Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/15/2013
02:57 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Viewfinity Launches Industry-First App Control + Managed Admin Privileges

Viewfinity Application Control automates method for rating, restricting, and classifying unknown applications

WALTHAM, MA and TEL AVIV, Israel, July 15, 2013 – Viewfinity (www.viewfinity.com), the leading provider of next generation application control, today announced the availability of the Viewfinity Application Control solution. This is the industry's only homogeneous software solution that includes application whitelisting, managing trusted sources, forensic analysis, application reputation and monitoring all reinforced with managed administrative privileges, providing a fully manageable solution for thwarting cyber security attacks.

Through interviews and needs assessment interviews, it was clear a solution was needed to minimize the amount of time IT professionals must spend maintaining the whitelist profile. Viewfinity Application Control automates the method for rating, restricting and classifying unknown applications, all while not disturbing end user productivity, due to its greylisting model. The product helps detect advanced persistent threats by monitoring for unauthorized change, and chronicles detailed forensics data in the event of a breach. It integrates with existing Microsoft infrastructures, easily scales, is simple to install and use, and is up-and-running quickly, representing higher IT efficiency and lower TCO.

A recent Gartner report indicates that application control provides operational and security benefits, including but not limited to reducing the number of images to support and improve automation, reducing the number of help desk calls, detects advanced targeted attacks by monitoring for unauthorized change, gathers detailed forensics information in the event of a breach, and more. "Ideally, enterprises would apply both application control and remove administrative rights, but only a few vendors support application control and privilege elevation," according to Gartner. ("How to Successfully Deploy Application Control," Neil MacDonald, January 2013).

"There is great danger if administrative rights are allowed in a whitelisting model: users that retain administrative rights may attempt to bypass or uninstall application control agents, and attackers may target the whitelisting mechanism to get bad code recognized as legitimate," explains Leonid Shtilman, CEO, Viewfinity. "The ideal solution is to remove administrative rights and set up a risk-based application control framework that allows approved applications, yet doesn't block all unknown applications but instead establishes default behavior for managing applications not yet classified. We've extensively beta tested Viewfinity Application Control in several enterprise environments and believe it's the best product on the market for protecting a corporate network infrastructure of any size."

View a Q&A webinar with Leonid Shtilman, Viewfinity CEO, and featured Gartner Analyst Neil MacDonald entitled "Application Control Gains Adoption By Providing Tighter Control Against Advanced Persistent Threats."

How it Works

Viewfinity Application Control effectively minimizes the impact on end user productivity and the amount of time IT must spend managing the whitelist profile. Our automated rating and restricting of unclassified applications proactively secures applications that have not yet been classified, allowing them to run in our greylist mode, which restricts privileges and limits access to resources until automatically rated and classified. Users operate with least privilege rights and if an application explicitly requires admin rights, the software simply elevates privileges for the application, not the user.

In addition, Viewfinity's patent-pending Forensic Analysis feature identifies information related to malicious files and tracks applications being installed and run, and who, when, and from where applications and files are introduced onto corporate endpoints, following the forensic trail from generation to generation. Application origination points are tracked from the source through the network to any removable storage device, as well as through software distributors, Internet downloads, and can be used for reputation scoring and for investigation.

By silently tracking an application's history before any policies are implemented, rules can be applied to pre-existing applications based on information such as installation point of origin, trusted vendor, and other criteria. This data is reported through a centralized console allowing IT to perform application audits, apply policies or review screen recorded video for auditing and forensic purposes for breach investigations.

Viewfinity Application Control is available immediately and lists at $50 per endpoint for a basic 1000-seat installation and $225 per server (volume discounts apply). For details, call 800-455-2010, or send email to [email protected]

About Viewfinity

Viewfinity provides the only solution which offers complete application control features and administrative privilege capabilities to protect against sophisticated zero-day attacks, malware, and advanced persistent threats. Our next generation application control provides everything needed for whitelisting – from trusted sources and updaters to a cloud-based system which can rank unknown applications, reinforced with managed administrative privileges. Applications not yet classified run in a "greylist mode" and are automatically evaluated and assigned to a white/black list. Our patent-pending forensics automatically tracks file origins to enable better investigation of malware incidents. This fortified approach leads to more secure desktop and server environments, enables high operational IT efficiency via a lower TCO model, and maximizes end user productivity. For more information, visit www.viewfinity.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...