Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

9/10/2014
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ControlScan Brings UTM to the SMB

Managed security services, Unified Threat Management technology combine to relieve IT security burden

ATLANTA, Sept. 10, 2014 -  ControlScan announces the general availability of its newest cloud-based managed security service, designed to help small and mid-sized businesses (SMBs) cost-effectively protect their IT networks from the continuous barrage of attacks by malware, trojans and viruses. The ControlScan ProTect Unified Threat Management (UTM) service delivers layered security that combines the company’s deep expertise and high-touch support with the exceptional protection of a UTM security appliance with firewall; advanced intrusion detection and prevention; anti-virus, anti-spam and anti-malware; content filtering and VPN capabilities.  

 “IT security is a complex undertaking for any size business, but the related time, mindshare and financial investment can place a tremendous burden on the SMB,” said Jyothish Varma, senior director of security product strategy, ControlScan. “SMBs are required to maintain the same level of data security as a larger corporation, yet with fewer resources and a smaller IT staff. Managing security on their own, including meeting government regulations and industry standards, is a big headache.” 

“Information security is one of many operational components within our franchising business,” said Marcos Cano, network engineer at South Bend, Ind. based HMR Acquisition. “Entrusting that component to the security and compliance experts at ControlScan helps us focus on what’s core to our business and at the same time, maintain a strong security posture.” 

Unlike many other UTM providers, ControlScan does not simply deliver a device and walk away. Following the Managed Security Service Provider (MSSP) model, the experts at ControlScan engage with existing IT staff to serve as a single, reliable security resource and trusted advisor. The company ensures that its UTM solution is fully and accurately implemented and then follows through by offering continuous network monitoring and security support.

“Working with ControlScan gives us a dedicated IT security team and enterprise-class security, without the expenses and operating costs associated with hiring additional full-time staff and purchasing costly, complex equipment,” Cano said.

ControlScan manages its ProTect Unified Threat Management service through a centralized platform in the cloud, enabling scalability from small branches to large networks. The solution is currently in use with a variety of SMBs, including multi-location businesses. For more information, visit ControlScan.com or call 800-825-3301.
###
                                                                  
About ControlScan                                           
Headquartered in Atlanta, ControlScan delivers integrated security and compliance solutions that help small and mid-sized businesses secure sensitive data and comply with information security and privacy standards. We support business owners, franchisees and merchant service providers with technology, services and expertise for PCI DSS, HIPAA and EI3PA compliance; vulnerability detection and risk mitigation; POS, e-commerce and mobile security; and more. For more information, please visit www.ControlScan.com or call 800-825-3301.
                                         
Please click here to immediately access the full release on ControlScan.com: https://www.controlscan.com/press-releases.php?releaseid=

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Human Nature vs. AI: A False Dichotomy?
John McClurg, Sr. VP & CISO, BlackBerry,  11/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3350
PUBLISHED: 2019-11-19
masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
CVE-2011-3352
PUBLISHED: 2019-11-19
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context ...
CVE-2011-3349
PUBLISHED: 2019-11-19
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
CVE-2019-10080
PUBLISHED: 2019-11-19
The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI ...
CVE-2019-10083
PUBLISHED: 2019-11-19
When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to.