Every device that connects to a network creates a security risk. There are many forms of defenses designed to protect these endpoints including anti-virus, firewalls, HIPS, endpoint detection and response (EDR), and other forms of access control. Most of these solutions require installed agents to manage authorizations and authentication, track device activities, and detect and remove viruses and malware. Despite the efforts applied to endpoint protection and EDR solutions, it is inherently insufficient. Even if you could find every endpoint, manage every agent, and keep every device consistently patched, there are fundamentally too many attack vectors to keep up with.
This year’s RSA Conference is a key venue for companies to showcase their new cybersecurity products. Here are some of the more interesting tools to check out. The Informer is a deception-based, real time forensic collection offering that extends Attivo’s ThreatDefend Detection and Response platform. The new tool provides a view of the attacker’s activity to accelerate intelligence-driven response and remediation, enhancing the ability to rapidly gather, understand and disseminate adversary intelligence. RSAC Location: South Expo 455