Technology Security Solution Partnerships
Partner Security Solutions Categories.
ABOUT: This is a technology that inspect incoming and outgoing email from your email provider to identify spam, malware and URL based threats, and phishing campaigns from reaching users and preventing further damage even if the user has received malicious emails.
Proofpoint (Cloud or On-Premise)
ABOUT: Agent-based solutions that provide combined malware protection and endpoint response and detection capabilities to prevent the infection and lateral spread of malicious activity as well as incident response capabilities such as endpoint isolation and remote investigation capabilities.
Palo Alto (Cloud)
FILE AND DATABASE ENCRYPTION
ABOUT: These solutions allow for more granular/targeted encryption of structure and unstructured data such as a specific document, folder, or database tables and fields. This is beyond the capabilities of whole disk encryption solutions and allows for advanced access control to the encrypted data.
FILE INTEGRITY MONITORING (FIM)
ABOUT: A FIM solution watches for changes to sensitive or business critical files or code base and provides alerts on change activity to be investigated. This is a requirement for PCI DSS.
MULTIFACTOR AUTHENTICATION AND ACCESS (MFA)
ABOUT: The purpose is to enhance security of authentication across multiple applications by requiring additional factors from the user for successful authentication.
Cisco/Duo Security (Cloud)
NETWORK MICRO-SEGMENTATION AND ASSET DISCOVERY
ABOUT: These solutions proactively identify assets on your network and allow for the granular implementation of segmentation via software agents. This eliminates the need to upgrade firewall hardware and software and allows for simpler network segmentation that will not require the re IP of deployed systems and devices.
NEXT GENERATION FIREWALLS
ABOUT: Next gen firewalls enhance border security by allowing for more granular control of traffic between networking segments. This is accomplished by identifying which applications and users are accessing resources through the firewall and allowing for granular policy to be applied based on applications and users vs. the traditional port and protocol of legacy firewalls. Next gen firewalls also include Intrusion Detection and Prevention, URL Filtering, advanced malware sandboxing and behavior analytics, as well as packet capturing.
Palo Alto (On Premise and Cloud)
Sophos (On Premise)
PRIVILEGED ACCOUNT MANAGEMENT(PAM)
ABOUT: A PAM solution manages identified privilege account passwords by rotating passwords, forcing check-in and check outs of credentials, and auditing access using administrative accounts. Additionally, they may provide remote access capabilities similar to remote desktop and session recording which can be especially useful for monitoring access from contractors or third parties.
Cyber-Ark (On Premise)
SECURE DEVOPS TRAINING
ABOUT: Training for developers should always include how to securely code applications that are resilient to the common attack techniques hackers utilize.
Security Innovation (Cloud)
SENSITIVE DATA RECOVERY AND MANAGEMENT
ABOUT: These solutions help identify the locations of sensitive data within on premise and cloud-based systems and databases and track movement of the data by tagging and alerting on data security policy violations. Additional capabilities allow for the remediation of the violations through several mechanisms including encryption, redaction, and quarantine.
Spirion (On Premise)
SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
ABOUT: These solutions collect system and appliance logs from multiple sources for central query capabilities and storage. Advanced security analytics are applied to the collected logs to identify the presence of unwanted behaviors or threats on the systems or network.
AlertLogic (Cloud, managed service)
Splunk (Cloud and On Premise, unmanaged)
SINGLE SIGN-ON AND FEDERATION
ABOUT: These solutions provide single sign on capabilities between unrelated applications and systems via an authentication proxy. This is typically achieved by a central authentication gateway which then provides access tokens to allowed applications.
THIRD PARTY VENDOR MANAGEMENT AND SCORING
ABOUT: The purpose of the solution is to provide an external view of the threat and security posture of a company. Typically, these types of tools are used as a part of a 3rd party vendor management program but are also utilized for self-assessments. The posture of the target to be managed and scored is tracked over time and the specific reductions and improvements in the target posture are tracked and detailed.
ABOUT: Widely utilized virtualization software to quickly deploy and scale secure systems and applications for on premise and cloud environments.
VMWare (Cloud and On Premise)
VULNERABILITY SCANNING AND MANAGEMENT
ABOUT: The purpose is to scan external and internal assets for the presence of known vulnerabilities. This is essential for any vulnerability management and patching program to identify and track vulnerabilities and which system are patched in between scans. Also includes the ability to perform automated web application scanning.
Tenable Nessus (Cloud and On Premise)
Qualys (Cloud and On Premise)
WEB APPLICATION FIREWALLS
ABOUT: A WAF is a purpose-built solution that protects against web based attacks such as SQL Injection, cross-site scripting, illegal resource access requests, and backdoors that hackers typically utilize to breach systems, introduce malware, and exfiltrate data. Additionally, WAFs may provide DDOS protection, load balancing, and content distribution management capabilities (CDM).
Imperva(Cloud and On Premise)
HALOCK, a trusted cyber security consulting firm headquartered in Schaumburg, IL, near Chicago, advises clients on reasonable information security strategies, risk assessments, third-party risk management (TPRM), penetration testing, security management, architecture reviews, and HIPAA, Privacy, & PCI compliance throughout the US.