Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion

•Download as PPTX, PDF•

1 like•1,381 views

As IT professionals know, endpoint security needs are evolving: new vulnerabilities are disclosed every day, new malware creation is exploding, and traditional AV signatures cannot keep up. You know that patch management and AV are necessary – but not sufficient – layers of endpoint defense. Intelligent application whitelisting is an important addition to your risk mitigation strategy, and taking prudent measures to establish a best practices approach can help reduce costs and risks in the long term. View these slides to learn the recommended steps to check unknown executables on your endpoints as we dive into a technical discussion of what the critical items to address: * Prepare – properly laying the groundwork for implementing application whitelisting is crucial to ultimate success. * Lockdown – preventing unwanted or dangerous changes while providing necessary flexibility to support business needs. * Manage – maintaining the environment as application, end user and business needs develop.

Technology

Developing Best
Practices for
Application
Whitelisting

An In-Depth Technical Webcast

Today’s Agenda

Introduction

Augment Your Defenses to Mitigate Zero-Days,
with Lessons Learned from the Field
• Laying the Groundwork
• Creating Policies
• Protecting Endpoints
• Managing the Environment

Q&A

Today’s Panelists

Douglas Walls David Murray
Chief Information Officer Sr. Product Manager
EMSolutions, Inc. Lumension

3

Why Application Whitelisting Is Important

AVERAGE detection rate after 30 days = 62%

Today’s Endpoint Security Stack Sources of Endpoint Risk

AV 5%
Zero-Days
Device
Control 30%
Application Missing Patches
Control
65%
Patch & Configuration
Management Misconfigurations

4

Benefits of a Solid Whitelisting Process
Malware Costs Money Controlled Change is Good

© Creative Commons / Kevin Dooley

5

Application Whitelisting Best Practices

Laying the
Groundwork

Application
Managing the Creating
Whitelisting
Environment Policies
Process

Protecting
Endpoints

6

Groundwork | Policies | Lockdown | Management

Clean
Avoid End User Disruption
• No need to reimage
• Off-hours, thorough scan to
remove known malware

8

Groundwork | Policies | Lockdown | Management

Scan

9

Groundwork | Policies | Lockdown | Management

Organize

10

Groundwork | Policies | Lockdown | Management

Denied Apps

Eliminate unknown or
unwanted applications on
your endpoints

User Endpoint View

Admin Console View

Prevent applications from executing
even while endpoints are in monitor
mode only

11

Groundwork | Policies | Lockdown | Management

Trusted Updater
Automated whitelist maintenance reduces workload

13

Groundwork | Policies | Lockdown | Management

Trusted Publisher
Automated whitelist maintenance reduces workload

14

Groundwork | Policies | Lockdown | Management

Trusted Path
Automated whitelist maintenance reduces workload

15

Groundwork | Policies | Lockdown | Management

Monitor
Stabilize Whitelist Maintenance
• Full visibility into unaccounted for
changes (good and bad)
• Accommodate variations
• Reduce maintenance workload

16

Groundwork | Policies | Lockdown | Management

Local Authorization
Effectively Balance Security
and Productivity
• End user flexibility
• “Third Way” between Monitor
and Lockdown

Admin Console View

User Endpoint View
17

Groundwork | Policies | Lockdown | Management

Enforce

Easy Transition
• Minimize disruption
• Provide flexibility
• Minimize workload

19

Groundwork | Policies | Lockdown | Management

Fine-Tune

Think Globally, Act Locally
• Harmonize where appropriate
• Anticipate future needs

20

Groundwork | Policies | Lockdown | Management

Control Is this a
Known Bad?
Should my Is this a
users have this? Known Good?

What is trying
to install this?
Is this
Unwanted?

Who wrote
this?

Where did this
come from?

22

Groundwork | Policies | Lockdown | Management

Adapt
Develop processes
• Changes in environment
• Changes in end user needs
• Changes in business needs

Create flexibility to balance
security with productivity across
entire organization

© Creative Commons / Bruce Tuten

23

More Information
• Free Security Scanner Tools • Get a Quote (and more)
» Application Scanner – discover all the apps http://www.lumension.com/
being used in your network intelligent-whitelisting/buy-now.aspx#7
» Vulnerability Scanner – discover all OS and
application vulnerabilities on your network
» Device Scanner – discover all the devices
being used in your network
http://www.lumension.com/Resources/
Security-Tools.aspx

• Lumension® Intelligent Whitelisting™
» Online Demo Video:
http://www.lumension.com/Resources/
Demo-Center/Endpoint-Security.aspx
» Free Trial (virtual or download):
http://www.lumension.com/
intelligent-whitelisting/free-trial.aspx

25

Global Headquarters
8660 East Hartford Drive
Suite 300
Scottsdale, AZ 85255

1.888.725.7828
info@lumension.com
http://blog.lumension.com

Viewers also liked

хэрэглэгдэхүүн 5

1 news item

Phys LO

Happy Birthday

Wat weet jij van duurzaamheid en wat kun je zelf doen om het verschil te maken? Zomaar twee vragen aan studenten op de dag van de Duurzaamheid 2016. Centrum Duurzaam, leerbedrijf O3 en leerbedrijf Youth Creations organiseerden voor maar liefst 300 eerstejaars studenten bouw, techniek en ICT een interessant en divers programma op de locatie Anne Wadmanwei 6 in Leeuwarden. Klik door voor het volledige bericht: http://www.centrumduurzaamfriesland.nl/nieuws/300-studenten-roc-friese-poort-actief-op-dag-duurzaamheid-2016/

Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam

duurzame verhalen

Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)

Gareth Trotman

Viewers also liked (6)

хэрэглэгдэхүүн 5

1 news item

Phys LO

Happy Birthday

Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam

Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)

More from Lumension

Today, everything has to be patched. From desktop and laptop to server and every operating system in between. With compliance, what we have to pay attention to is what’s actually out there on our network – not just what you wish were there. Servers (Windows, UNIX and Linux)Even Windows-centric environments have at least a few UNIX or Linux servers that need to be secure and patched. Linux and UNIX servers often fulfill critical functions with few and short maintenance windows. These can be a real pain point for admins who specialize in Windows or are managed by an entirely different admin. Desktops (Windows and Macs)Maybe you are responsible for desktops instead of servers. Again it’s not just a Windows story any more. More and more people are opting for Macs instead of Windows. Watch the vulnerability lists and you’ll see that Macs need patching too. The kicker though is the 80/20 rule. If at least 80% of the computers on your network are Windows and the remaining 20% are everything else – it’s a safe bet, given the maturity and ease of WSUS, that 20% of your patching effort goes to Windows but 80% of your effort is consumed with patching all the different flavors of UNIX, Linux and your Mac computers. We need one system to manage all our patches and one pane of glass to prove compliance from data center to desktop. Believe it or not System Center 2012 R2 provides the infrastructure to do just that – it just needs a little help. Last time we showed you how you can patch 3rd party apps on Windows through System Center Update Manager. This time we’ll show you how you can patch non-Windows systems using the new System Center clients for UNIX, Linux and Mac.

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs

Lumension

Mike Rothman, Analyst and President of Securosis, as he dives into an interactive discussion around endpoint security management in 2015. • Protecting Endpoints: How the attack surface has changed, and the impact to your defense strategy • Anti-Malware: The best ways to deal with today’s malware and effectively protect your endpoints from attack • Endpoint Hygiene: Why you can’t forget the importance of ensuring solid management of your endpoint devices • BYOD and Mobility: The extent that corporate data on smart mobile devices impacts your organization • The Most Important Buying Considerations in 2015

2015 Endpoint and Mobile Security Buyers Guide

Lumension

Security expert Randy Franklin Smith from Ultimate Windows Security, shows you a technical and pragmatic approach to mobile security for iOS and Android. For instance, for iOS-based devices, he talks about: • System security • Encryption and data protection • App Security • Device controls Randy also discusses Android-based devices. While Android gets its kernel from Linux, it builds on Linux security in a very specialized way to isolate applications from each other. And learn about iOS and Android mobile device management needs: Password and remote wipe capabilities are obvious but there’s much more to the story. And you’ll hear Randy's list of top-10 things you need to secure and manage on mobile devices in order to protect access to your organization’s network and information.

Top 10 Things to Secure on iOS and Android to Protect Corporate Information

Lumension

2014 BYOD and Mobile Security Survey Preliminary Results

Lumension

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...

Lumension

Careto: Unmasking a New Level in APT-ware

Lumension

Point of Sale (POS) systems have long been the target of financially-motivated crime. And in 2013 the magnitude of cybercrime against POS systems skyrocketed, with 97% of breaches in the retail sector and 47% in the healthcare sector aimed against POS systems. With sensitive financial and personal records getting exposed by the millions, the FBI recently warned that POS systems are under sustained and continued attack. During this webcast, we will take you into the three critical entry points to POS system attacks. We’ll discuss how the attacks look, the timelines for these breaches, and what proactive security measures you can take to help your organization minimize the risk to your POS systems. •3 Critical Entry Points to POS System Attacks •Impacts to an Organization •Top 3 Security Measures to Minimize Risk

Securing Your Point of Sale Systems: Stopping Malware and Data Theft

Lumension

Thanks to you, the audience at UltimateWindowsSecurity, for the 2014 Survey. It was a great success with over 600 respondents! I appreciate all of you who took the time give me your thoughts. You’ve provided some great ideas for real training for free™ in the coming year and I’ve learned which topics are most important to you. That’s going to benefit all of us. In this presentation, we'll present our findings. We’ll talk about the community’s top goals for 2014, which topics you recommended I cover in 2014 and what our community sees as the greatest security concerns for 2014. And we’ll discuss other trends emerging from the data. Find out about the top trends, such as: SIEM – What are the top SIEM solutions? What is the UWS community’s top 3 biggest challenges with log/monitoring/security analytics? Endpoint Security – How widely is application whitelisting being used and what is driving its adoption? Which endpoint security technologies really work and which are just hype? Mobile Devices – Are employee owned mobile devices supported at your organization? Is your biggest concern with mobile devices malware, data loss, compliance? The Cloud – How widely are your peers embracing the cloud? Is your organization’s security policy, technology and training keeping up with the move to the cloud? Advanced Security Topics – What are your peers doing about “big data”? What about endpoints as sensors, and other new security approaches? This will be a fact-filled and fascinating presentation on where we are and where we are going on a host of different security fronts. Don’t miss it.

2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...

Lumension

2014 Data Protection Maturity Survey: Results and Analysis

Lumension

Organizations around the world are losing intellectual property and customer data to cyber criminals at mind-boggling rates. How is this happening? For 5 consecutive years, the annual State of the Endpoint Report, conducted by Ponemon Institute, has surveyed IT practitioners involved in securing endpoints. This year’s report reveals endpoint security risk is more difficult to minimize than ever before. What are IT pros most concerned about heading into 2014? From the proliferation of mobile devices, third party applications, and targeted attacks/APTs, endpoint security risk for 2014 is becoming more of a challenge to manage. Larry Ponemon of the Ponemon Institute reveals statistics on growing insecurity, IT’s perceived areas of greatest risk for 2014 as well as tactical suggestions for how to improve your endpoint security. Specifically, you will learn: •IT perspective on the changing threat landscape and today’s Top 5 risks; •Disconnect between perceived risk and corresponding strategies to combat those threats; •Tips and tricks on how to best communicate today’s threats and subsequent needed responses up the management chain

Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk

Lumension

Windows XP is Coming to an End: How to Stay Secure Before You Migrate

Lumension

Last time it was Adobe’s code signing servers. This time it’s 2.9 million (let’s just call it 3) customers’ data and lots and lots of source code – including that of Acrobat. Adobe products already require constant patching but offer no enterprise level solution for patching. In this presentation by Ultimate Windows Security, we’ll present why this will likely lead to more and we’ll look at what we know about this latest Adobe breach. But more importantly I’ll show what you can do in advance to protect yourself against zero-day exploits in Adobe products and programs. After all this won’t be the last time a software vendor is hacked. In this day and age we have to protect ourselves from the failures of our software providers. I’ll present 3 ways you can go on the offensive to protect yourself from the constant vulnerabilities discovered in Adobe Reader, Acrobat, Flash and Oracle Java. Here’s what we’ll discuss: *Alternatives to Adobe and Java *Different ways to containing vulnerable apps in a sandbox * Using advanced memory protection technologies to detect and stop buffer overflows and other memory based attacks Patching and AV only helps you close the window on hacker opportunity. To prevent the window from opening in the first place you have to prevent untrusted code from ever running in the first place. That requires application whitelisting and memory protection against code injection – a growing menace that bypasses controls based on file system and EXE scanning. That’s why Lumension is sponsoring this event. I think you’ll be interested seeing 2 of their end-point security technologies that will help protect you from the new exploits on their way as a result of this hack as well as the constant stream of exploits discovered every day. This is going to be a really cool presentation with practical tips that you can apply. Learn how to protect your systems from other software vendor vulnerabilities.

Adobe Hacked Again: What Does It Mean for You?

Lumension

Real World Defense Strategies for Targeted Endpoint Threats

Lumension

APTs: The State of Server Side Risk and Steps to Minimize Risk

Lumension

2014 Ultimate Buyers Guide to Endpoint Security Solutions

Lumension

The European Union’s proposed new data protection regulation aims to update Europe’s data protection laws and to provide a more consistent data protection framework across the Continent. But the new regulation, which replaces the EU’s existing data protection directive and member states’ data protection laws, will put some new demands on organisations holding personal data. Breach disclosure and “the right to be forgotten” will force businesses to update their data protection and retention policies. This presentation will: - Review the current EU laws, and contrast them with laws in other parts of the world; - Examine the arguments for strengthening data protection in Europe, and the likely outcomes; - Look at what security teams should already be doing to put themselves ahead of legislative changes; - Outline strategies and technologies organisations need to meet current and future data protection requirements - Help infosecurity teams to explain the changes – and their consequences – to their boards

Data Protection Rules are Changing: What Can You Do to Prepare?

Lumension

Just over a decade ago, the outcry over Microsoft’s security problems reached such a deafening level that it finally got the attention of Bill Gates, who wrote the famous Trustworthy Computing memo. Today, many would say that Microsoft leads the industry in security and vulnerability handling. Now, it’s Java that’s causing the uproar. But has Oracle learned anything from Microsoft in handling these seemingly ceaseless problems? I’ll start by reviewing the wide-ranging Java security changes Oracle is promising to make. They sound so much like the improvements Microsoft made back with Trustworthy Computing that I’m amazed it hasn’t been done before! We’ll move on to discuss what you can do now to address Java security in your environment. One of the banes of security with Java is the presence of multiple versions of Java, often on the same computer. Sometimes you really need multiple versions of Java to support applications with version dependencies (crazy, I know). But other times, multiple copies of Java are there “just because.” In this webinar, we’ll talk about the current Java mess and how you can get out of it, including: Assessment. We’ll discuss ways and tools for cataloging what versions of Java are actually out there on your endpoints. Identification. We’ll look at methods for identifying which versions are actually required by your users; for instance, I’ll show you how you might use Process Tracking and File Access events in the Windows Security Log to see which Java files are being accessed, by whom, and by which programs. Disabling. Can you just disable Java? Maybe not for everyone, but what if you could disable it for certain roles within your company that make up 25% – or even 75% – of your workforce? That would be worth it. We’ll explore how you might go about such a measure. Hardening. We’ll dive into the technical details of hardening Java and reducing your Java attack surface, where possible. Filtering. Another way to reduce your Java risk is by filtering Java content at your gateway. Again not full coverage control – but what is? Patching. Then, we’ll delve into the Java patching nightmare. Depending on self-updaters on each endpoint, is could be a recipe for disaster, and I’ll explain why. Basically the only way out of the Java mess is a 3rd party solution that can perform centralized patch management and remediation and that’s where our sponsor, Lumension, will come in.

Java Insecurity: How to Deal with the Constant Vulnerabilities

Lumension

Bring Your Own Device (BYOD) is a popular topic in 2013. Trying to understand the security risks and prepare strategies to either adopt, or decide against BYOD for security and data control reasons is the challenge. The 160,000 member Information Security Community on LinkedIn conducted the survey "BYOD & Mobile Security 2013" to shed some light on the drivers for BYOD, how companies will benefit from BYOD, and how they respond to the security risks associated with this trend. With 1,600 responses, some interesting insights and patterns into BYOD were uncovered.

BYOD & Mobile Security: How to Respond to the Security Risks

Lumension

Do you want to know how ‘best-of-breed’ enterprises prioritize their IT risk? Join Richard Mason, Vice President & Chief Security Officer at Honeywell, whose team is responsible for global security, during a roundtable discussion with Pat Clawson, Chairman & CEO of Lumension and Roger Grimes, Security Columnist & Author. Uncover strategies beyond traditional antivirus signatures and learn a more holistic approach to effective risk management. Find out ‘how’ and ‘why’ you can make security a prioritized function within your organization. Join this expert panel webcast to learn how to: 1)Understand your business audiences and evaluate their risk tolerance 2)Leverage reputation management services that are appropriate for your organization 3)Utilize realistic change management to secure prioritized data depositories

3 Executive Strategies to Reduce Your IT Risk

Lumension

APTs have become a major topic of conversation – and in some cases, a critical threat – among IT security departments. But the technology and motivation behind APTs has changed significantly since the introduction of Stuxnet, continuing to evolve rapidly to avoid detection. In this special Dark Reading presentation, a leading expert on the origins and directions of APTs will discuss the changing nature of these sophisticated threats – and how you can prepare your enterprise security environment to detect and mitigate these complex and dangerous attacks.

The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...

Lumension

More from Lumension (20)

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs

2015 Endpoint and Mobile Security Buyers Guide

Top 10 Things to Secure on iOS and Android to Protect Corporate Information

2014 BYOD and Mobile Security Survey Preliminary Results

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...

Careto: Unmasking a New Level in APT-ware

Securing Your Point of Sale Systems: Stopping Malware and Data Theft

2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...

2014 Data Protection Maturity Survey: Results and Analysis

Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk

Windows XP is Coming to an End: How to Stay Secure Before You Migrate

Adobe Hacked Again: What Does It Mean for You?

Real World Defense Strategies for Targeted Endpoint Threats

APTs: The State of Server Side Risk and Steps to Minimize Risk

2014 Ultimate Buyers Guide to Endpoint Security Solutions

Data Protection Rules are Changing: What Can You Do to Prepare?

Java Insecurity: How to Deal with the Constant Vulnerabilities

BYOD & Mobile Security: How to Respond to the Security Risks

3 Executive Strategies to Reduce Your IT Risk

The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...

Recently uploaded

Generative AI refers to a class of machine learning algorithms that are designed to generate new data samples that are similar to those in the training data. Unlike traditional AI models that are trained to recognize patterns and make predictions, generative AI models have the ability to create entirely new data based on the patterns they have learned. This is achieved through techniques such as generative adversarial networks (GANs), variational autoencoders (VAEs), and transformer architectures, among others.

Generative AI Use Cases and Applications.pdf

alexjohnson7307

Introduction to FIDO Authentication and Passkeys.pptx

FIDO Alliance

Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots

Leah Henrickson

Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.

2024 May Patch Tuesday

Ivanti

Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...

FIDO Alliance

WebAssembly is Key to Better LLM Performance

Samy Fodil

Ruby has a lot of standard libraries from Ruby 1.8. I promote them democratically with GitHub today via default and bundled gems. So, I'm working to extract them for Ruby 3.4 continuously and future versions. It's long journey for me. After that, some versions may suddenly happen LoadError at require when running bundle exec or bin/rails, for example matrix or net-smtp. We need to learn what's difference default/bundled gems with standard libraries. In this presentation, I will introduce what's the difficult to extract bundled gems from default gems and the details of the functionality that Ruby's require and bundle exec with default/bundled gems. You can learn how handle your issue about standard libraries.

Long journey of Ruby Standard library at RubyKaigi 2024

Hiroshi SHIBATA

Webinar Recording: https://www.panagenda.com/webinars/alles-neu-macht-der-mai-wir-durchleuchten-den-verbesserten-notes-eigenschaftendialog/ Haben Sie sich schon einmal über den zu kleinen Eigenschaftendialog in Notes geärgert? Mussten Sie einen Agenten oder eine Aktion erstellen, um schnell mal ein Feld zu ändern? Haben Sie jedes mal endlos nach dem zu vergleichenden Feld gesucht, nachdem Sie ein neues Dokument ausgewählt haben? Wollten Sie das verdammte Ding einfach nur größer machen? Zum Glück gibt es dafür eine Lösung – und sie ist wahrscheinlich bereits installiert! Mit dem kostenlosen panagenda Document Properties (Pro) erhalten Sie den Eigenschaftendialog, den Sie schon immer haben wollten. Größer, anpassbar, und im Volltext durchsuchbar. Sehen Sie mehrere Dokumente gleichzeitig oder vergleichen Sie mit einem Diff-Viewer. Ändern Sie beliebige Felder und haben Sie endlich eine einfache Möglichkeit, Profildokumente für alle Benutzer zu verwalten. Entdecken Sie mit HCL Ambassador Marc Thomas, wie Document Properties Ihre Arbeit vereinfachen und Sie bei der täglichen Verwendung von Domino-Anwendungen unterstützen kann – im Client oder im Designer. Sie werden es nicht bereuen! Für Sie in diesem Webinar - Was Document Properties ist, welche Editionen es gibt und wo es in Notes und Domino Designer zu finden ist - Wie Sie nach einem beliebigen Feld suchen und es bearbeiten, Dokumente vergleichen oder alle Daten per CSV exportieren können - Suchen, Bearbeiten und auch Löschen von Profildokumenten - Welche Konfigurationseinstellungen verfügbar sind, um Funktionen anzupassen - Wie Ihre Endbenutzer davon profitieren - Sehen Sie alles in einer Live-Demo

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...

panagenda

Discover the top CodeIgniter development companies that can elevate your project to new heights. Our blog explores the best firms known for their expertise in CodeIgniter framework development. From robust web applications to scalable solutions, these companies deliver excellence. Whether you're a startup or an enterprise, find the perfect match for your development needs on Top CSS Gallery's blog.

Top 10 CodeIgniter Development Companies

TopCSSGallery

Extensible Python: Robustness through Addition - PyCon 2024

Patrick Viafore

State of the Smart Building Startup Landscape 2024!

Memoori

ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...

FIDO Alliance

Vector Search @ sw2con for slideshare.pptx

jbellis

Collecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside

Stefan Dietze

Introduction To Iamnobody89757 the vast expanse of the online realm, where anonymity and individuality intertwine, a phenomenon has emerged that captivates the collective curiosity – Iamnobody89757. This enigmatic entity, once a mere username, has transcended its humble origins to become a symbol of the intricate dance between privacy and expression in the digital age. Through this exploration, we delve into the origins, evolution, and far-reaching implications of this intriguing moniker, shedding light on the profound questions it raises about our digital selves. The Origins of iamnobody89757 The origins of iamnobody89757 are shrouded in the virtual mists of the wide internet. The term gained popularity on a niche discussion group that examined the most puzzling puzzles on the internet. In this instance, iamnobody89757 surfaced as a mysterious character who captivated other users with a conversation that was both mysterious and perceptive. These initial interactions were nuanced, filled with veiled references and subtle hints that painted a picture of someone—or something—with an intricate understanding of the digital domain’s darker corners. Although initially dismissed by many as just another anonymous user, the accuracy of certain predictions shared by iamnobody89757 soon captured the collective imagination. The iamnobody89757 enigma began with this shift from an unnoticed commenter to a fascinating subject, laying the groundwork for a growing tale that would weave its way through the fabric of online communities. The Birth of a Digital Persona Tracing the Roots The inception of Iamnobody89757 can be traced back to the early days of online forums and chat rooms, where users sought a delicate balance between anonymity and connectivity. In a world where personal information was a coveted commodity, this seemingly random assemblage of words and numbers became a shield, protecting the user’s identity while allowing them to engage in discourse without fear of judgment or repercussions.

“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf

Muhammad Subhan

In today's digital world, trust is key to customer relationships, but keeping it is a huge challenge. Customers are well-informed and empowered, quick to change brands if their trust is broken, even if it costs them more. This puts a lot of pressure on organizations to handle trust and safety issues with great care and transparency. The challenge, however, is real. Fragmented solutions have left privacy, legal, and security teams in a perpetual cycle of catch-up, struggling to update privacy notices, manage customer data rights, and answer lengthy security questionnaires—all while trying to prove ROI to the business. It's a thankless job, filled with repetition, tedious tasks, and constant interdepartmental coordination. Combine this with fast regulatory changes and the quick evolution of AI, and it becomes overwhelming. Join this webinar to learn more about TrustArc's new innovative solution Trust Center, the only unified, no-code online hub for trust and safety information built for privacy, security, compliance, and legal teams. Trust Center streamlines your path to compliance, shortens the pre-sales cycle, and reduces both legal and regulatory risks, saving time, effort, and cost. This webinar will review: - Why companies are building unified Trust Centers for a robust privacy program. - How unified Trust Centers streamline sales cycles, ensure regulatory compliance, and reduce operational bottlenecks. - How compliance, legal, security, GRC, and privacy teams benefit from a unified Trust Center in terms of needs, pains, and outcomes. - How TrustArc Trust Center saves time and work while reducing legal, reputational, and compliance risk by effectively managing policies, notices, terms, and disclosures, and providing real-time updates on subprocessors.

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...

TrustArc

Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf

FIDO Alliance

Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...

ScyllaDB

Where to Learn More About FDO _ Richard at FIDO Alliance.pdf

FIDO Alliance

Overview of Hyperledger Foundation

Hyperleger Tokyo Meetup

Recently uploaded (20)

Generative AI Use Cases and Applications.pdf

Introduction to FIDO Authentication and Passkeys.pptx

Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots

2024 May Patch Tuesday

Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...

WebAssembly is Key to Better LLM Performance

Long journey of Ruby Standard library at RubyKaigi 2024

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...

Top 10 CodeIgniter Development Companies

Extensible Python: Robustness through Addition - PyCon 2024

State of the Smart Building Startup Landscape 2024!

ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...

Vector Search @ sw2con for slideshare.pptx

Collecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside

“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...

Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf

Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...

Where to Learn More About FDO _ Richard at FIDO Alliance.pdf

Overview of Hyperledger Foundation

Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion

1. Developing Best Practices for Application Whitelisting An In-Depth Technical Webcast

2. Today’s Agenda Introduction Augment Your Defenses to Mitigate Zero-Days, with Lessons Learned from the Field • Laying the Groundwork • Creating Policies • Protecting Endpoints • Managing the Environment Q&A

3. Today’s Panelists Douglas Walls David Murray Chief Information Officer Sr. Product Manager EMSolutions, Inc. Lumension 3

4. Why Application Whitelisting Is Important AVERAGE detection rate after 30 days = 62% Today’s Endpoint Security Stack Sources of Endpoint Risk AV 5% Zero-Days Device Control 30% Application Missing Patches Control 65% Patch & Configuration Management Misconfigurations 4

5. Benefits of a Solid Whitelisting Process Malware Costs Money Controlled Change is Good © Creative Commons / Kevin Dooley 5

6. Application Whitelisting Best Practices Laying the Groundwork Application Managing the Creating Whitelisting Environment Policies Process Protecting Endpoints 6

7. Laying the Groundwork

8. Groundwork | Policies | Lockdown | Management Clean Avoid End User Disruption • No need to reimage • Off-hours, thorough scan to remove known malware 8

9. Groundwork | Policies | Lockdown | Management Scan 9

10. Groundwork | Policies | Lockdown | Management Organize 10

11. Groundwork | Policies | Lockdown | Management Denied Apps Eliminate unknown or unwanted applications on your endpoints User Endpoint View Admin Console View Prevent applications from executing even while endpoints are in monitor mode only 11

12. Creating Policies

13. Groundwork | Policies | Lockdown | Management Trusted Updater Automated whitelist maintenance reduces workload 13

14. Groundwork | Policies | Lockdown | Management Trusted Publisher Automated whitelist maintenance reduces workload 14

15. Groundwork | Policies | Lockdown | Management Trusted Path Automated whitelist maintenance reduces workload 15

16. Groundwork | Policies | Lockdown | Management Monitor Stabilize Whitelist Maintenance • Full visibility into unaccounted for changes (good and bad) • Accommodate variations • Reduce maintenance workload 16

17. Groundwork | Policies | Lockdown | Management Local Authorization Effectively Balance Security and Productivity • End user flexibility • “Third Way” between Monitor and Lockdown Admin Console View User Endpoint View 17

18. Protecting Endpoints

19. Groundwork | Policies | Lockdown | Management Enforce Easy Transition • Minimize disruption • Provide flexibility • Minimize workload 19

20. Groundwork | Policies | Lockdown | Management Fine-Tune Think Globally, Act Locally • Harmonize where appropriate • Anticipate future needs 20

21. Managing the Environment

22. Groundwork | Policies | Lockdown | Management Control Is this a Known Bad? Should my Is this a users have this? Known Good? What is trying to install this? Is this Unwanted? Who wrote this? Where did this come from? 22

23. Groundwork | Policies | Lockdown | Management Adapt Develop processes • Changes in environment • Changes in end user needs • Changes in business needs Create flexibility to balance security with productivity across entire organization © Creative Commons / Bruce Tuten 23

24. Q&A

25. More Information • Free Security Scanner Tools • Get a Quote (and more) » Application Scanner – discover all the apps http://www.lumension.com/ being used in your network intelligent-whitelisting/buy-now.aspx#7 » Vulnerability Scanner – discover all OS and application vulnerabilities on your network » Device Scanner – discover all the devices being used in your network http://www.lumension.com/Resources/ Security-Tools.aspx • Lumension® Intelligent Whitelisting™ » Online Demo Video: http://www.lumension.com/Resources/ Demo-Center/Endpoint-Security.aspx » Free Trial (virtual or download): http://www.lumension.com/ intelligent-whitelisting/free-trial.aspx 25

26. Global Headquarters 8660 East Hartford Drive Suite 300 Scottsdale, AZ 85255 1.888.725.7828 info@lumension.com http://blog.lumension.com

Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (6)

More from Lumension

More from Lumension (20)

Recently uploaded

Recently uploaded (20)

Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion