Organizations today are facing more sophisticated, targeted threats that leverage multiple attack vectors including zero-day and 3rd party application vulnerabilities, physical access through data ports and web-based attacks through the browser. Attacks such as these "Advanced Persistent Threats" (APTs) are constantly evolving to methodically deliver custom-developed malware payloads that traditional anti-virus cannot proactively defend against. In addition, Web-enabled technologies and the social business, cloud-based environment have introduced new IT risks through plug-ins, add-ons and application extensions. These risk are compounded by users with local admin accounts who inadvertently expose their PCs to vulnerabilities by installing applications for both personal and social use.
Not only are attacks becoming more targeted and sophisticated, but the sheer volume of new malware signatures is growing at rates that out-pace the scalability of traditional technologies. Today more than 3 million new malware signatures are identified each and every month1, but on average anti-virus solutions only identify about 19 percent of these within the first day of existence.2 As a result, the typical organization must now deal with upwards of 50 malware incidents every month3, leading to rapid increases in endpoint TCO with rising help desk calls and reimaging costs, and lost employee and IT productivity. Learn more on why you should not rely upon stand-alone anti-virus.
Endpoint TCO Increasing Due to Malware
To address the rising volume and sophistication of malware, organizations have added numerous point products to their security stack – an approach that has quickly become cumbersome and ineffective. This approach not only adds complexity to managing and securing endpoints, but it reduces overall visibility of the environment, leading to more IT risk and increased endpoint TCO. The time is now to shift out of the status quo and into a new strategy for endpoint management and security.
Introducing Lumension® Intelligent Whitelisting™
Lumension® Intelligent Whitelisting™ is the industry's first integrated, application whitelisting solution that brings together the combined strengths of patch management, application control, anti-virus, and trust-based change management into a single, integrated solution with a unified workflow that dramatically improves endpoint security effectiveness, without impacting organizational productivity.
Lumension® Intelligent Whitelisting™ enables your organization to:
Increase Endpoint Security Effectiveness through a robust, defense-in-depth security approach centered around application control, which eliminates un-trusted or unwanted change to endpoints and allows only trusted and known executable files to run. Software Demo: Application Control and AntiVirus - Working Together
Implement Flexible, Effective and Easy-To-Use Application Control / Whitelisting. Lumension has advanced application control technology to overcome the traditional challenges associated with previous generation application whitelisting solutions. Unlike traditional application control products, Lumension’s integrated Intelligent Whitelisting solution provides increased effectiveness, flexibility, and efficiency by enabling automated whitelist management for today’s dynamic endpoint environment while still maintaining effective endpoint security. Software Demo: Simplifying Whitelist Creation
Stop Memory-based Attacks. Protect against sophisticated memory injection attacks (such as RMI and Skape/JT) by validating all new processes, even those initiated by approved running applications using patent-pending Advanced Memory Protection.
Leverage Cloud-based Trust Score. The Lumension® Endpoint Integrity Service (EIS) provides an integrated cloud-based approach to explicit identification and application risk rating information, used by both admin and end user levels for increased security, control and optimized management of the application ecosystem. Software Demo: Leveraging Application Trust Scores
Enhance Visibility within the Endpoint Environment. Now IT can gain unparalleled visibility into all applications running within the endpoint environment, and identify what machines have the latest AV definitions and patches installed - regardless if those machines are online or offline. Software Demo: Getting Application Visibility
Regain Control of Endpoints by reducing Local Admin risk. End users with Local Admin rights can introduce untold levels of risk on the endpoint and leave holes for zero-day vulnerabilities and other malware to exploit. Gain visibility and control over cloud-delivered applications that can install without user access privileges. Software Demo: Reducing Local Admin Risk
Provide Local Authorization Capability. Empowers trusted end users to install applications on their local systems while logging all events for acceptance review by admins. Provides a balance between flexibility and security without the spreading risk in unchecked environments, whether in learning or lockdown mode. Software Demo: Empowering Users to Make On-the-Fly Whitelist Decisions
Eliminate Known Vulnerabilities in your Operating Systems and 3rd Party Applications before they can be exploited, by streamlining and automating the discovery, assessment and deployment of critical patches to both online and offline endpoints.
Improve Organizational Productivity by eliminating the number of malware incidents and software conflicts that cause unplanned network downtime and increased IT burden.
Reduce Your Endpoint TCO with fewer malware-driven IT help desk calls, incident responses, and machines to reimage, and improved network performance and employee productivity.
Streamline Compliance and Reporting to simplify management and reporting across all endpoints and reducing the overall IT compliance burden.
Lumension® Intelligent Whitelisting™ Workflow
- AV-Test.org malware statistics (Jan-2013)
- Cyveillance, Malware Detection Rates for Leading AV Solutions (Aug-2010)
- Ponemon Institute, 2013 State of Endpoint Risk (Dec-2012)