Shulou(Shulou.com)05/31 Report--

This article introduces the knowledge of "six Zero Trust products worth paying attention to by RSAC2021". In the operation of actual cases, many people will encounter such a dilemma. Next, let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

The annual cyber security event RSA Conference officially kicked off on Monday. Due to the impact of the epidemic, this year's RSAC conference is a virtual event held entirely online, with the theme of "Network resilience" (Resilience). As the largest conference in the industry, many network security providers choose to launch new products / events at RSAC conferences, which often represent the company's latest technology, product routes and business strategies.

Shortly before the opening of the RSAC2021, the Biden administration issued a presidential executive order requiring the enforcement of a zero-trust structure in government agencies, so zero-trust products have become the focus of the industry at this year's RSAC conference. The following safety cattle are collected on the first day of this year's RSAC conference, six zero-trust product schemes worthy of attention:

1. IBM Security's blueprint for zero trust

IBM Security's zero-trust blueprint provides a framework for developing secure programs that apply the principles of least privilege access, no trust, always validate, and always assume that an attack has occurred. These blueprints can provide companies with a normative roadmap for security capabilities and guidance on how to integrate them into a zero-trust framework.

Among them, the customer privacy protection blueprint can help organizations enforce limited and conditional access to all data, gain insight into data usage and privacy risks, and reduce exposure in the event of an attack. IBM says that with a hybrid workforce blueprint, organizations can build a workforce that can securely connect to any application on any network from any location, using any device.

Internal threat blueprints are designed to detect abnormal user behavior, automate and adaptively enforce security policies, isolate the organization's most valuable data, and reduce business disruptions. With hybrid cloud blueprints, companies can achieve continuous compliance, reporting and response, monitoring cloud configuration errors, and building consistent policy enforcement across all cloud workloads.

two。 Microsoft: zero Trust Enhancement Program

Microsoft announced a series of new zero-trust features on RSAC2021 that help customers authenticate explicitly, grant least privileged access and assume that an attack has occurred. The company has introduced a new feature for its Azure Active Directory conditional access cloud identity product, which provides more granular access control for administrators and makes it easier to control more and more policy lists.

In order to achieve least privileged access, Microsoft demonstrated for the first time the ability to discover non-secure endpoints and network devices and protect endpoints with Microsoft Defender for Endpoint. Microsoft's threat and vulnerability management capabilities now support the Linux operating system, enabling organizations to view discovered vulnerabilities, evaluate the latest security recommendations, and issue fixes.

Microsoft has also introduced new anomaly detection features, such as user and entity behavior Analysis (UEBA) for Azure Sentinel, which can be used to provide additional context when searching for or merging with events. New enhancements to Microsoft Cloud App Security will help prevent attacks by detecting suspicious application activity and data disclosure attempts from cloud services.

3. BlackBerry: (zero trust) gateway

BlackBerry launched BlackBerry Gateway, marking the company's entry into the zero-trust network access (ZTNA) market for SaaS and local applications. By assuming that each user, endpoint, and network may be malicious prior to authentication, the BlackBerry Gateway can help organizations reduce the risk of network access. The product will go on sale this month.

The gateway ensures that only trusted and healthy devices access the business network and provides ZTNA telemetry data, which will be added to BlackBerry's cloud data lake. BlackBerry Gateway can also be integrated with the company's endpoint security products to provide comprehensive defense against threats to device, network, and user identities.

4. One Identity:Starling CertAccess

One Identity has released Starling CertAccess, an access request and access authentication product that helps organizations take advantage of Active Directory and Azure Active Directory in the enterprise. It solves the problem of managing, protecting and controlling user accounts in Active Directory and Azure Active Directory.

By enabling employees to easily and consistently request access and have business units authenticate access, Starling CertAccess ensures that users have the correct access rights so that their credentials are not vulnerable to attack. Starling CertAccess also enhances user and group management capabilities for active roles and on-demand active roles, simplifying key mixed Azure Directory identity management tasks.

5. CrowdStrike: zero trust scheme

CrowdStrike Zero Trust (Zero Trust) enables organizations to view labor identities across multiple directories and clouds. It reduces dynamic friction and false positives by providing conditional access, thus eliminating the need for complex and error-prone log analysis, thus shortening the time to detect and resolve events.

This reduces alarm fatigue, prevents the spread of attacks, and ensures that security teams get better information. CrowdStrike Zero Trust relieves the burden on security operations center (SOC) analysts through high-fidelity relevance and enhances the user experience through adaptive conditional access.

The CrowdStrike zero-trust scheme assesses the security posture of endpoints and enforces conditional access to resources from compliant endpoints by sharing assessment scores with ecosystem partners. It also ensures a consistent login experience for real users, while enforcing conditional intelligent access to resources and applications only when risk increases.

6. Ericom Software:ZTEdge

Ericom Software's ZTEdge is a comprehensive zero-trust security platform that meets the unique needs of medium-sized and small businesses. Ericom Software claims that ZTEdge reduces complexity, reduces network risk, and improves performance compared to other solutions, at a much lower price.

ZTEdge connects the right people and devices to the right applications and resources and provides protection when users and their devices interact with Web and email. ZTEdge also eliminates the risk of credential theft and limits data sharing privileges by controlling access to public cloud applications such as Office 365 or Salesforce.

According to Ericom Software, ZTEdge can detect, block and remedy ransomware attacks through network segmentation and monitoring. ZTEdge can also be used to connect teleworkers to private clouds or local applications, and to allow direct access to the local Internet to avoid backhaul and improve performance.

RSAC2021 other noteworthy new products / developments

(1) Cisco has released XDR,SASE and improved network security

Cisco has released an improved version of its extended Detection and response (XDR) solution, including enhanced vulnerability management capabilities after the acquisition of Kenna Security, improved device visibility through SecureX, simplified transition from EDR to XDR, and extended investigation and threat search capabilities.

Cisco also announced improvements to the secure access Services Edge (SASE) solution, especially new integrations, new layers of protection and new software packages-all for its Umbrella enterprise network security solution. Other new products from Cisco include updates to security firewall threat defense and the Cisco Security Firewall Cloud Native for Kubernetes.

(2) CrowdStrike publishes Falcon Fusion

CrowdStrike announced the launch of Falcon Fusion, a framework based on the Falcon platform designed to help organizations improve the efficiency of the Security Operations Center (SOC). The company says Falcon Fusion can be used to coordinate and automate complex workflows, simplify security operations and accelerate event classification and real-time response.

(3) McAfee extends MVISION XDR solution

McAfee announced a "significant expansion" of its MVISION XDR products through telemetry, SASE and threat intelligence solutions for affiliated companies' endpoints. MVISION XDR features include threat detection, automatic threat management tasks, and proactive threat search.

[this article is the original article of 51CTO columnist "Safety Niu". To reprint it, please obtain authorization through Security Niu (Wechat official account id:gooann-sectv).

Poke here to see more good articles by the author.

This is the end of the content of "six Zero Trust products worth paying attention to by RSAC2021". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.