{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"role-supplier":{"en":"Supplier","ru":"Поставщик","_type":"localeString"},"products-popover":{"en":"Products","de":"die produkte","ru":"Продукты","_type":"localeString"},"introduction-popover":{"_type":"localeString","en":"introduction","ru":"внедрения"},"partners-popover":{"ru":"партнеры","_type":"localeString","en":"partners"},"update-profile-button":{"en":"Update profile","ru":"Обновить профиль","_type":"localeString"},"read-more-button":{"_type":"localeString","en":"Show more","ru":"Показать ещё"},"hide-button":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"user-implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"categories":{"ru":"Компетенции","_type":"localeString","en":"Categories"},"description":{"ru":"Описание","_type":"localeString","en":"Description"},"role-user":{"_type":"localeString","en":"User","ru":"Пользователь"},"partnership-vendors":{"_type":"localeString","en":"Partnership with vendors","ru":"Партнерство с производителями"},"partnership-suppliers":{"ru":"Партнерство с поставщиками","_type":"localeString","en":"Partnership with suppliers"},"reference-bonus":{"_type":"localeString","en":"Bonus 4 reference","ru":"Бонус за референс"},"partner-status":{"en":"Partner status","ru":"Статус партнёра","_type":"localeString"},"country":{"_type":"localeString","en":"Country","ru":"Страна"},"partner-types":{"en":"Partner types","ru":"Типы партнеров","_type":"localeString"},"branch-popover":{"ru":"область деятельности","_type":"localeString","en":"branch"},"employees-popover":{"en":"number of employees","ru":"количество сотрудников","_type":"localeString"},"partnership-programme":{"en":"Partnership program","ru":"Партнерская программа","_type":"localeString"},"partner-discounts":{"ru":"Партнерские скидки","_type":"localeString","en":"Partner discounts"},"registered-discounts":{"_type":"localeString","en":"Additional benefits for registering a deal","ru":"Дополнительные преимущества за регистрацию сделки"},"additional-advantages":{"ru":"Дополнительные преимущества","_type":"localeString","en":"Additional Benefits"},"additional-requirements":{"_type":"localeString","en":"Partner level requirements","ru":"Требования к уровню партнера"},"certifications":{"ru":"Сертификация технических специалистов","_type":"localeString","en":"Certification of technical specialists"},"sales-plan":{"ru":"Годовой план продаж","_type":"localeString","en":"Annual Sales Plan"},"partners-vendors":{"ru":"Партнеры-производители","_type":"localeString","en":"Partners-vendors"},"partners-suppliers":{"en":"Partners-suppliers","ru":"Партнеры-поставщики","_type":"localeString"},"all-countries":{"en":"All countries","ru":"Все страны","_type":"localeString"},"supplied-products":{"ru":"Поставляемые продукты","_type":"localeString","en":"Supplied products"},"vendored-products":{"en":"Produced products","ru":"Производимые продукты","_type":"localeString"},"vendor-implementations":{"_type":"localeString","en":"Produced deployments","ru":"Производимые внедрения"},"supplier-implementations":{"en":"Supplied deployments","ru":"Поставляемые внедрения","_type":"localeString"},"show-all":{"_type":"localeString","en":"Show all","ru":"Показать все"},"not-yet-converted":{"en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString"},"schedule-event":{"en":"Events schedule","ru":"Pасписание событий","_type":"localeString"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"register":{"en":"Register","ru":"Регистрация ","_type":"localeString"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"auth-message":{"ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString","en":"To view company events please log in or register on the sit."},"company-presentation":{"_type":"localeString","en":"Company presentation","ru":"Презентация компании"}},"header":{"help":{"en":"Help","de":"Hilfe","ru":"Помощь","_type":"localeString"},"how":{"ru":"Как это работает","_type":"localeString","en":"How does it works","de":"Wie funktioniert es"},"login":{"ru":"Вход","_type":"localeString","en":"Log in","de":"Einloggen"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"de":"FAQ","ru":"FAQ","_type":"localeString","en":"FAQ"},"references":{"ru":"Мои запросы","_type":"localeString","en":"Requests","de":"References"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"_type":"localeString","en":" Price calculator","ru":"Калькулятор цены"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"_type":"localeString","en":"ROI calculators","ru":"ROI калькуляторы"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"for-suppliers":{"_type":"localeString","en":"For suppliers","ru":"Поставщикам"},"blog":{"en":"Blog","ru":"Блог","_type":"localeString"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"en":"My account","ru":"Мой кабинет","_type":"localeString"},"register":{"en":"Register","ru":"Зарегистрироваться","_type":"localeString"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"_type":"localeString","en":"Are you sure you want to delete","ru":"Подтвердите удаление"},"search-placeholder":{"_type":"localeString","en":"Enter your search term","ru":"Введите поисковый запрос"},"my-profile":{"ru":"Мои данные","_type":"localeString","en":"My profile"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4presenter":{"en":"Roi4Presenter","_type":"localeString"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"en":"Products","_type":"localeString"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"en":"Learn implementation reviews","_type":"localeString"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"en":"Our Products","_type":"localeString"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"ru":"О компании","_type":"localeString","en":"My Company","de":"Über die Firma"},"about":{"ru":"О нас","_type":"localeString","en":"About us","de":"Über uns"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"_type":"localeString","en":"Subscriptions","de":"Tarife","ru":"Тарифы"},"contact":{"_type":"localeString","en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами"},"marketplace":{"de":"Marketplace","ru":"Marketplace","_type":"localeString","en":"Marketplace"},"products":{"_type":"localeString","en":"Products","de":"Produkte","ru":"Продукты"},"compare":{"ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche"},"calculate":{"en":"Calculate the cost","de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"_type":"localeString","en":"Salestools","de":"Salestools","ru":"Salestools"},"automatization":{"_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов"},"roi_calcs":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators","de":"ROI-Rechner"},"matrix":{"en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString"},"b4r":{"_type":"localeString","en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"_type":"localeString","en":"Privacy Policy","ru":"Политика конфиденциальности"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"_type":"localeString","en":"Price calculator","ru":"Калькулятор цены"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"en":"blog","ru":"блог","_type":"localeString"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"ru":"категории","_type":"localeString","en":"categories"},"showForm":{"en":"Show form","ru":"Показать форму","_type":"localeString"},"subscribe__title":{"en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString"},"subscribe__email-label":{"en":"Email","ru":"Email","_type":"localeString"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"en":"Subscribe","ru":"Подписаться","_type":"localeString"},"subscribe__email-message":{"en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"ru":"Имя Фамилия","_type":"localeString","en":"Last, first name"},"subscribe__success":{"_type":"localeString","en":"You are successfully subscribed! Check you mailbox.","ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик."},"subscribe__error":{"_type":"localeString","en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее."},"roi4presenter":{"de":"roi4presenter","ru":"roi4presenter","_type":"localeString","en":"Roi4Presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"}},"breadcrumbs":{"home":{"ru":"Главная","_type":"localeString","en":"Home"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"_type":"localeString","en":"Products","ru":"Продукты"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"en":"Login","ru":"Вход","_type":"localeString"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString"}},"comment-form":{"title":{"_type":"localeString","en":"Leave comment","ru":"Оставить комментарий"},"firstname":{"ru":"Имя","_type":"localeString","en":"First name"},"lastname":{"_type":"localeString","en":"Last name","ru":"Фамилия"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"_type":"localeString","en":"Actual cost","ru":"Фактическая стоимость"},"received-roi":{"en":"Received ROI","ru":"Полученный ROI","_type":"localeString"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"ru":"Комментарий","_type":"localeString","en":"Comment"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"_type":"localeString","en":"I agree","ru":"Я согласен"},"terms-of-use":{"ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString","en":"With user agreement and privacy policy"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"ru":"Спасибо за ваше понимание","_type":"localeString","en":"Thank you for your understanding"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"title":{"ru":"ROI4CIO: Компания","_type":"localeString","en":"ROI4CIO: Company"},"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"name":"og:type","content":"website"}],"translatable_meta":[{"name":"title","translations":{"_type":"localeString","en":"Company","ru":"Компания"}},{"name":"description","translations":{"_type":"localeString","en":"Company description","ru":"Описание компании"}},{"name":"keywords","translations":{"en":"Company keywords","ru":"Ключевые слова для компании","_type":"localeString"}}]}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"malwarebytes":{"id":5730,"title":"Malwarebytes","logoURL":"https://old.roi4cio.com/uploads/roi/company/Malwarebytes_logo.png","alias":"malwarebytes","address":"","roles":[{"id":3,"type":"vendor"}],"description":" Malwarebytes is a company that proactively protects people and businesses against dangerous threats such as malware, ransomware and exploits that escape detection by traditional antivirus solutions. Malwarebytes completely replaces antivirus with artificial intelligence-powered technology that stops cyberattacks before they can compromise home computers and business endpoints. More than 60,000 businesses and millions of people worldwide trust and recommend Malwarebytes solutions. Our team of threat researchers and security experts process emerging and established threats every day, from all over the globe. Founded in 2008, the company is headquartered in California, with offices in Europe and Asia.\r\nMalwarebytes founder and CEO Marcin Kleczynski started the company to create the best disinfection and protection solutions to combat the world’s most harmful Internet threats. The market continues to recognize Marcin’s advancements in cybersecurity with the recent recognition as “CEO of the Year” in the Global Excellence awards. He has also been named to the Forbes 30 Under 30 Rising Stars of Enterprise Technology list and received both the Silicon Valley Business Journal’s 40 Under 40 and Ernst & Young Entrepreneur of the Year awards.\r\nSource: https://www.linkedin.com/company/malwarebytes/about/","companyTypes":["vendor"],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{"5":{"id":5,"title":"Security Software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png","alias":"security-software"},"40":{"id":40,"title":"Endpoint security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png","alias":"endpoint-security"},"43":{"id":43,"title":"Data Encryption","description":"<span style=\"font-weight: bold;\">Data encryption</span> translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext. Currently, encryption is one of the most popular and effective data security methods used by organizations. \r\nTwo main types of data encryption exist - <span style=\"font-weight: bold;\">asymmetric encryption</span>, also known as public-key encryption, and <span style=\"font-weight: bold;\">symmetric encryption</span>.<br />The purpose of data encryption is to protect digital data confidentiality as it is stored on computer systems and transmitted using the internet or other computer networks. The outdated data encryption standard (DES) has been replaced by modern encryption algorithms that play a critical role in the security of IT systems and communications.\r\nThese algorithms provide confidentiality and drive key security initiatives including authentication, integrity, and non-repudiation. Authentication allows for the verification of a message’s origin, and integrity provides proof that a message’s contents have not changed since it was sent. Additionally, non-repudiation ensures that a message sender cannot deny sending the message.\r\nData protection software for data encryption can provide encryption of devices, email, and data itself. In many cases, these encryption functionalities are also met with control capabilities for devices, email, and data. \r\nCompanies and organizations face the challenge of protecting data and preventing data loss as employees use external devices, removable media, and web applications more often as a part of their daily business procedures. Sensitive data may no longer be under the company’s control and protection as employees copy data to removable devices or upload it to the cloud. As a result, the best data loss prevention solutions prevent data theft and the introduction of malware from removable and external devices as well as web and cloud applications. In order to do so, they must also ensure that devices and applications are used properly and that data is secured by auto-encryption even after it leaves the organization.\r\nEncryption software program encrypts data or files by working with one or more encryption algorithms. Security personnel use it to protect data from being viewed by unauthorized users.\r\nTypically, each data packet or file encrypted via data encryption programs requires a key to be decrypted to its original form. This key is generated by the software itself and shared between the data/file sender and receiver. Thus, even if the encrypted data is extracted or compromised, its original content cannot be retrieved without the encryption key. File encryption, email encryption, disk encryption and network encryption are widely used types of data encryption software.<br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is Encryption software?</span></h1>\r\nEncryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over the Internet.There are many software products which provide encryption. Software encryption uses a cipher to obscure the content into ciphertext. One way to classify this type of software is by the type of cipher used. Ciphers can be divided into two categories: <span style=\"font-weight: bold;\">public key ciphers</span> (also known as asymmetric ciphers), and <span style=\"font-weight: bold;\">symmetric key ciphers</span>. Encryption software can be based on either public key or symmetric key encryption.\r\nAnother way to classify crypto software is to categorize its purpose. Using this approach, software encryption may be classified into software which encrypts "<span style=\"font-weight: bold;\">data in transit</span>" and software which encrypts "<span style=\"font-weight: bold;\">data at rest</span>". Data in transit generally uses public key ciphers, and data at rest generally uses symmetric key ciphers.\r\nSymmetric key ciphers can be further divided into stream ciphers and block ciphers. Stream ciphers typically encrypt plaintext a bit or byte at a time, and are most commonly used to encrypt real-time communications, such as audio and video information. The key is used to establish the initial state of a keystream generator, and the output of that generator is used to encrypt the plaintext. Block cipher algorithms split the plaintext into fixed-size blocks and encrypt one block at a time. For example, AES processes 16-byte blocks, while its predecessor DES encrypted blocks of eight bytes.<br />There is also a well-known case where PKI is used for data in transit of data at rest.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">How Data Encryption is used?</span></h1>\r\nThe purpose of data encryption is to deter malicious or negligent parties from accessing sensitive data. An important line of defense in a cybersecurity architecture, encryption makes using intercepted data as difficult as possible. It can be applied to all kinds of data protection needs ranging from classified government intel to personal credit card transactions. Data encryption software, also known as an encryption algorithm or cipher, is used to develop an encryption scheme which theoretically can only be broken with large amounts of computing power.\r\nEncryption is an incredibly important tool for keeping your data safe. When your files are encrypted, they are completely unreadable without the correct encryption key. If someone steals your encrypted files, they won’t be able to do anything with them.\r\nThere different types of encryption: hardware and software. Both offer different advantages. So, what are these methods and why do they matter?\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Software Encryption</span></h1>\r\n<p class=\"align-left\">As the name implies, software encryption uses features of encryption software to encrypt your data. Cryptosoft typically relies on a password; give the right password, and your files will be decrypted, otherwise they remain locked. With encryption enabled, it is passed through a special algorithm that scrambles your data as it is written to disk. The same software then unscrambles data as it is read from the disk for an authenticated user.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Crypto programs is typically quite cheap to implement, making it very popular with developers. In addition, software-based encryption routines do not require any additional hardware.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Types of encryption software is only as secure as the rest of your computer or smartphone. If a hacker can crack your password, the encryption is immediately undone.<br />Software encryption tools also share the processing resources of your computer, which can cause the entire machine to slow down as data is encrypted/decrypted. You will also find that opening and closing encrypted files is much slower than normal because the process is relatively resource intensive, particularly for higher levels of encryption</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Hardware encryption</span></h1>\r\n<p class=\"align-left\">At the heart of hardware encryption is a separate processor dedicated to the task of authentication and encryption. Hardware encryption is increasingly common on mobile devices. <br />The encryption protection technology still relies on a special key to encrypt and decrypt data, but this is randomly generated by the encryption processor. Often times, hardware encryption devices replace traditional passwords with biometric logons (like fingerprints) or a PIN number that is entered on an attached keypad<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Pros.</span>Hardware offers strong encryption, safer than software solutions because the encryption process is separate from the rest of the machine. This makes it much harder to intercept or break. </p>\r\n<p class=\"align-left\">The use of a dedicated processor also relieves the burden on the rest of your device, making the encryption and decryption process much faster.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cons.</span>Typically, hardware-based encrypted storage is much more expensive than a software encryption tools. <br />If the hardware decryption processor fails, it becomes extremely hard to access your information.<span style=\"font-weight: bold;\"></span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">The Data Recovery Challenge. </span>Encrypted data is a challenge to recover. Even by recovering the raw sectors from a failed drive, it is still encrypted, which means it is still unreadable. </p>\r\n<p class=\"align-left\">Hardware encrypted devices don’t typically have these additional recovery options. Many have a design to prevent decryption in the event of a component failure, stopping hackers from disassembling them. The fastest and most effective way to deal with data loss on an encrypted device is to ensure you have a complete backup stored somewhere safe. For your PC, this may mean copying data to another encrypted device. For other devices, like your smartphone, backing up to the Cloud provides a quick and simple economy copy that you can restore from. As an added bonus, most Cloud services now encrypt their users’ data too. <br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Encryption.png","alias":"data-encryption"},"52":{"id":52,"title":"SaaS - software as a service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png","alias":"saas-software-as-a-service"},"79":{"id":79,"title":"VM - Vulnerability management","description":"Vulnerability management is the "cyclical practice of identifying, classifying, prioritizing, remediating and mitigating" software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be confused with a Vulnerability assessment.\r\nVulnerability management is an ongoing process that includes proactive asset discovery, continuous monitoring, mitigation, remediation and defense tactics to protect your organization's modern IT attack surface from Cyber Exposure.\r\nVulnerabilities can be discovered with a vulnerability scanner, which analyzes a computer system in search of known vulnerabilities, such as open ports, insecure software configurations, and susceptibility to malware infections. They may also be identified by consulting public sources, such as NVD, or subscribing to a commercial vulnerability alerting services. Unknown vulnerabilities, such as a zero-day, may be found with fuzz testing, which can identify certain kinds of vulnerabilities, such as a buffer overflow with relevant test cases. Such analysis can be facilitated by test automation. In addition, antivirus software capable of heuristic analysis may discover undocumented malware if it finds software behaving suspiciously (such as attempting to overwrite a system file).\r\nCorrecting vulnerabilities may variously involve the installation of a patch, a change in network security policy, reconfiguration of software, or educating users about social engineering.\r\nNetwork vulnerabilities represent security gaps that could be abused by attackers to damage network assets, trigger a denial of service, and/or steal potentially sensitive information. Attackers are constantly looking for new vulnerabilities to exploit — and taking advantage of old vulnerabilities that may have gone unpatched.\r\nHaving a vulnerability management framework in place that regularly checks for new vulnerabilities is crucial for preventing cybersecurity breaches. Without a vulnerability testing and patch management system, old security gaps may be left on the network for extended periods of time. This gives attackers more of an opportunity to exploit vulnerabilities and carry out their attacks.\r\nOne statistic that highlights how crucial vulnerability management was featured in an Infosecurity Magazine article. According to survey data cited in the article, of the organizations that “suffered a breach, almost 60% were due to an unpatched vulnerability.” In other words, nearly 60% of the data breaches suffered by survey respondents could have been easily prevented simply by having a vulnerability management plan that would apply critical patches before attackers leveraged the vulnerability.","materialsDescription":" <span style=\"font-weight: bold;\">What is vulnerability management?</span>\r\nVulnerability management is a pro-active approach to managing network security by reducing the likelihood that flaws in code or design compromise the security of an endpoint or network.\r\n<span style=\"font-weight: bold;\">What processes does vulnerability management include?</span>\r\nVulnerability management processes include:\r\n<ul><li><span style=\"font-style: italic;\">Checking for vulnerabilities:</span> This process should include regular network scanning, firewall logging, penetration testing or use of an automated tool like a vulnerability scanner.</li><li><span style=\"font-style: italic;\">Identifying vulnerabilities:</span> This involves analyzing network scans and pen test results, firewall logs or vulnerability scan results to find anomalies that suggest a malware attack or other malicious event has taken advantage of a security vulnerability, or could possibly do so.</li><li><span style=\"font-style: italic;\">Verifying vulnerabilities:</span> This process includes ascertaining whether the identified vulnerabilities could actually be exploited on servers, applications, networks or other systems. This also includes classifying the severity of a vulnerability and the level of risk it presents to the organization.</li><li><span style=\"font-style: italic;\">Mitigating vulnerabilities:</span> This is the process of figuring out how to prevent vulnerabilities from being exploited before a patch is available, or in the event that there is no patch. It can involve taking the affected part of the system off-line (if it's non-critical), or various other workarounds.</li><li><span style=\"font-style: italic;\">Patching vulnerabilities:</span> This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VM_-_Vulnerability_management1.png","alias":"vm-vulnerability-management"},"791":{"id":791,"title":"Vulnerability Scanner","description":" A <span style=\"font-weight: bold;\">vulnerability scanner</span> is a computer program designed to assess computers, network vulnerability or applications for known weaknesses. In plain words, these scanners are used to discover the weaknesses of a given system. They are utilized in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. They are typically available as SaaS (Software as a service); provided over the internet and delivered as a web application. \r\nMost vulnerability scanners will also attempt to log in to systems using default or other credentials in order to build a more detailed picture of the system. After building up an inventory, the vulnerability scanner checks each item in the inventory against one or more databases of known vulnerabilities to see if any items are subject to any of these vulnerabilities. The result of such scan is a systems vulnerability analysis, highlighting any that have known vulnerabilities that may need threat and vulnerability management.\r\n<span style=\"font-weight: bold;\">How vulnerability scanning works</span>. Vulnerability scanning finds systems and software that have known security vulnerabilities, but this information is only useful to IT security teams when it is used as the first part of a four-part vulnerability management process. <span style=\"font-weight: bold;\">Vulnerability management process involves:</span>\r\n<ul><li>Identification of vulnerabilities</li><li>Evaluation of the risk posed by any vulnerabilities identified</li><li>Treatment of any identified vulnerabilities</li><li>Reporting on vulnerabilities and how they have been handled</li></ul>\r\n<br /><span style=\"font-weight: bold;\">Types of vulnerability scans. </span>Not all vulnerability scans are alike, and to ensure compliance with certain regulations (such as those set by the PCI Security Standards Council) it is necessary to carry out two distinct types of vulnerability scans: an internal and an external vulnerability scan. \r\n<span style=\"font-weight: bold;\">External vulnerability scan.</span> As the name suggests, an external vulnerability scan is carried out from outside an organization's network, and its principal purpose is to detect vulnerabilities in the perimeter defenses such as open ports in the network firewall or specialized web application firewall. An external vulnerability scan can help organizations fix security issues that could enable hackers to gain access to the organization's network.\r\n<span style=\"font-weight: bold;\">Internal vulnerability scan. </span>By contrast, an internal vulnerability scan is carried out from inside an organization's perimeter defenses. Its purpose is to detect vulnerabilities that could be exploited by hackers who successfully penetrate the perimeter defenses, or equally by "insider threats" such as contractors or disgruntled employees who have legitimate access to parts of the network.\r\n<span style=\"font-weight: bold;\">Unauthenticated and authenticated vulnerability scans.</span> A similar but not always identical variation of internal and external vulnerability scans is the concept of unauthenticated and authenticated vulnerability scans. Unauthenticated scans, like external scans, search for weaknesses in the network perimeter, while authenticated scans provide vulnerability scanners with various privileged credentials, allowing them to probe the inside of the network for weak passwords, configuration issues, and misconfigured databases or applications.<br /><br />","materialsDescription":"<h1 class=\"align-center\">What is Vulnerability Assessment?</h1>\r\nVulnerability Assessment is also known as Vulnerability Testing, is a vulnerability scanning software performed to evaluate the security risks in the software system in order to reduce the probability of a threat. Vulnerability Analysis depends upon two mechanisms namely Vulnerability Assessment and Penetration Testing (VAPT).\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of a vulnerability scanner:</span></p>\r\n<span style=\"font-weight: bold;\">Host Based. </span>Identifies the issues in the host or the system. The process is carried out by using host-based scanners and diagnose the vulnerabilities. The host-based tools will load a mediator software onto the target system; it will trace the event and report it to the security analyst.\r\n<span style=\"font-weight: bold;\">Network-Based.</span> It will detect the open port, and identify the unknown services running on these ports. Then it will disclose possible vulnerabilities associated with these services. This process is done by using Network-based Scanners.\r\n<span style=\"font-weight: bold;\">Database-Based.</span> It will identify the security exposure in the database systems using tools and techniques to prevent from SQL Injections. (SQL Injections: - Injecting SQL statements into the database by the malicious users, which can read the sensitive data's from a database and can update the data in the Database.)\r\n<h1 class=\"align-center\">How vulnerability scanners works?</h1>\r\nVulnerability scanning is an inspection of the potential points of exploit on a computer or network to identify security holes.\r\nA security scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures. A scan may be performed by an organization’s IT department or a security service provide, possibly as a condition imposed by some authority. Vulnerability scans are also used by attackers looking for points of entry.\r\nA vulnerability scanner runs from the end point of the person inspecting the attack surface in question. The software compares details about the target attack surface to a database of information about known security holes in services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts. The scanner software attempts to exploit each vulnerability that is discovered.\r\nRunning a vulnerability scan can pose its own risks as it is inherently intrusive on the target machine’s running code. As a result, the scan can cause issues such as errors and reboots, reducing productivity.\r\n<h1 class=\"align-center\">How to choose the best vulnerability scanning tool?</h1>\r\nWhen researching vulnerability scanners, it's important to find out how they're rated for accuracy (the most important metric) as well as reliability, scalability and reporting. If accuracy is lacking, you'll end up running two different scanners, hoping that one picks up vulnerabilities that the other misses. This adds cost and effort to the scanning process. \r\n<span style=\"font-weight: bold;\">Software-Based Vulnerability Scanners.</span> These types of scanning products generally include configuration auditing, target profiling, penetration testing and detailed vulnerability analysis. They integrate with Windows products, such as Microsoft System Center, to provide intelligent patch management; some work with mobile device managers. They can scan not only physical network devices, servers and workstations, but extend to virtual machines, BYOD mobile devices and databases.\r\n<span style=\"font-weight: bold;\">Cloud-Based Vulnerability Scanners: </span>Continuous, On-Demand Monitoring. A newer type of vulnerability finder is delivered on-demand as Software as a Service (SaaS). Like software-based scanners, on-demand scanners incorporate links for downloading vendor patches and updates for identified vulnerabilities, reducing remediation effort. These services also include scanning thresholds to prevent overloading devices during the scanning process, which can cause devices to crash.\r\n<h1 class=\"align-center\">What is mobile application security scanner?</h1>\r\nMobile application security testing can help ensure there aren’t any loopholes in the software that may cause data loss. The sets of tests are meant to attack the app to identify possible threats and vulnerabilities that would allow external persons or systems to access private information stored on the mobile device. \r\nMobile application vulnerability scanner can help to ensure that applications are free from the flaws and weaknesses that hackers use to gain access to sensitive information. From backdoors, malicious code and other threats, these flaws may be present both in commercial and open source applications as well as software developed in-house.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Vulnerability_Scanner.png","alias":"vulnerability-scanner"},"838":{"id":838,"title":"Endpoint Detection and Response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png","alias":"endpoint-detection-and-response"}},"branches":"Information Technology","companySizes":"501 to 1000 Employees","companyUrl":"https://www.malwarebytes.com/","countryCodes":["EST","IRL","USA"],"certifications":[],"isSeller":true,"isSupplier":false,"isVendor":true,"presenterCodeLng":"","seo":{"title":"Malwarebytes","keywords":"","description":" Malwarebytes is a company that proactively protects people and businesses against dangerous threats such as malware, ransomware and exploits that escape detection by traditional antivirus solutions. Malwarebytes completely replaces antivirus with artificial i","og:title":"Malwarebytes","og:description":" Malwarebytes is a company that proactively protects people and businesses against dangerous threats such as malware, ransomware and exploits that escape detection by traditional antivirus solutions. Malwarebytes completely replaces antivirus with artificial i","og:image":"https://old.roi4cio.com/uploads/roi/company/Malwarebytes_logo.png"},"eventUrl":"","vendorPartners":[],"supplierPartners":[],"vendoredProducts":[{"id":3595,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Malwarebytes_logo.png","logo":true,"scheme":false,"title":"Malwarebytes Endpoint Protection & Response","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"malwarebytes-endpoint-protection-response","companyTitle":"Malwarebytes","companyTypes":["vendor"],"companyId":5730,"companyAlias":"malwarebytes","description":"Malwarebytes Endpoint Protection and Response integrates multi-vector protection with detection and response capabilities via a single agent to eliminate EDR complexity. It provides continuous visibility into endpoints and reduces the dwell-time of zero day threats. Unlike other EDR solutions, we don't just alert, we fix it.\r\n<ul><li>3 modes of endpoint isolation</li><li>Thorough remediation</li><li>Ransomware Rollback</li></ul>\r\nMalwarebytes Endpoint Protection & Response integrates Multi-Vector Protection with detection and response capabilities via a single agent. It provides visibility, reduces dwell-time of zero-day threats, and offers remediation options beyond alerts. Endpoint Protection & Response eliminates EDR complexity with intuitive endpoint monitoring, detection, and remediation.\r\n<span style=\"font-weight: bold; \">Protection, Detection, and Response Layers</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Adaptive Cyber Protection</span></span>\r\n<ul><li>Web Protection</li><li>Application Hardening</li><li>Exploit Mitigation</li><li>Application Behavior</li><li>Anomaly Detection Machine Learning</li><li>Payload Analysis</li><li>Ransomware Mitigation</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Active Threat Response</span></span>\r\n<ul><li>Linking Engine Remediation</li><li>Endpoint Detection & Response</li></ul>\r\n\r\n<span style=\"font-weight: bold; \">Technologies at-a-glance</span>\r\n<span style=\"font-weight: bold; \">Multi-Vector Protection</span>\r\nMalwarebytes Multi-Vector Protection (MVP) uses a seven layered approach, including both static and dynamic detection techniques, to protect against all stages of an attack.\r\n<span style=\"font-weight: bold; \">Flight Recorder</span>\r\nContinuous monitoring and visibility into Windows desktops for powerful insights. Easily track file system activity, network activity, process activity, and registry activity.\r\n<span style=\"font-weight: bold; \">Endpoint Isolation</span>\r\nFast remediation prevents lateral movement. Malware is stopped from phoning home and remote attackers are locked-out. Safely keeps the system online for detailed analysis.\r\n<span style=\"font-weight: bold;\">Ransomware Rollback</span>\r\nEvery change made by a process is recorded. If a process does 'bad' things you can easily roll back those changes to restore files that were encrypted, deleted, or modified.","shortDescription":"Malwarebytes Endpoint Protection & Response - multi-vector protection, intuitive EDR solutions.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":19,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Malwarebytes Endpoint Protection & Response","keywords":"","description":"Malwarebytes Endpoint Protection and Response integrates multi-vector protection with detection and response capabilities via a single agent to eliminate EDR complexity. It provides continuous visibility into endpoints and reduces the dwell-time of zero day th","og:title":"Malwarebytes Endpoint Protection & Response","og:description":"Malwarebytes Endpoint Protection and Response integrates multi-vector protection with detection and response capabilities via a single agent to eliminate EDR complexity. It provides continuous visibility into endpoints and reduces the dwell-time of zero day th","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Malwarebytes_logo.png"},"eventUrl":"","translationId":3596,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"suppliedProducts":[],"partnershipProgramme":null}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}