Privileged Access Management (PAM)
Privileged account management allows you to manage which users are granted privileges, such as the ability to process, view, delete or modify all of your business data, in order to protect vital data integrity. It is a solution that helps you control, manage and monitor access to critical assets. It creates an isolated, highly secure and tightly controlled environment to store and control access to privileged credentials.
Endpoint Privilege Manager (EPM)
End users, called endpoints, are seen as access points of organizations and constitute the weakest link in systems. Internal and external threat elements also see this weakest link of organizations as a priority target. Although many security solutions are used in your business, workstations have become the critical and most sensitive parts of information technology systems. Endpoint privilege management solutions increase security and reduce threats by restricting privileged access, giving users the minimum rights necessary to perform their tasks.
EPM Ransomware Protection provides the ability to manage threat detection, instant default denial, whitelist integration. If needed, it can set the local administrator access requested by the user in real time.
At the same time, a honeypot-like approach can be applied with EPM Deception to mislead attackers.
Endpoint Protection (EPP)
An Endpoint Protection Platform is an integrated security solution designed to detect and block device-level threats. EPPs typically include antivirus, anti-malware, personal firewalls, intrusion prevention (IPS), data loss prevention (DLP) and data encryption.
EPP is inherently preventative and most of its approaches are signature-based – identifying threats based on known file signatures for newly discovered threats. However, the latest EPP solutions have been developed to use a wider range of detection techniques.
Endpoint Detection and Response (EDR)
Software installed on end-user devices, aimed at increasing information security and reducing data breaches. It is developed for end-user devices to detect and respond to malware and cyber attacks.
It records every file running on endpoints and its modification, registry change, network connection, etc.
In addition to the next generation antivirus elements; with features such as instant anomaly detection, alerting, tracking applications running on endpoints, keeping records, etc.; in a possible cyber attack, it helps both to detect the attack and to prevent it with the data collected before and / or after the event, and plays a leading role in forensic analysis processes.
It is a cloud-based security product that emerged with the aim of meeting the need for management from a single point due to the increase in the number and variety of security products used by security teams.
Extended Detection and Response (XDR)
XDR collects data from email, endpoints, servers, cloud workloads and networks to analyze system relationships and enable SOC teams to detect, investigate and respond to threats.
XDR has a broader feature set than EDR. It uses the latest and up-to-date technologies to provide higher visibility and collect and correlate threat information, while using analytics and automation to help detect attacks today and in the future.
Data Leak Prevention (DLP)
Almost all security layers (EPP, EDR, IPS, FW, WEB GW, MAIL GW, MDM, etc.) support the prevention of corporate data leakage. DLP, on the other hand, differs from these layers in terms of controlling the user within the organization, that is, the possible flow of valuable data from inside to outside.
DLP solutions provide more precise and more granular control while helping to find, monitor and control sensitive information on your business networks.
Even if an IT specialist alone can technically set up and manage DLP, they can’t do it effectively. Because almost all the data needed comes from people who know the company.
At this point, categorizing your existing data into various groups will be useful for a healthy DLP infrastructure.
– Daily data that has no value for the organizationr
– Financial data
– Data that may put the organization in a difficult situation and should not be disseminated
– Data that is vital to the organization
In Data Leak Prevention DLP, data is handled in three different ways:
Data in Motion: It is the type of data that moves within the network; moving on transmission channels such as email, instant messaging, web, etc.
Data at Rest: It is the type of data in databases, file systems, etc., with sensitive content that is used when necessary and should be handled first.
Data in Use: Active data type that is constantly used by users within the organization and has a relationship with sensitive data.
File Integrity Monitoring (FIM)
It detects unauthorized changes that pose operational as well as security risks by identifying system incompatibilities and indicators of potential privacy abuse.
Essentially, it involves calculating a known cryptographic checksum of the original basis of the file and comparing the current state of the file with the calculated checksum. Other file attributes can also be used to monitor integrity.
Changes to configurations, files and file attributes (dll, exe and other system files) are critical to Windows network security. With FIM, network-wide change attempts or data breaches related to unauthorized changes are continuously monitored. If monitored folders/files (log, audit, text, exe, web, configuration, DB files) are accessed, warning and access restriction mechanisms are activated.
Security frameworks such as PCI DSS, HIPAA, SANS NIST etc. emphasize that holistic monitoring is an effective way to meet mandatory security control requirements.
Secure File Sharing
A technology platform that enables businesses to send and receive electronic data securely and reliably between systems and people to meet compliance needs.
These data movements can be both inside and outside an organization and can encompass various types of data, including proprietary, compliance-protected or high-volume data
Right Management Services (RMS)
Business data is under great risk with the introduction of remote working life. At the same time, this data, which is critical for the company, needs to be shared with external organizations when necessary.
Sharing and monitoring data securely with editable authorizations can be easily achieved with RMS technology.
Information Security Awareness
According to research, on average 70% of emails sent contain ransomware-based malware. Again, according to the researches, 93% of these emails containing ransom-based malware are sent as encrypted and weaponized malware.
These evolving attack patterns unfortunately affect end users and increase the risk. CoFense offers a solution that can adapt phishing simulation scenarios to your employees using real-time behavioral methods. It also has rich security awareness training content with multilingual HTML5, video and game modules.
Hardware Security Module (HSM)
HSMs are specialized security hardware designed to store sensitive cryptographic keys in a physical environment and to perform cryptographic operations in the most secure way. This hardware enables applications to run securely.
Cryptographic devices meet the general security standards required by customers or governments by complying with NITS (National Institute of Standards and Technology) or FIPS (Federal Information Processing Standard) certifications.
HSMs are equipped with defense systems (Tamper Protection) against attacks. They have the ability to reset themselves against any intervention.
The hardware is physically divided into external and internal according to their intended use. External HSMs can work in network environments by being directly connected to the application servers they serve with a special cable or via ethernet port. Internal HSMs work on servers as PCI, PCI-Express and PCMCIA Cards.
Example application areas: Root key protection, PIN management, online banking, database encryption, document and code signing, document rights protection, certificate validity, SSL Web, XML web services, time stamping, DNS Security.