How Sophos helps optimize public cloud spend – Sophos News

Ninety-seven percent of business decision-makers say that COVID-19 has sped up digital transformation and the use of cloud services at their companies*.

Customers may have a carefully mapped out strategic plan for cloud migration, or circumstances beyond their control such as Covid-19 may have caused them to rethink and move faster than they’d have anticipated. Either way, organizations all have a common goal: to optimize IT and security costs.

And it’s no different for cloud infrastructure. That’s why Sophos is helping organizations to answer the question: “How can I optimize AWS and Azure costs?”

They can achieve their goals with Cloud Optix, which provides a new range of cost optimization tools that allow customers to ensure security and compliance of cloud infrastructure, while also saving money on AWS and Azure service costs – all in a single Cloud Optix subscription.

Available for new and existing customers from launch, Cloud Optix will help organizations:

  • Optimize AWS and Azure infrastructure costs in a single console
  • View comprehensive daily and monthly costs, along with intuitive filters to provide analysis of individual cloud environments, services, and regions with ease
  • Track spend for multiple services side by side on a single screen to improve visibility and reduce wasted spend
  • Identify unusual activity indicative of abuse, highlighting top services contributing to spend with customizable alerts
  • Receive detailed independent Sophos recommendations to optimize AWS costs, and integrate with both the AWS Trusted Advisor and Azure Advisor services within the Cloud Optix console
  • Compare monthly analysis of granular changes to service spend with clear executive summaries

Helping you focus your teams

We’re so confident in our technology that the team at Sophos uses Cloud Optix to protect the Amazon Web Services environments used to host Sophos Central itself – a cloud security platform trusted by over 150,000 customers. And a primary reason is that Cloud Optix shows them where to focus attention in order to proactively stop any potential breach points before they happen – an approach which is carried through to spend monitoring.

Cloud Optix helps SecOps and DevOps teams focus on and fix their most critical security vulnerabilities before they are identified and exploited in cyberattacks. It provides a complete picture of your cloud assets across multi-cloud environments by monitoring costs, detecting insecure cloud configurations and deployments, and detecting access anomalies, over-privileged IAM roles, and compliance failures from the development cycle through to the ongoing security of live cloud services.

Find out how much you can save

Cloud Optix is part of our complete portfolio of cloud security products and services, including EDR, MTR, Firewall, CWPP, CSPM, and SaaS email security. You can start a trial and find out more about Cloud Optix here.

* Source: Raconteur http://rcnt.eu/ixkrd

Net Universe offers all Sophos Devices and subscritpions also consultant services with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/sophos.

The impact of COVID-19 on healthcare cybersecurity – Sophos News

COVID-19 has phenomenally altered the way healthcare functions, with growing adoption of telehealth and remote patient monitoring. The threat landscape in healthcare, too, has become fertile ground for phishing campaigns, malware, ransomware, breached patient records, and other cyberattacks on healthcare systems – all with far-reaching consequences.

According to Interpol, COVID-19 has led to shifts in targets from individuals and small businesses to government and critical health infrastructure. Security agencies in the U.K. and U.S. have unsurfaced targeted efforts against the healthcare, pharmaceutical, academic, and research industries tasked with providing uninterrupted patient care to infected people and in coronavirus vaccine research.

The healthcare sector is highly vulnerable today. Amidst one of the worst healthcare crises to have hit mankind, attackers are unflinchingly exploiting conditions like increases in teleworking – many with little or no prior experience and planning – fear and anxiety among the general masses, and an overworked and distracted medical workforce. Failure of healthcare systems can have dire consequences: failures to order drugs, schedule operations, or make ambulances available on time during emergencies.

In the fight against the pandemic, most countries rapidly rolled out virtual patient consultations using telehealth services in an effort to reduce physical contact to help prevent the spread of the disease. These services make use of remote access systems – which also means that every device and connection acts as a way into the healthcare system.

Given these unprecedented circumstances, the Office of Civil Rights (OCR) exercised enforcement discretion and announced that, during the pandemic, it will not impose penalties for noncompliance with HIPAA regulations against providers leveraging telehealth platforms that may not comply with privacy rules. This is giving hackers more leverage to deploy data breaches, ransomware attacks, EHR snooping, phishing attacks, and more.

Furthermore, to accommodate the rapidly rising numbers of infections and to support existing healthcare infrastructure, many countries around the world have had to create temporary COVID-19 facilities to house infected patients. Since these facilities are created in a hurry and the priority is to deliver patient care, security becomes a lower priority, with many crucial steps to protect networks and devices overlooked.

This, in turn, leads to weak spots in networks that are easily exploited by malicious actors. The Department of Health and Human Services has reported that between the months of February and May of this year, there have been 132 reported breaches. This is an almost 50% increase in reported breaches during the same time last year.

A result of the pandemic has also been a significant increase in the amount of patient health data stored by the government and healthcare organizations. Personal data like daily health parameters, co-morbid health status, insurance providers, as well as tracing all contacts who come in contact with an infected person can be exploited for identity theft and sold for a high value on the dark web.

Contact tracing and tracking apps are another source of privacy concerns. Sometimes patients’ medical history data needs to be sourced and transferred from regular hospitals to temporarily-created facilities, which happens over less secure technology. This puts hospitals and healthcare organizations at risk of “spray and pray” attacks by cybercriminals.

Fortified’s mid-year report found that 60% of healthcare breaches from the first half of 2020 were caused by a malicious attack or IT incident, rather than insiders. Email compromises have been the most common attack vector to gain access to healthcare networks and steal patient data during the pandemic. Fortified explained that these attacks are often executed by phishing campaigns used to drop malware or ransomware, which have remained prevalent throughout the crisis.

Given the scenario today, a focus on cybersecurity basics continues to be more important than ever. Organizations, especially in healthcare, must focus on email security and training. Users must be educated and tested with simulated phishing attacks and security awareness training. This creates both a positive security awareness culture and decreases the probability of users falling for attacks.

Network segmentation is another way organizations can limit or restrict communication between devices and systems that are critical to maintaining medical services. Today, when IT is already overwhelmed or understaffed, managed threat response services can help back up security operations by ensuring 24×7 threat hunting, detection, and response as well.

Visit Sophos.com/Healthcare to learn more.

Net Universe offers all Sophos Devices and subscritpions also consultant services with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/sophos.

Ensuring Continuous Security Integration for DevSecOps

As more application teams adopt Continuous Integration/Continuous Delivery (CI/CD) workflows to enable application development, it’s increasingly important that organizations have integrated and automated security in place to protect these workflows. Since most modern applications are based on a micro-service architecture, DevOps teams have leveraged containers and container orchestration platforms, such as Kubernetes, to build and deploy their applications. As a result, container security must be a critical component of any solution that tries to protect CI/CD workflows. Below are considerations for DevOps teams to ensure their container strategy isn’t compromising security. 

How DevSecOps Teams can Achieve Security for the Entire Applications Lifecycle 

Security should not be limited to only one part of a DevOps workflow. Instead, it needs to be injected into every stage of a CI/CD workflow pipeline—from the time that a developer checks in code to a code repository, until the time that the application is deployed to a runtime environment. At a high-level, a CI/CD pipeline is comprised of three stages: build, deploy, and run. It is paramount to secure each stage of the pipeline to prevent breaches in the overall lifecycle of an application. Here are things to keep top of mind during each stage of the CI/CD workflow pipeline:  

Build images securely – images often consist of source codes and third-party libraries. Before building an image, it is critical to parse packages and libraries to generate a detailed report of all vulnerabilities (CVEs) as well as the libraries/packages in which vulnerabilities are discovered. Additionally, certain libraries should be excluded if they can cause security risks. And a vulnerability report may be able to help detect the presence of credentials and/or secrets in an image.

Plug seamlessly into the CI/CD workflow – most application teams leverage build tools such as Jenkins to automate their build process. In order to add security to a build pipeline, security solutions need to be integrated into common build frameworks. Such integration allows application teams to learn fast and fail/pass builds based on their organization’s requirements. For example, if an organization has a security requirement that does not allow deployment of an application with critical vulnerabilities, a policy needs to be set to fail builds when a critical vulnerability is found in an image.

Run compliance checks against CIS benchmarks – as container orchestration platforms such as Kubernetes gain popularity, running static checks to detect potential vulnerabilities in those environments has become extremely important. The Center for Internet Security (CIS) has released recommendations for Kubernetes best security practices. It is a set of recommendations for configuring Kubernetes to support a strong security posture, such as disabling anonymous requests to the API server and running containers only as a non-root user.

Continuous runtime security – while preventing breaches in an application by shifting security to the earlier stages of a CI/CD pipeline is a key aspect of any comprehensive CI/CD security solution, securing running microservices is equally important. The Fortinet-Calico Enterprise integration, discussed later in this blog, addresses Kubernetes network security challenges for both North-South and East-West traffic.

Fortinet and Calico Extend Enterprise Security to Kubernetes 

Successful integration of container services within the enterprise depends heavily on access to external resources, such as databases, cloud services, third-party application programming interfaces (APIs), and other applications. It’s why Kubernetes is the most widely adopted container orchestration system.

All this egress activity must also be controlled for security and compliance reasons. Therefore, to enable successful application rollouts in production environments, companies must be able to extend their existing enterprise security architecture into the Kubernetes environment. Fortinet and Tigera have jointly developed a suite of Calico solutions leveraging the Fortinet Security Fabric. These solutions deliver both north-south and east-west visibility and protection, as well as compliance enablement for Kubernetes clusters.

The Calico Kubernetes Controller for FortiGate – enables FortiGate Next-Generation Firewalls (NGFWs) to control egress from Kubernetes pods to applications. As shown in Figure 2, the controller does this by automatically populating Kubernetes workload source IPs in FortiGate address group objects. FortiGate can then enforce the access rules. This means that developers who add new containers to a Kubernetes pod can use business-level tags (such as department name or role) to identify them, and then rely on the controller to handle the underlying access rule configurations.

The Calico Kubernetes Controller for FortiManager – enables Kubernetes cluster management from the FortiManager centralized management platform. This controller translates FortiManager policies into granular Kubernetes network policies and then pushes them out to individual clusters across all Kubernetes environments. Additionally, similar to the FortiGate integration, address groups in FortiManager can be updated with new pod/worker node IP address information, which can then be pushed to the FortiGate devices. 

Calico FortiSIEM plug-in event correlation and risk management solution – addresses compliance implications due to a lack of visibility. Like any on-premises or cloud-based networked services, Kubernetes production containers must fulfill both organizational and regulatory security requirements. If compliance teams can’t trace the history of incidents across the entire infrastructure, they can’t adequately satisfy cluster audits. The FortiSIEM plugin delivers the telemetry (metadata) that Calico Enterprise creates—including DNS logs, flow logs, and audit logs—into the Fortinet security information and event management (SIEM) environment. This helps security operations (SecOps) teams leverage FortiSIEM to better design and automate their workflows for incident response.

Leveraging Automated Security For CI/CD Pipelines 

While there are multiple ways to achieve a secure application lifecycle, automating and integrating a comprehensive security solution with DevOps workflows provides the most effective approach for discovering, reporting on, and remediating security vulnerabilities. Specifically, to secure microservices-based applications running in a Kubernetes environment, a defense in-depth architecture like the one outlined in this blog is recommended. 

By leveraging the Fortinet Security Fabric, the Fortinet-Tigera joint solution enables organizations to extend enterprise security to Kubernetes clusters so they can maintain their overall security posture. As a result, organizations are further able to achieve full visibility and control across their dynamic multi-cloud environments without compromising security. 

Learn more about how Fortinet’s multi-cloud solutions provide visibility and control across cloud infrastructures to secure applications and connectivity.

Read how Fortinet and Tigera are working together to protect organization’s Kubernetes in the enterprise.

As Fortinet partners, Net Universe offers all Fortinet devices and subscriptions with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/fortinet.
You can visit our Shop Online

Preserving democratic integrity and election security is a job for all of us

As we enter the final month of the 2020 U.S. presidential race, election security and fraud is top of mind for many. With the memory of the 2016 Podesta breach still fresh, we are a nation braced for cyber-attack impact. 

Experts agree that, while countless security improvements have been made since 2016, we should expect more vigorous phishing attacks, data theft, ransomware, and disinformation efforts in the coming weeks. And while legions of cyber security professionals work around the clock to protect this apparatus of our democracy, we must all be vigilant to defend against foreign adversaries or domestic actors who seek to sow chaos or tamper with election outcomes. The truth of the matter is that election security extends far beyond the political organizations themselves. 

For years, Yubico has worked closely with state, local, and federal governments — recently in partnership with Defending Digital Campaigns (DDC) and Microsoft AccountGuard  — to secure everything from bi-partisan campaigns to candidates’ email accounts with the YubiKey. Based on this extensive work to safeguard democratic electoral processes, there are three observations that underscore the pressing need for all of us — every business, every individual — to play a role in securing elections and re-infusing trust into our democratic process: 

The conditions are perfect for phishing season 

Hackers thrive on fear, anxiety, and confusion. They leverage these emotions to facilitate social engineering attacks. When emotions are running high, people are more likely to fall for a phishing attempt. To put it another way, they’re less likely to stop and question the authenticity of an email or text message before clicking on a link or offering up their credentials. This year, fear, anxiety, and confusion are in bountiful supply, making the conditions perfect for phishing

Politically-motivated hackers exploit unsuspecting targets 

In a phishing attack, a hacker can turn almost anyone into a weapon for use in their mission — whether that’s to help a particular candidate or simply cause unrest. 

Take the latest Twitter breach for example. According to WIRED, hackers sent out thousands of phishing emails and phone calls to Twitter employees in an effort to gain access to accounts of well-known and influential users. The consequences of such an account takeover in the final days of an election campaign could be catastrophic. Even if the breach were recognized immediately, the damage would be almost impossible to contain. 

In Twitter’s case, the company has focused intently on minimizing the chances of such an attack happening again — an exemplary effort that we would encourage other companies to mimic. Among other measures, the company recently announced it is rolling out phishing-resistant security keys. 

Hackers can work their way from account to account in order to get closer to their target. For example, they might target an individual that is a friend of someone who works at a large, influential company, or target a campaign volunteer instead of the campaign manager. Ultimately, their final target could be anyone whose identity can be used to influence public sentiment.  

Private companies see an increase in hacktivist threats

Experts report that private companies are seeing an increase in hacktivist threats in the run-up to the election. Media organizations, universities, and nonprofits are all at risk due to their profiles and roles in influencing the public, but almost any business could serve a purpose for a politically-motivated hacker

The recent SendGrid breach illustrates this well. SendGrid customers distribute large volumes of email with a high delivery rate. If those account credentials get into the wrong hands, it’s easy to see how they could be used to deliver political disinformation to millions of voters, opposing candidate campaign members, or media organizations.  

“Given the current climate in the U.S. and the amount of activism going on, I think it’s fair to assume that hacktivism activity would parallel community-level activities, since the web is just an extension of activities in real life,” said Michael Kaiser, president and CEO of Defending Digital Campaigns, and former executive director of the National Cyber Security Alliance in a recent SC Magazine article. “I fully expect disrupting a campaign, person or organization viewed as an opponent — in order to convey a message or do greater harm — would be part of the hacktivism playbook.” 

The message is clear: any individual, in any organization can be an accessory to an attack. That’s why every organization — political or not — must ensure it is authenticating every user. Passwords are too easy to steal, while basic two-step authentication can be vulnerable to phishing and man-in-the-middle attacks. Making strong authentication available at scale, with physical hardware keys like the YubiKey, is a trusted way to ensure the identity of every user at every login point. 

The stakes are high — we must do all we can collectively to protect individuals, protect organizations, and protect democracy.

Net Universe offers all Yubikeys with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/yubikey.
You can visit our Shop Online

 

Sophos is ranked 10th in 2020’s Sunday Times PwC Top Track 250 – Sophos News

We are proud to announce that Sophos has been ranked 10th in the UK’s annual Sunday Times PwC Top Track 250, which recognizes the most successful private mid-market companies in the UK.

This year’s list is a special COVID-19 edition that also aims to highlight the challenges faced and contributions made by mid-market companies during the pandemic. It is Sophos’ third appearance in the list since 2011, and the first time it has been placed in the top 10.

Commenting on the news, Kris Hagerman, CEO of Sophos said:

“It is a particular honor to achieve our highest ever ranking in a year that recognizes not just our commercial performance, but also our support for others during the pandemic. Our next generation security technologies and free tools helped protect organizations as they worked remotely, while our threat researchers and data science teams have advanced our industry-leading capability to identify and block cyberthreats of all types, which sadly have proliferated during this challenging and turbulent period.”

In 2020, cybersecurity became more critical than ever as the pandemic took hold across the world and organizations rushed to enable employees to work from home and to keep things going as normally as possible.

Cyber-attackers were quick to target newly vulnerable environments and exploit global anxiety about the virus.

Through our centrally managed, intelligent and synchronized security solutions, we helped organizations to transition securely to remote, virtual working environments. We also increased free access to some of our solutions to further protect remote workers.

Alongside this, our SophosLabs researchers regularly uncovered and reported on evolving COVID-19 themed attacks and ransomware targeting newly vulnerable IT infrastructures and employees.

However, for us 2020 was not just about what we could do for our customers. We wanted to unite the industry, to encourage collaboration and increase the speed of response to such threats. Our researchers set up the COVID-19 Cyber Threat Coalition (CCTC), where thousands of private and government organizations have come together to fight COVID-19 cyberattacks.

Further details of the Sunday Times PwC Top Track 250 can be found at Fast Track.

Net Universe offers all Sophos Devices and subscritpions also consultant services with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/sophos.

Yubico expands partnership with Infinigate into the UK and celebrates channel program growth across EMEA and APAC





Yubico expands partnership with Infinigate into the UK and celebrates channel program growth across EMEA and APAC | Yubico




Yubico expands partnership with Infinigate into the UK and celebrates channel program growth across EMEA and APAC | Yubico


























Yubico Privacy and Cookies Policy



Scroll to top

Net Universe offers all Yubikeys with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/yubikey.
You can visit our Shop Online

 

Building a Cyber-Aware Workforce Requires Training and Ongoing Awareness

One of the most critical strategies for addressing the risks associated with a large remote workforce is to ensure that remote workers have the skills needed to identify and thwart threats. In March of this year, Fortinet launched a free training campaign to help close the cybersecurity skills gap for those individuals looking to educate themselves on potential threats and security technology. As part of this campaign, Fortinet opened up its entire library of self-paced training. This content is designed to educate teleworkers, many of whom were working from home for the first time, as well as provide opportunities for IT and security professionals to upskill or reskill for career development or advancement.

Our world is a hacker’s playground with more people than ever working remotely, opening the door to insider threats wider than ever. A Ponemon Institute Report found that from 2018 to 2020 the number of insider threats increased 47%, making these threats a top concern for CISOs and executives. In addition to having a security architecture that protects organizations from insider threats, CISOs also recognize the importance of ensuring they have a cyber-aware workforce that can detect threats. To help organizations address this, Fortinet has unveiled a new Information Security Awareness and Training service as part of the NSE Training Institute’s latest offering. 

Information Security Awareness and Training Service

As the challenges of cybercriminals targeting remote workers continues to expand, Fortinet released another free offer for organizations designed to further enhance the ability of their workforce to be cyber aware. This new Information Security Awareness and Training service will help companies better educate their workforce on how to identify and protect themselves and their organizations against all types of cybersecurity threats and to help keep security top of mind.

This new service, researched and developed by Fortinet’s NSE Training Institute—a world-class team of cybersecurity experts, is in full alignment with two key sets of NIST guidelines: NIST 800-50 , which outlines requirements for Building an Information Technology Security Awareness and Training Program, and NIST 800-16, which discusses  Information Technology Security Training Requirements.

Training and Awareness

This powerful turnkey service from Fortinet is made up of three components, each of which include both training and awareness elements. These components, outlined below, work together to ensure employees are trained to always be on the lookout for possible attacks, to know how to deal with them when they arise, and to always keep security top of mind.

Awareness Assets:

The awareness component of this training program will help organizations get an effective training program up and running smoothly within a matter of days. To start, essential elements, such as email templates, are available for Information Security teams to customize. These templates are designed to help easily launch the information security initiative. 

Additional elements include security awareness posters, monthly best-practice videos, printable tip sheets, checklists, and screen savers. These and similar elements are all ready for download to help support a comprehensive security training initiative. Such components are essential as part of an ongoing awareness program to ensure your workforce does not lose focus and make the easy mistake of falling into a hacker’s trap.

Critical Training:

The service’s training component consists of five self-paced mandatory modules that are focused on key threats and attack vectors along with best practices. These videos provide valuable information on securing digital and physical information, and all participants are quizzed to test knowledge retention. Three optional videos targeted at various roles within an organization are also included in the package to expand knowledge of the importance of information security.

Administrator Dashboard:

The administrator dashboard provides the organization with a clear overview on how they are executing on their information security awareness and training initiative. It allows the program administrator to keep track of which employees have and have not completed the required courses, ensuring compliancy with company policies. Other details like enrollment dates, progress, quiz scores, and completed modules, as well as completed times and dates are also included.

Find out more information about the Fortinet Information Security Awareness and Training service.

As Fortinet partners, Net Universe offers all Fortinet devices and subscriptions with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/fortinet.
You can visit our Shop Online

Minecraft or math lessons: which one could be the cause of your company’s next social engineering attack?





Minecraft or math lessons: which one could be the cause of your company’s next social engineering attack? | Yubico




Minecraft or math lessons: which one could be the cause of your company’s next social engineering attack? | Yubico
























Yubico Privacy and Cookies Policy



Scroll to top

Net Universe offers all Yubikeys with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/yubikey.
You can visit our Shop Online

 

Fortinet Named a Leader in Gartner 2020 Magic Quadrant for WAN Edge Infrastructure

We’re a Magic Quadrant Leader! In Gartner’s recently published 2020 Magic Quadrant for WAN Edge Infrastructure, Fortinet has now been positioned in the Leader’s quadrant. We believe our commitment to continuous innovation helped Fortinet Secure SD-WAN place higher in ability to execute and further in completeness of vision. 

Our SD-WAN journey began years ago, led with a security-driven networking approach that enabled us to deliver the industry’s first Secure SD-WAN solution. We have continued to innovate since then, delivering the world’s first purpose-built processor designed to accelerate SD-WAN functionality and security, while achieving a fully self-healing SD-WAN solution combined with centralized orchestration to meet the diverse needs of customers worldwide. Going forward we are excited to address additional emerging customer use-cases in the SD-WAN market with cloud-delivered SASE innovations to provide the most flexible secure access solution in the market.

The rapid adoption of cloud services and the current shift to remote workforce has accelerated the need for digital transformation. This has led customers worldwide to recognize the value of SD-WAN as they work to build a more robust WAN Infrastructure. While cost reduction, both in terms of operational overhead and capital expenditures, continues to influence the decision-making process, customers are also highly focused on application performance. Delivering business-critical services and cloud resources in real-time ensures the best possible user experience. When combined with the assurance of secure access from anywhere ­– whether from home or branch offices, or across multi-cloud environments – Fortinet Secure SD-WAN delivers a complete solution worthy of being designated as an industry leader.

Evolving cloud applications poses a significant challenge to steering decisions made by SD-WAN solutions, which can have adverse effects on application performance. By combining the industry’s best performance with advanced remediation techniques, such as dynamic traffic steering, forward error correction, and packet duplication, Fortinet Secure SD-WAN can automatically repair complex WAN issues that can undermine network performance. Combined with Fortinet’s AI/ML-powered application learning, customers can establish advanced visibility and control at every edge to improve performance, expand business agility, and achieve higher levels of productivity to deliver and maintain a better application experience and drive growth and revenue further and faster.

Fortinet also provides one of the widest arrays of Secure SD-WAN solutions, allowing us to achieve an extensive presence across all market segments, from small retail to complex global WAN infrastructures. Part of our advantage is that by converging advanced networking and security into a unified Secure SD-WAN solution, customers are able to eliminate point products at the WAN edge to reduce cost and achieve consolidation, and for industry’s best TCO. Simplification through centralized SD-WAN orchestration also enables organizations to expedite deployment, thereby reducing complexity and associated staff hours spent on management and troubleshooting complex network issues. And its actionable analytics and reports empower IT staff to fine-tune business and security policy at scale, as well as ensure ease of change management because it enables networking and security staff to work as a unified team.

But SD-WAN is about much more than just secure connectivity for branch offices. With applications and workloads moving to cloud-delivered models, businesses need reliable and secure access at the cloud edge as well. Fortinet’s differentiated vision also enables customers to future-proof their digital transformation investments by extending SD-WAN to multi-cloud, providing flexible secure access for their remote workforce anytime and anywhere. In addition, close proximity to applications can also optimize SaaS connectivity and cloud compute. And innovations in Fortinet’s cloud orchestrator help organizations extend end-to-end visibility and control to all edges, whether devices are on or off-premises.

For 20 years, Fortinet – a recognized industry expert – has not only focused on security solutions. We also design and deliver a portfolio of advanced network and access devices that span the entire networking stack. These years of experience in building and delivering advanced routing functionalities are what led to our evolution as the industry’s first Secure SD-WAN vendor, providing robust connectivity and routing functionality combined with a full suite of advanced security. 

Innovations in both security and networking, focused vision on flexible secure access from and to anywhere, and continuous industry recognition from a range of third-party organizations, has fueled our expansion across all business verticals, and we believe this has led to our placement as a Leader in Gartner’s 2020 Magic Quadrant for WAN Edge Infrastructure. We believe our proven track record of providing business agility across all verticals and industries just got much stronger. And it doesn’t stop there. We have several upcoming announcements that will ensure that our Secure SD-WAN solution can address the broadest set of customer deployments – because being a leader never means standing in one place. 

Gartner Magic Quadrant for WAN Edge Infrastructure, Jonathan Forest, Mike Toussaint, Mark Fabbi, September 2020

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Download the full Gartner Magic Quadrant for WAN Edge Infrastructure report here.

Learn how Fortinet’s Secure SD-WAN Solution uses a security-driven networking approach to improve user experience and simplify operations at the WAN Edge.

As Fortinet partners, Net Universe offers all Fortinet devices and subscriptions with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/fortinet.
You can visit our Shop Online

Managed Detection and Response (MDR) Buyers Guide – Sophos News

Download the free MDR Services Buyers Guide today!

Few organizations have the resources in house to effectively manage their security programs while proactively defending against new and emerging threats.

As a result, organizations are looking to managed detection and response (MDR) services to run their security operations programs.

However, the security services marketplace is relatively new it’s and filled with false claims and confusing jargon.

Our MDR Buyers Guide is available as a PDF or in audio format and provides clarity by walking you through the key considerations when choosing an MDR service. It also enables you to see how MDR providers stack up against one another.

Evaluating MDR providers: 12 questions to ask

When evaluating an MDR provider, we recommending asking the following:

  1. How many customers does the MDR service have?

The current customer count will give you an idea of how many other organizations trust the service provider, and how well-versed they are at responding to suspicious activity.

  1. What is the scope of the service? Is threat response included?

Most vendors focus on threat identification and notification, leaving response and remediation to the customer. Effective MDR services go far beyond this. Ask for clarity on what is offered.

  1. Is the service 24/7/365? If an issue arises at 2AM on a Sunday, who will respond?

Ensure the MDR service truly monitors your environment and is able to respond any time, day or night.

  1. Which technologies does the service utilize? Are they included in the price?

Ask if the technology used by the operators is included in the price of the service or if you must purchase your own tools separately.

  1. Is the service being provided proactive or reactive?

MDR is a proactive discipline. Ensure you’re not being offered digital forensics and incident response services, typically used to deal with an existing crisis.

  1. How will you interact with the MDR team?

Is there direct call-in support? Can you communicate via email? Speak directly with SOC analysts, or through an intermediary?

  1. What is the security operations threat detection and response (TDR) methodology?

MDR providers should have a well-defined TDR methodology. If not, they’ll likely struggle to scale as their business grows and will be more likely to miss important indicators of suspicious activity.

  1. How fast is the service?

In security, seconds matter. MDR providers should be able to estimate the average times to detect, respond, and resolve.

  1. What types of remediation actions can the MDR operators take? Can they take active response for you?

Find out what happens when the service detects suspicious activity. Many will simply monitor and notify you. They should be able to act on your behalf and provide response.

  1. Is threat hunting lead-driven (responding to alerts), lead-less (looking for new indicators of attack without alerts), or both?

Some vendors refer to automated alert generation as threat hunting (it’s not). Understand if the MDR operators will proactively hunt to detect adversaries in your environment regardless of whether or not they’ve detected a strong indicator of activity or compromise.

  1. What data sources are used to provide visibility? Is the service just “managed EDR”?

While endpoint data is critical for a security operation program, some MDR providers don’t have any additional visibility beyond the endpoint. These are not true MDR providers but rather “managed EDR” services.

  1. Does the MDR provider have access to threat intelligence and threat researchers?

MDR providers should have a level of expertise that goes beyond what most organizations can build independently: skilled security analysts, access to proprietary threat intelligence, and collaboration with threat researchers when something novel is detected.

These questions and a comprehensive vendor comparison are covered in our MDR Buyers Guide – available as a PDF or in audio format.

Give your organization the best protection with Sophos Managed Threat Response (MTR)

Sophos MTR provides 24/7 threat hunting, detection, and response capabilities delivered by an expert team as a fully-managed service. Beyond simply notifying you of attacks or suspicious behaviors, the Sophos MTR team takes targeted actions on your behalf to neutralize even the most sophisticated and complex threats.

The Sophos MTR team of threat hunters and response experts:

  • Proactively hunt for and validate potential threats and incidents
  • Use all available information to determine the scope and severity of threats
  • Apply the appropriate business context for valid threats
  • Initiate actions to remotely disrupt, contain, and neutralize threats
  • Provide actionable advice for addressing the root cause of recurring incidents

Visit Sophos.com/MTR today to learn more.

DOWNLOAD: ‘MDR Buyers Guide’ full report

Net Universe offers all Sophos Devices and subscritpions also consultant services with worldwide Delivery Services.
Send us an email to [email protected] for more information or visit https://www.netuniversecorp.com/sophos.