Risk
7/15/2013
02:57 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Viewfinity Launches Industry-First App Control + Managed Admin Privileges

Viewfinity Application Control automates method for rating, restricting, and classifying unknown applications

WALTHAM, MA and TEL AVIV, Israel, July 15, 2013 – Viewfinity (www.viewfinity.com), the leading provider of next generation application control, today announced the availability of the Viewfinity Application Control solution. This is the industry's only homogeneous software solution that includes application whitelisting, managing trusted sources, forensic analysis, application reputation and monitoring all reinforced with managed administrative privileges, providing a fully manageable solution for thwarting cyber security attacks.

Through interviews and needs assessment interviews, it was clear a solution was needed to minimize the amount of time IT professionals must spend maintaining the whitelist profile. Viewfinity Application Control automates the method for rating, restricting and classifying unknown applications, all while not disturbing end user productivity, due to its greylisting model. The product helps detect advanced persistent threats by monitoring for unauthorized change, and chronicles detailed forensics data in the event of a breach. It integrates with existing Microsoft infrastructures, easily scales, is simple to install and use, and is up-and-running quickly, representing higher IT efficiency and lower TCO.

A recent Gartner report indicates that application control provides operational and security benefits, including but not limited to reducing the number of images to support and improve automation, reducing the number of help desk calls, detects advanced targeted attacks by monitoring for unauthorized change, gathers detailed forensics information in the event of a breach, and more. "Ideally, enterprises would apply both application control and remove administrative rights, but only a few vendors support application control and privilege elevation," according to Gartner. ("How to Successfully Deploy Application Control," Neil MacDonald, January 2013).

"There is great danger if administrative rights are allowed in a whitelisting model: users that retain administrative rights may attempt to bypass or uninstall application control agents, and attackers may target the whitelisting mechanism to get bad code recognized as legitimate," explains Leonid Shtilman, CEO, Viewfinity. "The ideal solution is to remove administrative rights and set up a risk-based application control framework that allows approved applications, yet doesn't block all unknown applications but instead establishes default behavior for managing applications not yet classified. We've extensively beta tested Viewfinity Application Control in several enterprise environments and believe it's the best product on the market for protecting a corporate network infrastructure of any size."

View a Q&A webinar with Leonid Shtilman, Viewfinity CEO, and featured Gartner Analyst Neil MacDonald entitled "Application Control Gains Adoption By Providing Tighter Control Against Advanced Persistent Threats."

How it Works

Viewfinity Application Control effectively minimizes the impact on end user productivity and the amount of time IT must spend managing the whitelist profile. Our automated rating and restricting of unclassified applications proactively secures applications that have not yet been classified, allowing them to run in our greylist mode, which restricts privileges and limits access to resources until automatically rated and classified. Users operate with least privilege rights and if an application explicitly requires admin rights, the software simply elevates privileges for the application, not the user.

In addition, Viewfinity's patent-pending Forensic Analysis feature identifies information related to malicious files and tracks applications being installed and run, and who, when, and from where applications and files are introduced onto corporate endpoints, following the forensic trail from generation to generation. Application origination points are tracked from the source through the network to any removable storage device, as well as through software distributors, Internet downloads, and can be used for reputation scoring and for investigation.

By silently tracking an application's history before any policies are implemented, rules can be applied to pre-existing applications based on information such as installation point of origin, trusted vendor, and other criteria. This data is reported through a centralized console allowing IT to perform application audits, apply policies or review screen recorded video for auditing and forensic purposes for breach investigations.

Viewfinity Application Control is available immediately and lists at $50 per endpoint for a basic 1000-seat installation and $225 per server (volume discounts apply). For details, call 800-455-2010, or send email to info@viewfinity.com.

About Viewfinity

Viewfinity provides the only solution which offers complete application control features and administrative privilege capabilities to protect against sophisticated zero-day attacks, malware, and advanced persistent threats. Our next generation application control provides everything needed for whitelisting – from trusted sources and updaters to a cloud-based system which can rank unknown applications, reinforced with managed administrative privileges. Applications not yet classified run in a "greylist mode" and are automatically evaluated and assigned to a white/black list. Our patent-pending forensics automatically tracks file origins to enable better investigation of malware incidents. This fortified approach leads to more secure desktop and server environments, enables high operational IT efficiency via a lower TCO model, and maximizes end user productivity. For more information, visit www.viewfinity.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1421
Published: 2014-11-25
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.

CVE-2014-3605
Published: 2014-11-25
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6407. Reason: This candidate is a reservation duplicate of CVE-2014-6407. Notes: All CVE users should reference CVE-2014-6407 instead of this candidate. All references and descriptions in this candidate have been removed to pre...

CVE-2014-6093
Published: 2014-11-25
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-6196
Published: 2014-11-25
Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory (WEF) 6.1.5 through 8.5.0.1, as used in WebSphere Dashboard Framework (WDF) and Lotus Widget Factory (LWF), allows remote attackers to inject arbitrary web script or HTML by leveraging a Dojo builder error in an unspecified WebSp...

CVE-2014-7247
Published: 2014-11-25
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?