Risk
7/15/2013
02:57 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Viewfinity Launches Industry-First App Control + Managed Admin Privileges

Viewfinity Application Control automates method for rating, restricting, and classifying unknown applications

WALTHAM, MA and TEL AVIV, Israel, July 15, 2013 – Viewfinity (www.viewfinity.com), the leading provider of next generation application control, today announced the availability of the Viewfinity Application Control solution. This is the industry's only homogeneous software solution that includes application whitelisting, managing trusted sources, forensic analysis, application reputation and monitoring all reinforced with managed administrative privileges, providing a fully manageable solution for thwarting cyber security attacks.

Through interviews and needs assessment interviews, it was clear a solution was needed to minimize the amount of time IT professionals must spend maintaining the whitelist profile. Viewfinity Application Control automates the method for rating, restricting and classifying unknown applications, all while not disturbing end user productivity, due to its greylisting model. The product helps detect advanced persistent threats by monitoring for unauthorized change, and chronicles detailed forensics data in the event of a breach. It integrates with existing Microsoft infrastructures, easily scales, is simple to install and use, and is up-and-running quickly, representing higher IT efficiency and lower TCO.

A recent Gartner report indicates that application control provides operational and security benefits, including but not limited to reducing the number of images to support and improve automation, reducing the number of help desk calls, detects advanced targeted attacks by monitoring for unauthorized change, gathers detailed forensics information in the event of a breach, and more. "Ideally, enterprises would apply both application control and remove administrative rights, but only a few vendors support application control and privilege elevation," according to Gartner. ("How to Successfully Deploy Application Control," Neil MacDonald, January 2013).

"There is great danger if administrative rights are allowed in a whitelisting model: users that retain administrative rights may attempt to bypass or uninstall application control agents, and attackers may target the whitelisting mechanism to get bad code recognized as legitimate," explains Leonid Shtilman, CEO, Viewfinity. "The ideal solution is to remove administrative rights and set up a risk-based application control framework that allows approved applications, yet doesn't block all unknown applications but instead establishes default behavior for managing applications not yet classified. We've extensively beta tested Viewfinity Application Control in several enterprise environments and believe it's the best product on the market for protecting a corporate network infrastructure of any size."

View a Q&A webinar with Leonid Shtilman, Viewfinity CEO, and featured Gartner Analyst Neil MacDonald entitled "Application Control Gains Adoption By Providing Tighter Control Against Advanced Persistent Threats."

How it Works

Viewfinity Application Control effectively minimizes the impact on end user productivity and the amount of time IT must spend managing the whitelist profile. Our automated rating and restricting of unclassified applications proactively secures applications that have not yet been classified, allowing them to run in our greylist mode, which restricts privileges and limits access to resources until automatically rated and classified. Users operate with least privilege rights and if an application explicitly requires admin rights, the software simply elevates privileges for the application, not the user.

In addition, Viewfinity's patent-pending Forensic Analysis feature identifies information related to malicious files and tracks applications being installed and run, and who, when, and from where applications and files are introduced onto corporate endpoints, following the forensic trail from generation to generation. Application origination points are tracked from the source through the network to any removable storage device, as well as through software distributors, Internet downloads, and can be used for reputation scoring and for investigation.

By silently tracking an application's history before any policies are implemented, rules can be applied to pre-existing applications based on information such as installation point of origin, trusted vendor, and other criteria. This data is reported through a centralized console allowing IT to perform application audits, apply policies or review screen recorded video for auditing and forensic purposes for breach investigations.

Viewfinity Application Control is available immediately and lists at $50 per endpoint for a basic 1000-seat installation and $225 per server (volume discounts apply). For details, call 800-455-2010, or send email to info@viewfinity.com.

About Viewfinity

Viewfinity provides the only solution which offers complete application control features and administrative privilege capabilities to protect against sophisticated zero-day attacks, malware, and advanced persistent threats. Our next generation application control provides everything needed for whitelisting – from trusted sources and updaters to a cloud-based system which can rank unknown applications, reinforced with managed administrative privileges. Applications not yet classified run in a "greylist mode" and are automatically evaluated and assigned to a white/black list. Our patent-pending forensics automatically tracks file origins to enable better investigation of malware incidents. This fortified approach leads to more secure desktop and server environments, enables high operational IT efficiency via a lower TCO model, and maximizes end user productivity. For more information, visit www.viewfinity.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0619
Published: 2014-10-23
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.

CVE-2014-2230
Published: 2014-10-23
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php.

CVE-2014-7281
Published: 2014-10-23
Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot.

CVE-2014-7292
Published: 2014-10-23
Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 (2.1.8102.813), 2.2 (2.2.8279.16125), and 2.3 (2.3.9074.18820) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to ct.ashx.

CVE-2014-8071
Published: 2014-10-23
Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1, or (4) address2 parameter to registrationapp/registerPatient.page; the (5) comment parameter to all...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.