Académique Documents
Professionnel Documents
Culture Documents
ORGANIZATION’S NETWORK
ON A SHOESTRING
How to Protect Your Resource-Constrained
Organization’s Endpoints, Networks, Files and Users
Without Going Bankrupt or Losing Sleep
OPTION 1 OPTION 2
Purchase another point solution Complement their AV with a security
Organizations can choose to deploy one or multiple
platform
point solutions on the market to solve a specific A true platform understands the high volume of activities
problem. This approach, however, is not only very that take place each day and correlates them to determine
expensive and requires a large team of security analysts, a firm’s intrinsic risk—without integration, deployment
but is also not purpose-built to address cyber risk in a and maintenance overhead. Further, a security platform
holistic way. Existing security point tools flag threats provides a robust suite of security controls, as well a team
and anomalies, but fail to look at the organization as a of security experts on 24/7 standby. This expertise is
whole. Today’s attacker takes a multi-pronged approach crucial at most critical moments in the event of a breach as
across network and endpoint—leaving resource well as to perform forensics or threat hunting.
constrained firms vulnerable.
Controls Combines multiple controls in one platform: End- EDR/NGAV (e.g Carbon Black, CrowdStrike,
point protection, EDR, Vulnerability Assessment, Cybereason, SentinelOne) OR Endpoint Protection
Network Analytics, Sandboxing, Deception, User (e.g MacAfee, Symantec, Trend Micro) OR Network
Behavior Analytics (UBA). Detection (e.g Darktrace, LightCyber, NetWitness,
Forscale) etc.
Visibility Complete attack visibility across endpoints, users, Provides siloed visibility into a specific slither of
files and networks to gain unparalleled visibility to the environment.
control, understand and mitigate threats.
Deployment Fully deployed and operation-al in hours – Requires training and perseverance to complete
regardless of the number of endpoints. deployment--often taking days to weeks.
Ease of use/Expertise re- No brainer to use. Requires ongoing training with prior security
expertise.
quired to use
Provides a 24/7 security Provides 24/7 team monitoring, including malware Professional services are sold separately, if they
re-verse engineering, forensics, threat hunting and even exist.
team to help when things
incident response.
get complicated
Repetoire of attacks User-based attacks: Insider threats, stolen EDR/NGAV or EPP point solutions defend from
credentials, privilege escalation, off-hour unusual only part of the attacks.
blocked
activity, third-party contractors.
Flexibility Adapts with your evolving infrastructure. Requires heavy maintenance due to a complex
array of products.
Use cases covered Insider, cyber hygiene, mal-ware, fileless attack, APT, Covers only some use cases.
lateral movement, privileged user abuse, suspicious
Behavior, vulnerability management.