IT security professionals rank third-party application vulnerabilities as the greatest security risk in 2012. Yet, malware continues to exploit these - and other - vulnerabilities to breach our defenses. Knowing how to bridge the gap between knowing the problem and finding a solution is critical to mitigate risks in your endpoint environment.
In this presentation, learn:
• What the vital layers of defense are for your endpoints.
• How to thwart exploitation of your endpoint OS, configuration and 3rd party application vulnerabilities.
• How to prevent unknown applications from executing on your systems.
5. Not Simply A Microsoft Issue
•Since 2009 the most
hacked software was 3rd
party apps and browser
add-ons like Adobe and
QuickTime.
•Yet we focus our attention
on patching Microsoft
OS/Applications.
5
9. BYOD – On Going Blind Adoption
• A recent survey
of Companies
with 2,000 or
more employees
indicated that
70% permitted
BYOD yet less
then 30% had
policies to
address device
security
9
10. … Your Plugging That In To My Network?
Source: Juniper Mobile Threat Report
10
11. E is for Endpoint Series
1: Think Different
2: Back to Basics With Patch and Configuration Management
3: How to Check Unknown Apps at the Door
4: Enabling the Self-Defending Endpoint
5: Secrets to Reducing Complexity and Cost
6: How to Continuously Manage Compliance and Risk
11
13. Eliminate Exploitable Surface Area
Areas of Risk
at the Endpoint
5%
Zero-Day
30%
Missing Patches
65%
Misconfigurations
Source: John Pescatore Vice
President, Gartner Fellow
13
14. Patch Management Back in Vogue
• The top security priority is “patching
client-side software”1
» Streamline patch management and reporting
across OS’s AND applications
Source:
1 - SANS Institute
14
15. 3rd Party Applications
• Patch and defend is not just a
Microsoft issue
» More than 2/3 of today’s vulnerabilities come
from non-Microsoft applications
15
19. Application Whitelisting
Unauthorized
•Games
•iTunes
•Shareware
•Unlicensed S/W Known malware
• Viruses
• Worms
• Trojans
Authorized Unknown Malware
• Zero day
•Operating Systems • Targeted
•Business Software • Keyloggers
• Spyware
•Productivity Software
19
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
20. Layered Approach to Endpoint Protection
20
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
21. More Information
• Quantify Your IT Risk with Free E is for Endpoint Webcast and
Scanners Whitepaper Series
» http://www.lumension.com/special-offer/
premium-security-tools.aspx http://www.lumension.com/E-is-for-Endpoint.aspx
• Lumension® Endpoint Management
and Security Suite
» Demo:
http://www.lumension.com/endpoint-
management-security-suite/demo.aspx
» Evaluation:
http://www.lumension.com/endpoint-
management-security-suite/free-trial.aspx
21