{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"role-supplier":{"ru":"Поставщик","_type":"localeString","en":"Supplier"},"products-popover":{"en":"Products","de":"die produkte","ru":"Продукты","_type":"localeString"},"introduction-popover":{"ru":"внедрения","_type":"localeString","en":"introduction"},"partners-popover":{"_type":"localeString","en":"partners","ru":"партнеры"},"update-profile-button":{"en":"Update profile","ru":"Обновить профиль","_type":"localeString"},"read-more-button":{"ru":"Показать ещё","_type":"localeString","en":"Show more"},"hide-button":{"_type":"localeString","en":"Hide","ru":"Скрыть"},"user-implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"categories":{"ru":"Компетенции","_type":"localeString","en":"Categories"},"description":{"ru":"Описание","_type":"localeString","en":"Description"},"role-user":{"en":"User","ru":"Пользователь","_type":"localeString"},"partnership-vendors":{"en":"Partnership with vendors","ru":"Партнерство с производителями","_type":"localeString"},"partnership-suppliers":{"ru":"Партнерство с поставщиками","_type":"localeString","en":"Partnership with suppliers"},"reference-bonus":{"_type":"localeString","en":"Bonus 4 reference","ru":"Бонус за референс"},"partner-status":{"_type":"localeString","en":"Partner status","ru":"Статус партнёра"},"country":{"ru":"Страна","_type":"localeString","en":"Country"},"partner-types":{"en":"Partner types","ru":"Типы партнеров","_type":"localeString"},"branch-popover":{"ru":"область деятельности","_type":"localeString","en":"branch"},"employees-popover":{"ru":"количество сотрудников","_type":"localeString","en":"number of employees"},"partnership-programme":{"_type":"localeString","en":"Partnership program","ru":"Партнерская программа"},"partner-discounts":{"_type":"localeString","en":"Partner discounts","ru":"Партнерские скидки"},"registered-discounts":{"ru":"Дополнительные преимущества за регистрацию сделки","_type":"localeString","en":"Additional benefits for registering a deal"},"additional-advantages":{"_type":"localeString","en":"Additional Benefits","ru":"Дополнительные преимущества"},"additional-requirements":{"en":"Partner level requirements","ru":"Требования к уровню партнера","_type":"localeString"},"certifications":{"ru":"Сертификация технических специалистов","_type":"localeString","en":"Certification of technical specialists"},"sales-plan":{"ru":"Годовой план продаж","_type":"localeString","en":"Annual Sales Plan"},"partners-vendors":{"ru":"Партнеры-производители","_type":"localeString","en":"Partners-vendors"},"partners-suppliers":{"ru":"Партнеры-поставщики","_type":"localeString","en":"Partners-suppliers"},"all-countries":{"ru":"Все страны","_type":"localeString","en":"All countries"},"supplied-products":{"ru":"Поставляемые продукты","_type":"localeString","en":"Supplied products"},"vendored-products":{"ru":"Производимые продукты","_type":"localeString","en":"Produced products"},"vendor-implementations":{"ru":"Производимые внедрения","_type":"localeString","en":"Produced deployments"},"supplier-implementations":{"ru":"Поставляемые внедрения","_type":"localeString","en":"Supplied deployments"},"show-all":{"ru":"Показать все","_type":"localeString","en":"Show all"},"not-yet-converted":{"_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время."},"schedule-event":{"ru":"Pасписание событий","_type":"localeString","en":"Events schedule"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"register":{"ru":"Регистрация ","_type":"localeString","en":"Register"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"auth-message":{"_type":"localeString","en":"To view company events please log in or register on the sit.","ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт."},"company-presentation":{"_type":"localeString","en":"Company presentation","ru":"Презентация компании"}},"header":{"help":{"en":"Help","de":"Hilfe","ru":"Помощь","_type":"localeString"},"how":{"en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString"},"login":{"en":"Log in","de":"Einloggen","ru":"Вход","_type":"localeString"},"logout":{"en":"Sign out","ru":"Выйти","_type":"localeString"},"faq":{"de":"FAQ","ru":"FAQ","_type":"localeString","en":"FAQ"},"references":{"en":"Requests","de":"References","ru":"Мои запросы","_type":"localeString"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"autoconfigurator":{"_type":"localeString","en":" Price calculator","ru":"Калькулятор цены"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"catalogs":{"_type":"localeString","en":"Catalogs","ru":"Каталоги"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"_type":"localeString","en":"Categories","ru":"Категории"},"for-suppliers":{"en":"For suppliers","ru":"Поставщикам","_type":"localeString"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"ru":"Сделки","_type":"localeString","en":"Deals"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"_type":"localeString","en":"Register","ru":"Зарегистрироваться"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"_type":"localeString","en":"Are you sure you want to delete","ru":"Подтвердите удаление"},"search-placeholder":{"en":"Enter your search term","ru":"Введите поисковый запрос","_type":"localeString"},"my-profile":{"ru":"Мои данные","_type":"localeString","en":"My profile"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"en":"Products","_type":"localeString"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"en":"Find and compare IT products","_type":"localeString"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"en":"IT catalogs","_type":"localeString"}},"footer":{"copyright":{"_type":"localeString","en":"All rights reserved","de":"Alle rechte vorbehalten","ru":"Все права защищены"},"company":{"en":"My Company","de":"Über die Firma","ru":"О компании","_type":"localeString"},"about":{"ru":"О нас","_type":"localeString","en":"About us","de":"Über uns"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"_type":"localeString","en":"Subscriptions","de":"Tarife","ru":"Тарифы"},"contact":{"en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами","_type":"localeString"},"marketplace":{"de":"Marketplace","ru":"Marketplace","_type":"localeString","en":"Marketplace"},"products":{"_type":"localeString","en":"Products","de":"Produkte","ru":"Продукты"},"compare":{"ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche"},"calculate":{"_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen","ru":"Расчитать стоимость"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"en":"Salestools","de":"Salestools","ru":"Salestools","_type":"localeString"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix"},"b4r":{"en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString"},"our_social":{"ru":"Наши социальные сети","_type":"localeString","en":"Our social networks","de":"Unsere sozialen Netzwerke"},"subscribe":{"en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"_type":"localeString","en":"Privacy Policy","ru":"Политика конфиденциальности"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"en":"Price calculator","ru":"Калькулятор цены","_type":"localeString"},"boosting":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"4vendors":{"en":"4 vendors","ru":"поставщикам","_type":"localeString"},"blog":{"en":"blog","ru":"блог","_type":"localeString"},"pay4content":{"en":"we pay for content","ru":"платим за контент","_type":"localeString"},"categories":{"ru":"категории","_type":"localeString","en":"categories"},"showForm":{"_type":"localeString","en":"Show form","ru":"Показать форму"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"en":"Name","ru":"Имя","_type":"localeString"},"subscribe__required-message":{"_type":"localeString","en":"This field is required","ru":"Это поле обязательное"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data","ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"_type":"localeString","en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"ru":"Имя Фамилия","_type":"localeString","en":"Last, first name"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"de":"roi4presenter","ru":"roi4presenter","_type":"localeString","en":"Roi4Presenter"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"}},"breadcrumbs":{"home":{"en":"Home","ru":"Главная","_type":"localeString"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"_type":"localeString","en":"First name","ru":"Имя"},"lastname":{"en":"Last name","ru":"Фамилия","_type":"localeString"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"en":"Position","ru":"Должность","_type":"localeString"},"actual-cost":{"en":"Actual cost","ru":"Фактическая стоимость","_type":"localeString"},"received-roi":{"_type":"localeString","en":"Received ROI","ru":"Полученный ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"en":"Comment","ru":"Комментарий","_type":"localeString"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString"},"send":{"en":"Send","ru":"Отправить","_type":"localeString"},"required-message":{"en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле","_type":"localeString"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"ru":"Спасибо за ваше понимание","_type":"localeString","en":"Thank you for your understanding"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"name":"og:type","content":"website"}],"translatable_meta":[{"translations":{"ru":"Компания","_type":"localeString","en":"Company"},"name":"title"},{"name":"description","translations":{"_type":"localeString","en":"Company description","ru":"Описание компании"}},{"name":"keywords","translations":{"ru":"Ключевые слова для компании","_type":"localeString","en":"Company keywords"}}],"title":{"en":"ROI4CIO: Company","ru":"ROI4CIO: Компания","_type":"localeString"}}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"cspi":{"id":5651,"title":"CSPi","logoURL":"https://old.roi4cio.com/uploads/roi/company/CSPi.png","alias":"cspi","address":"","roles":[{"id":2,"type":"supplier"},{"id":3,"type":"vendor"}],"description":" <span style=\"font-weight: bold; \">CSPi</span> (NASDAQ: CSPI) is committed to helping customers’ meet some of computing’s most demanding performance, availability, and security challenges. <br />As an industry leading provider of both hardware and service solutions, <span style=\"font-weight: bold; \">CSPi </span>exhibits two main centers of excellence. <br /><span style=\"font-weight: bold; \">High Performance Products </span>division produces Myricom ARC Series network adapters that are paramount to financial trading, video and multimedia production, and packet capture. \r\n<span style=\"font-weight: bold; \">The Technology Solutions</span> sector has two primary focuses that excel in providing customers with the services they need to better manage and secure infrastructure. <br /><span style=\"font-weight: bold; \">The IT Professional Services </span>component is comprised of <span style=\"font-weight: bold; \">Vital IT Managed Services</span> that provide superior 24/7 monitoring and expertise. <br />The security branch of the Technology Solutions division prides itself in its <span style=\"font-weight: bold; \">Hired Hacker</span> specialized testing used to identify and mitigate security risk. As an industry leader of high performing products and a wide range of trusted services, CSPi enables high caliber, exceptional IT systems. <br />Source: https://www.linkedin.com/company/csp-inc/about/","companyTypes":["supplier","vendor"],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{"5":{"id":5,"title":"Security Software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement&nbsp; security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png","alias":"security-software"},"40":{"id":40,"title":"Endpoint security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices).&nbsp; The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png","alias":"endpoint-security"},"43":{"id":43,"title":"Data Encryption","description":"<span style=\"font-weight: bold;\">Data encryption</span> translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext. Currently, encryption is one of the most popular and effective data security methods used by organizations. \r\nTwo main types of data encryption exist - <span style=\"font-weight: bold;\">asymmetric encryption</span>, also known as public-key encryption, and <span style=\"font-weight: bold;\">symmetric encryption</span>.<br />The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks. The outdated data encryption standard (DES) has been replaced by modern encryption algorithms that play a critical role in the security of IT systems and communications.\r\nThese algorithms provide confidentiality and drive key security initiatives including authentication, integrity, and non-repudiation. Authentication allows for the verification of a message’s origin, and integrity provides proof that a message’s contents have not changed since it was sent. Additionally, non-repudiation ensures that a message sender cannot deny sending the message.\r\nData protection software for data encryption can provide encryption of devices, email, and data itself. In many cases, these encryption functionalities are also met with control capabilities for devices, email, and data. \r\nCompanies and organizations face the challenge of protecting data and preventing data loss as employees use external devices, removable media, and web applications more often as a part of their daily business procedures. Sensitive data may no longer be under the company’s control and protection as employees copy data to removable devices or upload it to the cloud. As a result, the best data loss prevention solutions prevent data theft and the introduction of malware from removable and external devices as well as web and cloud applications. In order to do so, they must also ensure that devices and applications are used properly and that data is secured by auto-encryption even after it leaves the organization.\r\nEncryption software program encrypts data or files by working with one or more encryption algorithms. Security personnel use it to protect data from being viewed by unauthorized users.\r\nTypically, each data packet or file encrypted via data encryption programs requires a key to be decrypted to its original form. This key is generated by the software itself and shared between the data/file sender and receiver. Thus, even if the encrypted data is extracted or compromised, its original content cannot be retrieved without the encryption key. File encryption, email encryption, disk encryption and network encryption are widely used types of data encryption software.<br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is Encryption software?</span></h1>\r\nEncryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over the Internet.There are many software products which provide encryption. Software encryption uses a cipher to obscure the content into ciphertext. One way to classify this type of software is by the type of cipher used. Ciphers can be divided into two categories: <span style=\"font-weight: bold;\">public key ciphers</span> (also known as asymmetric ciphers), and <span style=\"font-weight: bold;\">symmetric key ciphers</span>. Encryption software can be based on either public key or symmetric key encryption.\r\nAnother way to classify crypto software is to categorize its purpose. Using this approach, software encryption may be classified into software which encrypts &quot;<span style=\"font-weight: bold;\">data in transit</span>&quot; and software which encrypts &quot;<span style=\"font-weight: bold;\">data at rest</span>&quot;. Data in transit generally uses public key ciphers, and data at rest generally uses symmetric key ciphers.\r\nSymmetric key ciphers can be further divided into stream ciphers and block ciphers. Stream ciphers typically encrypt plaintext a bit or byte at a time, and are most commonly used to encrypt real-time communications, such as audio and video information. The key is used to establish the initial state of a keystream generator, and the output of that generator is used to encrypt the plaintext. Block cipher algorithms split the plaintext into fixed-size blocks and encrypt one block at a time. For example, AES processes 16-byte blocks, while its predecessor DES encrypted blocks of eight bytes.<br />There is also a well-known case where PKI is used for data in transit of data at rest.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">How Data Encryption is used?</span></h1>\r\nThe purpose of data encryption is to deter malicious or negligent parties from accessing sensitive data. An important line of defense in a cybersecurity architecture, encryption makes using intercepted data as difficult as possible. It can be applied to all kinds of data protection needs ranging from classified government intel to personal credit card transactions. Data encryption software, also known as an encryption algorithm or cipher, is used to develop an encryption scheme which theoretically can only be broken with large amounts of computing power.\r\nEncryption is an incredibly important tool for keeping your data safe. When your files are encrypted, they are completely unreadable without the correct encryption key.&nbsp; If someone steals your encrypted files, they won’t be able to do anything with them.\r\nThere different types of encryption: hardware and software. Both offer different advantages. So, what are these methods and why do they matter?\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Software Encryption</span></h1>\r\n<p class=\"align-left\">As the name implies, software encryption uses features of encryption software to encrypt your data. Cryptosoft typically relies on a password; give the right password, and your files will be decrypted, otherwise they remain locked. With encryption enabled, it is passed through a special algorithm that scrambles your data as it is written to disk. The same software then unscrambles data as it is read from the disk for an authenticated user.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Crypto programs is typically quite cheap to implement, making it very popular with developers. In addition, software-based encryption routines do not require any additional hardware.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Types of encryption software is only as secure as the rest of your computer or smartphone. If a hacker can crack your password, the encryption is immediately undone.<br />Software encryption tools also share the processing resources of your computer, which can cause the entire machine to slow down as data is encrypted/decrypted. You will also find that opening and closing encrypted files is much slower than normal because the process is relatively resource intensive, particularly for higher levels of encryption</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Hardware encryption</span></h1>\r\n<p class=\"align-left\">At the heart of hardware encryption is a separate processor dedicated to the task of authentication and encryption. Hardware encryption is increasingly common on mobile devices. <br />The encryption protection technology still relies on a special key to encrypt and decrypt data, but this is randomly generated by the encryption processor. Often times, hardware encryption devices replace traditional passwords with biometric logons (like fingerprints) or a PIN number that is entered on an attached keypad<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Hardware offers strong encryption, safer than software solutions because the encryption process is separate from the rest of the machine. This makes it much harder to intercept or break. </p>\r\n<p class=\"align-left\">The use of a dedicated processor also relieves the burden on the rest of your device, making the encryption and decryption process much faster.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Typically, hardware-based encrypted storage is much more expensive than a software encryption tools. <br />If the hardware decryption processor fails, it becomes extremely hard to access your information.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">The Data Recovery Challenge. </span>Encrypted data is a challenge to recover. Even by recovering the raw sectors from a failed drive, it is still encrypted, which means it is still unreadable. </p>\r\n<p class=\"align-left\">Hardware encrypted devices don’t typically have these additional recovery options. Many have a design to prevent decryption in the event of a component failure, stopping hackers from disassembling them. The fastest and most effective way to deal with data loss on an encrypted device is to ensure you have a complete backup stored somewhere safe. For your PC, this may mean copying data to another encrypted device. For other devices, like your smartphone, backing up to the Cloud provides a quick and simple economy copy that you can restore from. As an added bonus, most Cloud services now encrypt their users’ data too. <br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Encryption.png","alias":"data-encryption"},"52":{"id":52,"title":"SaaS - software as a service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as &quot;on-demand software&quot;, and was formerly referred to as &quot;software plus services&quot; by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term &quot;Software as a Service&quot; (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure.&nbsp; While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies.&nbsp; Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\">&nbsp;</p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png","alias":"saas-software-as-a-service"},"79":{"id":79,"title":"VM - Vulnerability management","description":"Vulnerability management is the &quot;cyclical practice of identifying, classifying, prioritizing, remediating and mitigating&quot; software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be confused with a Vulnerability assessment.\r\nVulnerability management is an ongoing process that includes proactive asset discovery, continuous monitoring, mitigation, remediation and defense tactics to protect your organization's modern IT attack surface from Cyber Exposure.\r\nVulnerabilities can be discovered with a vulnerability scanner, which analyzes a computer system in search of known vulnerabilities, such as open ports, insecure software configurations, and susceptibility to malware infections. They may also be identified by consulting public sources, such as NVD, or subscribing to a commercial vulnerability alerting services. Unknown vulnerabilities, such as a zero-day, may be found with fuzz testing, which can identify certain kinds of vulnerabilities, such as a buffer overflow with relevant test cases. Such analysis can be facilitated by test automation. In addition, antivirus software capable of heuristic analysis may discover undocumented malware if it finds software behaving suspiciously (such as attempting to overwrite a system file).\r\nCorrecting vulnerabilities may variously involve the installation of a patch, a change in network security policy, reconfiguration of software, or educating users about social engineering.\r\nNetwork vulnerabilities represent security gaps that could be abused by attackers to damage network assets, trigger a denial of service, and/or steal potentially sensitive information. Attackers are constantly looking for new vulnerabilities to exploit — and taking advantage of old vulnerabilities that may have gone unpatched.\r\nHaving a vulnerability management framework in place that regularly checks for new vulnerabilities is crucial for preventing cybersecurity breaches. Without a vulnerability testing and patch management system, old security gaps may be left on the network for extended periods of time. This gives attackers more of an opportunity to exploit vulnerabilities and carry out their attacks.\r\nOne statistic that highlights how crucial vulnerability management was featured in an Infosecurity Magazine article. According to survey data cited in the article, of the organizations that “suffered a breach, almost 60% were due to an unpatched vulnerability.” In other words, nearly 60% of the data breaches suffered by survey respondents could have been easily prevented simply by having a vulnerability management plan that would apply critical patches before attackers leveraged the vulnerability.","materialsDescription":" <span style=\"font-weight: bold;\">What is vulnerability management?</span>\r\nVulnerability management is a pro-active approach to managing network security by reducing the likelihood that flaws in code or design compromise the security of an endpoint or network.\r\n<span style=\"font-weight: bold;\">What processes does vulnerability management include?</span>\r\nVulnerability management processes include:\r\n<ul><li><span style=\"font-style: italic;\">Checking for vulnerabilities:</span> This process should include regular network scanning, firewall logging, penetration testing or use of an automated tool like a vulnerability scanner.</li><li><span style=\"font-style: italic;\">Identifying vulnerabilities:</span> This involves analyzing network scans and pen test results, firewall logs or vulnerability scan results to find anomalies that suggest a malware attack or other malicious event has taken advantage of a security vulnerability, or could possibly do so.</li><li><span style=\"font-style: italic;\">Verifying vulnerabilities:</span> This process includes ascertaining whether the identified vulnerabilities could actually be exploited on servers, applications, networks or other systems. This also includes classifying the severity of a vulnerability and the level of risk it presents to the organization.</li><li><span style=\"font-style: italic;\">Mitigating vulnerabilities:</span> This is the process of figuring out how to prevent vulnerabilities from being exploited before a patch is available, or in the event that there is no patch. It can involve taking the affected part of the system off-line (if it's non-critical), or various other workarounds.</li><li><span style=\"font-style: italic;\">Patching vulnerabilities:</span> This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VM_-_Vulnerability_management1.png","alias":"vm-vulnerability-management"},"204":{"id":204,"title":"Managed Detection and Response","description":" MDR, which stands for Managed Detection &amp; Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png","alias":"managed-detection-and-response"},"445":{"id":445,"title":"Penetration Testing","description":" A <span style=\"font-weight: bold; \">penetration test</span>, colloquially known as a pen test, <span style=\"font-weight: bold; \">pentest </span>or <span style=\"font-weight: bold; \">ethical hacking</span>, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system.\r\nStandard penetration test is performed to identify both weaknesses (also referred to as <span style=\"font-weight: bold; \">vulnerabilities</span>), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed. \r\nThe main objective of system penetration testing is to identify security weaknesses. Vulnerability testing can also be used to test an organization's security policy, its adherence to compliance requirements, its employees' security awareness and the organization's ability to identify and respond to security incidents.\r\nTypically,<span style=\"font-size:11pt; font-family:Arial; font-style:normal; \">professional penetration testing</span>provides information about security weaknesses that are identified or exploited through pen testing is aggregated and provided to the organization's IT and network system managers, enabling them to make strategic decisions and prioritize remediation efforts. \r\nA wide variety of <span style=\"font-weight: bold; \">software security testing tools </span>are available to assist with penetration testing, including free-of-charge, free software, and commercial software. Penetration tools scan code in order to identity malicious code in applications that could result in a security breach. Pen testing tools examine data encryption techniques and can identify hard-coded values, such as usernames and passwords, to verify security vulnerabilities in the system.\r\n&nbsp;Important aspect of any penetration testing program is defining the scope within which the pen testers must operate. Usually, the scope defines what systems, locations, techniques and tools can be used in a penetration test. Limiting the scope of the penetration test helps focus team members - and defenders - on the systems over which the organization has control.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Here are several of the main vulnerability penetration testing approaches:</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Targeted testing</span> is performed by the organization's IT team and the penetration testing team working together. It's sometimes referred to as a &quot;lights turned on&quot; approach because everyone can see the test being carried out.</li><li><span style=\"font-weight: bold;\">External testing</span> targets a company's externally visible servers or devices including domain name servers, email servers, web servers or firewalls. The<span style=\"font-size:11pt; font-family:Arial; font-style:normal; \">objective of penetration testing</span>is to find out if an outside attacker can get in and how far they can get in once they've gained access.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Internal testing</span> mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could cause.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Blind testing simulates</span> the actions and procedures of a real attacker by severely limiting the information given to the person or team performing the test beforehand. Typically, the pen testers may only be given the name of the company.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Double-blind testing</span> takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is being conducted. Double-blind tests can be useful for testing an organization's security monitoring and incident identification as well as its response procedures.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Black box</span> testing is basically the same as blind testing, but the tester receives no information before the test takes place. Rather, the pen testers must find their own way into the system.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">White box</span> testing provides the penetration testers information about the target network before they start their work. This information can include such details as IP addresses, network infrastructure schematics and the protocols used plus the source code.</li></ul>","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal;\">What Is Penetration Testing?</span></h1>\r\nThere is a considerable amount of confusion in the industry regarding the differences between vulnerability assessment and penetration testing tool,as the two phrases are commonly interchanged. However, their meaning and implications are very different. A <span style=\"font-weight: bold; \">vulnerability assessment </span>simply identifies and reports noted vulnerabilities, whereas a pentest attempts to exploit the vulnerabilities to determine whether unauthorized access or other malicious activity is possible.<span style=\"font-weight: bold; \"> Penetration testing</span> typically includes network penetration testing and web application security testing as well as controls and processes around the networks and applications, and should occur from both outside the network trying to come in (external testing) and from inside the network.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is a pentesting tool ?</span></h1>\r\n<p class=\"align-left\">Penetration tools are used as part testing to automate certain tasks, improve testing efficiency and discover issues that might be difficult to find using manual analysis techniques alone. Two common penetration testing tools are <span style=\"font-weight: bold; \">static analysis </span>tools and <span style=\"font-weight: bold; \">dynamic analysis</span> tools. Tools for attack include software designed to produce <span style=\"font-weight: bold; \">brute-force attacks</span> or <span style=\"font-weight: bold; \">SQL injections</span>. There is also hardware specifically designed for pen testing, such as small inconspicuous boxes that can be plugged into a computer on the network to provide the hacker with remote access to that network. In addition, an ethical hacker may use social engineering techniques to find vulnerabilities. For example, sending phishing emails to company employees, or even disguising themselves as delivery people to gain physical access to the building.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the benefits of penetration testing?</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Manage the Risk Properly. </span>For many organizations, one of the most popular benefits of pen testing services is that they will give you a baseline to work upon to cure the risk in a structured and optimal way. It will show you the list of vulnerabilities in the target environment and the risks associated with it.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Increase Business Continuity.</span> Business continuity is the prime concern for any successful organization. A break in the business continuity can happen for many reasons. Lack of security loopholes is one of them. Insecure systems suffer more breaches in their availability than the secured ones. Today attackers are hired by other organizations to stop the continuity of business by exploiting the vulnerabilities to gain the access and to produce a denial of service condition which usually crashes the vulnerable service and breaks the server availability.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Protect Clients, Partners, and Third Parties.</span> A security breach can affect not only the target organization but also their associated clients, partners and third parties working with it. However, if company schedules a penetration test regularly and takes necessary actions towards security, it will help professionals build trust and confidence in the organization.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Helps to Evaluate Security Investment.&nbsp;</span> The pen test results will give us an independent view of the effectiveness of existing security processes, ensuring that configuration management practices have been followed correctly. This is an ideal opportunity to review the efficiency of the current security investment. What needs to be improved and what is working and what is not working and how much investment needed to build the more secure environment in the organization.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Help Protect Public Relationships and Guard the reputation of your company.</span>A good public relationship and company reputation are built up after taking many years struggle and hard work and with a huge amount of investment. This can be suddenly changed due to a single security breach.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Protection from Financial Damage.</span> A simple breach of the security system may cause millions of dollars of damage. Penetration testing can protect your organization from such damages.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Helps to tests cyber-defense capability.</span> During a penetration test, the target company’s security team should be able to detect multiple attacks and respond accordingly on time. Furthermore, if an intrusion is detected, the security and forensic teams should start investigations, and the penetration testers should be blocked and their tools removed. The effectiveness of your protection devices like IDS, IPS or WAF can also be tested during a penetration test.<span style=\"font-weight: bold;\"></span></li><li><span style=\"font-weight: bold;\">Client-side Attacks. </span>Pen tests are an effective way of ensuring that successful highly targeted client-side attacks against key members of your staff. Security should be treated with a holistic approach. Companies only assessing the security of their servers run the risk of being targeted with client-side attacks exploiting vulnerabilities in software like web browsers, pdf readers, etc. It is important to ensure that the patch management processes are working properly updating the operating system and third-party applications.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Penetration_Testing.png","alias":"penetration-testing"},"457":{"id":457,"title":"DDoS Protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png","alias":"ddos-protection"},"467":{"id":467,"title":"Network Forensics","description":" Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.\r\nNetwork forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.\r\nTwo systems are commonly used to collect network data; a brute force &quot;catch it as you can&quot; and a more intelligent &quot;stop look listen&quot; method.\r\nNetwork forensics is a comparatively new field of forensic science. The growing popularity of the Internet in homes means that computing has become network-centric and data is now available outside of disk-based digital evidence. Network forensics can be performed as a standalone investigation or alongside a computer forensics analysis (where it is often used to reveal links between digital devices or reconstruct how a crime was committed).\r\nMarcus Ranum is credited with defining Network forensics as &quot;the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents&quot;.\r\nCompared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable. Investigators often only have material to examine if packet filters, firewalls, and intrusion detection systems were set up to anticipate breaches of security.\r\nSystems used to collect network data for forensics use usually come in two forms:\r\n<ul><li>&quot;Catch-it-as-you-can&quot; – This is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage.</li><li>&quot;Stop, look and listen&quot; – This is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Why is network forensics important?</span>\r\nNetwork forensics is important because so many common attacks entail some type of misuse of network resources.\r\n<span style=\"font-weight: bold;\">What are the different ways in which the network can be attacked?</span>\r\nAttacks typically target availability confidentiality and integrity. Loss of any one of these items constitutes a security breach.\r\n<span style=\"font-weight: bold;\">Where is the best place to search for information?</span>\r\nInformation can be found by either doing a live analysis of the network, analyzing IDS information, or examining logs that can be found in routers and servers.\r\n<span style=\"font-weight: bold;\">How does a forensic analyst know how deeply to look for information?</span>\r\nSome amount of information can be derived from looking at the skill level of the attacker. Attackers with little skill are much less likely to use advanced hiding techniques.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Forensics.png","alias":"network-forensics"},"485":{"id":485,"title":"Web security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png","alias":"web-security"},"834":{"id":834,"title":"IoT - Internet of Things Security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each &quot;thing&quot; is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png","alias":"iot-internet-of-things-security"},"838":{"id":838,"title":"Endpoint Detection and Response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png","alias":"endpoint-detection-and-response"},"852":{"id":852,"title":"Network security","description":" Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.\r\nNetwork security starts with authentication, commonly with a username and a password. Since this requires just one detail authenticating the user name — i.e., the password—this is sometimes termed one-factor authentication. With two-factor authentication, something the user 'has' is also used (e.g., a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor authentication, something the user 'is' is also used (e.g., a fingerprint or retinal scan).\r\nOnce authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wireshark traffic and may be logged for audit purposes and for later high-level analysis. Newer systems combining unsupervised machine learning with full network traffic analysis can detect active network attackers from malicious insiders or targeted external attackers that have compromised a user machine or account.\r\nCommunication between two hosts using a network may be encrypted to maintain privacy.\r\nHoneypots, essentially decoy network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot. A honeypot can also direct an attacker's attention away from legitimate servers. A honeypot encourages attackers to spend their time and energy on the decoy server while distracting their attention from the data on the real server. Similar to a honeypot, a honeynet is a network set up with intentional vulnerabilities. Its purpose is also to invite attacks so that the attacker's methods can be studied and that information can be used to increase network security. A honeynet typically contains one or more honeypots.","materialsDescription":" <span style=\"font-weight: bold;\">What is Network Security?</span>\r\nNetwork security is any action an organization takes to prevent malicious use or accidental damage to the network’s private data, its users, or their devices. The goal of network security is to keep the network running and safe for all legitimate users.\r\nBecause there are so many ways that a network can be vulnerable, network security involves a broad range of practices. These include:\r\n<ul><li><span style=\"font-weight: bold;\">Deploying active devices:</span> Using software to block malicious programs from entering, or running within, the network. Blocking users from sending or receiving suspicious-looking emails. Blocking unauthorized use of the network. Also, stopping the network's users accessing websites that are known to be dangerous.</li><li><span style=\"font-weight: bold;\">Deploying passive devices:</span> For instance, using devices and software that report unauthorized intrusions into the network, or suspicious activity by authorized users.</li><li><span style=\"font-weight: bold;\">Using preventative devices:</span> Devices that help identify potential security holes, so that network staff can fix them.</li><li><span style=\"font-weight: bold;\">Ensuring users follow safe practices:</span> Even if the software and hardware are set up to be secure, the actions of users can create security holes. Network security staff is responsible for educating members of the organization about how they can stay safe from potential threats.</li></ul>\r\n<span style=\"font-weight: bold;\">Why is Network Security Important?</span>\r\nUnless it’s properly secured, any network is vulnerable to malicious use and accidental damage. Hackers, disgruntled employees, or poor security practices within the organization can leave private data exposed, including trade secrets and customers’ private details.\r\nLosing confidential research, for example, can potentially cost an organization millions of dollars by taking away competitive advantages it paid to gain. While hackers stealing customers’ details and selling them to be used in fraud, it creates negative publicity and public mistrust of the organization.\r\nThe majority of common attacks against networks are designed to gain access to information, by spying on the communications and data of users, rather than to damage the network itself.\r\nBut attackers can do more than steal data. They may be able to damage users’ devices or manipulate systems to gain physical access to facilities. This leaves the organization’s property and members at risk of harm.\r\nCompetent network security procedures keep data secure and block vulnerable systems from outside interference. This allows the network’s users to remain safe and focus on achieving the organization’s goals.\r\n<span style=\"font-weight: bold;\">Why Do I Need Formal Education to Run a Computer Network?</span>\r\nEven the initial setup of security systems can be difficult for those unfamiliar with the field. A comprehensive security system is made of many pieces, each of which needs specialized knowledge.\r\nBeyond setup, each aspect of security is constantly evolving. New technology creates new opportunities for accidental security leaks, while hackers take advantage of holes in security to do damage as soon as they find them. Whoever is in charge of the network’s security needs to be able to understand the technical news and changes as they happen, so they can implement safety strategies right away.\r\nProperly securing your network using the latest information on vulnerabilities helps minimize the risk that attacks will succeed. Security Week reported that 44% of breaches in 2014 came from exploits that were 2-4 years old.\r\nUnfortunately, many of the technical aspects of network security are beyond those who make hiring decisions. So, the best way an organization can be sure that their network security personnel are able to properly manage the threats is to hire staff with the appropriate qualifications.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_security.png","alias":"network-security"}},"branches":"Information Technology","companySizes":"101 to 500 Employees","companyUrl":"https://www.cspi.com/","countryCodes":[],"certifications":[],"isSeller":true,"isSupplier":true,"isVendor":true,"presenterCodeLng":"","seo":{"title":"CSPi","keywords":"","description":" <span style=\"font-weight: bold; \">CSPi</span> (NASDAQ: CSPI) is committed to helping customers’ meet some of computing’s most demanding performance, availability, and security challenges. <br />As an industry leading provider of both hardware and service solu","og:title":"CSPi","og:description":" <span style=\"font-weight: bold; \">CSPi</span> (NASDAQ: CSPI) is committed to helping customers’ meet some of computing’s most demanding performance, availability, and security challenges. <br />As an industry leading provider of both hardware and service solu","og:image":"https://old.roi4cio.com/uploads/roi/company/CSPi.png"},"eventUrl":"","vendorPartners":[],"supplierPartners":[],"vendoredProducts":[{"id":3725,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/cspi.png","logo":true,"scheme":false,"title":"CSPi Aria Software Defined Security","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"cspi-aria-software-defined-security","companyTitle":"CSPi","companyTypes":["supplier","vendor"],"companyId":5651,"companyAlias":"cspi","description":"The <b>ARIA SDS</b> platform is a radically different approach to comprehensive network and data security as it employs capabilities normally only found in carrier-class or military-grade architectures. When deployed on available optional hardware offerings it provides the high-availability and fast failover and service-level assurance features demanded in a carrier-class infrastructure. It also uses military communication techniques to protect from penetration and administrative eavesdropping from set-up through operation. Yet, even with this added layer of functionality, the deployment and overall platform management is simple as it is handled through advanced zero-touch provisioning techniques.\r\n<b>How It Works</b>\r\nThe ARIA Software-Defined Security (SDS) platform can secure and encrypt containers and/or VMs as they spawn on-premise, private data centers or public cloud instances.\r\nThe ARIA software automatically applies the organization’s appropriate contextually aware security policies. Additionally, the ARIA Orchestrator automatically discovers the SDSi and manages the application of the appropriate type and level of security services upon deployment.\r\nThe central execution, across an entire organization, using a single pane of glass, ensures the desired access controls, micro-segmentation, encryption service types and levels, and other service techniques are correctly applied – no matter where the applications are running – whether it’s on premises, in the public cloud, or anywhere in between.\r\n<b>Benefits:</b>\r\n<b>Achieve SecDevOps</b>\r\nBalance the InfoSec requirement to maintain the consistent application of security policies and data protection with the desire of application developers for more agile and flexible DevOps practices. With ARIA, developers can simply select and connect to their applications for complete encryption.\r\n<b>Gain a Cost-effective, End-to-End Security Solution</b>\r\nThe ARIA software defined security solution works with any enterprise infrastructure, is easy to deploy, and costs up to ten times less than other server host-based encryption solutions. Organizations that run critical security functions on the Myricom ARC Series SIA (versus the server processor) can expect cost savings in the need for fewer server upgrades and lower power consumption, while also achieving increased application performance.\r\n<b>Secure Data at Rest, in Motion and in Use</b>\r\nIt’s not good enough to protect stored data. You must also have a solution for when it moves across the network, when it is accessed and used. ARIA applies the appropriate encryption policies by application, device, or data type – under any use and at any time.\r\n<b>Improve Application and Server Performance</b>\r\nAdvanced security functions like encryption, micro-segmentation, or tokenization are CPU-intensive and, if run through local servers, may cause an unacceptable delay in application performance. The ARIA platform runs seamlessly with the Myricom ARC Series SIA, making it the ideal choice for server off-load. In addition the SIA serves as a zone of trust for keys, making them impenetrable to breaches.","shortDescription":"CSPi is delivering portfolio of products and consulting solutions singularly focused on securing their customers critical business assets","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":6,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"CSPi Aria Software Defined Security","keywords":"","description":"The <b>ARIA SDS</b> platform is a radically different approach to comprehensive network and data security as it employs capabilities normally only found in carrier-class or military-grade architectures. When deployed on available optional hardware offerings it","og:title":"CSPi Aria Software Defined Security","og:description":"The <b>ARIA SDS</b> platform is a radically different approach to comprehensive network and data security as it employs capabilities normally only found in carrier-class or military-grade architectures. When deployed on available optional hardware offerings it","og:image":"https://old.roi4cio.com/fileadmin/user_upload/cspi.png"},"eventUrl":"","translationId":3724,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as &quot;on-demand software&quot;, and was formerly referred to as &quot;software plus services&quot; by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term &quot;Software as a Service&quot; (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure.&nbsp; While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies.&nbsp; Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\">&nbsp;</p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"},{"id":467,"title":"Network Forensics","alias":"network-forensics","description":" Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.\r\nNetwork forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.\r\nTwo systems are commonly used to collect network data; a brute force &quot;catch it as you can&quot; and a more intelligent &quot;stop look listen&quot; method.\r\nNetwork forensics is a comparatively new field of forensic science. The growing popularity of the Internet in homes means that computing has become network-centric and data is now available outside of disk-based digital evidence. Network forensics can be performed as a standalone investigation or alongside a computer forensics analysis (where it is often used to reveal links between digital devices or reconstruct how a crime was committed).\r\nMarcus Ranum is credited with defining Network forensics as &quot;the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents&quot;.\r\nCompared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable. Investigators often only have material to examine if packet filters, firewalls, and intrusion detection systems were set up to anticipate breaches of security.\r\nSystems used to collect network data for forensics use usually come in two forms:\r\n<ul><li>&quot;Catch-it-as-you-can&quot; – This is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage.</li><li>&quot;Stop, look and listen&quot; – This is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Why is network forensics important?</span>\r\nNetwork forensics is important because so many common attacks entail some type of misuse of network resources.\r\n<span style=\"font-weight: bold;\">What are the different ways in which the network can be attacked?</span>\r\nAttacks typically target availability confidentiality and integrity. Loss of any one of these items constitutes a security breach.\r\n<span style=\"font-weight: bold;\">Where is the best place to search for information?</span>\r\nInformation can be found by either doing a live analysis of the network, analyzing IDS information, or examining logs that can be found in routers and servers.\r\n<span style=\"font-weight: bold;\">How does a forensic analyst know how deeply to look for information?</span>\r\nSome amount of information can be derived from looking at the skill level of the attacker. Attackers with little skill are much less likely to use advanced hiding techniques.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Forensics.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices).&nbsp; The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection &amp; Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":43,"title":"Data Encryption","alias":"data-encryption","description":"<span style=\"font-weight: bold;\">Data encryption</span> translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext. Currently, encryption is one of the most popular and effective data security methods used by organizations. \r\nTwo main types of data encryption exist - <span style=\"font-weight: bold;\">asymmetric encryption</span>, also known as public-key encryption, and <span style=\"font-weight: bold;\">symmetric encryption</span>.<br />The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks. The outdated data encryption standard (DES) has been replaced by modern encryption algorithms that play a critical role in the security of IT systems and communications.\r\nThese algorithms provide confidentiality and drive key security initiatives including authentication, integrity, and non-repudiation. Authentication allows for the verification of a message’s origin, and integrity provides proof that a message’s contents have not changed since it was sent. Additionally, non-repudiation ensures that a message sender cannot deny sending the message.\r\nData protection software for data encryption can provide encryption of devices, email, and data itself. In many cases, these encryption functionalities are also met with control capabilities for devices, email, and data. \r\nCompanies and organizations face the challenge of protecting data and preventing data loss as employees use external devices, removable media, and web applications more often as a part of their daily business procedures. Sensitive data may no longer be under the company’s control and protection as employees copy data to removable devices or upload it to the cloud. As a result, the best data loss prevention solutions prevent data theft and the introduction of malware from removable and external devices as well as web and cloud applications. In order to do so, they must also ensure that devices and applications are used properly and that data is secured by auto-encryption even after it leaves the organization.\r\nEncryption software program encrypts data or files by working with one or more encryption algorithms. Security personnel use it to protect data from being viewed by unauthorized users.\r\nTypically, each data packet or file encrypted via data encryption programs requires a key to be decrypted to its original form. This key is generated by the software itself and shared between the data/file sender and receiver. Thus, even if the encrypted data is extracted or compromised, its original content cannot be retrieved without the encryption key. File encryption, email encryption, disk encryption and network encryption are widely used types of data encryption software.<br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is Encryption software?</span></h1>\r\nEncryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over the Internet.There are many software products which provide encryption. Software encryption uses a cipher to obscure the content into ciphertext. One way to classify this type of software is by the type of cipher used. Ciphers can be divided into two categories: <span style=\"font-weight: bold;\">public key ciphers</span> (also known as asymmetric ciphers), and <span style=\"font-weight: bold;\">symmetric key ciphers</span>. Encryption software can be based on either public key or symmetric key encryption.\r\nAnother way to classify crypto software is to categorize its purpose. Using this approach, software encryption may be classified into software which encrypts &quot;<span style=\"font-weight: bold;\">data in transit</span>&quot; and software which encrypts &quot;<span style=\"font-weight: bold;\">data at rest</span>&quot;. Data in transit generally uses public key ciphers, and data at rest generally uses symmetric key ciphers.\r\nSymmetric key ciphers can be further divided into stream ciphers and block ciphers. Stream ciphers typically encrypt plaintext a bit or byte at a time, and are most commonly used to encrypt real-time communications, such as audio and video information. The key is used to establish the initial state of a keystream generator, and the output of that generator is used to encrypt the plaintext. Block cipher algorithms split the plaintext into fixed-size blocks and encrypt one block at a time. For example, AES processes 16-byte blocks, while its predecessor DES encrypted blocks of eight bytes.<br />There is also a well-known case where PKI is used for data in transit of data at rest.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">How Data Encryption is used?</span></h1>\r\nThe purpose of data encryption is to deter malicious or negligent parties from accessing sensitive data. An important line of defense in a cybersecurity architecture, encryption makes using intercepted data as difficult as possible. It can be applied to all kinds of data protection needs ranging from classified government intel to personal credit card transactions. Data encryption software, also known as an encryption algorithm or cipher, is used to develop an encryption scheme which theoretically can only be broken with large amounts of computing power.\r\nEncryption is an incredibly important tool for keeping your data safe. When your files are encrypted, they are completely unreadable without the correct encryption key.&nbsp; If someone steals your encrypted files, they won’t be able to do anything with them.\r\nThere different types of encryption: hardware and software. Both offer different advantages. So, what are these methods and why do they matter?\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Software Encryption</span></h1>\r\n<p class=\"align-left\">As the name implies, software encryption uses features of encryption software to encrypt your data. Cryptosoft typically relies on a password; give the right password, and your files will be decrypted, otherwise they remain locked. With encryption enabled, it is passed through a special algorithm that scrambles your data as it is written to disk. The same software then unscrambles data as it is read from the disk for an authenticated user.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Crypto programs is typically quite cheap to implement, making it very popular with developers. In addition, software-based encryption routines do not require any additional hardware.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Types of encryption software is only as secure as the rest of your computer or smartphone. If a hacker can crack your password, the encryption is immediately undone.<br />Software encryption tools also share the processing resources of your computer, which can cause the entire machine to slow down as data is encrypted/decrypted. You will also find that opening and closing encrypted files is much slower than normal because the process is relatively resource intensive, particularly for higher levels of encryption</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Hardware encryption</span></h1>\r\n<p class=\"align-left\">At the heart of hardware encryption is a separate processor dedicated to the task of authentication and encryption. Hardware encryption is increasingly common on mobile devices. <br />The encryption protection technology still relies on a special key to encrypt and decrypt data, but this is randomly generated by the encryption processor. Often times, hardware encryption devices replace traditional passwords with biometric logons (like fingerprints) or a PIN number that is entered on an attached keypad<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Hardware offers strong encryption, safer than software solutions because the encryption process is separate from the rest of the machine. This makes it much harder to intercept or break. </p>\r\n<p class=\"align-left\">The use of a dedicated processor also relieves the burden on the rest of your device, making the encryption and decryption process much faster.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Typically, hardware-based encrypted storage is much more expensive than a software encryption tools. <br />If the hardware decryption processor fails, it becomes extremely hard to access your information.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">The Data Recovery Challenge. </span>Encrypted data is a challenge to recover. Even by recovering the raw sectors from a failed drive, it is still encrypted, which means it is still unreadable. </p>\r\n<p class=\"align-left\">Hardware encrypted devices don’t typically have these additional recovery options. Many have a design to prevent decryption in the event of a component failure, stopping hackers from disassembling them. The fastest and most effective way to deal with data loss on an encrypted device is to ensure you have a complete backup stored somewhere safe. For your PC, this may mean copying data to another encrypted device. For other devices, like your smartphone, backing up to the Cloud provides a quick and simple economy copy that you can restore from. As an added bonus, most Cloud services now encrypt their users’ data too. <br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Encryption.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"suppliedProducts":[{"id":3725,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/cspi.png","logo":true,"scheme":false,"title":"CSPi Aria Software Defined Security","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"cspi-aria-software-defined-security","companyTitle":"CSPi","companyTypes":["supplier","vendor"],"companyId":5651,"companyAlias":"cspi","description":"The <b>ARIA SDS</b> platform is a radically different approach to comprehensive network and data security as it employs capabilities normally only found in carrier-class or military-grade architectures. When deployed on available optional hardware offerings it provides the high-availability and fast failover and service-level assurance features demanded in a carrier-class infrastructure. It also uses military communication techniques to protect from penetration and administrative eavesdropping from set-up through operation. Yet, even with this added layer of functionality, the deployment and overall platform management is simple as it is handled through advanced zero-touch provisioning techniques.\r\n<b>How It Works</b>\r\nThe ARIA Software-Defined Security (SDS) platform can secure and encrypt containers and/or VMs as they spawn on-premise, private data centers or public cloud instances.\r\nThe ARIA software automatically applies the organization’s appropriate contextually aware security policies. Additionally, the ARIA Orchestrator automatically discovers the SDSi and manages the application of the appropriate type and level of security services upon deployment.\r\nThe central execution, across an entire organization, using a single pane of glass, ensures the desired access controls, micro-segmentation, encryption service types and levels, and other service techniques are correctly applied – no matter where the applications are running – whether it’s on premises, in the public cloud, or anywhere in between.\r\n<b>Benefits:</b>\r\n<b>Achieve SecDevOps</b>\r\nBalance the InfoSec requirement to maintain the consistent application of security policies and data protection with the desire of application developers for more agile and flexible DevOps practices. With ARIA, developers can simply select and connect to their applications for complete encryption.\r\n<b>Gain a Cost-effective, End-to-End Security Solution</b>\r\nThe ARIA software defined security solution works with any enterprise infrastructure, is easy to deploy, and costs up to ten times less than other server host-based encryption solutions. Organizations that run critical security functions on the Myricom ARC Series SIA (versus the server processor) can expect cost savings in the need for fewer server upgrades and lower power consumption, while also achieving increased application performance.\r\n<b>Secure Data at Rest, in Motion and in Use</b>\r\nIt’s not good enough to protect stored data. You must also have a solution for when it moves across the network, when it is accessed and used. ARIA applies the appropriate encryption policies by application, device, or data type – under any use and at any time.\r\n<b>Improve Application and Server Performance</b>\r\nAdvanced security functions like encryption, micro-segmentation, or tokenization are CPU-intensive and, if run through local servers, may cause an unacceptable delay in application performance. The ARIA platform runs seamlessly with the Myricom ARC Series SIA, making it the ideal choice for server off-load. In addition the SIA serves as a zone of trust for keys, making them impenetrable to breaches.","shortDescription":"CSPi is delivering portfolio of products and consulting solutions singularly focused on securing their customers critical business assets","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":6,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"CSPi Aria Software Defined Security","keywords":"","description":"The <b>ARIA SDS</b> platform is a radically different approach to comprehensive network and data security as it employs capabilities normally only found in carrier-class or military-grade architectures. When deployed on available optional hardware offerings it","og:title":"CSPi Aria Software Defined Security","og:description":"The <b>ARIA SDS</b> platform is a radically different approach to comprehensive network and data security as it employs capabilities normally only found in carrier-class or military-grade architectures. When deployed on available optional hardware offerings it","og:image":"https://old.roi4cio.com/fileadmin/user_upload/cspi.png"},"eventUrl":"","translationId":3724,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as &quot;on-demand software&quot;, and was formerly referred to as &quot;software plus services&quot; by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term &quot;Software as a Service&quot; (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure.&nbsp; While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies.&nbsp; Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\">&nbsp;</p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"},{"id":467,"title":"Network Forensics","alias":"network-forensics","description":" Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.\r\nNetwork forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.\r\nTwo systems are commonly used to collect network data; a brute force &quot;catch it as you can&quot; and a more intelligent &quot;stop look listen&quot; method.\r\nNetwork forensics is a comparatively new field of forensic science. The growing popularity of the Internet in homes means that computing has become network-centric and data is now available outside of disk-based digital evidence. Network forensics can be performed as a standalone investigation or alongside a computer forensics analysis (where it is often used to reveal links between digital devices or reconstruct how a crime was committed).\r\nMarcus Ranum is credited with defining Network forensics as &quot;the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents&quot;.\r\nCompared to computer forensics, where evidence is usually preserved on disk, network data is more volatile and unpredictable. Investigators often only have material to examine if packet filters, firewalls, and intrusion detection systems were set up to anticipate breaches of security.\r\nSystems used to collect network data for forensics use usually come in two forms:\r\n<ul><li>&quot;Catch-it-as-you-can&quot; – This is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage.</li><li>&quot;Stop, look and listen&quot; – This is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Why is network forensics important?</span>\r\nNetwork forensics is important because so many common attacks entail some type of misuse of network resources.\r\n<span style=\"font-weight: bold;\">What are the different ways in which the network can be attacked?</span>\r\nAttacks typically target availability confidentiality and integrity. Loss of any one of these items constitutes a security breach.\r\n<span style=\"font-weight: bold;\">Where is the best place to search for information?</span>\r\nInformation can be found by either doing a live analysis of the network, analyzing IDS information, or examining logs that can be found in routers and servers.\r\n<span style=\"font-weight: bold;\">How does a forensic analyst know how deeply to look for information?</span>\r\nSome amount of information can be derived from looking at the skill level of the attacker. Attackers with little skill are much less likely to use advanced hiding techniques.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Forensics.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices).&nbsp; The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":204,"title":"Managed Detection and Response","alias":"managed-detection-and-response","description":" MDR, which stands for Managed Detection &amp; Response, is an all-encompassing threat detection system, which arose from the need for small/medium-sized organizations who lack resources to be able to monitor their network systems in-house. It provides a cost-effective alternative to SIEM (Security Information and Event Management).\r\nEveryday, the capabilities of attackers get more sophisticated and the volume of alerts becomes overwhelming and unmanageable. In-house teams might struggle to analyze and log data, which makes it harder than ever to determine if these threats are harmful. MDR can put a stop to attacks before they even happen. MDR technology monitors your systems and detects any unusual behavior, whilst our expert team responds to the threats detected within your business.\r\nMDR offers real-time threat intelligence, and is able to analyse behaviour which can be missed by traditional endpoint security technology. MDR also provides rapid identification of known threats, which in turn minimises overall attacks. Having remote incident investigation will minimise damage to your business, and will allow you to get back to work in no time. It’s important to note that using MDR services will allow third party access to your company's data. You need to consider working with a provider who understands and respects your data policy.","materialsDescription":" <span style=\"font-weight: bold;\">What is Managed Detection and Response?</span>\r\nManaged Detection and Response (MDR) is a managed cybersecurity service that provides intrusion detection of malware and malicious activity in your network, and assists in rapid incident response to eliminate those threats with succinct remediation actions. MDR typically combines a technology solution with outsourced security analysts that extend your technologies and team.\r\n<span style=\"font-weight: bold;\">Isn’t that What MSSPs or Managed SIEMs Do?</span>\r\nNo. Managed Security Service Providers (MSSPs) monitor network security controls and may send alerts when anomalies are identified. MSSPs typically do not investigate the anomalies to eliminate false positives, nor do they respond to real threats. This means that abnormalities in network usage are forwarded to your IT personnel who must then dig through the data to determine if there is a real threat and what to do about it.\r\n<span style=\"font-weight: bold;\">Doesn’t My Firewall Protect My Network?</span>\r\nFirewalls and other preventive forms of cybersecurity are very important and effective at preventing basic cyberattacks. However, over the past decade, it has become clear that preventive cybersecurity technologies are not enough to secure an organization’s network. Further, they are yet another source of alerts, log messages, and events that contribute to the “alert fatigue” being universally suffered today. Recent major hacks such as the Marriot Hack of 2018, the Anthem Hack of 2015, and the Target Hack of 2013 demonstrate how easily cybercriminals can breach networks at enterprise organizations to steal millions of credit card numbers, medical records, and other forms of PII/PHI.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Endpoint_Detection_and_Response.png"},{"id":43,"title":"Data Encryption","alias":"data-encryption","description":"<span style=\"font-weight: bold;\">Data encryption</span> translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext. Currently, encryption is one of the most popular and effective data security methods used by organizations. \r\nTwo main types of data encryption exist - <span style=\"font-weight: bold;\">asymmetric encryption</span>, also known as public-key encryption, and <span style=\"font-weight: bold;\">symmetric encryption</span>.<br />The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks. The outdated data encryption standard (DES) has been replaced by modern encryption algorithms that play a critical role in the security of IT systems and communications.\r\nThese algorithms provide confidentiality and drive key security initiatives including authentication, integrity, and non-repudiation. Authentication allows for the verification of a message’s origin, and integrity provides proof that a message’s contents have not changed since it was sent. Additionally, non-repudiation ensures that a message sender cannot deny sending the message.\r\nData protection software for data encryption can provide encryption of devices, email, and data itself. In many cases, these encryption functionalities are also met with control capabilities for devices, email, and data. \r\nCompanies and organizations face the challenge of protecting data and preventing data loss as employees use external devices, removable media, and web applications more often as a part of their daily business procedures. Sensitive data may no longer be under the company’s control and protection as employees copy data to removable devices or upload it to the cloud. As a result, the best data loss prevention solutions prevent data theft and the introduction of malware from removable and external devices as well as web and cloud applications. In order to do so, they must also ensure that devices and applications are used properly and that data is secured by auto-encryption even after it leaves the organization.\r\nEncryption software program encrypts data or files by working with one or more encryption algorithms. Security personnel use it to protect data from being viewed by unauthorized users.\r\nTypically, each data packet or file encrypted via data encryption programs requires a key to be decrypted to its original form. This key is generated by the software itself and shared between the data/file sender and receiver. Thus, even if the encrypted data is extracted or compromised, its original content cannot be retrieved without the encryption key. File encryption, email encryption, disk encryption and network encryption are widely used types of data encryption software.<br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is Encryption software?</span></h1>\r\nEncryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over the Internet.There are many software products which provide encryption. Software encryption uses a cipher to obscure the content into ciphertext. One way to classify this type of software is by the type of cipher used. Ciphers can be divided into two categories: <span style=\"font-weight: bold;\">public key ciphers</span> (also known as asymmetric ciphers), and <span style=\"font-weight: bold;\">symmetric key ciphers</span>. Encryption software can be based on either public key or symmetric key encryption.\r\nAnother way to classify crypto software is to categorize its purpose. Using this approach, software encryption may be classified into software which encrypts &quot;<span style=\"font-weight: bold;\">data in transit</span>&quot; and software which encrypts &quot;<span style=\"font-weight: bold;\">data at rest</span>&quot;. Data in transit generally uses public key ciphers, and data at rest generally uses symmetric key ciphers.\r\nSymmetric key ciphers can be further divided into stream ciphers and block ciphers. Stream ciphers typically encrypt plaintext a bit or byte at a time, and are most commonly used to encrypt real-time communications, such as audio and video information. The key is used to establish the initial state of a keystream generator, and the output of that generator is used to encrypt the plaintext. Block cipher algorithms split the plaintext into fixed-size blocks and encrypt one block at a time. For example, AES processes 16-byte blocks, while its predecessor DES encrypted blocks of eight bytes.<br />There is also a well-known case where PKI is used for data in transit of data at rest.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">How Data Encryption is used?</span></h1>\r\nThe purpose of data encryption is to deter malicious or negligent parties from accessing sensitive data. An important line of defense in a cybersecurity architecture, encryption makes using intercepted data as difficult as possible. It can be applied to all kinds of data protection needs ranging from classified government intel to personal credit card transactions. Data encryption software, also known as an encryption algorithm or cipher, is used to develop an encryption scheme which theoretically can only be broken with large amounts of computing power.\r\nEncryption is an incredibly important tool for keeping your data safe. When your files are encrypted, they are completely unreadable without the correct encryption key.&nbsp; If someone steals your encrypted files, they won’t be able to do anything with them.\r\nThere different types of encryption: hardware and software. Both offer different advantages. So, what are these methods and why do they matter?\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Software Encryption</span></h1>\r\n<p class=\"align-left\">As the name implies, software encryption uses features of encryption software to encrypt your data. Cryptosoft typically relies on a password; give the right password, and your files will be decrypted, otherwise they remain locked. With encryption enabled, it is passed through a special algorithm that scrambles your data as it is written to disk. The same software then unscrambles data as it is read from the disk for an authenticated user.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Crypto programs is typically quite cheap to implement, making it very popular with developers. In addition, software-based encryption routines do not require any additional hardware.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Types of encryption software is only as secure as the rest of your computer or smartphone. If a hacker can crack your password, the encryption is immediately undone.<br />Software encryption tools also share the processing resources of your computer, which can cause the entire machine to slow down as data is encrypted/decrypted. You will also find that opening and closing encrypted files is much slower than normal because the process is relatively resource intensive, particularly for higher levels of encryption</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Hardware encryption</span></h1>\r\n<p class=\"align-left\">At the heart of hardware encryption is a separate processor dedicated to the task of authentication and encryption. Hardware encryption is increasingly common on mobile devices. <br />The encryption protection technology still relies on a special key to encrypt and decrypt data, but this is randomly generated by the encryption processor. Often times, hardware encryption devices replace traditional passwords with biometric logons (like fingerprints) or a PIN number that is entered on an attached keypad<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Hardware offers strong encryption, safer than software solutions because the encryption process is separate from the rest of the machine. This makes it much harder to intercept or break. </p>\r\n<p class=\"align-left\">The use of a dedicated processor also relieves the burden on the rest of your device, making the encryption and decryption process much faster.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Typically, hardware-based encrypted storage is much more expensive than a software encryption tools. <br />If the hardware decryption processor fails, it becomes extremely hard to access your information.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">The Data Recovery Challenge. </span>Encrypted data is a challenge to recover. Even by recovering the raw sectors from a failed drive, it is still encrypted, which means it is still unreadable. </p>\r\n<p class=\"align-left\">Hardware encrypted devices don’t typically have these additional recovery options. Many have a design to prevent decryption in the event of a component failure, stopping hackers from disassembling them. The fastest and most effective way to deal with data loss on an encrypted device is to ensure you have a complete backup stored somewhere safe. For your PC, this may mean copying data to another encrypted device. For other devices, like your smartphone, backing up to the Cloud provides a quick and simple economy copy that you can restore from. As an added bonus, most Cloud services now encrypt their users’ data too. <br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Encryption.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"partnershipProgramme":null}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}