The newest frontier in technology is also the most vulnerable.
Within network architecture, endpoint security is the method of protecting the corporate network when accessed via remote devices, such as laptops or smartphones. Each device creates a potential entry point for security threats. Endpoint security works to secure each of those endpoints on the network.
“Attackers are moving well beyond just malware; they’re moving to leveraging different attacks by actual actors within the customers’ environments,” said Jim Raine, director of technology alliances at Carbon Black Inc., which specializes in endpoint security. He explained that Carbon Black has been positioning itself to stop these new threats in such a way as to make it easy for a customer to maintain, manage and integrate their security.
Raine joined Lisa Martin (@Luccazara) and Peter Burris (@plburris), co-hosts of theCUBE, SiliconANGLE Media’s mobile live streaming studio, during Fortinet Accelerate 2017, held in Las Vegas. They discussed the changing face of security threats, the concept of intent-based networking, and the company’s standing as a key alliance partner of Fortinet Inc. (*Disclosure below.)
Identifying and neutralizing new cyber threats
When Carbon Black sees an unknown new binary on an endpoint, they submit it to FortiSandbox and ask, “Is it good or is it bad?” If FortiSandbox comes back with confirmation that the new binary is malicious, Carbon Black can stop it from executing again, as well as terminating in motion.
“Attackers today are going after whatever, wherever they can find the most valuable data to them,” explained Raine. He said Carbon Black has seen recent attacks in financial organizations, in “mom and pop shops,” in healthcare, as well as in retail and manufacturing. Customers need to take a proper assessment and understand where their assets reside and then deploy multiple different layers, including an endpoint solution, to stop the attacks.
In the past, firewalls and anti-viral solutions provided most network security. While that worked very well 10-15 years ago, it’s not sufficient for today’s needs. We are dealing more sophisticated and subtle intrusions to networks, Raine explained.
“People are after the data; they’re after what’s on the endpoints. That’s why we need to protect the endpoints as a first step,” said Raine. He went on to explain that endpoint protection should be combined with a network barrier and with cloud security. It’s also important to understand where the attacks are coming from and why. It’s what Fortinet calls “intent-based networking,” and it’s an integral part of Fortinet’s new network security offering.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of Fortinet Accelerate 2017. (*Disclosure: Fortinet Inc. and other companies sponsor some Accelerate 2017 segments on SiliconANGLE Media’s theCUBE. Neither Fortinet nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)