26 July 2004

eEye Digital Security - Vulnerability Management Solutions

eEye Digital Security - Vulnerability Management Solutions: "

Why Does the Industry Need Blink?

Unknown vulnerabilities represent the greatest threat to enterprises’ digital assets. Contrary to popular belief, many hackers do not wish for worms to be released, as this galvanizes enterprises to patch machines that could otherwise be used as doors into a network. This will continue to be a growing issue as enterprises become more successful at proactive vulnerability assessment and remediation – hackers will focus on ways to compromise systems in a “zero-day” fashion. Since Blink operates by stopping the activity that results from an attack rather than the signature of the attack itself, this technology is able to stop even unknown vulnerabilities from being exploited.

Additionally, as the window continues to shrink between the time vulnerabilities are announced and when enterprises are able to patch their systems, the costs incurred by companies through patch management will continue to grow. A company with thousands of machines in its network can expect to experience millions of dollars in lost productivity and business disruption when patching is immediately required. As a result, enterprises need the ability to defer patching to scheduled maintenance cycles, as well as intermediate protection from attacks that intend to leverage the unpatched vulnerability. By protecting individual machines, Blink allows corporations to patch their systems on a less disruptive, more cost-effective schedule.

Likewise, although the vast majority of enterprises have network-level security elements in place (e.g., firewalls, IDS/IPS, etc.), many remote workers, such as mobile workers, teleworkers, contractors and others, unintentionally acquire vulnerabilities “in the wild” and introduce these vulnerabilities to the corporate network once they reconnect. This internal attack vector is becoming a frequent cause of worms and virus outbreaks. Blink provides the means to isolate and evaluate each machine prior to its reconnection to the network. If any of Blink’s security mechanisms detect unusual behavior, the machine is isolated via its application and system-level firewalls, and the attack is prevented.

Blink also helps enterprises enforce policy compliance by constantly auditing corporate security standard configurations to reduce the risk of compromise. Finally, traditional security measures offer no defense against socially engineered security threats that attack from inside the organization. Even if a user unwittingly downloads a virus or worm, Blink is able to recognize the harmful activity, shut down the offending application, and isolate the machine from the rest of the network.

No comments:

Post a Comment