Analytics
11/6/2013
08:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

EiQ Networks Offers To Help Organizations Assess Cyber Defense Readiness

Developed to provide organizations a preliminary assessment report of whether security gaps exist in their networks and systems

Acton, Mass., November 6, 2013 – EiQ Networks, a pioneer in simplified security, risk and compliance solutions, today announced the availability of a new offering to help organizations assess their cyber defense readiness. The Cyber Defense Readiness offering was developed to provide organizations a preliminary assessment report of whether security gaps exist in their network and systems.

Increasingly organizations of all sizes are becoming victims of cyber attacks on a daily basis. A majority of breaches go undetected due to the complexities involved in analyzing all security data across IT assets, inadequate security controls, and lack of actionable and timely security intelligence. According to a recent Ponemon study, it takes an average of 80 days for a company to discover a malicious breach and another four months to resolve it. Per Ernest &Young 2013 global information security survey organizations throughout the world continue to struggle to hire enough qualified staff to help ensure adequate cybersecurity. This lack of trained cyber security staff, coupled with antiquated compliance dominated security programs, and technologies, and the fact that it is becoming increasingly easier for hackers to attack corporate networks with new and sophisticated hacker tools, it is no wonder organizations of all sizes are exposed to cyber criminals and attacks. The 2013 Verizon DBIR illustrates that both large and SMB companies are equally prone to a cyber attack.

EiQ's Cyber Defense Readiness offering is based on the three critical pillars of a sound security program. Namely:

• Process: A set of processes and best practices developed and implemented based on industry standards such as SANS 20 Critical Security Controls

• Technology: A set of tools that provide immediate and comprehensive visibility into the "Threat" by utilizing Unified Situational Awareness that removes data silos and connect all the dots

• People: Trained, experienced Information Security professionals that monitor and assess an IT infrastructure 24 x7

By combining all three pillars, EiQ is able to deliver to an independent assessment of an organization's cyber defense readiness in an easy to view report.

"Companies require a holistic view of their security posture, but often times do not have enough qualified security professionals on staff or well-defined best practices based security program in place to help with cyber defenses," said Rob Aragao, vice president, services at EiQ Networks. "This offering provides an independent audit of their cyber defense readiness and it can be accomplished relatively quickly."

You can register for your EiQ Networks Cyber Defense Readiness assessment today at: http://offers.eiqnetworks.com/eiq-networks-cyber-defense-readiness-assessment

This new complimentary offering is part of EiQ Networks commitment to resolve the industry-wide challenges around traditional SIEM and log management acquisition, operational complexities and trained cyber security professional shortages. As such, further announcements will be forthcoming that will address the complexity and management burdens associated with SIEM products.

About EiQ Networks:

EiQ Networks, a pioneer in simplified security and compliance solutions, is transforming how organizations identify threats, mitigate risks and enable compliance. Our solution, SecureVue®, is a unified situational awareness platform that proactively detects incidents, minimizes "false positives" and delivers timely and actionable intelligence by simplifying often-complex interactions between security, risk and compliance. Through a single console, SecureVue provides a unified view of your entire IT infrastructure for proactive security and risk analysis, continuous monitoring, configuration auditing, compliance automation and context relevant search. For more information, visit: http://www.eiqnetworks.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.