Endpoint security is the process of securing the various endpoints connected within your network, often defined as end-user devices such as mobile devices, laptops, and desktop PCs, although hardware such as servers in a data center are also considered endpoints. This is best practice as defined by all Security Compliances Frameworks such as PCI DSS, ISO 27001, and SSAE 16.
Centrify’s identity service improves end-user productivity and secures access to cloud, mobile and on-premises applications via single sign-on (SSO), user provisioning and multi-factor authentication (MFA). Centrify supports internal users (employees, contractors) and external users (partners, customers), and manages applications, mobile devices, and Macs via Active Directory and LDAP. It can be deployed in the cloud or on-premises.
OSSEC/WAZUH is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. OSSEC/WAZUH has a centralized, cross-platform architecture allowing multiple systems to be easily monitored and managed.
WebRoot SecureAnywhere® BusinessEndpoint Protection provides security for servers, VMs, PCs, and Mac devices and protection against infections and data theft without sacrificing performance or productivity.
Sophos Endpoint doesn’t rely on signatures to catch malware, which means it catches zero-day threats and provides security for servers, VMs, PCs, and Mac devices.
Ansible is a free software platform for configuring and managing computers. It combines multi-node software deployment, ad hoc task execution, and configuration management. It manages Linux nodes over SSH or Windows nodes over PowerShell.
LabTech can take care of any repetitive IT maintenance task or process, monitor mission critical network components, run auto-remediation programs, and much more.
Regardless of their longevity, any web application is vulnerable to security exploits. Robust IPS/IDS solutions such as those offered by Security Onion will detect and block attempted attacks, and should be incorporated into a larger and layered security approach. Security Onion is quickly evolving and adding many new tools on a regular basis, thanks to its very active and growing user base. It is a distributed tool that allows any security analyst to configure and run an intrusion detection system with full monitoring and reporting capabilities in just a matter of minutes.
We provide Network Detection Systems Integrations with the features below
- Full Network Analysis
- PCI DSS Compliance Benchmarks
- Security Hardening Benchmarks
- Vulnerability Benchmarks
- Full Packet Capture Analysis-Driven Network Intrusion Detection
- Snort or Suricata Rule-Driven Intrusion Detection
- Real-time, Event-Driven Intrusion Detection
- Time-Based Alerting
- Threat Intelligence Feeds
ZeroKit is a zero knowledge auth + end-to-end encryption SDK: all your apps need to keep user data secure in the cloud.
User authentication, channel encryption (HTTPS) and at-rest encryption are the technologies to keep data secure in internet apps. At the beginning of every software project, developers build a custom solution to make these 3 technologies work together: the result is a software that’s vulnerable to many attacks, such as:
- Typically, hash-based user authentication is used, which is vulnerable to "pass the hash” attacks to log in on behalf of the users, simply using the stored password hash
- Password salts sometimes are stored with the hash in the user database, exposing the password database to brute force or dictionary attacks
- The secure web traffic (HTTPS) decrypts on the web server, exposing sensitive data in log files or to zero day exploits
- At-rest encryption stores the encryption key on disk or in a database, exposing sensitive data to hackers.
ZeroKit is web security reimagined: a technology that integrates user authentication, channel encryption and at-rest encryption into one SDK that can’t be taken apart. ZeroKit uses auth technology that doesn’t use hashes and thus, less vulnerable to attacks. For logged-in users, ZeroKit seamlessly encrypts user data on client devices (in mobile apps or in web browsers) at the time when data is created; it keeps data encrypted throughout transit and at-rest, until the data is displayed on another user’s device. No server code (unless specifically granted access) or cloud providers can see user data.
ZeroKit can be integrated into any mobile or web app, and can eliminate server-side hacks and password breaches. View ZeroKit's encryption documentation here
NGINX is a software based reverse proxy, web server, load balancer, SSL termination and media server.
NGINX is distributed with an “open core” model:
- NGINX F/OSS is completely free and open source, with source code freely distributed
- NGINX Plus adds additional features, is fully compiled for multiple platforms, with enterprise-level support
NGINX is featured in Gartner’s Magic Quadrant for Application Delivery Controllers.
NGINX Use Cases:
- Replace legacy hardware load balancers/application delivery controllers (such as F5 Big-IP or Citrix NetScaler).
- NGINX WAF can deliver digital transformation. Moving infrastructure from on premise to Amazon AWS / Microsoft Azure / Google Compute Platform, and refactoring monolithic applications with microservices.
- Load balancing AWS/Azure web applications.
For information on load balancing AWS applications, and a comparison with Amazon ELB, click here.