DigiCert是为企业提供可扩展的身份与加密解决方案的领先的供应商。目前,这一快速增长的公司拥有一批知名的企业和物联网(IoT)客户。 DigiCert享有很高的声誉并具有很高的客户忠诚度,该公司专注于行业领先的客户支持,创新的市场解决方案,以及改善行业最佳实践的有意义的贡献。 DigiCert的创新与增长战略已经获得了多项殊荣,而且该公司在今年夏天被评选为Computerworld百强IT雇主(Computerworld’s Top 100 places to work in IT)之一。
DigiCert是為企業提供可擴展的身份與加密解決方案之領先的供應商。目前,這一快速增長的企業擁有一批知名的企業和物聯網(IoT)客戶。 DigiCert享有很高的聲譽並具有很高的客戶忠誠度,該企業專注於行業領先的客戶支持,創新的市場解決方案,以及改善行業最佳實踐的有意義的貢獻。 DigiCert的創新與增長戰略已經獲得了多項殊榮,而且該企業在今年夏天被評選為Computerworld百強IT雇主(Computerworld’s Top 100 places to work in IT)之一。
Symantec a annoncé (https://www.symantec.com/about/newsroom/press-releases/2017/symantec_0802_01) aujourd'hui un accord sous lequel DigiCert acquerra les solutions de sécurité des sites Web de Symantec et les solutions PKI. Au moment où il est absolument essentiel que les entreprises soient protégées contre les menaces avancées de la cybersécurité qui infiltrent Internet, et grâce à cette acquisition, vous bénéficierez d'une entreprise axée uniquement sur la fourniture de meilleures solutions d'identité et de cryptage.
DigiCert est le principal fournisseur de solutions évolutives d'identité et de cryptage pour l'entreprise. La société en pleine croissance compte actuellement parmi ses clients un certain nombre d'entreprises de premier plan et de clients du secteur de l’IoT. DigiCert bénéficie d'une forte réputation et d'une grande fidélisation de la clientèle, en mettant l'accent sur le soutien à la clientèle de l'industrie, des solutions de marché novatrices et une contribution significative à l'amélioration des meilleures pratiques de l'industrie. DigiCert a remporté plusieurs prix pour ses stratégies d'innovation et de croissance, et cet été il a été nommé une des 100 meilleures entreprises de Computerworld en TI.
L'ajout de la sécurité Internet Symantec et des solutions connexes à PKI aux offres de DigiCert fourniront aux clients une plate-forme technologique améliorée, un soutien inégalé et des meilleures innovations sur le marché. DigiCert aura un talent et une expérience incroyables pour diriger la prochaine génération de sécurité Internet mondiale et gagnera des capacités pour tirer parti des opportunités en matière de IoT et apporter de nouvelles approches au marché du SSL.
La sécurité Internet Symantec et DigiCert partagent un engagement fort envers le service à la clientèle et s'assurent que la continuité pour nos clients et leurs activités est une priorité absolue. Une fois la transaction terminée, nous travaillerons à faire passer nos clients sur une nouvelle plate-forme qui répond à toutes les normes de l'industrie et aux exigences des navigateurs et jette les bases d'une innovation future dans l'espace CA.
Il est important de noter que nous sommes convaincus que cet accord satisfera les besoins de la communauté des navigateurs. DigiCert communique cet accord et ses intentions à la communauté des navigateurs et continuera à travailler en étroite collaboration avec eux au cours de la période précédant notre clôture de la transaction. DigiCert apprécie et partage l'engagement des navigateurs à créer une confiance dans les certificats numériques et à protéger tous les utilisateurs.
Pour finir, je voudrais personnellement remercier chacun des employés dévoués de l'équipe de sécurité Internet. Nous sommes extrêmement enthousiasmés par les opportunités qui nous attendent et profondément engagés dans le succès de cette transition pour l'entreprise de sécurité Internet, ses employés et nos clients.
Cordialement,
Roxane Divol
Vice-présidente exécutive et directrice générale, Sécurité Internet Symantec
Skycure と Fireglass のソリューションは、Secure One パートナープログラムに追加されます。Skycure と Fireglass の既存のパートナー様が、まだシマンテックのパートナーになっていらっしゃらない場合は、評価と、Secure One への対応付けが進められているところです。Secure One 固有の情報は、準備できしだい、両ソリューションに関する PartnerNet でも公開します。
Fireglass - Web とメールのアイソレーションを Secure Web Gateway 製品に拡充
Fireglass は、Web とメールのアイソレーションという、成長の著しいセキュリティカテゴリをリードするソリューションです。ユーザーと Web との間にセキュアな実行環境を構築し、ユーザーのデバイスには安全なビジュアルストリームだけを送信するので、Web 由来の脅威がお客様の環境に到達することはありません。Symantec Web Isolation を使えば、エンドユーザーは未分類の Web サイトや、リスク評価の定まっていない Web サイトにもアクセスできるようになります。現在、そうしたサイトへのアクセスはポリシーによって遮断されているかもしれませんが、Web 利用が過剰に制限され、従業員の不満の原因にもなっていることは、よく知られています。それでもエンドユーザーがポリシーに従っているのは、ひとえに高いセキュリティレベルを維持するためです。Web Isolation を Secure Web Gateway に追加すれば、何もかも一変し、未分類のサイトへもアクセスできるようになります。会社に対するセキュリティリスクが高くなる心配はありません。
According to the New York Times, cloud storage is “pretty good at keeping things safe online”, a perspective which many consumers and enterprises believe. However cloud storage is finding itself victim to attacks. For example, according to Phishlab’s 2017 Phishing Trends & Intelligence Report, most recent cyber attacks have been towards cloud storage providers such as Google and Dropbox.
Businesses nowadays have a multitude of data, tools, and utilities residing on storage devices. Backed up and archived data may contain malware. Enterprise users frequently download or share data, which could be infected, or access websites infected by malware. Workers can and do store personal as well as corporate documents within enterprise cloud storage and NAS repositories, leading to unchecked potential for threats to propagate with the transport of files.
Global Data Storage is Exploding
With the shift of IT infrastructure to off-premises, such as the cloud, and the growth of Big Data and its storage needs, the global data storage market is exploding. Widespread implementation of cloud-based CRM and ERP solutions are also driving the need for cloud storage. Total data center storage capacity will grow nearly 5-fold from 2015 to 2020, growing at 40% CAGR.
As enterprises move rapidly towards off-premises adoption, cloud data storage and also network attached storage (NAS), remains an indispensable IT need. This brings into question how safe is your cloud services and network attached storage?
Introducing Symantec Protection Engine, 7.9
What’s needed is a way to protect cloud storage and NAS, which provides security before, after, and during transfer of files to storage.
Symantec Protection Engine (SPE) is comprised of two products:
SPE for Cloud Services is a flexible and feature-rich client/server application that allows customers to incorporate malware and threat detection technologies into almost any storage service or application. Protection Engine for Cloud Services gives enterprises access to innovative security that ensures their cloud-based storage services remain free from malware, including scanning for malicious URLs.
SPE for Network Attached Storage provides scalable, high-performance threat detection services to protect valuable data stored on network attached storage (NAS) devices. It delivers improved scanning performance and detection capabilities to protect against multi-blended threats.
Protection Engine for Cloud Services and NAS Provides 3 Ways to Rethink the Security of your Cloud Services and Related Storage:
1. Reduce Your Organizational Risk Profile
For the success of your organization, preventing cloud-based applications and storage services from hosting and distributing malware becomes critical. This includes ensuring that employees are sharing information free of infections and malware. Protection Engine can track files globally and apply reputation intelligence for cloud services, hence fueling the intelligence required to reduce your organization’s risk profile, using definition based scanning.
2. Enable Industry Leading Protection
Protection Engine provides fast, scalable, and reliable anti-malware scanning with Symantec’s File Reputation Service. This service utilizes threat and reputation information from the Symantec Global Intelligence Network, which correlates data from more than 41.5 million attack sensors in 157 countries and over 13 billion web requests a day. Advanced machine learning provides best-in-class protection with low false positives.
3. Utilize Broad Storage and Platform Support
Protect a broad array of third-party applications and storage services with APIs for embeddable threat detection and anti-malware. Incorporate industry-leading malware and threat detection technologies into almost any business critical application, service, or device with the full client Software Development Kit (SDK) and native ICAP protocol support. Platform support spanning Microsoft Windows®, Red Hat® Enterprise Linux®, SUSE® Linux, and CentOS® ensures that customers can take advantage of market-leading malware detection wherever they need it.
Strong security protects today’s businesses. To learn more about Symantec Protection Engine, visit here.
for Symantec Endpoint Protection 14, Symantec Endpoint Protection Small Business Edition and Norton
Publish to Facebook:
No
Twitter カードのスタイル:
summary
We are aware that some customers with Symantec Endpoint Protection 14, Symantec Endpoint Protection Small Business Edition and Norton products with Windows systems may be experiencing a hang at the Welcome or Logon screen, or display a black screen. This appears to be related to a new engine release that shipped on 2 August at 4:00pm Eastern US time.
Please note that Symantec Endpoint Protection 12 customers do not appear to be affected. This AV engine/definition release was removed from our Symantec servers on 3 August 2017 at 7:30am Eastern US time.
Check to See If You Are Affected
Be sure that you have AV engine/definition updates numbered 20170803.006 or later.
Any SEP customer who has downloaded and/or rolled out AV engine/definition updates numbered between 20170802.008 and 20170803.005 should take action immediately to ensure they update to the latest signatures, numbered 20170803.006 or later. This update removes the crash issue and does alter the functionality of SEP 12 otherwise. To help ensure customers remain protected, we will continue to ship definition updates on our regular schedules.
Our teams are currently working on automated remediation for impacted machines as well as investigating root cause analysis of the issue.
If You Are Affected
For recovering an affected computer, you should reboot into safe mode and follow the solutions steps in the knowledge base articles for the products below.
For more detailed information, please see the following Knowledge Base article: http://www.symantec.com/docs/TECH247190. We will continue to provide updates to the Knowledge Base article as they become available.
とは言っても、当社でも移行には最大の障害がひとつありました。Symantec™ Data Loss Prevention(DLP)をオンプレミスで配備して築き上げてきたデータの可視性とセキュリティを、手放したくなったのです。2010 年から 2016 年まで、Exchange がリリースされるたびに、当社は DLP 技術を使ってきました。これがあったからこそ、当社はトラフィックを徹底的に監視し、データポリシー上の問題をリアルタイムで検出して修復できたのです。データ漏えいの原因になることもありませんでした。
しかし、2011 年にはまだ、オンプレミスで稼働する Data Loss Prevention ほど可視性とセキュリティが万全な代替サービスが、クラウドベースでは存在していませんでした。クラウド版の Exchange も試用しましたが、トラフィックが見えなくなる、動きが把握できない、データが保護されないなどのギャップがありました。
それが一変したのは、シマンテックが業界をリードする*オンプレミスソフトウェアに基づくクラウドベースの新しい検出サービスとあわせて、Data Loss Prevention Cloud Service for Email のテストを始めたときのことでした。新しいサービスでは、従業員が Exchange Online や Gmail からメールで送信した重要なデータが、高精度のコンテンツ検出技術によって捕捉され、誤認識は最小限です。セキュリティポリシー違反があれば、メール通知を通じて従業員には自動的にアラートが届きます。問題のあるメッセージは遮断され、暗号化サービスにリダイレクトされて、安全に配信されます。
Data Loss Prevention Cloud Service for Email は、Symantec Email Safeguard と最初から統合されています。Symantec Email Safeguard は実効性の高いメールセキュリティサービスで、マルウェア対策、スパム対策、データ保護、ポリシーベース暗号化機能の機能があります。手軽さとシンプルさは、完全ホスト型のサービスと何ら変わりません。ECI は早期からベータテストに参加し、完全製品版のユーザーとしては第 1 号となりました。
このサービスを実装したとたん、目の前が大きく開けるような思いでした。中から外まで、何が起きているのか把握でき、データ保護と漏えい防止が可能になりました。私が実行したなかで、実装が最も単純だったサービスでもあります。なにしろ、シマンテック側と Microsoft 側で 1 つずつコネクタを定義するだけで、既存のポリシーはすべて再利用できたのですから。
今や当社では、Symantec Data Loss Prevention Cloud Service for Email によって 2,000 を超える Exchange Online ユーザーが保護されています。リスクを理解し、効果的に管理するために必要な可視性も実現します。クラウド版のメールサービスを検討中であれば、ぜひとも、これと同じような DLP サービスもあわせて検討すべきです。
Girls Who Code Summer Immersion Program at Symantec works to increase diversity in tech
Publish to Facebook:
No
At Symantec, we believe that together, we have the power to change the world and make it a better, safer place. Symantec is proud of our work with strategic community partners and the impact we’re having in our four philanthropic focus areas: education, diversity, online safety, and environmental responsibility.
Today, we hear from our partner, Girls Who Code (GWC) on the work they do to close the gender gap in technology. GWC inspires, educates, and equips girls with the skills needed for tomorrow’s computing jobs. Through free after-school and summer programs, and with supportive peers and role models, GWC teaches girls to use computer science to become change agents in their communities.
By Kelly Parisi, VP of Marketing & Communications at Girls Who Code and Francesca Garofani, Symantec Senior Human Resource Specialist
Featuring a Q&A with Eileen Brewer, Director, Enterprise Security at Symantec
By 2020, there will be 1.4 million jobs available in computing related fields, and while U.S. college graduates are on track to fill 29% of those jobs, women are on track to fill just 3%.[1] Demand for computing skills are growing at three times the national average, but girls across the U.S. are being left behind. Today, women hold less than a quarter of all computing jobs, and that number is declining.[2]
To close the gender gap in technology Girls Who Code is building the largest pipeline of future female engineers in the United States. Through their Clubs Program, 6-12th grade girls explore coding in a fun and friendly environment, hosted at schools, libraries, universities, community centers, faith-based organization, and non-profits. They also run a free seven-week summer immersion program for 10th-11th grade girls designed to teach girls computer science through real-world projects in art, storytelling, robotics, video games, website and apps. By partnering with top technology companies like Symantec, girls learn critical computing skills, while connecting with other young women and professionals in tech. This life-changing experience is made possible by partners like Symantec, who hosted their first ever program this summer.
ABOUT The Symantec and Girls Who Code program:
This July, Symantec’s Human Resources, Corporate Responsibility, and Government Affairs teams partnered with Girls Who Code on two coasts. In Herndon, Virginia, nineteen teenage girls from the GWC program spent an afternoon learning more about cyber security. In Mountain View, California, Symantec brought twenty 15-17 year old girls with little to no previous computer science education to their headquarters for seven weeks. The seven-week summer immersion program curriculum, created and run by GWC staff, introduced students to the basics of computer science in two languages (Scratch and Python), taught students to set up a personal portfolio web-page, and helped the girls create games and projects to support what they were learning. Girls also learned how to apply computer science through robotics and the Internet, learning basic electronics, how to wire and program a robot, and how the Internet actually works, with topics including databases, cookies, and security. The final week of advanced topics included using data frames to visualize real data, learning to program a simple search and sorting algorithm, and combining all that they learned to build the back-end of a social network. The program cultivated in the girls sharing their final project, a product they built themselves, with their class and Symantec employees during their graduation ceremony.Anne Wang, one of our students, left the program with not only the ability to code, but with a better understanding and appreciation of cyber security. Anne told the Symantec program managers, “Honestly, I really love it here. I’m grateful that I got a spot at Symantec. Before Girls Who Code, I didn’t really understand what security was, but I feel that listening to speakers and exploring the space here helped me understand that it is much more than protecting everyone from cyber warfare. There are a lot more aspects like encryption and algorithms, which I find so awesome.”
Symantec provided guest speakers, engaging workshops, and fieldtrips to supplement the program curriculum and help connect GWC students with female engineers. One guest speaker, Eileen Brewer, a Director in Enterprise Security at Symantec, and a passionate advocate for women in technology, provided the students with a Hack-a-Server workshop to increase the girls’ confidence and interest in hardware technology. Through the hands-on workshop, students learned about component design, manufacturing and server labs, and discussed the various types of careers that could be held beyond software development. This workshop was key for girls in the immersion program interested in the tactical aspects of computer science.
After the Hack-a-Server workshop, Kelly spoke with Eileen Brewer to learn more about her journey to a career in technology, her thoughts on the impacts of women in technology, and how both Girls Who Code and Symantec’s CR Programs are helping close the gender gap in technology.
A Q&A with Eileen Brewer, a Director in Enterprise Security at Symantec and a GWC at Symantec Speaker
KP: Eileen, you are one of the few women in your field. How did you decide tech was what you wanted to pursue in your career?
EB: My older sister works in tech and kept telling me it was a great career path and that I would really like it. She helped me get my first job and she was right, I really love working in tech. Working in tech is getting to see new things before anyone else, it’s working with intelligent people and living in a valley where innovation is understood and supported.
KP:Wow, it sounds like both you and your sister are trailblazers in the technology space. What advice do you have for young women getting in this field today?
EB: Technology is not just about software or making mobile apps. Working in technology means building better products, because everything we use or touch is being designed and manufactured through technology. Technology is used to design new fabrics, new cosmetics, new household appliances, new cars, new desks, and new security products. Being a part of designing new products is exciting; it opens our eyes to everything around us and encourages us to think about how things can be made better. Try taking an introductory class in computer science, design thinking, or basic programming. All of these courses will reduce the fear of the unknown and spark your interest in making something new for the world. We’re waiting for your next invention!
KP: We know that women represent only 22% of the tech workforce, outside of job opportunities, why do you think it's important for women to be into this field today?
EB: Women need to be involved in all types of product development because women are users of all types of products. Research has proven that by including women in the development process both the products and profits will improve.
KP: What are the biggest barriers for women entering technology careers?
EB: Gaining more male allies. Men still hold the majority of decision-making positions so more work needs to be done across the industry to bring them into the conversation about the value of reducing the gender gap. The first to become allies are often fathers or husbands who see and hear what is happening to their daughters in a classroom or their wife at a new job. They start becoming allies by bringing awareness into their own work environments. We need their help in shifting the mindset of their peers.
KP: We are always so proud when companies like Symantec partner with GWC to help build the pipeline of women and tech. How does this program fit into your larger goals and strategy of bringing more women to the field and table?
EB: When Symantec supports programs like the GWC immersion program, we are making a statement that the status quo will not do and that we need to help increase the amount of women applying for technology jobs. Symantec understands that by increasing the number of women in our product teams we will increase the quality and the profit of our products, and to do that we need more women applying to our jobs. To have more women applying for positions at Symantec we need to reach girls early, as many decide at a young age that technology is not for them due to peer pressure or a lack of information. Supporting camps like GWC increases the amount of girls who will take computer science courses in college. When these college girls are home for the summer and looking for internships they are going to remember their summer camp at Symantec and look to us for internships. When they graduate they will look to us again to start their careers.
While the girls in Mountain View were dissecting servers, the girls in Virginia spent their afternoon playing a cyber version of Capture the Flag and spending one-on-one time learning from and connecting with female Symantec engineers. Following the activity the girls were able to ask a panel of four female Symantec employees about their work in different aspects of cyber security. This showed the girls the numerous and varying career options available, even within the cybersecurity field itself. The day concluded with a tour of Symantec's Security Operation Center (SOC) and a briefing on the “life of an analyst”.
Girls Who Code has grown from teaching 20 students in New York to code, to reaching 40,000 girls across the United States. With 93% of Summer Immersion Program participants reporting that because of the program, they now want to major in or are interested in computer science, GWC is not just aiming to close the gender gap in technology, we are actually doing it.
[This is #21 in our on-going series on Shady TLDs. Links to the previous posts are found at the bottom of the page.]
A Bit of History...
Way back in the old days of the Web, when "all of the good domain names were taken" on .com, there was an initial expansion of new TLDs (including .info and .biz, which unfortunately ended up largely misused as junkyards for shady domains). One of the new TLDs in this group (back in 2004) was .Pro.
.Pro was conceived of as what would now be called a "Premium TLD" -- that is, a .pro domain would cost more than a domain on a normal TLD like .com, because it would carry a certain cachet that a normal .com (or .info, or .biz) domain would not. (I remember looking into .pro domains a decade or so ago, and pricing was several hundred US$ a year, or roughly ten times the going rate of a .com domain.)
.Pro domains were supposed to be reserved for "licensed professionals" (think doctors, lawyers, etc.). In fact, registrants were supposed to provide documentation about their licenses as part of the registration process. A few years later (2008), the list of eligible licensed professions was expanded (including Educators, Physical Therapists, CFAs, and many more).
In this early era of .Pro domains, I don't remember encountering very many shady sites; it certainly wasn't on our radar in the same way that .info and .biz were...
More recently (2015) however, .Pro dropped the "licensed professional" requirement, and I've seen .pro domains offered for less than $10 each. Consequently, as you might predict, this shift in .pro registrations is reflected in a higher rate of shady usage...
2017 Q2 Top Ten List
Because of .pro's interesting history, I had intended to profile it at some point. Especially when I saw it showing up fairly high in our "Shady TLD" list (it's currently at #40 as of the end of Q2, with 93.95% of its domains rated as shady in our main database.) That may sound like a lot (and it is), but it's not even close to cracking the Top Ten:
Rank
TLD
Percentage of Shady Domains (All Time) *
1
.country
99.95%
2
.stream
99.70%
3
.gdn
99.59%
4
.download
99.49%
5
.racing
99.29%
6
.xin
99.22%
7
.men
98.90%
8
.kim
98.79%
9
.science
98.72%
10
.bid
98.71%
* As of the end of June, 2017. Shady Percentage is a simple calculation: the ratio of "domains and subdomains ending in this TLD which are rated in our database with a 'shady' category, divided by the total number of database entries ending in this TLD". Shady categories include Suspicious, Spam, Scam, Phishing, Botnet, Malware, and Potentially Unwanted Software (PUS). Categories such as Porn, Piracy, and Placeholders (for example) are not counted as "shady" for this research; if they were, the percentages would be higher.
Movement-wise, there were only minor changes from the Q1 list (.loan, .mom, and .online dropping out -- but just barely -- and .men, .science, and .bid moving in).
Also of note, if you follow the TLD space, is that the total count of valid TLDs (according to ICANN's list) is at 1,547 as of today (Aug. 9th).
Caveats
As always, we caution against reading too much into the relative positions of TLDs on this list. Rankings are very fluid from quarter to quarter.
Also, we are not advocating setting up policy to block all domains on all of these TLDs. Any such recommendation would come only after more research into a TLD. In particular, .xin is rather popular in China, as is .kim in South Korea, and it would not be wise to automatically block such domains if you do any business there. Also, several TLDs have percentages based on lower numbers of domains than some of the other TLDs in the list.
In general, it's better to leave shady domain blocking up to the professionals...
A Closer Look at the ".Pro-file"
Pulling a recent week of worldwide WebPulse traffic to .pro sites showed the following category breakdown for the top 100 sites:
Category
Count / Percentage
Suspicious
24
Scam
2
Malware
2
Porn
12
Piracy
5
Placeholder
3
WebAd
16
Other legit/normal Category
36
In other words, in recent traffic, only 28% of the Top 100 sites were "shady" by the strict methodology of counting only the security-related categories (in Red). If we add in the "arguably shady" categories (the ones in Yellow), then the shady percentage climbs to 48%.
That means that over half of the Top 100 sites are arguably normal/legitimate sites (although, interestingly, exactly *none* of them appeared to belong to "licensed professionals").
Conclusion: As with some of the other Shady TLDs we've profiled, we don't recommend a blanket block of all .pro traffic. It's a fairly popular TLD, especially in certain countries (like Russia), so you should leave decisions about which domains to block up to the ".pro-fessionals".
--C.L.
@bc_malware_guy
P.S. For easy reference, here are the links to the earlier posts in our "Shady TLD" series:
Welcome to the start of a regular dialogue I plan on having with you over the coming weeks and months.
As the director of Symantec Labs, I’ve been privileged to work with as talented a team of engineers and computer scientists as I believe exists in this industry. They come to work each day dedicated and eager to invent the breakthrough technologies that will combat tomorrow’s big threats -- the Big Ideas that really make a difference to our customers, and that a company with the scale and portfolio of Symantec can deploy globally.
For years, Symantec has said little about the innovations coming out of our labs, in fact it just might be one of the security industry’s best-kept secrets. This lab is almost entirely unknown despite having been awarded hundreds of patents describing billions of dollars of technology protecting countless companies against trillions of dollars of damage. I am going to change that and this is going to be my bully pulpit.
Before filling you in on some of our recent news, I’d like to spend a few moments to describe the broader context of the work that we’re doing at the Labs.
As Symantec CEO, Greg Clark notes, we have to set our ambitions high - nothing less, in fact, than a willingness to push the limits of what’s believed to be possible. So when it comes to cybersecurity, our approach has been to think large and to think long-term. As a result, we’ve developed a qualitative edge over the bad guys by tackling projects with long time horizons - sometimes a year or even a decade - in the future.
Symantec’s genuine commitment to research has paid dividends for our customers. Some of the technologies produced by the lab not only came to market years ahead of our competitors, but are also responsible for more than half of the detections by Symantec products protecting customers on a daily basis.
I think we’ve done a great job, but there’s little time to celebrate victories. Technology is constantly evolving and security practitioners have their hands full as their companies embrace cloud computing, mobile and the Internet of Things. The rapid cadence of change in the industry has also transformed security into something of a moving target. Just as one problem gets solved, it seems that new vulnerabilities pop up elsewhere as malicious hackers find new targets of opportunity to exploit.
And so it’s up to us to equip our customers with the best tools possible to defend against potential threats in what’s become a veritable arms race with various threat actors.
Security Reality Check
I’m sure that defenders sometimes feel as if they were condemned to play a game of security whack-a-mole. As threats continue to appear on the landscape, it’s easy to lose track of the fact that real progress is being made.
We naturally expect the world to be safe and secure and get alarmed when things go wrong. But for comparison’s sake, consider the history of car safety.
In the early days of auto transportation, a passenger’s odds of surviving a crash while traveling faster than 30 miles-per-hour were quite low. Over the decades, however, subsequent safety improvements led to a remarkable increase in survivability rates. Cars are now equipped with passenger protections such as safety bumpers, roll cages, safety belts, safety glass, airbags and side-impact curtains. More recently, manufacturers have added a myriad of micro-electromechanical sensors to improve driver awareness, and even begin enabling self-driving cars.
Cyber security is going through a similar transition, albeit with the obvious ups and downs. However, recent breakthroughs in the lab enable unprecedented levels of security in not only desktop & datacenter systems, but also mobile, cloud, and Internet of Thing (IoT) systems, even including self-driving cars.
Lab Highlights
For its part, the Symantec Labs pipeline is chockablock with new technologies that are going to help ease the security burden. Here’s a sample of some of the areas that are getting my attention:
AI
We live in a world with literally trillions of security events each month. No company is rich enough to afford to hire trillions of security experts - even if they existed. The only way enterprises can keep up is through the deployment of a lot of automation and artificial intelligence (AI).
For over a decade, Symantec Labs has been working in this realm, using AI to protect desktops, email, servers and networks. More recently, we’ve been able to double the effectiveness of human analysts to resolve highly severe security incidents. The next step is to fully automate that human security expert analysis for broad classes of customers. More about that another day coming soon.
Crunching Data
We’ve created a new security analytics capable of far more efficiently crunching thousands of times more data per enterprise than the industry’s mostly manual approaches today. This new capacity promises to be a game-changer. Instead of trying to bring all of the data back to a central server for reasoning, we’re now far better pushing questions out to the data and getting the systems to reason smartly and assess what is normal, what is suspicious, and what is anomalous.
So rather than force humans to sift through all of this information manually, hunting for the proverbial needle in the haystack, the system can take on the task and highlight anything that it finds suspicious.
One of the big security threats facing enterprises comes from malicious insiders, a threat that the Harvard Business School describes as both massive and growing. Our researchers have made big strides in the pursuit of new technologies that can catch insiders exfiltrating sensitive information. They actually came up with a system that watched how employees at partner companies were doing their jobs.
Instead of programming the system so it knew what the jobs entailed, we just let it learn from everybody’s normal day routines. We tested a lot of different algorithms and focused on access patterns. So if employees began doing something other than their job, alarm bells would go off and the system flagged suspicious or anomalous behavior.
I’m pleased to report that the system successfully uncovered potentially actionable behavior that would have otherwise easily gotten lost in the noise as thousands of employees went about their day.
Internet of Things
In hot areas like IoT, Symantec Labs is a major contributor to new industry standards, helping protect billions of IOT devices. We’re also working on making it easier to build security into IoT systems so that enterprise users can be secure. The problem with IoT is that many devices get built by companies that give short shrift to security design. That complicates the challenge for CSOs and other security executives. No matter how easy we make it to build security into these devices after deployment, they’ll always need more protection.
But the Labs has also been researching new ways to provide better security from the network to better protect these vulnerable devices. Security is always strongest when you have both strong end points and strong network security protecting those endpoints. That's why we are focused on further improving IoT capabilities for network hardware in collaboration with our partners. This progress comes atop helping embed security into over a billion smart, connected IoT devices, and helping protect nearly everything from the latest connected and self driving cars, to Automatic Teller Machines (ATM’s) that we’ve all used, and safely trusted for years.
Endpoint Protection
The computing world has become increasingly mobile and a lot of computing has shifted away from traditional laptops and desktops onto cloud-driven tablets and smartphones. That changes the historical notion of network security and the perimeter. Of course, where you have an enterprise network you need to protect that network but a lot of these enterprise devices are computing in ways that are directly connected to the internet. Those devices need to connect back through cloud-driven security architectures.
Symantec has responded by building and buying great technologies such as our cloud access security broker (CASB), and Web Security Service, where each user device basically connects to a security gateway in the cloud that protects them from any threats lurking out there. Continuing to invest in these great new technologies, the insider threat detection work mentioned above is a great collaboration between the CASB team and Symantec Labs.
These are a few of the things that are top-of-mind with me these days. Post a comment in the talkback section below and let me know about the security issues you find most important. I look forward to hearing from you.
Hoy, Symantec anunció un acuerdo según el cual DigiCert adquirirá Website Security y las soluciones de PKI relacionadas. En un momento en que es absolutamente crítico que las empresas estén protegidas ante las avanzadas amenazas a la seguridad cibernética que se infiltran en la web, a través de esta adquisición los clientes se beneficiarán de una compañía que está exclusivamente enfocada en ofrecerles las soluciones de identidad y encriptado líderes que ellos necesitan.
DigiCert es un proveedor líder de soluciones escalables de identidad y encriptado para empresas. La compañía se encuentra en rápido crecimiento y actualmente tiene una gran cantidad de clientes corporativos de alto perfil y clientes de IoT. DigiCert goza de una reputación sólida y gran lealtad por parte de los clientes, y se concentra en ofrecer un servicio de soporte al cliente líder en la industria, soluciones de mercado innovadoras y una contribución significativa en la mejora de las prácticas recomendadas de la industria. DigiCert ha ganado varios premios por sus estrategias de innovación y crecimiento, y este verano Computerworld la seleccionó como uno de los 100 mejores lugares para trabajar en TI.
La adición de Website Security y soluciones de PKI relacionadas de Symantec a la cartera de servicios ofrecidos por DigiCert le ofrecerá a usted una plataforma tecnológica mejorada, soporte incomparable e innovaciones líderes en el mercado. DigiCert contará con un talento y experiencia increíbles para dirigir la próxima generación de seguridad global de sitios web y ganará la capacidad de aprovechar oportunidades de crecimiento en IoT y sumar nuevos enfoques al mercado de SSL.
Symantec Website Security y DigiCert comparten un compromiso sólido con la atención al cliente, y una de nuestras principales prioridades es proporcionarle continuidad a usted y su empresa. Una vez que se complete la transacción, trabajaremos para hacer la transición a una plataforma nueva que cumpla con todos los estándares de la industria y requisitos de navegadores y proporcione los cimientos para innovaciones futuras en el espacio de la CA.
Confiamos en que este acuerdo cubrirá las necesidades de la comunidad de navegadores. DigiCert está comunicando este acuerdo y sus intenciones a la comunidad de navegadores y continuará trabajando estrechamente con ellos durante el período previo al cierre de la transacción. DigiCert aprecia y comparte el compromiso de los navegadores de generar confianza en los certificados digitales y proteger a todos los usuarios.
Por último, pero no por eso menos importante, quisiera agradecerles personalmente a todos y cada uno de los empleados del equipo de Website Security, quienes han trabajado con gran esfuerzo y dedicación. Nos sentimos muy entusiasmados acerca de las oportunidades que tenemos por delante y estamos profundamente comprometidos con el éxito de esta transición para el negocio de Website Security, sus empleados y nuestros clientes.
Saludos cordiales.
Roxane Divol
Vicepresidente Ejecutiva y Gerente General de Symantec Website Security
シマンテックの最高執行責任者(COO)を務める Mike Fey は、こう語っています。「質・量ともに分野をリードするセキュリティポートフォリオと、民間としては世界有数のサイバーインテリジェンスネットワーク。この両方を有するシマンテックは、クラウド時代の大きい課題に対処しうる、業界唯一のサイバーセキュリティプロバイダです。お客様がクラウドのメリットを最大限に活用しながら重要な情報を安全に保護できる環境づくりをお手伝いしています」
図 3: Symantec Global Intelligence Network が、エンドポイント、メール、Web トラフィックのすべてを比類ないレベルで可視化し、回避型の高度な標的型攻撃も検出して遮断。
シマンテックが誇る脅威インテリジェンスは、強大な Global Intelligence Networkによって支えられ、統合型のサイバー防御を通じて、卓越した可視性と保護を発揮します。クラウドで利用できる膨大な計算能力を活用して、37 億行を超える遠隔測定結果を解析しており、これほど広く深い脅威インテリジェンスはほかに類を見ません。
Symantec hat heute den Abschluss einer Vereinbarung bekanntgegeben, mit der DigiCert Symantec Website-Sicherheit und verbundene PKI-Lösungen akquirieren wird. In Zeiten, in denen es wichtiger ist denn je, dass Unternehmen vor den fortschrittlichen Bedrohungen der Cybersicherheit, die das Internet infiltrieren, geschützt sind, werden Kunden durch diese Akquisition von einem Unternehmen profitieren, das allein auf die Bereitstellung führender Identitäts- und Verschlüsselungslösungen, die Kunden benötigen, spezialisiert ist.
DigiCert ist ein führender Anbieter skalierbarer Identitäts- und Verschlüsselungslösungen für Unternehmen. Das schnell wachsende Unternehmen zählt aktuell eine Reihe namhafter Unternehmen und Akteure im IdD-Bereich zu seinen Kunden. DigiCert genießt einen guten Ruf und eine hohe Kundenbindung, wobei sich das Unternehmen auf branchenführenden Kundendienst, innovative Marktlösungen und einen bedeutungsvollen Beitrag zur Verbesserung der besten Praktiken der Branche konzentriert. DigiCert hat für seine Innovations- und Wachstumsstrategien eine Reihe Auszeichnungen gewonnen und wurde in diesem Sommer von Computerworld als einer der 100 besten Arbeitgeber im IT-Bereich ernannt.
Die Hinzufügung von Symantec Website-Sicherheit und verbundenen PKI-Lösungen zum Angebot von DigiCert wird Kunden eine verbesserte Technologieplattform, beispiellosen Support und marktführende Innovationen liefern. DigiCert wird über hervorragende Talente und über umfangreiche Erfahrung verfügen, um als führende Kraft für die nächste Generation der globalen Website-Sicherheit aufzutreten und wird Fähigkeiten gewinnen, Chancen im Bereich IdD zu nutzen und neue Ansätze auf den SSL-Markt zu bringen.
Symantec Website-Sicherheit und DigiCert teilen einen unerschütterlichen Einsatz für den Kundendienst und werden sicherstellen, dass die Kontinuität für ihre Kunden und deren Geschäfte höchste Priorität hat. Nach Abschluss der Transaktion werden wir an dem Wechsel unserer Kunden zu einer neuen Plattform arbeiten, die alle Branchenstandards und Browseranforderungen erfüllt und die Grundlage für zukünftige Innovationen im CA-Bereich bildet.
Wir möchten betonen, dass wir zuversichtlich sind, dass diese Vereinbarung die Bedürfnisse der Browser-Community erfüllen wird. DigiCert informiert die Browser-Community über diesen Geschäftsabschluss und seine Ziele und wird in der Zeit vor dem Abschluss unserer Transaktion auch weiterhin eng mit der Community zusammenarbeiten. DigiCert schätzt und teilt den Einsatz der Browser für den Aufbau von Vertrauen in digitale Zertifizierungen und den Schutz aller Benutzer.
Zuletzt möchte ich es nicht versäumen, mich persönlich bei jedem Einzelnen der hart arbeitenden und engagierten Mitarbeiter des Teams von Website-Sicherheit zu bedanken. Wir freuen uns außerordentlich auf die Chancen, die uns bevorstehen und werden alles für den Erfolg dieses Übergangs für Website-Sicherheit, seine Mitarbeiter und unsere Kunden tun.
Mit freundlichen Grüßen
Roxane Divol
Executive Vice President & GM, Symantec Website-Sicherheit