Advanced Endpoint Protection (AEP)

NSS Labs made a splash at RSA 2017 with the release of their Advanced Endpoint Protection (AEP) test results.

What is AEP?

Periodic Table of Enterprise CyberSecurity Controls

Cyber Periodic Table of 50 Enterprise Controls

Distributed across three papers, Edward G. Amoroso has written a categorical introduction to the cybersecurity industry.  50 controls important to supporting enterprise cyber risk reduction are defined.

80% of professionals say on-premisis security more mature than "cloud"

Courtesy Doug Cahill blog (ESG Research

Any company selling SaaS will recognize this type of customer concern. 

Of course the reality is that there is no one "cloud".  Maturity and capability will vary across all organizations and industries.  Unfortunately, many risk assessors mistake possession for security.

When assessing risk to adopt a SaaS product, consider..

Bit9 + Carbon Black + Confer

Cybersecurity vendor Carbon Black (formerly bit9) has announced acquisition today of malware detection upstart vendor Confer.

Confer is a lesser known advanced endpoint protection vendor.  It provides a behavior-based method of threat detection.

There is no shortage of "next generation" behavior-based threat detection products, such as:

• Palo Alto Networks Traps (cyvera)
• SentinelOne
• CrowdStrike Falcon

Pure JS Ransomware

Sophos posted details of a new Ransomware sample that operates entirely from javascript. 

Different from the recent rash of malicious javascript files, this javascript does not rely on the introduction of a malicious binary.  Sophos titled the malware "JS/Ransom-DDL".

This type of malware can be dangerous if you have never considered javascript as a possible attack vector.  Without a binary to detect/inspect/observe, some advanced malware defense tools will be useless.