Must-have security solutions for the enterprise


This webinar is must have security solutions for the enterprise. My name is Mike Eterno director of channel sales here at East at North America. By the end of this session you will have learned about ESET as a company and a premier software security vendor. You’ll also learn more about our newest solutions for the enterprise segment. It all began in 1987 with two talented engineers who had an idea to create an anti-virus software program. ESET the company was formed in 1992 and by 1998 ESET was at 19 employees. In the next 10 years that number jumped by over three hundred and ten more years on and we are four times that size. By the end of 2019 we’ll add at least 79 more employees bringing ESET to over 1,675 employees with fully 1/3 of those being technical roles. From our earliest beginnings in 1987 to the present ESET continues our steady stable growth year after year. In order to stay ahead of the malicious actors and the bad guys that are out there it’s very important to have a strong experienced team of researchers. At ESET our team of researchers is responsible for uncovering major and nation-state attacks like Industroyer and hundreds of other malicious threats across all types of markets and all types of industry segments. In fact you can see some of them shown here on some of these headlines and you can find even more at our research blog called welivesecurity.com. When we’re done here today I urge you to go out too welivesecurity.com there’s a ton of information for you to take a look at. ESET world headquarters is in Bratislava Slovakia which is part of the European Union. We have regional centres in the US in South America and Southeast Asia. but more importantly ESET has a research and development centers around globe. ESET was the only challenger in Gartner’s 2018 Magic Quadrant for endpoint protection platform and in 2017 ESET was awarded the Gartner peer insights customer Choice Award with an amazing 84 percent willingness to recommend rating. It’s also very important to note that ESET is the number one cybersecurity company from the European Union, and Slovakia is also on the United States GSA list of approved countries and the Department of Defense approved countries list. ESETs claim to fame has always been and is still taking a multi-layered approach to security. It also means a multi-layered approach within the software itself. Our products continue to be lightweight yet powerful with an incredibly low rate of false positives. ESET technologies span the pre-execution, execution and post-execution phases of threats and malware, and we incorporate the powerful combination of AI which is artificial intelligence and ML – machine learning along with human expertise. Year after year ESET software products continue to gather not only high praise in the industry but award after award. We continue to receive favorable test results by av-comparatives AV test and we have 100 VB 100 Awards. Our products have just the right balance of power, detection, precision and ease of use. This unparalleled effectiveness combined with our high renewal rate and our outstanding customer satisfaction means our solutions are tested, proven and trusted. As a very stable company our products are ideal for all enterprise businesses. We’ve been around for over thirty years with constant healthy revenue and employee growth. We have no debts, we have no loans and we are not dependent on one single market segment or on a couple of large customers. In fact we have a very diverse and distributed revenue stream we’re operating in more than 200 countries and territories were a stable predictable partner for enterprises where long term relationships are desirable. There’s no need to worry that ‘if that will be acquired and since we’re privately held, there’s no undue pressure from investors for a quick return on their investment, our focus is purely on security which means we have the freedom to do what we consider is best for our customers not for investors. With that let’s talk about the technology starting with a high-level overview. Because of the world of cyber attacks and cyber security changes so quickly, ESET must change just as fast – and we do! There are fileless attacks, targeted attacks and other forms of cyber warfare. On this diagram do you see
116
00:05:34,270 –>00:05:41,139
IOT the Internet of Things 10 years ago that wasn’t even a thing but now we have smart thermostats, smart refrigerators, smart toasters and more. And they all represent vectors for malicious activity. Also ransomware represents a continually evolving threat. In fact we actually discovered a malicious actor deploying ransomware that permitted the victim to pay the ransom by credit card. Think about that for a minute. ESET has and will continue to develop and deploy powerful new ways to respond to these never-ceasing threats. As we talk about layered security, let’s use home protection as an analogy. You have locks and keys to keep out unwanted intruders smoke detectors and fire alarms to alert you to unseen dangers, motion sensors to catch anything that’s out of sight, a safe that protects your valuables and a way to monitor all of these layers. The key to this proven methodology is that there is no one singular technology that can provide complete security, in fact it takes multiple layers of protection. This is also true with your network there are some vendors in the industry that tout strong solutions which require no updates. Any security software solution that doesn’t require updates will eventually fail falling victim to the daily evolving cybercrime landscape, which means you must keep your security solution current, with proper updates and versions. A layered approach also means you have to have all vectors protected as an example most networks today include servers, desktops, laptops and even tablets. But what about smartphones? Are they just phones? In fact no – they are sophisticated computing devices and you have to think of them as yet another vector for attack. You know the pyramid of protection if you think about it in a layered approach gets built gradually a little at a time and this is also true with ESET development over the years. There have been a number of strong moments when we introduced innovative technologies and approaches to the market. The battlefield always changes but it’s still a battlefield with adversaries on the other side trying to subvert our defenses and there’s so much talk nowadays about artificial intelligence and machine learning like it’s something new but in truth these algorithms have existed and been used for decades. Remember when you hear the term next-gen from cyber security vendors touting AI and machine learning? Next-gen is not a process or a product or methodology. It’s just a marketing term. Take a look at this. ESET has been next-gen since 1997 and because of this and other advancements we garnered our first VB 100 award over 20 years ago. As the ESET time line continues so do our technical developments and advanced accomplishments. And as time goes by you can see on what our technologists have focused. The ways in places to thwart the bad guys and provide multiple layers of defense. More recently with a powerful EDR solution and comprehensive anti ransomware protection. And as we’ve moved into 2019 and beyond we’ll continue to focus on improving our existing technologies and developing cutting-edge prevention and response solutions. If that security position is to provide our customers with multi-layered protection as we saw the home protection and analogy one single layer is simply not enough to protect against adversaries. Starting from the outside of this diagram take a look – there is the pre execution layer. This is where malicious threats can be found before they have infected deployed or carry out their tactics. We use a variety of methods to analyze, classify, group and determine threats so they can be thwarted before they strike because there are so many variables and vectors. If a threat makes it to the network we have multiple defenses that are enacted at the execution layer including exploit blockers and ransomware shields and finally post execution or post remediation – we have protections that include live grid. I’m sure you’re all aware that AI or artificial intelligence is a term widely thrown around to capture the attention of end-users who are concerned about cyber security, but artificial intelligence is not a science fiction robot-like approach. But rather in real life exists because of multiple layers. It starts with data collection then the application of mathematics and finally classifications. ESET has one of the largest global systems of data collection. The ESET cloud malware protection system is one of several technologies based on assets live grid cloud system. Unknown potentially malicious applications and other possible threats are monitored and submitted to the ESET cloud via the ESET live Grid feedback system. The samples collected are subjected to automatic sandboxing and behavioral analysis, which results in the creation of automated detections if malicious characteristics are confirmed. ESET clients learn about these automated detections via the ESET live Grid reputation system without the need to wait for the next detection engine update. ESET has developed its own in-house machine learning engine called ESET Augur it uses the combined power of neural networks like deep learning and long short-term memory and a hand-picked group of six classification algorithms. This allows it to generate a consolidated output and help correctly label the incoming samples as clean, potentially unwanted or malicious. ESETs host-based intrusion prevention system or HIPS – monitors system activities and uses a predefined set of rules to recognize suspicious behavior. When this type of activity is identified the HIPS self defense mechanism stops the offending program or process from carrying out potentially harmful activity and the most important element is human expertise applied to make determinations that require years of experience. Now here’s a view into our solutions, specifically designed for the enterprise user. We provide a very wide portfolio of business solutions for all major platforms. And our goal as a security vendor is to provide enterprise customers with a holistic approach to close any gaps in the security of their environment. Besides our existing solutions we continue to expand our portfolio by continually adding new tools and services. On the prevention quadrant we have endpoint security products with features like device control network, attack protection and advanced memory scanner and a botnet protection, to be able to prevent incidents at the endpoint. Highly proactive prevention means continual updates to the latest version as it contains our latest technology also from a prevention perspective we offer multi-factor authentication of desktop log-in and ESET offers the option to enable two-factor authentication to our remote management console, which is a very unique feature. With prevention comes encryption with ESET endpoint encryption, and in the detection quadrant we have ESET Enterprise inspector our enterprise detection and response solution. EDR functionality is quickly becoming a standard most endpoint protection platforms for improved visibility with tools for advanced threat detection. We respond with tools to mitigate threats with pinpoint accuracy and comprehensive reports. And to bring this full circle in the prediction quadrant we have ESET threat intelligence the ESET virus radar and the already mentioned welivesecurity. Let’s start with ESET threat intelligence. ESET threat intelligence is a new addition to our portfolio of services for enterprise customers and security service providers as suitably named this service provides intelligence services that can act as an early warning system and also help predict attackers next steps. It’s predicted that more than half of all enterprises in specific industries like finance and government will use some form of commercial threat intelligence services within the next three years. We are already seeing a growing demand from existing and prospective customers in these segments for this kind of service. This graphic shows three sample reports that are possible with ESET threat intelligence. These types of reports provide the details and specifics that network security professionals can use as one way to be better prepared to thwart malicious actors. To summarize ESET threat intelligence and its key benefits: number one ESETs threat intelligence service primarily to share threat Intel to customers providing them with an early warning system. Number two: with this service we’re essentially predicting the attackers next steps providing specific compromised indicators like IP, URL and file hash. Number three: it’s an automated malware analysis a cloud-based information collection system from ESETs live grid system for this service is also available for the companies that don’t use ESET software. ESET threat intelligence can provide detailed information about malware malicious behavior, malicious IPS and URLs, fishing and botnets. It also provides a search interface for all of this data such that subscribers to the service can find a particular malware sample among all the samples known to ESET. Next is ESET dynamic threat defense. This powerful new technology provides yet another layer of security for ESET products like ESET Mail security with cloud-based sandboxing to detect new never-before-seen threats and zero-day attacks. In this example we see a malicious threat embedded in a document and attached to an email. The email is sent. Now remember ransomware tends to enter unsuspecting users mailboxes through email in this case the recipients email server is running ESET male security and ESET dynamic threat defense. ESET mail security automatically submits suspicious email attachments to ESETs dynamic threat defense, ESET dynamic threat defense then analyzes the sample by running it through a full cloud-based sandbox, which simulates user behavior to trick anti- evasive techniques. The results are then submitted back to ESET mail security, ESET mail security detects and automatically remediates the attachment that contains the malicious content and the malicious attachment never reaches the recipient. Every sample analyzed by ESET dynamic threat defense is listed in the submitted files section of ESET security management center which also provides complete transparency for all data sent to ESET live grid cloud malware protection system. These are example reports generated after ESET dynamic threat defense and ESET Mail security detected malicious and suspicious behavior. With ESET dynamic threat defense it is possible to future-proof your company’s IT security. With this comprehensive cloud sandboxing behavioral based detection solution next we move to ESET Enterprise inspector. With ESET Enterprise inspector you can uncover the unknown in your network. This powerful EDR solution is primarily targeted to those customers, that need to increase their capabilities to detect and respond to incidents in their network and fight advanced attacks and advanced persistent threats that try to evade detection by the endpoint security solution. This endpoint detection and response tool leverages ESET multi-layered endpoint protection platform. All layers send relevant data to ESET Enterprise inspector, which analyzes vast amounts of real-time endpoint data. So here’s our complete network of endpoints. Now remember on the front-end we still have our mail server running ESET mail security and ESET dynamic threat defense. If by some chance a threat makes it to the network, ESET Enterprise inspector gives you the ability to hunt or search for any specific item, then quickly remediate the threat. So if there is a threat that was just recently talked about in the news or in a US-cert alert, you can input specific indicators of compromised into ESET Enterprise Inspector and have the system look for any instance of that threat in your organization. On top of that you have the ability to further mitigate future threats by understanding where that threat actually originated. There is always the potential that malware was already on endpoints so ESET Enterprise inspector lets you hunt and check and see if it is actually there. If it is there, It quickly remediates it. This sample report gives you the idea of just how detailed the information is. The vector in which the threat entered the network, the type of malware it is, what occurred or what it attempted to do or launched, and then the remediation comprehensive details information. And ESET Enterprise inspector is a perfect solution for targeted attacks and advanced persistent threats it provides insight into the network and offers the tools and techniques for better detection, visibility and response to those threats. For detection based on defined rules and their evaluation Enterprise inspector is able to find malicious anomalies as they occur by constant monitoring of all processes and executables and the actual behavior of those and based on specific rules triggering the alarms in the system. The administrator can further investigate what users computers or files have been affected, when the incident happened and provide drill-down capabilities to investigate how it happened and finally once a malicious event has been discovered the Enterprise inspector can help the security team to respond by providing the mechanisms to block it or remediate it, so in a nutshell enterprise inspector collects real-time events from all the endpoints, where an ESET endpoint solution and enterprise inspector agent is installed and enabled. Because of this the administrator has an overview of what is going on at a very granular level it provides extensive filtering and sorting, which enables the administrator to focus on what’s important and provides the malware hunting options to dig deeper into individual processes and find malicious anomalies it uses ESET reputation systems to evaluate the risk of the identified incident. Selected files are being instantly evaluated against ESET Live grid – our cloud-based reputation systems, to assure proper risk assessment since the administrator wants to be notified only when the specific problem occurs enterprise inspector provides the ability to create its own notification rules. Although we provide several of the most important rules, out of the box the customer can also customize the rules in advanced XML format according to their needs and finally Enterprise inspector offers blocking and remediation of individual processes and applications either on a particular machine or in the entire network. So at the hub of ESETs multi-layered approach is the ESET security management center. This unparalleled comprehensive management console brings visibility and actionable data to the administrator. The ESET Security Management Center gives complete control of all ESET security products to the administrator like enterprise inspector and dynamic threat defense and more. It allows the administrator to oversee the entire network including workstations servers and smartphones all from a single pane of glass. It’s a robust and powerful console with an extremely intuitive interface that offers state-of-the-art reporting and notifications with multiple automation techniques for updates, rule changes, classifications groups and more. You can even use it to determine what hardware is on your network what software is installed check to see what apps are on your users connected smartphones. So this graphic offers a glimpse of the main ESET security management center main dashboard each segment includes drill down capabilities, offering multiple sources of data and detail. Tasks policies triggers reports and notifications are very easy to create and to configure. And the management center can be protected with two-factor authentication to validate the identity of administrators logging into this console. And for the well-informed security administrator the lower right corner includes an RSS feed to cybersecurity news and information all this from a company that’s tested, proven and trusted. That’s ESET. Ok so let’s summarize all this. ESET is a highly stable 30 plus year security software vendor providing best-in-class solutions, that are perfectly tailored for enterprise users. Centered around the comprehensive and powerful security management center the endpoint and server products provide unparalleled protection. ESET dynamic threat defense offers cloud-based sandboxing to detect new never-before-seen threats. ESET Enterprise inspector increases your capability to detect and to respond to incidents in your network and fight advanced attacks and advanced persistent threats. And the ESET threat intelligence service provides Intel services that can act as an early warning system and help predict and attackers next steps. These are the must-have security solutions for the enterprise. Well that’s it thanks for watching this on-demand webinar for further information and details or to request a demo of any of these or other ESET security solutions please visit ESET.com and don’t forget to check out welivesecurity.com

Leave a Reply

Your email address will not be published. Required fields are marked *