Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

5/22/2007
06:29 AM
50%
50%

Promisec Offers Free Audit

Promisec intros a service for VARs, allowing security product resellers to provide customers with insight into their security condition

NEW YORK -- PromisecT Ltd, a technology leader in endpoint security management with the industry's first agentless monitoring and remediation solution that supports layered internal security management, today announced a new security audit service for VARs, allowing security product resellers to provide prospective customers with insight into their security condition. The service provides reporting on how employees are complying with corporate security policies and identifies endpoint threats of all kinds, from unauthorized applications and USB device connections to rogue processes, services and missing third-party security applications and Microsoft service packs.

The service, normally priced at more than $10,000 for an onsite security audit, is being offered free of charge to give channel partners a competitive advantage in the highly competitive IT security market. The audit service is another example of Promisec's commitment to helping VARs attain greater traction in the IT security space. In about an hour, channel partners can generate a detailed report that shows where organizations are most vulnerable to help determine how to secure the internal network. Promisec's audit is not limited to basic checks but provides comprehensive visibility to hidden threats that can go unnoticed indefinitely. Some hidden threats that have been found in networks we have audited include:

- Unknown Network Shares (shared folders)
- Simultaneous (dual) Wireless connectivity inside a LAN
- Stealth Applications leaking information to external parties
- Keyloggers and Trojans silently transmitting confidential data
- Bypassed Group Policies and proxy servers.

According to industry research firm, Infonetics, demand for endpoint security solutions will grow to $3.9 billion by 2008, up from just $323 million in 2005, a 1101 percent increase. Recent CSI and FBI reports indicate that most security issues originate inside the network. With new regulations in place, company officers can now be held personally responsible for breaches of security. Infractions such as unauthorized storage of sexually explicit material on corporate servers can create problems that are just as serious as the latest worm or Trojan horse. But companies cannot resolve vulnerabilities and tighten security policies if they do not know which endpoint threats exist on their networks.

"Our channel partners can now offer customers a comprehensive level of insight into their network security so organizations can eliminate significant threats before they become security breaches," said Ari Tammam, vice president of channel marketing for Promisec.

Promisec Ltd.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13485
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
CVE-2020-13486
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
CVE-2020-13482
PUBLISHED: 2020-05-25
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
CVE-2020-13458
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
CVE-2020-13459
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.