og:image":"https://old.roi4cio.com/uploads/roi/company/appviewX.png"},"eventUrl":"","vendorPartners":[],"supplierPartners":[],"vendoredProducts":[],"suppliedProducts":[],"partnershipProgramme":null}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}