The Internet of Things is riddled with security challenges. Cybercriminals know this too, and have often been quicker to take advantage of vulnerabilities than we have been to fix them. For instance, according to Fortinet's Threat Landscape Report for the second quarter of 2017, 90% of organizations recorded attacks that targeted system and device vulnerabilities that were at least three years old, even though updates and patches had long been available. It's even more alarming that 60% of organizations reported attacks aimed at vulnerabilities that were 10 or more years old.
Today, the billions of online IoT devices present an even more daunting challenge because they generally don't receive the level of control, visibility, and protection that traditional systems receive. Coupled with widespread automation-based attacks, the potential for damage is even greater. Recent developments, outlined below, reveal why it's time to take IoT security seriously.
In the just-released 2017 NSS Labs Breach Detection Systems group test, Lastline received the highest possible score for security effectiveness, for the second consecutive year.
A recent blog about the report Lastline Ranks Highest in Security Effectiveness in NSS Labs Breach Detection Systems Group Test – Again gave an overview of this year’s NSS Labs group test results.
In today’s post, we’re going to dig a bit deeper into the report and how NSS Labs measures security effectiveness—and how Lastline keeps earning the highest score.
Before we dive into the details, it’s useful to note why NSS Labs is so highly regarded. There are several reasons: it is the world’s largest independent security testing and research organization; it focuses exclusively on evaluating cybersecurity products, and it is 100% objective. Also, NSS Labs does not charge any of the product vendors to participate in public tests, which adds credibility to the objectivity of its findings and reports.
Using performance insight, KLX created a global infrastructure that optimizes application performance for every user
SAN FRANCISCO – October 18, 2017 – Riverbed Technology today announced that KLX is using Riverbed® solutions to help meet SLAs for replacement airplane parts that range from four hours to as little as 20 minutes, by improving the underlying IT infrastructure. Working with Riverbed partner, Tier3 Technologies, KLX uses insight from Riverbed® SteelCentral™ performance management solutions to design a global IT infrastructure that optimizes performance of local and centralized business-critical applications such as Kardex, as well as public cloud-based applications such as Office 365, delivered over long distances to users. KLX uses Riverbed® SteelHead™ appliances for wide area network (WAN) optimization between data centers, and Riverbed SteelHead SaaS to accelerate cloud-based apps. Riverbed® SteelFusion™ appliances lay the foundation for edge sites around the world by eliminating complex local infrastructure, and uniquely centralizing edge data, backups and IT operations while accelerating performance of local applications.
Tweet This: Riverbed solutions help KLX Inc. meet 20-minute SLAs for replacement airplane parts: http://rvbd.ly/2ymAiiz
KLX Inc. is the world's leading provider of aerospace fasteners, consumables, and logistics services as KLX Aerospace Solutions. The company also provides oilfield services and associated rental equipment across North America as KLX Energy Services. KLX Aerospace Solutions is the company airlines call when they’ve got a plane full of people sitting on the tarmac, unable to take off until a replacement part arrives. With 110 global facilities (including 55 forward stock warehouses) and nearly 4,000 employees, KLX can deliver a replacement part in as little as 20 minutes.
View Video: https://www.riverbed.com/customer-stories/klx.html
KLX had the opportunity to create a global IT infrastructure from scratch when it was spun off from B/E Aerospace. “We had a unique opportunity, a green-field environment where we could select the best technologies,” explained Jack Ortman, Managing Director of Infrastructure at KLX. “Given the long distances and latencies we deal with, we knew one of those technologies would be WAN optimization. And not just for Kardex. We have a number of key business applications that are in the cloud and in the data center that are delivered over a network and whose performance is critical, including some of our financial systems, email, and Office 365.”
Tier3 Technologies began its work with KLX by using SteelCentral solutions such as AppResponse to gain insight into the existing (parent company’s) infrastructure. “There were lots of embedded systems in place and lots of dependencies that nobody really understood because they had just grown over the years,” said Michael Paynter, founder and CEO of Tier3. “Using SteelCentral, we were able help to KLX understand how users from all over the world were accessing the applications and what the dependencies were. And more importantly, what might be causing performance problems.”
Tier3 deployed SteelHead, SteelFusion and SteelHead SaaS across KLX as a single integrated system, and provides application optimization and data services on an on-going basis for KLX. SteelFusion was chosen for KLX’s edge sites because in addition to providing the WAN acceleration needed for optimized application performance, the appliances help with data security by centralizing 100% of edge data and backups in the datacenter. “We have a lot of files that are shared across different functional areas. SteelFusion allows for those files to be projected to the edge so the users get the performance as if they were using local files but there's no risk of that data being lost,” Ortman said.
In terms of meeting SLAs, the network that Ortman put together has been a definite success. “Today, 99.7% of our orders are delivered on-time to customers’ specifications,” Ortman noted. “And obviously, that continues to ratchet up as we continue to make process improvements.” In terms of costs, he is equally pleased. “Riverbed’s technologies improve the performance of your systems while reducing your total costs,” he added. “As we expand over the coming year, we expect we'll have a cost avoidance of $1 to $1.5 million dollars that we would have otherwise incurred upgrading those distant WAN connections around the world.”
Riverbed Delivers Solutions for Cloud and Digital World
Riverbed is delivering solutions to help companies transition from legacy hardware to a new software-defined and cloud-centric approach to networking, and improve end user experience, allowing enterprises’ digital transformation initiatives to reach their full potential. Riverbed’s integrated platform delivers the agility, visibility, and performance businesses need to be successful in a cloud and digital world. By leveraging Riverbed’s platform, organizations can deliver apps, data, and services from any public, private, or hybrid cloud across any network to any end-point.
Riverbed SteelHead is the industry’s #1 optimization solution for accelerated delivery and peak performance of applications across the software-defined WAN. Riverbed SteelCentral product family is a performance management and control suite that combines user experience, application, and network performance management to provide the visibility needed to diagnose and cure issues before end users notice a problem, call the help desk, or jump to another web site out of frustration. Riverbed SteelFusion enables a software-defined edge by bringing together best-of-breed virtualization, intelligent storage caching, and industry-leading WAN optimization into a single hyper-converged infrastructure solution that meets both the needs of the enterprise as well as the needs of branch employees for high-performing applications that simply work so they can do their jobs.
Connect with Riverbed
Riverbed enables organizations to modernize their networks and applications with industry-leading SD-WAN, application acceleration, and visibility solutions. Riverbed’s platform allows enterprises to transform application and cloud performance into a competitive advantage by maximizing employee productivity and leveraging IT to create new forms of operational agility. At more than $1 billion in annual revenue, Riverbed’s 28,000+ customers include 97% of the Fortune 100 and 98% of the Forbes Global 100. Learn more at www.riverbed.com.
Riverbed and any Riverbed product or service name or logo used herein are trademarks of Riverbed Technology, Inc. All other trademarks used herein belong to their respective owners.
One year ago, a threat actor launched a DDoS attack that disrupted service of some of the internet’s biggest names. The Mirai botnet had enslaved hundreds of thousands of IoT devices and was used to attack several entities, including the managed Domain Name System (DNS) provider Dyn.
The attack on Dyn was an event that many referred to as a wake-up call for internet security.
Except the industry, by and large, never really woke up.
Breach Detection Systems (BDS) trap attacks that display sufficient evidence of a possible breach, but are at risk of false positives when the sensitivity level is set too low. Hunting attacks with anomaly detection systems can detect the attacks that are not trapped by the BDS.
Breach Detection Systems identify patterns of events in order to detect network compromises. Event streams include:
Wouldn’t you know it, you sit down with those industrial designers to look at layouts for your new office space, and nothing looks good.You get two, maybe three layout options and each appears as if it ignored your inputs more than the last.
Your office layout can make or break your company’s productivity, morale and ergonomics. Yet we never seem to spend that much time optimizing these spaces.
Autodesk knew that with the opening of its new office in Toronto, Canada, it could do better. The result was its generative design tool, which can be big news, not just for BIM, but for CAD, CAE and many other design tools.
Don’t believe me? Look at the results from Autodesk’s internal pilot project.
We have some exciting news to share. Many of you have learned about our latest UEBA solution, LogRhythm CloudAI, by attending our monthly PartnerRhythm webinars. We want you, our partners, to learn that LogRhythm CloudAI has been formally announced on 11 October 2017.
According to Research and Markets, the UEBA market is projected to grow at a CAGR of 47.1% through 2021. At the same time, Gartner predicts that the UEBA market will disappear by 2022 with UEBA solutions becoming next generation SIEM platforms, with advanced analytics and smarter orchestration and response. LogRhythm is already there and with our CloudAI release, we are making UEBA even better.
One of the applications of advanced threat analytics is protecting people and devices from malicious advertisements. It has become increasingly common for websites, even well-known and trusted ones, to become victims of malicious advertisements or malvertising.
When a user visits an infected site, the malicious advertisement spreads malware to the user’s devise, compromising it and potentially installing ransomware or other harmful objects. Advanced threat analytics is one way of detecting and avoiding these malicious advertisements.
To distribute malvertising, cybercriminals use legitimate online advertising services. Ad networks produce content for thousands of websites. Hackers understand that they can potentially reach millions of people if they can infiltrate one or more of these online advertising networks. Malicious advertisements can affect any device, including PCs, Androids, and Apple. By exploiting vulnerabilities in an advertising network, cybercriminals can cause the network to deliver malware to its customer’s websites. It’s interesting to note that, as mentioned in Ransomware Delivery Mechanisms Part 1, Lastline identified malvertising as a prominent delivery vehicle for very dangerous types of malware, including ransomware.
Nearly 15 years ago, Phil Villella and I set out to change the definition of security information and event monitoring (SIEM). Our motivation originated in two fundamental beliefs:
If the news about ransomware in recent weeks hasn’t gotten your attention, then maybe the fact that its threat magnitude has grown 35X over the past year will jolt you into a state of awareness. Further, ransomware isn’t a threat confined to just a few industries or geographical regions; it is a global problem facing organizations—and even individuals—of all shapes and sizes.