Cyber Security -- Protection for the Desktop
One of WeatherEye's recommended
cyber security solutions addresses the most vulnerable part of the puzzle -- the endpoints. Or, put another way, your Windows PC.
Generally speaking, any cyber security solution is either host-based or network-based. Host based means most of the security software is doing work at endpoint PCs. Network-based means most of the security software is doing work at network level. FireTower Guard collects all the information at endpoints but it also has a network component - CyCon.
Cyber Defense Forensics
Whether you are a forensic expert assisting a client or company operational specialist examining a possible security breach, you need to rapidly identify the issue and Sampan Security product tools will help.
You may have tradition anti-virus and network security products installed, but when a penetration has occurred that hasn't been identified previously, you need to quickly identify the threat. AutorunCheck will quickly identify new threats on a suspect Windows based computer or server. On-line use of ASR-LIVE will validate the Windows registry with the Autorun Setting Repository (ASR). These steps are taken after a intrusion is suspected.
The better plan is to include FireTowerGuard and Cycon in your security configuration on PC based endpoints. New threats can then be immediately identified and appropriate action taken to defend your entire organization.
A network based solution doesn't know what happens at the endpoint computers. For example, sandboxing technologies intend to safely "detonate" incoming code to detect any sign of it having been designed to behave maliciously and aggressively. But when it comes to this attack mode, the technology can't tell you if it made it to the endpoint computers that it intended to reach, whether it ran or if it was stopped. The CyCon component provides the network visibity into the status of all PC endpoints.
Since most of the cyber attacks are happening at the endpoint computers, not at the network, it is important to have a robust tool monitor behavours at the endpoints across the enterprise. Effective security relies on multidementional tools to be operating at all network levels.