SlideShare a Scribd company logo

CoreTrace Whitepaper: BOUNCER by CoreTrace ROI Analysis

CoreTrace Corporation
CoreTrace Corporation

Whitepaper Abstract Any technology investment today must have an attractive ROI. This paper demonstrates the ROI associated with implementing the leading application whitelisting solution, BOUNCER by CoreTrace. Using a 500-server example, the paper outlines the various levers that generate a rapid and significant ROI. Not only does BOUNCER provide dramatically improved endpoint security, it does so at a significant savings of $938,085 over Endpoint Security 1.0 solutions — a savings of $846 per-server per-year. Moreover, the BOUNCER implementation is forecasted to pay for itself in less than 10 months.

TechnologyBusiness
1 of 10
Download to read offline
bOunCer by COreTraCe rOi analySiS BOUNCER by CoreTrace™ Provides True Endpoint Security with Rapid Breakeven BOUNCER by CoreTrace™ with its unique Endpoint Security v2.0 whitelisting solution is sounding the death knell for inferior Endpoint Security v1.0 solutions (i.e., blacklisting solutions). BOUNCER’s revolutionary 180°-shifted approach to endpoint security is a disruptive technology that delivers true endpoint security and sets a new standard-of-care benchmark for the industry. The prevailing circumstances for endpoint security have inarguably changed for the better. BOUNCER closes the well-publicized security gaps that plague Endpoint Security v1.0 solutions that are evident in data-breach headlines that—even though grossly underreported—are now commonplace. Not only does BOUNCER’s superior Endpoint Security v2.0 technology provide true endpoint security, but it does so at a significant savings of $938,085 over Endpoint Security v1.0 solutions—an $846 savings per server per year (assumes a three-year 500-server implementation). Moreover, this BOUNCER implementation is forecasted to pay for itself in less than 10 months and it has an ROI of 277%. COnTenTS 1 Overview 2 TCO: endpOinT SeCuriTy v1.0 vS. v2.0 3 Three-Year 500-Server Implementation 4 Annual Cost per Server patch management Configuration Management and License Auditing help Desk Support Failed-System Recovery lost End-User productivity Blacklist Signature Subscriptions Blacklist management BOUNCER maintenance and Support BOUNCER management 8 Summary Ju ly 20 08 CoreTrace Corporation 6500 River Place Blvd., Building II, Suite 105, Austin, TX 78730 512-592-4100 | sales@coretrace.com | www.coretrace.com
BOUNCER by CoreTrace™ Overview “ A massive BOUNCER by CoreTrace™ with its unique Endpoint Security v2.0 whitelisting solution is data breach at sounding the death knell for inferior Endpoint Security v1.0 solutions (i.e., blacklisting solutions). Hannaford… BOUNCER’s revolutionary 180°-shifted approach to endpoint security is a disruptive technology was caused by… that delivers true endpoint security and sets a new standard-of-care benchmark for the industry. software…secretly The prevailing circumstances(1) for endpoint security have inarguably changed for the better. installed on servers BOUNCER closes the well-publicized security gaps that plague Endpoint Security v1.0 solutions at every one of its that are evident in data-breach headlines that—even though grossly underreported(2)—are now grocery stores… commonplace. Hannaford said… that the problem This paper presents an illustrative analysis of the total cost of ownership (TCO) of potentially Endpoint Security v1.0 vs. BOUNCER’s Endpoint Security v2.0 to provide a framework for compromised the discussion of BOUNCER’s return on investment (ROI). The analysis in the main body of the account numbers paper presents the hard costs; the commentary on the periphery of the paper presents the and expiration dates really-hard costs—the kind that can crush a company. Fortunately, with BOUNCER-protected on all 4.2 million endpoints, these really-hard costs for some companies can be avoided costs for your company. credit and debit While you are reading this paper, allow yourself to become a peripheral visionary:(3) visualize card numbers used your company navigating the gauntlet of cyberthreats and compliance audits with and without at its stores in six BOUNCER-protected endpoints and ask yourself what a prudent person would purchase given states…Hannaford the circumstances now prevailing—v1.0 security-gap-riddled technology or BOUNCER’s v2.0 said it knows of true endpoint security? about 2,000 cases Gartner states, “IT security organizations that spend compliance dollars wisely can also solve of fraud related security gaps and reduce risk.”(4) BOUNCER is the perfect example of this type of investment— to the intrusion… BOUNCER eliminates the need for and expense of ineffective blacklisting solutions and Hannaford… BOUNCER protects unpatched vulnerabilities from exploitation, effectively neutralizing has replaced the zero-day threats; therefore, with BOUNCER-secured endpoints, IT departments, compliance hardware on which departments, and corporate officers with fiduciary duties can have confidence that zero-day the malware was threats have zero time-to-live. installed… Hannaford said… Not only does BOUNCER’s superior Endpoint Security v2.0 technology provide true endpoint that it was certified security, but it does so at a significant savings of $938,085 over Endpoint Security v1.0 a year ago as solutions—an $846 savings per server per year (assumes a three-year 500-server [Windows meeting card and Solaris] implementation). Moreover, this BOUNCER implementation is forecasted to pay security standards for itself in less than 10 months and it has an ROI of 277%.(5)(6) and was recertified on Feb. 27…the day Visa first notified Hannaford of unusual card activity and began its investigation.(5) (1) “In most countries, the management of an organization has a financial responsibility to the owners of a company. – Ross Kerber In a publicly traded company, this is the shareholder. When considering the liability that a company or senior The Boston Globe executives may face when security is breached, there are several concepts with which one should become familiar. In no particular order, they are due diligence, due care, and the prudent man rule. ...the prudent man rule is a rule that management must follow when determining if due diligence and due care have been exercised properly. The prudent man rule states that management is required to perform those duties that “prudent” people would normally take, given similar circumstances.” “ The federal lawsuits filed…over the Cliff Riggs; Network Perimeter Security: Building Defense In-depth; CRC Press, 2003; pp 10–11. security breach of (2) Robert McMillan; Most retailer breaches are not disclosed, Gartner says; Computerworld.com; May 26, 2008. Hannaford…have (http://computerworld.co.nz/news.nsf/scrt/AB1E9146A5D82A3CCC257454007AB6C6) been consolidated (3) Comedian Steven Wright: “I’m a peripheral visionary. I can see into the future—just way off to the side.” and assigned to the Bruce Weber; COMEDY REVIEW; This Guy Still Finds the World Baffling. Blame the World.; The New York Times; District of Maine… June 18, 2002. (http://query.nytimes.com/gst/fullpage.html?res=9506EEDA1E3CF93BA25755C0A9649C8B63) As of June 1, (4) Mark Nicolett; Key Issues for Infrastructure Protection, 2008; Gartner; March 10, 2008. (http://www.gartner.com/DisplayDocument?ref=g_search&id=619208) 14 lawsuits had (5) Ross Kerber; Advanced tactic targeted grocer; The Boston Globe; March 28, 2008. been filed.(6) (http://www.boston.com/news/local/articles/2008/03/28/advanced_tactic_targeted_grocer/) – Judy Harrison (6) Judy Harrison; Hannaford breach lawsuits assigned to judge; Bangor Daily News; June 10, 2008. Bangor Daily News (http://bangornews.com/news/t/news.aspx?articleid=165441&zoneid=500) BOUNCER by CoreTrace ROI Analysis 1
BOUNCER by CoreTrace™ “ Hannaford… TCO: endpOinT SeCuriTy v1.0 vS. v2.0 represents the first publicly Endpoint Security v1.0 with its multiple layers of reactive antivirus and blacklisting databases, acknowledged security patches, and personal firewalls (all of which slow performance and add significant theft of sensitive cost to network operations) can’t defeat today’s threats (e.g., zero-day attacks from malware, card authorization rootkits, and buffer overflows)—let alone tomorrow’s. data in transit... The theft is likely Zero-day threats are the bane of Endpoint Security v1.0’s reactive blacklisting strategy to be particularly (that is, to identify malware and keep it out)—since the strategy is dependent on timely signature damaging for updates, it is inherently flawed and no amount of multi-layering or heuristics can save it. In effect, card-issuing banks. blacklisting surrenders control to the cybercriminals, handing them the first-strike advantage. The theft of the Moreover, if the first strike is delivered by a stealth bomber (buffer overflow code injection) that security codes… happens to drop a kernel-based-rootkit payload, Endpoint Security v1.0 technology is unaware enables criminals that an attack has occurred and the compromised system is literally open for business.(7) to manufacture BOUNCER takes a revolutionary 180°-shifted approach to endpoint security providing a unique counterfeit cards, Endpoint Security v2.0 solution that defeats today’s, tomorrow’s, next year’s…threats—finally, and any fraudulent efficiently, effectively, BOUNCER stops the madness. charges made using the counterfeit cards BOUNCER is proactive, whitelist-based, provides enforcement from within the kernel, and must be borne by delivers true endpoint security and reduces the cost of managing corporate IT assets through the issuing banks. the following measures: Under Visa rules, „ Eliminating the need for reactive security patching (patch for features you need on your if a merchant is schedule and have time to fully test patches) and chronic signature updating. identified as the source of the data „ Blocking configuration drift and reducing the need for frequent license auditing. breach, direct „ Reducing IT help desk workload by eliminating calls related to security failures, as fraud costs initially well as performance and system instability issues triggered by rogue applications and borne by the bank configuration drift. can be charged back to the retailer. „ Reducing expensive downtime costs caused by time-consuming recovery efforts and lost Without the security end-user productivity due to security breaches. codes, criminals can use the card TCO for a traditional Endpoint Security v1.0 solution’s blacklisting approach consists of the information only in use of antimalware technology plus frequent patching, configuration management, and license card-not-present auditing. The costs include staff time to handle security-related help desk calls and recover environments… failed systems, annual subscriptions to blacklist signature services, and lost productivity due to in which case server downtime and lost end-user productivity. BOUNCER’s Endpoint Security v2.0 solution the retailer bears significantly reduces valuable staff time required for patching, configuration management, liability…This theft help desk calls, and failed-system recovery, as well as eliminating the cost for annual blacklist shows that a focus subscriptions and blacklist management.(8) on end-to-end protection of customer data… is critical for merchants and other card-industry stakeholders… Focusing only on PCI compliance may (7) “It is foreseeable that a victim of a cyber-extortion scheme involving a DDoS [distributed denial of service] attack will sue the owners of the networks used to perpetrate the attack. There is no statute that criminalizes allowing one’s limit the possibility computer or network to be hijacked and used as a zombie to attack other computers or networks. However, there of fines from are doctrines and precedents that are applicable to this seemingly novel fact pattern…as security practices become acquiring banks, more harmonized and routinized over time, the likelihood of a plaintiff winning a negligence lawsuit in the context of but will do nothing downstream liability will improve…Negligence is clearly the most applicable potential framework in seeking redress from a business that fails to take reasonable steps in protecting its information system, such as to allow it to become to prevent the an attack zombie…far from requiring a standard of perfection, an action based on negligence theory will, practically much-larger costs by definition, seek out and enforce a reasonable standard.” of a data breach.(8) Adam J. Sulkowski; Cyber-Extortion: Duties and Liabilities Related to the Elephant in the Server Room; bepress Legal Series, Working Paper 1935; January 11, 2007. (http://law.bepress.com/expresso/eps/1935) – Avivah Litan and John Pescatore (8) Avivah Litan and John Pescatore; Hannaford Case Shows Need for End-to-End Card Data Security; Gartner; Gartner March 20, 2008. (http://www.gartner.com/resources/156500/156542/hannaford_case_shows_need_fo_156542.pdf) BOUNCER by CoreTrace ROI Analysis 2
BOUNCER by CoreTrace™ ThREE-YEAR 500-SERvER ImplEmENTATION Table 1 and Figure 1 compare the TCO for a three-year 500-server (Windows and Solaris) implementation for Endpoint Security v1.0 vs. BOUNCER’s Endpoint Security v2.0. This analysis demonstrates that BOUNCER can save an organization $938,085, deliver an ROI of “2007 will go down in the 277%,(9) and is forecasted to pay for itself in less than 10 months. record books as a thoroughly lousy year for Table 1. Endpoint Security v1.0 vs. BOUNCER’s v2.0 keeping information Total Cost of Ownership: Three-Year 500-Server Implementation private. Of the $198 average cost of each personal Year 1 Year 2 Year 3 3-Year ToTal record lost this year, about $18 was operaTing CosTs spent on finding Endpoint Security v1.0 $605,560 $605,560 $605,560 $1,816,680 new customers to replace those who Endpoint Security v2.0 $182,565 $182,565 $182,565 $547,695 fled following a v2.0 Cost (Savings) ($422,995) ($422,995) ($422,995) ($1,268,985) breach—up from Less BOUNCER Acquisition Cost $330,900 – – $330,900 $14.50 spent on customer Net v2.0 Cost (Savings) ($92,095) ($422,995) ($422,995) ($938,085) acquisition in 2006 v2.0 ROI(9) 277% …Companies are v2.0 Breakeven Point 9.7 months also spending more on public relations damage control after data security incidents: 3% of data breach costs are now Endpoint associated with Security SAVINGS ($938,085) v2.0 post-breach P.R., compared with * $1 65 65 65 3-Year Total just 1% last year… ,5 ,5 ,4 82 82 13 $878,595 $1 “Now that we have $5 Endpoint these notification Security 3-Year Total requirements, $605,560 $605,560 $605,560 v1.0 $1,816,680 we can see Year 1 Year 2 Year 3 who’s good at this, *Includes product acquisition cost. and who’s really awful at this”… “When a company Figure 1. Endpoint Security v1.0 vs. BOUNCER’s v2.0 exposes a security Total Cost of Ownership: Three-Year 500-Server Implementation(10) event to the public, the cost of lost business is much greater than a regulator’s fine or lawsuits. The stakes for security are really raised.”(10) – Andy Greenberg (9) v2.0 ROI = (v1.0 Operating Costs – (v2.0 Operating Costs – BOUNCER Maintenance and Support Cost)) / Forbes.com (BOUNCER Acquisition Cost + BOUNCER Maintenance and Support Cost*) v2.0 ROI = ($1,816,680 – ($547,695 – $198,540)) / ($330,900 + $198,540) *$198,540 = $132.36 (annual per server; see Table 2) × 500 servers × 3 years. (10) Andy Greenberg; If Security Is Expensive, Try Getting Hacked; Forbes.com; November 28, 2007. (http://www.forbes.com/technology/2007/11/27/data-privacy-hacking-tech-security-cx_ag_1128databreach.html) BOUNCER by CoreTrace ROI Analysis 3
BOUNCER by CoreTrace™ ANNUAl COST pER SERvER Table 2 and Figure 2 compare the annual TCO per server for Endpoint Security v1.0 vs. “ After several employees of BOUNCER’s Endpoint Security v2.0; the methodology and calculations for the line items in the Oak Ridge Table 2 are discussed thereafter. This analysis demonstrates that BOUNCER can save an National Laboratory organization $846 per server per year.(11)(12) acknowledged falling prey to nefarious emails Table 2. Endpoint Security v1.0 vs. BOUNCER’s v2.0 that sought to Total Cost of Ownership: Annual per Server infect their computers and endpoinT seCuriTY endpoinT seCuriTY v2.0 steal corporate operaTing CosTs v1.0 v2.0 CosT (savings) information, they were then told… Patch Management $784.45 $51.98 ($732.47) it had been Configuration Management and one aspect of a $167.50 $41.88 ($125.62) License Auditing “sophisticated Help Desk Support $81.78 $65.42 ($16.36) cyber attack” to gain access Failed-System Recovery $47.26 $4.73 ($42.53) to several Lost End-User Productivity $96.92 $9.69 ($87.23) national laboratories Blacklist Signature Subscriptions $14.31 — ($14.31) and institutions. No business is Blacklist Management $18.90 — ($18.90) immune…Corporate BOUNCER Maintenance and Support — $132.36 132.36 espionage is big BOUNCER Management — $59.07 59.07 business. According to the FBI, such Total Cost (Savings) $1,211.12 $365.13 ($845.99) theft costs all U.S. companies between $24 billion and $100 billion annually…about 20 percent of those Endpoint Security losses are tied to $365 SAVINGS ($846) v2.0 cyber threats… according to a study by the American Society for Industrial Endpoint Security $1,211 Security and… v1.0 Pricewaterhouse Coopers, proprietary information stolen Figure 2. Endpoint Security v1.0 vs. BOUNCER’s v2.0 at Fortune 1000 Total Cost of Ownership: Annual per Server(13) companies has steadily increased from $24 billion a year in 1995 to at least double that now…Fortune 2000 companies experience theft 2 or 3 times a year… adding billions (11) Assumes a three-year 500-server (Windows and Solaris) implementation. more in losses. (12) Assumes the following fully-burdened staff costs per hour: help desk: $27.26, IT: $39.38, and white collar: $48.46. Salaries for Tier 1 and Tier 2 IT workers and knowledge workers uplifted by a 26% burden rate. Oftentimes, they are unaware.(13) Michael A. Silver, Federica Troni, and Mark A. Margevicius; Desktop Total Cost of Ownership: 2008 Update; Gartner; January 24, 2008. (http://www.gartner.com/DisplayDocument?id=588719) – Ken Silverstein (13) Ken Silverstein; Stealing Corporate Secrets; EnergyBiz Insider; February 29, 2008. EnergyBiz Insider (http://www.energycentral.com/centers/energybiz/ebi_detail.cfm?id=470) BOUNCER by CoreTrace ROI Analysis 4
BOUNCER by CoreTrace™ patch management Endpoint Security v1.0—Patching events for security vulnerabilities average twice a month and each event (which may include multiple patches) requires 0.83 IT staff hours per server.(14) “ Attackers use exploit code Each patch event entails intrusion detection and identification of compromised systems after provided by tools disclosure of a vulnerability, threat assessment, patch retrieval, assembly and testing, patch such as Metasploit, deployment, and, if necessary, failure resolution. which helps people BOUNCER’s Endpoint Security v2.0—Zero-day threats no longer necessitate patching create exploits immediately upon notification of a security vulnerability. Patching can be conducted on a quarterly (attacks) quickly and basis instead of reactively, several times a month. In addition, time required per patching event easily, and Fuzzers, can be reduced by up to 60% because many steps are greatly simplified or no longer necessary. which attack servers For example, the patching process no longer has to include time to detect intrusions, identify with millions of compromised systems, and perform risk analysis and make an impact assessment. permutations of code searching Table 3. Endpoint Security v1.0 vs. BOUNCER’s v2.0—patch management for weaknesses… With these tools, paTChing evenTs iT sTaff Time iT sTaff CosT ToTal attackers find (#/server/Year) (hours/evenT) ($/hour) ($/server/ any number of endpoinT seCuriTY Year) vulnerabilities and v1.0 24 × 0.83 × $39.38 = $784.45 create and deploy v2.0 4 × 0.33 × $39.38 = $51.98 attacks before their patches are v2.0 Cost (Savings) 20 × 0.50 × $39.38 = ($732.47) released. Tools… are helping attackers create about a Configuration Management and License Auditing hundred new viruses Endpoint Security v1.0—Blacklisting strategies do not stop configuration drift (the addition every few minutes… of applications by end users) and frequent patching also increases the need for configuration security software management. Furthermore, regular license auditing is also required to protect an organization can’t keep up. Plus, from the legal risks of software license infringement. IT staff time required for configuration SMEs can’t always management and license auditing per server per year is 4.25 hours.(15) apply patches right away because BOUNCER’s Endpoint Security v2.0—True endpoint security delivered by BOUNCER attackers are finding eliminates the need for configuration management and license auditing to counter configuration vulnerabilities in the drift and rogue applications. Use is reduced to satisfying compliance requirements, saving 75% patches themselves of time previously required for these management functions.(16) and attacking Table 4. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Configuration Management and those, too…This license Auditing leaves enterprises vulnerable to at iT sTaff Time iT sTaff CosT ToTal least some attacks endpoinT seCuriTY (hours/server/Year) ($/hour) ($/server/Year) no matter what they v1.0 4.25 × $39.38 = $167.50 do…Attackers are too well-informed v2.0 1.06 × $39.38 = $41.88 and exploits v2.0 Cost (Savings) 3.19 × $39.38 = ($125.62) are multiplying too fast for the current system of downloading patches to be sufficiently effective by itself. SMEs are all too often (14) Average weighted time for patching events for Windows and OSS servers (both database and nondatabase servers) calculated at 0.83 hours. vulnerable to attacks Theo Forbath, Patrick Kalaher, and Thomas O’Grady; The Total Cost of Security Patch Management: no one is aware of A Comparison of Microsoft Windows and Open Source Software; Wipro Technologies Ltd.; April 2005. until they strike.(16) (http://download.microsoft.com/download/1/7/b/17b54d06-1550-4011-9253-9484f769fe9f/TCO_SPM_Wipro.pdf) – David Geer (15) CoreTrace analysis based on customer interviews and industry publications. Processor (16) David Geer; The Patch Window is Closing; Processor, Volume 30, Issue 24; June 13, 2008. (http://www.processor.com/editorial/article.asp?article=articles%2Fp3024%2F32p24%2F32p24.asp) BOUNCER by CoreTrace ROI Analysis 5
BOUNCER by CoreTrace™ help Desk Support Endpoint Security v1.0—An organization’s IT help desk can expect one call per end-user per server per year; with a call averaging 0.15 hours. With an average ratio of 20 end-users per server, a 500-server implementation can expect 10,000 help desk calls per year.(17) “Our legacy security model is BOUNCER’s Endpoint Security v2.0—IT surveys indicate that 75% of help desk calls are for reactive… routine requests such as forgotten passwords, how-to information, install/move/add/changes, It’s the digital support-specific service offerings, and hardware failures. However, 25% may be caused version of closing directly or indirectly by lack of endpoint security such as failures from security breaches, or the barn door after performance and instability problems caused by rogue applications and configuration drift.(18) the horse gets out. Enforcing endpoint security with BOUNCER can reduce help desk call load by 20%.(19) To make things Table 5. Endpoint Security v1.0 vs. BOUNCER’s v2.0—help Desk Support worse, the gap is collapsing between help desk help desk help desk ToTal the publication of a Calls sTaff Time sTaff CosT ($/server/ new vulnerability endpoinT seCuriTY (Calls/server/Year) (hours/Call) ($/hour) Year) and the appearance v1.0 20 × 0.15 × $27.26 = $81.78 of an exploit that takes advantage v2.0 16 × 0.15 × $27.26 = $65.42 of it. More alarming v2.0 Cost (Savings) 4 × 0.15 × $27.26 = ($16.36) still, our window to react to such exploits is Failed-System Recovery shrinking. We must instead Endpoint Security v1.0—Without true endpoint security, 1 in 10 servers is likely to be impacted adopt a proactive by a security breach in a year. Recovery of the failed or compromised server can take up to security model that 12 hours for systems with standby hardware and data replication and much more than 12 hours neutralizes attack for recovery from traditional tape backup.(20) vectors before a BOUNCER’s Endpoint Security v2.0—With BOUNCER-secured endpoints, the projected true crisis occurs… system-failure rate attributable to a security breach is reduced by 90% to 1 in 100.(21) Malicious code can weaken Table 6. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Failed-System Recovery network defenses— opening backdoors, seCuriTY BreaChes iT sTaff Time iT sTaff CosT ToTal stealing files or (proBaBiliTY/ (hours/ ($/hour) ($/server/ confiscating endpoinT seCuriTY server/Year) BreaCh) Year) passwords— v1.0 10% × 12.0 × $39.38 = $47.26 and pave the way v2.0 1% × 12.0 × $39.38 = $4.73 for a secondary attack. Who has v2.0 Cost (Savings) 9% × 12.0 × $39.38 = ($42.53) time to run exhaustive security audits— checking files’ integrity, changing passwords, etc.—after network infections?… And the most critical component (17) CoreTrace market research shows that the help desk call rate averages one call per seat per year, and for your first line the average ratio of seats or end users per server is 1 to 20. of defense is (18) SupportSoft Press Release; Employee Forgetfulness Causes Most Calls Into IT Help Desk; March 5, 2007. proactive security.(21) (http://supportsoft.mediaroom.com/index.php?s=press_releases&item=414) (19) CoreTrace analysis based on customer interviews and industry publications. – Gregor Freund cnet.com (20) Carla Safigan; Disaster Recovery for the Masses—The Role of OS-Level Server Virtualization in Disaster Recovery; Computer Technology Review; May 2, 2006. (http://www.wwpi.com/index.php?option=com_content&task=view&id=1151&Itemid=44) (21) Gregor Freund; Security—why don’t we get it?; cnet.com; November 4, 2003. (http://news.cnet.com/Security--why-dont-we-get-it/2010-7355_3-5101632.html) BOUNCER by CoreTrace ROI Analysis 6
BOUNCER by CoreTrace™ lost End-User productivity Endpoint Security v1.0—When a server fails, on average 20 end-users’ ability to perform their job is impacted.(22) If the organization has a business continuity plan, these end-users are out of “ Your company just suffered a operation on average only 1 hour instead of the 12 hours required to restore the server.(23) data breach. If you’re wondering BOUNCER’s Endpoint Security v2.0—With BOUNCER, lost productivity due to system what to do next, failures caused by security breaches is reduced by 90%. it’s already too late Table 7. Endpoint Security v1.0 vs. BOUNCER’s v2.0—lost End-User productivity …it’s time to ask the tough questions: seCuriTY end losT end- ToTal why did it happen, BreaChes users end-user user and whose head produCTiviTY CosT should be on a (proBaBiliTY/ (#/ (hours/ ($/hour) ($/server/ platter?… endpoinT seCuriTY server/Year) server) BreaCh) Year) In short, when it v1.0 10% × 20 × 1.0 × $48.46 = $96.92 comes to preventing security breaches… v2.0 1% × 20 × 1.0 × $48.46 = $9.69 “It’s not just a v2.0 Cost (Savings) 9% × 20 × 1.0 × $48.46 = ($87.23) security problem; it’s a management issue.”(26) Blacklist Signature Subscriptions – Mathew Schwartz Endpoint Security v1.0—Annual subscription to blacklist signature services is required.(24) IT Compliance Institute BOUNCER’s Endpoint Security v2.0—Not applicable. Table 8. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Blacklist Signature Subscriptions “ Several major security vendors ToTal BlaCklisT signaTure suBsCripTions have failed the latest endpoinT seCuriTY ($/server/Year) VB100 antivirus v1.0(24) $14.31 test…which v2.0 – requires antivirus tools to correctly v2.0 Cost (Savings) ($14.31) identify 100 active malware samples collected from the Blacklist management internet…“Threats Endpoint Security v1.0—Blacklist management requires an average of 0.48 IT staff hours per that several vendors server annually (update blacklists, perform scans, and monitor scan results).(25) failed to detect in this test have been BOUNCER’s Endpoint Security v2.0—Not applicable.(26)(27) circulating in the Table 9. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Blacklist management real world for some months now”…“It is iT sTaff Time iT sTaff CosT ToTal disappointing to see endpoinT seCuriTY (hours/server/Year) ($/hour) ($/server/Year) so many products v1.0 0.48 × $39.38 = $18.90 tripping up over threats that are not v2.0 — × — = — even new. Computer v2.0 Cost (Savings) 0.48 × $39.38 = ($18.90) users should be getting a better (22) CoreTrace market research shows that the average ratio of seats or end users per server is 1 to 20. service from their (23) Carla Safigan; Disaster Recovery for the Masses—The Role of OS-Level Server Virtualization in Disaster Recovery; antivirus vendors Computer Technology Review; May 2, 2006. than this.” Among (http://www.wwpi.com/index.php?option=com_content&task=view&id=1151&Itemid=44) the companies that (24) Symantec Endpoint Protection 11.0: annual maintenance price for 500 systems. (http://www.symantec.com) failed were McAfee (25) CoreTrace analysis based on customer interviews and industry publications. and Trend Micro.(27) (26) Mathew Schwartz; Data Breach Damage Control; IT Compliance Institute; May 16, 2007. (http://www.itcinstitute.com/display.aspx?id=1731) – Shaun Nichols (27) Shaun Nichols; Big names fail VB100 antivirus test; vnunet.com; April 4, 2008. vunet.com (http://www.vnunet.com/vnunet/news/2213530/big-names-fall-vb100-test) BOUNCER by CoreTrace ROI Analysis 7
BOUNCER by CoreTrace™ BOUNCER maintenance and Support “ A CFO at a Fortune 1000 company holds Endpoint Security v1.0—Not applicable.(28) his cursor over BOUNCER’s Endpoint Security v2.0—Industry standard maintenance and support for an e-mail that BOUNCER includes technical assistance, software maintenance (i.e., updates and upgrades), appears to be from and an extended hardware warranty. a direct report… Now the Table 10. Endpoint Security v1.0 vs. BOUNCER’s v2.0—BOUNCER maintenance and cybercriminal is in Support position to launch an attack that ToTal will allow him to BounCer mainTenanCe and supporT mine the CFO’s endpoinT seCuriTY ($/server/Year) hard drive for v1.0 – credit card numbers, v2.0 $132.36 passwords to corporate databases v2.0 Cost (Savings) $132.36 or other proprietary information. In one click, the BOUNCER management CFO is going to Endpoint Security v1.0—Not applicable. have himself a big problem. If you’re BOUNCER’s Endpoint Security v2.0—On an annual basis, CoreTrace estimates that it will his IT manager, take 1.5 IT staff hours per server to implement and manage BOUNCER. Tasks included in you’re going to have the 1.5 IT staff hours are initial policy generation and distribution, daily review of reports, and one too. If…credit policy modifications. This cost is more than offset by the true endpoint security delivered by card phishers are BOUNCER and the substantial cost savings made possible by BOUNCER. the carpet-bombers Table 11. Endpoint Security v1.0 vs. BOUNCER’s v2.0—BOUNCER management of computer crime… C-level attackers iT sTaff Time iT sTaff CosT ToTal are the snipers… endpoinT seCuriTY (hours/server/Year) ($/hour) ($/server/Year) the attackers have v1.0 – × – = – taken effort and time finding and v2.0 1.5 × $39.38 = $59.07 researching… v2.0 Cost (Savings) 1.5 × $39.38 = $59.07 they [send] an e-mail from outside but make it look like it’s Summary coming from inside the company…the Not only does BOUNCER’s superior Endpoint Security v2.0 technology provide true endpoint vehicle for the security, but it does so at a significant savings of $938,085 over Endpoint Security v1.0 solutions Trojan is a Word or (assumes a three-year 500-server [Windows and Solaris] implementation)—an $846 savings Excel file containing per server per year. Moreover, this BOUNCER implementation is forecasted to pay for itself in the exploit…seen less than 10 months and it has an ROI of 277%. cases where the exploit code is modified just enough to go undetected by the particular antivirus program the target company is running —and the hackers have done the work of finding out just what those programs are.(28) – Barbara Darrow (28) Barbara Darrow; Is Your CEO a Cybercrime Target?; Computerworld.com; November 06, 2007. Computerworld.com (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9045564&pageNumber=1) BOUNCER by CoreTrace ROI Analysis 8
BOUNCER by CoreTrace™ abOuT COreTraCe CoreTrace delivers a revolutionary approach to endpoint security with BOUNCER by CoreTrace™: the most tamperproof, scalable, and comprehensive kernel-level application whitelisting solution. Since BOUNCER only allows authorized applications to execute, it defeats sophisticated malware attacks, including rootkits and zero-day threats, and it neutralizes “ Trying to determine the memory-based exploits like buffer overflows. With BOUNCER, companies can stop paying for annual signature updates and start patching applications on their schedule.(29) cost of a data breach is no easy task. After calculating the expenses of legal fees, call centers, lost employee productivity, regulatory fines, stock plummets, and customer losses, it can be dizzying, if not impossible, to come up with a true number… many different factors…should be part of the data breach cost calculation—and it’s more than just losing money… a security breach can cost you anywhere between $90 and $305 per record. This means that the cost of a single, significant breach may run into millions or even billions of dollars.(29) – Khalid Kark The CTO Forum © 2008 CoreTrace Corporation. All rights reserved. CoreTrace and BOUNCER by CoreTrace are among the trademarks and registered trademarks of the company in the United States and other countries. All other trademarks are the property of their respective owners. (29) Khalid Kark; Calculating the cost of a security breach; The CTO Forum; June 30, 2007. (http://www.thectoforum.com/article.php?prodid=664&page=1) BOUNCER by CoreTrace ROI Analysis 9

Recommended

Glonetex Biometrics Proposal
Glonetex Biometrics ProposalGlonetex Biometrics Proposal
Glonetex Biometrics ProposalCarleton Bedell
 
IT FUTURE 2011 - Symantec
IT FUTURE 2011 - SymantecIT FUTURE 2011 - Symantec
IT FUTURE 2011 - SymantecFujitsu France
 
CoreTrace Whitepaper: Application Whitelisting -- A New Security Paradigm
CoreTrace Whitepaper: Application Whitelisting -- A New Security ParadigmCoreTrace Whitepaper: Application Whitelisting -- A New Security Paradigm
CoreTrace Whitepaper: Application Whitelisting -- A New Security ParadigmCoreTrace Corporation
 
Webinar: eFolder Expert Series: BDR Pain Relief with Lloyd Wolf
Webinar: eFolder Expert Series: BDR Pain Relief with Lloyd WolfWebinar: eFolder Expert Series: BDR Pain Relief with Lloyd Wolf
Webinar: eFolder Expert Series: BDR Pain Relief with Lloyd WolfDropbox
 
Tolly Group Report: IBM Security Network IPS GX7800 Appliance
Tolly Group Report: IBM Security Network IPS GX7800 ApplianceTolly Group Report: IBM Security Network IPS GX7800 Appliance
Tolly Group Report: IBM Security Network IPS GX7800 ApplianceJoao Perez
 
Pharma datamatrix identification and serialisation
Pharma datamatrix identification and serialisationPharma datamatrix identification and serialisation
Pharma datamatrix identification and serialisationZetes srl
 
ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4guest66dc5f
 
CoreTrace Whitepaper: Whitelisting And Control Systems
CoreTrace Whitepaper: Whitelisting And Control SystemsCoreTrace Whitepaper: Whitelisting And Control Systems
CoreTrace Whitepaper: Whitelisting And Control SystemsCoreTrace Corporation
 

Recommended

Glonetex Biometrics Proposal
Glonetex Biometrics ProposalGlonetex Biometrics Proposal
Glonetex Biometrics ProposalCarleton Bedell
 
IT FUTURE 2011 - Symantec
IT FUTURE 2011 - SymantecIT FUTURE 2011 - Symantec
IT FUTURE 2011 - SymantecFujitsu France
 
CoreTrace Whitepaper: Application Whitelisting -- A New Security Paradigm
CoreTrace Whitepaper: Application Whitelisting -- A New Security ParadigmCoreTrace Whitepaper: Application Whitelisting -- A New Security Paradigm
CoreTrace Whitepaper: Application Whitelisting -- A New Security ParadigmCoreTrace Corporation
 
Webinar: eFolder Expert Series: BDR Pain Relief with Lloyd Wolf
Webinar: eFolder Expert Series: BDR Pain Relief with Lloyd WolfWebinar: eFolder Expert Series: BDR Pain Relief with Lloyd Wolf
Webinar: eFolder Expert Series: BDR Pain Relief with Lloyd WolfDropbox
 
Tolly Group Report: IBM Security Network IPS GX7800 Appliance
Tolly Group Report: IBM Security Network IPS GX7800 ApplianceTolly Group Report: IBM Security Network IPS GX7800 Appliance
Tolly Group Report: IBM Security Network IPS GX7800 ApplianceJoao Perez
 
Pharma datamatrix identification and serialisation
Pharma datamatrix identification and serialisationPharma datamatrix identification and serialisation
Pharma datamatrix identification and serialisationZetes srl
 
ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4guest66dc5f
 
CoreTrace Whitepaper: Whitelisting And Control Systems
CoreTrace Whitepaper: Whitelisting And Control SystemsCoreTrace Whitepaper: Whitelisting And Control Systems
CoreTrace Whitepaper: Whitelisting And Control SystemsCoreTrace Corporation
 
Whitepaper multipoint video_conferencing_june2012_wr
Whitepaper multipoint video_conferencing_june2012_wrWhitepaper multipoint video_conferencing_june2012_wr
Whitepaper multipoint video_conferencing_june2012_wrJohn Shim
 
IP Centric Conferencing IP Centric Conferencing IP Centric ...
IP Centric Conferencing IP Centric Conferencing IP Centric ...IP Centric Conferencing IP Centric Conferencing IP Centric ...
IP Centric Conferencing IP Centric Conferencing IP Centric ...Videoguy
 
Video Teleconferencing (VTC) Technology at the National ...
Video Teleconferencing (VTC) Technology at the National ...Video Teleconferencing (VTC) Technology at the National ...
Video Teleconferencing (VTC) Technology at the National ...Videoguy
 
Bounty bout 0x01 - WebRTC edition
Bounty bout 0x01 - WebRTC editionBounty bout 0x01 - WebRTC edition
Bounty bout 0x01 - WebRTC editionSandro Gauci
 
Online Video Collaboration for Manufacturing Industry - Full Report
Online Video Collaboration for Manufacturing Industry - Full ReportOnline Video Collaboration for Manufacturing Industry - Full Report
Online Video Collaboration for Manufacturing Industry - Full ReportAbhizar Bootwala
 
Video conferencing -The video cloud research-Glowpoint
Video conferencing -The video cloud research-GlowpointVideo conferencing -The video cloud research-Glowpoint
Video conferencing -The video cloud research-GlowpointvideoB2B
 
Scalable Infrastructure for Distributed Video
Scalable Infrastructure for Distributed VideoScalable Infrastructure for Distributed Video
Scalable Infrastructure for Distributed VideoVideoguy
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
Bizhub v care security white paper version 2
Bizhub v care security white paper version 2Bizhub v care security white paper version 2
Bizhub v care security white paper version 2Barry A. Johnson, Six Sigma Green Belt, CDIA+
 
WR Paper: Security for Videoconferencing
WR Paper: Security for VideoconferencingWR Paper: Security for Videoconferencing
WR Paper: Security for VideoconferencingVideoguy
 
Whitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPWhitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPMEDINA
 
Whitepaper MEDINA Architecture
Whitepaper MEDINA ArchitectureWhitepaper MEDINA Architecture
Whitepaper MEDINA ArchitectureMEDINA
 
TDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux EmbarcadoTDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux Embarcadotdc-globalcode
 
Ba cnet bldg_auto_solutions_brochure_sb008_a
Ba cnet bldg_auto_solutions_brochure_sb008_aBa cnet bldg_auto_solutions_brochure_sb008_a
Ba cnet bldg_auto_solutions_brochure_sb008_aalfmich
 
Streaming Video Solutions White Paper
Streaming Video Solutions White PaperStreaming Video Solutions White Paper
Streaming Video Solutions White PaperVideoguy
 
Core Trace PCI DSS Compliance
Core Trace PCI DSS ComplianceCore Trace PCI DSS Compliance
Core Trace PCI DSS ComplianceCoreTrace Corporation
 
Sini online assignment
Sini online assignmentSini online assignment
Sini online assignmentsiniajay
 
PharmaLedger – Blockchain platform modifications and interoperability
PharmaLedger – Blockchain platform modifications and interoperabilityPharmaLedger – Blockchain platform modifications and interoperability
PharmaLedger – Blockchain platform modifications and interoperabilityPharmaLedger
 
Fractalia manager whitepaper_en_5_2_2
Fractalia manager whitepaper_en_5_2_2Fractalia manager whitepaper_en_5_2_2
Fractalia manager whitepaper_en_5_2_2Fractalia
 
Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondCoreTrace Corporation
 
CoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Corporation
 

More Related Content

Similar to CoreTrace Whitepaper: BOUNCER by CoreTrace ROI Analysis

Whitepaper multipoint video_conferencing_june2012_wr
Whitepaper multipoint video_conferencing_june2012_wrWhitepaper multipoint video_conferencing_june2012_wr
Whitepaper multipoint video_conferencing_june2012_wrJohn Shim
 
IP Centric Conferencing IP Centric Conferencing IP Centric ...
IP Centric Conferencing IP Centric Conferencing IP Centric ...IP Centric Conferencing IP Centric Conferencing IP Centric ...
IP Centric Conferencing IP Centric Conferencing IP Centric ...Videoguy
 
Video Teleconferencing (VTC) Technology at the National ...
Video Teleconferencing (VTC) Technology at the National ...Video Teleconferencing (VTC) Technology at the National ...
Video Teleconferencing (VTC) Technology at the National ...Videoguy
 
Bounty bout 0x01 - WebRTC edition
Bounty bout 0x01 - WebRTC editionBounty bout 0x01 - WebRTC edition
Bounty bout 0x01 - WebRTC editionSandro Gauci
 
Online Video Collaboration for Manufacturing Industry - Full Report
Online Video Collaboration for Manufacturing Industry - Full ReportOnline Video Collaboration for Manufacturing Industry - Full Report
Online Video Collaboration for Manufacturing Industry - Full ReportAbhizar Bootwala
 
Video conferencing -The video cloud research-Glowpoint
Video conferencing -The video cloud research-GlowpointVideo conferencing -The video cloud research-Glowpoint
Video conferencing -The video cloud research-GlowpointvideoB2B
 
Scalable Infrastructure for Distributed Video
Scalable Infrastructure for Distributed VideoScalable Infrastructure for Distributed Video
Scalable Infrastructure for Distributed VideoVideoguy
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
WR Paper: Security for Videoconferencing
WR Paper: Security for VideoconferencingWR Paper: Security for Videoconferencing
WR Paper: Security for VideoconferencingVideoguy
 
Whitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPWhitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPMEDINA
 
Whitepaper MEDINA Architecture
Whitepaper MEDINA ArchitectureWhitepaper MEDINA Architecture
Whitepaper MEDINA ArchitectureMEDINA
 
TDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux EmbarcadoTDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux Embarcadotdc-globalcode
 
Ba cnet bldg_auto_solutions_brochure_sb008_a
Ba cnet bldg_auto_solutions_brochure_sb008_aBa cnet bldg_auto_solutions_brochure_sb008_a
Ba cnet bldg_auto_solutions_brochure_sb008_aalfmich
 
Streaming Video Solutions White Paper
Streaming Video Solutions White PaperStreaming Video Solutions White Paper
Streaming Video Solutions White PaperVideoguy
 
Sini online assignment
Sini online assignmentSini online assignment
Sini online assignmentsiniajay
 
PharmaLedger – Blockchain platform modifications and interoperability
PharmaLedger – Blockchain platform modifications and interoperabilityPharmaLedger – Blockchain platform modifications and interoperability
PharmaLedger – Blockchain platform modifications and interoperabilityPharmaLedger
 
Fractalia manager whitepaper_en_5_2_2
Fractalia manager whitepaper_en_5_2_2Fractalia manager whitepaper_en_5_2_2
Fractalia manager whitepaper_en_5_2_2Fractalia
 

Similar to CoreTrace Whitepaper: BOUNCER by CoreTrace ROI Analysis (20)

Whitepaper multipoint video_conferencing_june2012_wr
Whitepaper multipoint video_conferencing_june2012_wrWhitepaper multipoint video_conferencing_june2012_wr
Whitepaper multipoint video_conferencing_june2012_wr
 
IP Centric Conferencing IP Centric Conferencing IP Centric ...
IP Centric Conferencing IP Centric Conferencing IP Centric ...IP Centric Conferencing IP Centric Conferencing IP Centric ...
IP Centric Conferencing IP Centric Conferencing IP Centric ...
 
Video Teleconferencing (VTC) Technology at the National ...
Video Teleconferencing (VTC) Technology at the National ...Video Teleconferencing (VTC) Technology at the National ...
Video Teleconferencing (VTC) Technology at the National ...
 
Bounty bout 0x01 - WebRTC edition
Bounty bout 0x01 - WebRTC editionBounty bout 0x01 - WebRTC edition
Bounty bout 0x01 - WebRTC edition
 
Online Video Collaboration for Manufacturing Industry - Full Report
Online Video Collaboration for Manufacturing Industry - Full ReportOnline Video Collaboration for Manufacturing Industry - Full Report
Online Video Collaboration for Manufacturing Industry - Full Report
 
Video conferencing -The video cloud research-Glowpoint
Video conferencing -The video cloud research-GlowpointVideo conferencing -The video cloud research-Glowpoint
Video conferencing -The video cloud research-Glowpoint
 
Scalable Infrastructure for Distributed Video
Scalable Infrastructure for Distributed VideoScalable Infrastructure for Distributed Video
Scalable Infrastructure for Distributed Video
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
Bizhub v care security white paper version 2
Bizhub v care security white paper version 2Bizhub v care security white paper version 2
Bizhub v care security white paper version 2
 
WR Paper: Security for Videoconferencing
WR Paper: Security for VideoconferencingWR Paper: Security for Videoconferencing
WR Paper: Security for Videoconferencing
 
Whitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLPWhitepaper MEDINA Metric Recommender NLP
Whitepaper MEDINA Metric Recommender NLP
 
Whitepaper MEDINA Architecture
Whitepaper MEDINA ArchitectureWhitepaper MEDINA Architecture
Whitepaper MEDINA Architecture
 
TDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux EmbarcadoTDC2016SP - Trilha Linux Embarcado
TDC2016SP - Trilha Linux Embarcado
 
Ba cnet bldg_auto_solutions_brochure_sb008_a
Ba cnet bldg_auto_solutions_brochure_sb008_aBa cnet bldg_auto_solutions_brochure_sb008_a
Ba cnet bldg_auto_solutions_brochure_sb008_a
 
Streaming Video Solutions White Paper
Streaming Video Solutions White PaperStreaming Video Solutions White Paper
Streaming Video Solutions White Paper
 
Core Trace PCI DSS Compliance
Core Trace PCI DSS ComplianceCore Trace PCI DSS Compliance
Core Trace PCI DSS Compliance
 
Sini online assignment
Sini online assignmentSini online assignment
Sini online assignment
 
PharmaLedger – Blockchain platform modifications and interoperability
PharmaLedger – Blockchain platform modifications and interoperabilityPharmaLedger – Blockchain platform modifications and interoperability
PharmaLedger – Blockchain platform modifications and interoperability
 
Fractalia manager whitepaper_en_5_2_2
Fractalia manager whitepaper_en_5_2_2Fractalia manager whitepaper_en_5_2_2
Fractalia manager whitepaper_en_5_2_2
 

More from CoreTrace Corporation

Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondCoreTrace Corporation
 
CoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Corporation
 
CoreTrace Whitepaper: Protecting PCI Systems And Data
CoreTrace Whitepaper: Protecting PCI Systems And DataCoreTrace Whitepaper: Protecting PCI Systems And Data
CoreTrace Whitepaper: Protecting PCI Systems And DataCoreTrace Corporation
 
CoreTrace Whitepaper: Combating Buffer Overflows And Rootkits
CoreTrace Whitepaper: Combating Buffer Overflows And RootkitsCoreTrace Whitepaper: Combating Buffer Overflows And Rootkits
CoreTrace Whitepaper: Combating Buffer Overflows And RootkitsCoreTrace Corporation
 
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesNetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesCoreTrace Corporation
 
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceFeldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceCoreTrace Corporation
 
Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:CoreTrace Corporation
 

More from CoreTrace Corporation (7)

Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And Beyond
 
CoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy Systems
 
CoreTrace Whitepaper: Protecting PCI Systems And Data
CoreTrace Whitepaper: Protecting PCI Systems And DataCoreTrace Whitepaper: Protecting PCI Systems And Data
CoreTrace Whitepaper: Protecting PCI Systems And Data
 
CoreTrace Whitepaper: Combating Buffer Overflows And Rootkits
CoreTrace Whitepaper: Combating Buffer Overflows And RootkitsCoreTrace Whitepaper: Combating Buffer Overflows And Rootkits
CoreTrace Whitepaper: Combating Buffer Overflows And Rootkits
 
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesNetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
 
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceFeldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
 
Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:
 

Recently uploaded

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Recently uploaded (20)

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

CoreTrace Whitepaper: BOUNCER by CoreTrace ROI Analysis

  • 1. bOunCer by COreTraCe rOi analySiS BOUNCER by CoreTrace™ Provides True Endpoint Security with Rapid Breakeven BOUNCER by CoreTrace™ with its unique Endpoint Security v2.0 whitelisting solution is sounding the death knell for inferior Endpoint Security v1.0 solutions (i.e., blacklisting solutions). BOUNCER’s revolutionary 180°-shifted approach to endpoint security is a disruptive technology that delivers true endpoint security and sets a new standard-of-care benchmark for the industry. The prevailing circumstances for endpoint security have inarguably changed for the better. BOUNCER closes the well-publicized security gaps that plague Endpoint Security v1.0 solutions that are evident in data-breach headlines that—even though grossly underreported—are now commonplace. Not only does BOUNCER’s superior Endpoint Security v2.0 technology provide true endpoint security, but it does so at a significant savings of $938,085 over Endpoint Security v1.0 solutions—an $846 savings per server per year (assumes a three-year 500-server implementation). Moreover, this BOUNCER implementation is forecasted to pay for itself in less than 10 months and it has an ROI of 277%. COnTenTS 1 Overview 2 TCO: endpOinT SeCuriTy v1.0 vS. v2.0 3 Three-Year 500-Server Implementation 4 Annual Cost per Server patch management Configuration Management and License Auditing help Desk Support Failed-System Recovery lost End-User productivity Blacklist Signature Subscriptions Blacklist management BOUNCER maintenance and Support BOUNCER management 8 Summary Ju ly 20 08 CoreTrace Corporation 6500 River Place Blvd., Building II, Suite 105, Austin, TX 78730 512-592-4100 | sales@coretrace.com | www.coretrace.com
  • 2. BOUNCER by CoreTrace™ Overview “ A massive BOUNCER by CoreTrace™ with its unique Endpoint Security v2.0 whitelisting solution is data breach at sounding the death knell for inferior Endpoint Security v1.0 solutions (i.e., blacklisting solutions). Hannaford… BOUNCER’s revolutionary 180°-shifted approach to endpoint security is a disruptive technology was caused by… that delivers true endpoint security and sets a new standard-of-care benchmark for the industry. software…secretly The prevailing circumstances(1) for endpoint security have inarguably changed for the better. installed on servers BOUNCER closes the well-publicized security gaps that plague Endpoint Security v1.0 solutions at every one of its that are evident in data-breach headlines that—even though grossly underreported(2)—are now grocery stores… commonplace. Hannaford said… that the problem This paper presents an illustrative analysis of the total cost of ownership (TCO) of potentially Endpoint Security v1.0 vs. BOUNCER’s Endpoint Security v2.0 to provide a framework for compromised the discussion of BOUNCER’s return on investment (ROI). The analysis in the main body of the account numbers paper presents the hard costs; the commentary on the periphery of the paper presents the and expiration dates really-hard costs—the kind that can crush a company. Fortunately, with BOUNCER-protected on all 4.2 million endpoints, these really-hard costs for some companies can be avoided costs for your company. credit and debit While you are reading this paper, allow yourself to become a peripheral visionary:(3) visualize card numbers used your company navigating the gauntlet of cyberthreats and compliance audits with and without at its stores in six BOUNCER-protected endpoints and ask yourself what a prudent person would purchase given states…Hannaford the circumstances now prevailing—v1.0 security-gap-riddled technology or BOUNCER’s v2.0 said it knows of true endpoint security? about 2,000 cases Gartner states, “IT security organizations that spend compliance dollars wisely can also solve of fraud related security gaps and reduce risk.”(4) BOUNCER is the perfect example of this type of investment— to the intrusion… BOUNCER eliminates the need for and expense of ineffective blacklisting solutions and Hannaford… BOUNCER protects unpatched vulnerabilities from exploitation, effectively neutralizing has replaced the zero-day threats; therefore, with BOUNCER-secured endpoints, IT departments, compliance hardware on which departments, and corporate officers with fiduciary duties can have confidence that zero-day the malware was threats have zero time-to-live. installed… Hannaford said… Not only does BOUNCER’s superior Endpoint Security v2.0 technology provide true endpoint that it was certified security, but it does so at a significant savings of $938,085 over Endpoint Security v1.0 a year ago as solutions—an $846 savings per server per year (assumes a three-year 500-server [Windows meeting card and Solaris] implementation). Moreover, this BOUNCER implementation is forecasted to pay security standards for itself in less than 10 months and it has an ROI of 277%.(5)(6) and was recertified on Feb. 27…the day Visa first notified Hannaford of unusual card activity and began its investigation.(5) (1) “In most countries, the management of an organization has a financial responsibility to the owners of a company. – Ross Kerber In a publicly traded company, this is the shareholder. When considering the liability that a company or senior The Boston Globe executives may face when security is breached, there are several concepts with which one should become familiar. In no particular order, they are due diligence, due care, and the prudent man rule. ...the prudent man rule is a rule that management must follow when determining if due diligence and due care have been exercised properly. The prudent man rule states that management is required to perform those duties that “prudent” people would normally take, given similar circumstances.” “ The federal lawsuits filed…over the Cliff Riggs; Network Perimeter Security: Building Defense In-depth; CRC Press, 2003; pp 10–11. security breach of (2) Robert McMillan; Most retailer breaches are not disclosed, Gartner says; Computerworld.com; May 26, 2008. Hannaford…have (http://computerworld.co.nz/news.nsf/scrt/AB1E9146A5D82A3CCC257454007AB6C6) been consolidated (3) Comedian Steven Wright: “I’m a peripheral visionary. I can see into the future—just way off to the side.” and assigned to the Bruce Weber; COMEDY REVIEW; This Guy Still Finds the World Baffling. Blame the World.; The New York Times; District of Maine… June 18, 2002. (http://query.nytimes.com/gst/fullpage.html?res=9506EEDA1E3CF93BA25755C0A9649C8B63) As of June 1, (4) Mark Nicolett; Key Issues for Infrastructure Protection, 2008; Gartner; March 10, 2008. (http://www.gartner.com/DisplayDocument?ref=g_search&id=619208) 14 lawsuits had (5) Ross Kerber; Advanced tactic targeted grocer; The Boston Globe; March 28, 2008. been filed.(6) (http://www.boston.com/news/local/articles/2008/03/28/advanced_tactic_targeted_grocer/) – Judy Harrison (6) Judy Harrison; Hannaford breach lawsuits assigned to judge; Bangor Daily News; June 10, 2008. Bangor Daily News (http://bangornews.com/news/t/news.aspx?articleid=165441&zoneid=500) BOUNCER by CoreTrace ROI Analysis 1
  • 3. BOUNCER by CoreTrace™ “ Hannaford… TCO: endpOinT SeCuriTy v1.0 vS. v2.0 represents the first publicly Endpoint Security v1.0 with its multiple layers of reactive antivirus and blacklisting databases, acknowledged security patches, and personal firewalls (all of which slow performance and add significant theft of sensitive cost to network operations) can’t defeat today’s threats (e.g., zero-day attacks from malware, card authorization rootkits, and buffer overflows)—let alone tomorrow’s. data in transit... The theft is likely Zero-day threats are the bane of Endpoint Security v1.0’s reactive blacklisting strategy to be particularly (that is, to identify malware and keep it out)—since the strategy is dependent on timely signature damaging for updates, it is inherently flawed and no amount of multi-layering or heuristics can save it. In effect, card-issuing banks. blacklisting surrenders control to the cybercriminals, handing them the first-strike advantage. The theft of the Moreover, if the first strike is delivered by a stealth bomber (buffer overflow code injection) that security codes… happens to drop a kernel-based-rootkit payload, Endpoint Security v1.0 technology is unaware enables criminals that an attack has occurred and the compromised system is literally open for business.(7) to manufacture BOUNCER takes a revolutionary 180°-shifted approach to endpoint security providing a unique counterfeit cards, Endpoint Security v2.0 solution that defeats today’s, tomorrow’s, next year’s…threats—finally, and any fraudulent efficiently, effectively, BOUNCER stops the madness. charges made using the counterfeit cards BOUNCER is proactive, whitelist-based, provides enforcement from within the kernel, and must be borne by delivers true endpoint security and reduces the cost of managing corporate IT assets through the issuing banks. the following measures: Under Visa rules, „ Eliminating the need for reactive security patching (patch for features you need on your if a merchant is schedule and have time to fully test patches) and chronic signature updating. identified as the source of the data „ Blocking configuration drift and reducing the need for frequent license auditing. breach, direct „ Reducing IT help desk workload by eliminating calls related to security failures, as fraud costs initially well as performance and system instability issues triggered by rogue applications and borne by the bank configuration drift. can be charged back to the retailer. „ Reducing expensive downtime costs caused by time-consuming recovery efforts and lost Without the security end-user productivity due to security breaches. codes, criminals can use the card TCO for a traditional Endpoint Security v1.0 solution’s blacklisting approach consists of the information only in use of antimalware technology plus frequent patching, configuration management, and license card-not-present auditing. The costs include staff time to handle security-related help desk calls and recover environments… failed systems, annual subscriptions to blacklist signature services, and lost productivity due to in which case server downtime and lost end-user productivity. BOUNCER’s Endpoint Security v2.0 solution the retailer bears significantly reduces valuable staff time required for patching, configuration management, liability…This theft help desk calls, and failed-system recovery, as well as eliminating the cost for annual blacklist shows that a focus subscriptions and blacklist management.(8) on end-to-end protection of customer data… is critical for merchants and other card-industry stakeholders… Focusing only on PCI compliance may (7) “It is foreseeable that a victim of a cyber-extortion scheme involving a DDoS [distributed denial of service] attack will sue the owners of the networks used to perpetrate the attack. There is no statute that criminalizes allowing one’s limit the possibility computer or network to be hijacked and used as a zombie to attack other computers or networks. However, there of fines from are doctrines and precedents that are applicable to this seemingly novel fact pattern…as security practices become acquiring banks, more harmonized and routinized over time, the likelihood of a plaintiff winning a negligence lawsuit in the context of but will do nothing downstream liability will improve…Negligence is clearly the most applicable potential framework in seeking redress from a business that fails to take reasonable steps in protecting its information system, such as to allow it to become to prevent the an attack zombie…far from requiring a standard of perfection, an action based on negligence theory will, practically much-larger costs by definition, seek out and enforce a reasonable standard.” of a data breach.(8) Adam J. Sulkowski; Cyber-Extortion: Duties and Liabilities Related to the Elephant in the Server Room; bepress Legal Series, Working Paper 1935; January 11, 2007. (http://law.bepress.com/expresso/eps/1935) – Avivah Litan and John Pescatore (8) Avivah Litan and John Pescatore; Hannaford Case Shows Need for End-to-End Card Data Security; Gartner; Gartner March 20, 2008. (http://www.gartner.com/resources/156500/156542/hannaford_case_shows_need_fo_156542.pdf) BOUNCER by CoreTrace ROI Analysis 2
  • 4. BOUNCER by CoreTrace™ ThREE-YEAR 500-SERvER ImplEmENTATION Table 1 and Figure 1 compare the TCO for a three-year 500-server (Windows and Solaris) implementation for Endpoint Security v1.0 vs. BOUNCER’s Endpoint Security v2.0. This analysis demonstrates that BOUNCER can save an organization $938,085, deliver an ROI of “2007 will go down in the 277%,(9) and is forecasted to pay for itself in less than 10 months. record books as a thoroughly lousy year for Table 1. Endpoint Security v1.0 vs. BOUNCER’s v2.0 keeping information Total Cost of Ownership: Three-Year 500-Server Implementation private. Of the $198 average cost of each personal Year 1 Year 2 Year 3 3-Year ToTal record lost this year, about $18 was operaTing CosTs spent on finding Endpoint Security v1.0 $605,560 $605,560 $605,560 $1,816,680 new customers to replace those who Endpoint Security v2.0 $182,565 $182,565 $182,565 $547,695 fled following a v2.0 Cost (Savings) ($422,995) ($422,995) ($422,995) ($1,268,985) breach—up from Less BOUNCER Acquisition Cost $330,900 – – $330,900 $14.50 spent on customer Net v2.0 Cost (Savings) ($92,095) ($422,995) ($422,995) ($938,085) acquisition in 2006 v2.0 ROI(9) 277% …Companies are v2.0 Breakeven Point 9.7 months also spending more on public relations damage control after data security incidents: 3% of data breach costs are now Endpoint associated with Security SAVINGS ($938,085) v2.0 post-breach P.R., compared with * $1 65 65 65 3-Year Total just 1% last year… ,5 ,5 ,4 82 82 13 $878,595 $1 “Now that we have $5 Endpoint these notification Security 3-Year Total requirements, $605,560 $605,560 $605,560 v1.0 $1,816,680 we can see Year 1 Year 2 Year 3 who’s good at this, *Includes product acquisition cost. and who’s really awful at this”… “When a company Figure 1. Endpoint Security v1.0 vs. BOUNCER’s v2.0 exposes a security Total Cost of Ownership: Three-Year 500-Server Implementation(10) event to the public, the cost of lost business is much greater than a regulator’s fine or lawsuits. The stakes for security are really raised.”(10) – Andy Greenberg (9) v2.0 ROI = (v1.0 Operating Costs – (v2.0 Operating Costs – BOUNCER Maintenance and Support Cost)) / Forbes.com (BOUNCER Acquisition Cost + BOUNCER Maintenance and Support Cost*) v2.0 ROI = ($1,816,680 – ($547,695 – $198,540)) / ($330,900 + $198,540) *$198,540 = $132.36 (annual per server; see Table 2) × 500 servers × 3 years. (10) Andy Greenberg; If Security Is Expensive, Try Getting Hacked; Forbes.com; November 28, 2007. (http://www.forbes.com/technology/2007/11/27/data-privacy-hacking-tech-security-cx_ag_1128databreach.html) BOUNCER by CoreTrace ROI Analysis 3
  • 5. BOUNCER by CoreTrace™ ANNUAl COST pER SERvER Table 2 and Figure 2 compare the annual TCO per server for Endpoint Security v1.0 vs. “ After several employees of BOUNCER’s Endpoint Security v2.0; the methodology and calculations for the line items in the Oak Ridge Table 2 are discussed thereafter. This analysis demonstrates that BOUNCER can save an National Laboratory organization $846 per server per year.(11)(12) acknowledged falling prey to nefarious emails Table 2. Endpoint Security v1.0 vs. BOUNCER’s v2.0 that sought to Total Cost of Ownership: Annual per Server infect their computers and endpoinT seCuriTY endpoinT seCuriTY v2.0 steal corporate operaTing CosTs v1.0 v2.0 CosT (savings) information, they were then told… Patch Management $784.45 $51.98 ($732.47) it had been Configuration Management and one aspect of a $167.50 $41.88 ($125.62) License Auditing “sophisticated Help Desk Support $81.78 $65.42 ($16.36) cyber attack” to gain access Failed-System Recovery $47.26 $4.73 ($42.53) to several Lost End-User Productivity $96.92 $9.69 ($87.23) national laboratories Blacklist Signature Subscriptions $14.31 — ($14.31) and institutions. No business is Blacklist Management $18.90 — ($18.90) immune…Corporate BOUNCER Maintenance and Support — $132.36 132.36 espionage is big BOUNCER Management — $59.07 59.07 business. According to the FBI, such Total Cost (Savings) $1,211.12 $365.13 ($845.99) theft costs all U.S. companies between $24 billion and $100 billion annually…about 20 percent of those Endpoint Security losses are tied to $365 SAVINGS ($846) v2.0 cyber threats… according to a study by the American Society for Industrial Endpoint Security $1,211 Security and… v1.0 Pricewaterhouse Coopers, proprietary information stolen Figure 2. Endpoint Security v1.0 vs. BOUNCER’s v2.0 at Fortune 1000 Total Cost of Ownership: Annual per Server(13) companies has steadily increased from $24 billion a year in 1995 to at least double that now…Fortune 2000 companies experience theft 2 or 3 times a year… adding billions (11) Assumes a three-year 500-server (Windows and Solaris) implementation. more in losses. (12) Assumes the following fully-burdened staff costs per hour: help desk: $27.26, IT: $39.38, and white collar: $48.46. Salaries for Tier 1 and Tier 2 IT workers and knowledge workers uplifted by a 26% burden rate. Oftentimes, they are unaware.(13) Michael A. Silver, Federica Troni, and Mark A. Margevicius; Desktop Total Cost of Ownership: 2008 Update; Gartner; January 24, 2008. (http://www.gartner.com/DisplayDocument?id=588719) – Ken Silverstein (13) Ken Silverstein; Stealing Corporate Secrets; EnergyBiz Insider; February 29, 2008. EnergyBiz Insider (http://www.energycentral.com/centers/energybiz/ebi_detail.cfm?id=470) BOUNCER by CoreTrace ROI Analysis 4
  • 6. BOUNCER by CoreTrace™ patch management Endpoint Security v1.0—Patching events for security vulnerabilities average twice a month and each event (which may include multiple patches) requires 0.83 IT staff hours per server.(14) “ Attackers use exploit code Each patch event entails intrusion detection and identification of compromised systems after provided by tools disclosure of a vulnerability, threat assessment, patch retrieval, assembly and testing, patch such as Metasploit, deployment, and, if necessary, failure resolution. which helps people BOUNCER’s Endpoint Security v2.0—Zero-day threats no longer necessitate patching create exploits immediately upon notification of a security vulnerability. Patching can be conducted on a quarterly (attacks) quickly and basis instead of reactively, several times a month. In addition, time required per patching event easily, and Fuzzers, can be reduced by up to 60% because many steps are greatly simplified or no longer necessary. which attack servers For example, the patching process no longer has to include time to detect intrusions, identify with millions of compromised systems, and perform risk analysis and make an impact assessment. permutations of code searching Table 3. Endpoint Security v1.0 vs. BOUNCER’s v2.0—patch management for weaknesses… With these tools, paTChing evenTs iT sTaff Time iT sTaff CosT ToTal attackers find (#/server/Year) (hours/evenT) ($/hour) ($/server/ any number of endpoinT seCuriTY Year) vulnerabilities and v1.0 24 × 0.83 × $39.38 = $784.45 create and deploy v2.0 4 × 0.33 × $39.38 = $51.98 attacks before their patches are v2.0 Cost (Savings) 20 × 0.50 × $39.38 = ($732.47) released. Tools… are helping attackers create about a Configuration Management and License Auditing hundred new viruses Endpoint Security v1.0—Blacklisting strategies do not stop configuration drift (the addition every few minutes… of applications by end users) and frequent patching also increases the need for configuration security software management. Furthermore, regular license auditing is also required to protect an organization can’t keep up. Plus, from the legal risks of software license infringement. IT staff time required for configuration SMEs can’t always management and license auditing per server per year is 4.25 hours.(15) apply patches right away because BOUNCER’s Endpoint Security v2.0—True endpoint security delivered by BOUNCER attackers are finding eliminates the need for configuration management and license auditing to counter configuration vulnerabilities in the drift and rogue applications. Use is reduced to satisfying compliance requirements, saving 75% patches themselves of time previously required for these management functions.(16) and attacking Table 4. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Configuration Management and those, too…This license Auditing leaves enterprises vulnerable to at iT sTaff Time iT sTaff CosT ToTal least some attacks endpoinT seCuriTY (hours/server/Year) ($/hour) ($/server/Year) no matter what they v1.0 4.25 × $39.38 = $167.50 do…Attackers are too well-informed v2.0 1.06 × $39.38 = $41.88 and exploits v2.0 Cost (Savings) 3.19 × $39.38 = ($125.62) are multiplying too fast for the current system of downloading patches to be sufficiently effective by itself. SMEs are all too often (14) Average weighted time for patching events for Windows and OSS servers (both database and nondatabase servers) calculated at 0.83 hours. vulnerable to attacks Theo Forbath, Patrick Kalaher, and Thomas O’Grady; The Total Cost of Security Patch Management: no one is aware of A Comparison of Microsoft Windows and Open Source Software; Wipro Technologies Ltd.; April 2005. until they strike.(16) (http://download.microsoft.com/download/1/7/b/17b54d06-1550-4011-9253-9484f769fe9f/TCO_SPM_Wipro.pdf) – David Geer (15) CoreTrace analysis based on customer interviews and industry publications. Processor (16) David Geer; The Patch Window is Closing; Processor, Volume 30, Issue 24; June 13, 2008. (http://www.processor.com/editorial/article.asp?article=articles%2Fp3024%2F32p24%2F32p24.asp) BOUNCER by CoreTrace ROI Analysis 5
  • 7. BOUNCER by CoreTrace™ help Desk Support Endpoint Security v1.0—An organization’s IT help desk can expect one call per end-user per server per year; with a call averaging 0.15 hours. With an average ratio of 20 end-users per server, a 500-server implementation can expect 10,000 help desk calls per year.(17) “Our legacy security model is BOUNCER’s Endpoint Security v2.0—IT surveys indicate that 75% of help desk calls are for reactive… routine requests such as forgotten passwords, how-to information, install/move/add/changes, It’s the digital support-specific service offerings, and hardware failures. However, 25% may be caused version of closing directly or indirectly by lack of endpoint security such as failures from security breaches, or the barn door after performance and instability problems caused by rogue applications and configuration drift.(18) the horse gets out. Enforcing endpoint security with BOUNCER can reduce help desk call load by 20%.(19) To make things Table 5. Endpoint Security v1.0 vs. BOUNCER’s v2.0—help Desk Support worse, the gap is collapsing between help desk help desk help desk ToTal the publication of a Calls sTaff Time sTaff CosT ($/server/ new vulnerability endpoinT seCuriTY (Calls/server/Year) (hours/Call) ($/hour) Year) and the appearance v1.0 20 × 0.15 × $27.26 = $81.78 of an exploit that takes advantage v2.0 16 × 0.15 × $27.26 = $65.42 of it. More alarming v2.0 Cost (Savings) 4 × 0.15 × $27.26 = ($16.36) still, our window to react to such exploits is Failed-System Recovery shrinking. We must instead Endpoint Security v1.0—Without true endpoint security, 1 in 10 servers is likely to be impacted adopt a proactive by a security breach in a year. Recovery of the failed or compromised server can take up to security model that 12 hours for systems with standby hardware and data replication and much more than 12 hours neutralizes attack for recovery from traditional tape backup.(20) vectors before a BOUNCER’s Endpoint Security v2.0—With BOUNCER-secured endpoints, the projected true crisis occurs… system-failure rate attributable to a security breach is reduced by 90% to 1 in 100.(21) Malicious code can weaken Table 6. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Failed-System Recovery network defenses— opening backdoors, seCuriTY BreaChes iT sTaff Time iT sTaff CosT ToTal stealing files or (proBaBiliTY/ (hours/ ($/hour) ($/server/ confiscating endpoinT seCuriTY server/Year) BreaCh) Year) passwords— v1.0 10% × 12.0 × $39.38 = $47.26 and pave the way v2.0 1% × 12.0 × $39.38 = $4.73 for a secondary attack. Who has v2.0 Cost (Savings) 9% × 12.0 × $39.38 = ($42.53) time to run exhaustive security audits— checking files’ integrity, changing passwords, etc.—after network infections?… And the most critical component (17) CoreTrace market research shows that the help desk call rate averages one call per seat per year, and for your first line the average ratio of seats or end users per server is 1 to 20. of defense is (18) SupportSoft Press Release; Employee Forgetfulness Causes Most Calls Into IT Help Desk; March 5, 2007. proactive security.(21) (http://supportsoft.mediaroom.com/index.php?s=press_releases&item=414) (19) CoreTrace analysis based on customer interviews and industry publications. – Gregor Freund cnet.com (20) Carla Safigan; Disaster Recovery for the Masses—The Role of OS-Level Server Virtualization in Disaster Recovery; Computer Technology Review; May 2, 2006. (http://www.wwpi.com/index.php?option=com_content&task=view&id=1151&Itemid=44) (21) Gregor Freund; Security—why don’t we get it?; cnet.com; November 4, 2003. (http://news.cnet.com/Security--why-dont-we-get-it/2010-7355_3-5101632.html) BOUNCER by CoreTrace ROI Analysis 6
  • 8. BOUNCER by CoreTrace™ lost End-User productivity Endpoint Security v1.0—When a server fails, on average 20 end-users’ ability to perform their job is impacted.(22) If the organization has a business continuity plan, these end-users are out of “ Your company just suffered a operation on average only 1 hour instead of the 12 hours required to restore the server.(23) data breach. If you’re wondering BOUNCER’s Endpoint Security v2.0—With BOUNCER, lost productivity due to system what to do next, failures caused by security breaches is reduced by 90%. it’s already too late Table 7. Endpoint Security v1.0 vs. BOUNCER’s v2.0—lost End-User productivity …it’s time to ask the tough questions: seCuriTY end losT end- ToTal why did it happen, BreaChes users end-user user and whose head produCTiviTY CosT should be on a (proBaBiliTY/ (#/ (hours/ ($/hour) ($/server/ platter?… endpoinT seCuriTY server/Year) server) BreaCh) Year) In short, when it v1.0 10% × 20 × 1.0 × $48.46 = $96.92 comes to preventing security breaches… v2.0 1% × 20 × 1.0 × $48.46 = $9.69 “It’s not just a v2.0 Cost (Savings) 9% × 20 × 1.0 × $48.46 = ($87.23) security problem; it’s a management issue.”(26) Blacklist Signature Subscriptions – Mathew Schwartz Endpoint Security v1.0—Annual subscription to blacklist signature services is required.(24) IT Compliance Institute BOUNCER’s Endpoint Security v2.0—Not applicable. Table 8. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Blacklist Signature Subscriptions “ Several major security vendors ToTal BlaCklisT signaTure suBsCripTions have failed the latest endpoinT seCuriTY ($/server/Year) VB100 antivirus v1.0(24) $14.31 test…which v2.0 – requires antivirus tools to correctly v2.0 Cost (Savings) ($14.31) identify 100 active malware samples collected from the Blacklist management internet…“Threats Endpoint Security v1.0—Blacklist management requires an average of 0.48 IT staff hours per that several vendors server annually (update blacklists, perform scans, and monitor scan results).(25) failed to detect in this test have been BOUNCER’s Endpoint Security v2.0—Not applicable.(26)(27) circulating in the Table 9. Endpoint Security v1.0 vs. BOUNCER’s v2.0—Blacklist management real world for some months now”…“It is iT sTaff Time iT sTaff CosT ToTal disappointing to see endpoinT seCuriTY (hours/server/Year) ($/hour) ($/server/Year) so many products v1.0 0.48 × $39.38 = $18.90 tripping up over threats that are not v2.0 — × — = — even new. Computer v2.0 Cost (Savings) 0.48 × $39.38 = ($18.90) users should be getting a better (22) CoreTrace market research shows that the average ratio of seats or end users per server is 1 to 20. service from their (23) Carla Safigan; Disaster Recovery for the Masses—The Role of OS-Level Server Virtualization in Disaster Recovery; antivirus vendors Computer Technology Review; May 2, 2006. than this.” Among (http://www.wwpi.com/index.php?option=com_content&task=view&id=1151&Itemid=44) the companies that (24) Symantec Endpoint Protection 11.0: annual maintenance price for 500 systems. (http://www.symantec.com) failed were McAfee (25) CoreTrace analysis based on customer interviews and industry publications. and Trend Micro.(27) (26) Mathew Schwartz; Data Breach Damage Control; IT Compliance Institute; May 16, 2007. (http://www.itcinstitute.com/display.aspx?id=1731) – Shaun Nichols (27) Shaun Nichols; Big names fail VB100 antivirus test; vnunet.com; April 4, 2008. vunet.com (http://www.vnunet.com/vnunet/news/2213530/big-names-fall-vb100-test) BOUNCER by CoreTrace ROI Analysis 7
  • 9. BOUNCER by CoreTrace™ BOUNCER maintenance and Support “ A CFO at a Fortune 1000 company holds Endpoint Security v1.0—Not applicable.(28) his cursor over BOUNCER’s Endpoint Security v2.0—Industry standard maintenance and support for an e-mail that BOUNCER includes technical assistance, software maintenance (i.e., updates and upgrades), appears to be from and an extended hardware warranty. a direct report… Now the Table 10. Endpoint Security v1.0 vs. BOUNCER’s v2.0—BOUNCER maintenance and cybercriminal is in Support position to launch an attack that ToTal will allow him to BounCer mainTenanCe and supporT mine the CFO’s endpoinT seCuriTY ($/server/Year) hard drive for v1.0 – credit card numbers, v2.0 $132.36 passwords to corporate databases v2.0 Cost (Savings) $132.36 or other proprietary information. In one click, the BOUNCER management CFO is going to Endpoint Security v1.0—Not applicable. have himself a big problem. If you’re BOUNCER’s Endpoint Security v2.0—On an annual basis, CoreTrace estimates that it will his IT manager, take 1.5 IT staff hours per server to implement and manage BOUNCER. Tasks included in you’re going to have the 1.5 IT staff hours are initial policy generation and distribution, daily review of reports, and one too. If…credit policy modifications. This cost is more than offset by the true endpoint security delivered by card phishers are BOUNCER and the substantial cost savings made possible by BOUNCER. the carpet-bombers Table 11. Endpoint Security v1.0 vs. BOUNCER’s v2.0—BOUNCER management of computer crime… C-level attackers iT sTaff Time iT sTaff CosT ToTal are the snipers… endpoinT seCuriTY (hours/server/Year) ($/hour) ($/server/Year) the attackers have v1.0 – × – = – taken effort and time finding and v2.0 1.5 × $39.38 = $59.07 researching… v2.0 Cost (Savings) 1.5 × $39.38 = $59.07 they [send] an e-mail from outside but make it look like it’s Summary coming from inside the company…the Not only does BOUNCER’s superior Endpoint Security v2.0 technology provide true endpoint vehicle for the security, but it does so at a significant savings of $938,085 over Endpoint Security v1.0 solutions Trojan is a Word or (assumes a three-year 500-server [Windows and Solaris] implementation)—an $846 savings Excel file containing per server per year. Moreover, this BOUNCER implementation is forecasted to pay for itself in the exploit…seen less than 10 months and it has an ROI of 277%. cases where the exploit code is modified just enough to go undetected by the particular antivirus program the target company is running —and the hackers have done the work of finding out just what those programs are.(28) – Barbara Darrow (28) Barbara Darrow; Is Your CEO a Cybercrime Target?; Computerworld.com; November 06, 2007. Computerworld.com (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9045564&pageNumber=1) BOUNCER by CoreTrace ROI Analysis 8
  • 10. BOUNCER by CoreTrace™ abOuT COreTraCe CoreTrace delivers a revolutionary approach to endpoint security with BOUNCER by CoreTrace™: the most tamperproof, scalable, and comprehensive kernel-level application whitelisting solution. Since BOUNCER only allows authorized applications to execute, it defeats sophisticated malware attacks, including rootkits and zero-day threats, and it neutralizes “ Trying to determine the memory-based exploits like buffer overflows. With BOUNCER, companies can stop paying for annual signature updates and start patching applications on their schedule.(29) cost of a data breach is no easy task. After calculating the expenses of legal fees, call centers, lost employee productivity, regulatory fines, stock plummets, and customer losses, it can be dizzying, if not impossible, to come up with a true number… many different factors…should be part of the data breach cost calculation—and it’s more than just losing money… a security breach can cost you anywhere between $90 and $305 per record. This means that the cost of a single, significant breach may run into millions or even billions of dollars.(29) – Khalid Kark The CTO Forum © 2008 CoreTrace Corporation. All rights reserved. CoreTrace and BOUNCER by CoreTrace are among the trademarks and registered trademarks of the company in the United States and other countries. All other trademarks are the property of their respective owners. (29) Khalid Kark; Calculating the cost of a security breach; The CTO Forum; June 30, 2007. (http://www.thectoforum.com/article.php?prodid=664&page=1) BOUNCER by CoreTrace ROI Analysis 9