24 May The 10 best technologies for information security
Cloud access security agents, micro-segmentation, DevOps tests. And remote browsers, are among the technologies identified by Gartner for information security in 2016.
It has identified the ten most exciting information security technologies and their implications for security organizations this year. The consultant’s analysts have analyzed the industry trends during the Gartner Security & Risk Management Summit 2016 event.
“Information security teams and infrastructures must adapt to support the requirements of emerging digital businesses, while also coping with the increasingly advanced threat landscape,” said Neil MacDonald, vice president, distinguished analyst at Gartner. . “Security and risk leaders must fully engage with the latest technology trends. So they can define, achieve and maintain effective security. And risk management programs that simultaneously enable digital business opportunities and manage risk.”
Taking this situation into account, analysts have identified the Top 10 technologies in terms of information security:
Cloud Access Security Brokers
(CASBs), which provides information security professionals with a critical point of control for the secure and compliant use of cloud services across multiple cloud providers.
Endpoint Detection and Response
(EDR), whose market is rapidly expanding in response to the need for more effective endpoint protection. And the emerging imperative to detect potential breaches and react faster.
Signatureless Approaches to Endpoint Prevention
Noting that signature-based approaches to malware prevention are ineffective against advanced and targeted attacks. Multiple techniques are emerging that augment traditional signature-based approaches. Including memory protection and exploit prevention that prevents the most common ways malware enters systems. And learning-based malware prevention. Automatic using mathematical models as an alternative to signatures for malware identification and blocking.
User and Entity Behavior Analytics
(UEBA), which provides user-centric analytics around user behaviors but also with other entities such as endpoints, networks, and applications, making analytics results more accurate and more effective for threat detection.
Micro-segmentation and Visibility Flow
When attackers have found a foothold in enterprise systems. They can usually move unhindered to other systems, so there is an emerging need for this micro-segmentation to deal with them, and several of the solutions provide visibility and control of communication flows. Visualization tools allow security and operations managers to understand flow patterns, set segmentation policies, and control deviations. In addition, several vendors offer optional encryption of network traffic between workloads to protect data in motion and provide cryptographic isolation between workloads.
Security testing for DevOps
(DevSecOps). For Gartner, security must be an integral part of DevOps – DevSecOps-style workflows. DevSecOps operating models are emerging that use scripts, recipes, and footprints. Templates to drive the subsequent configuration of the security infrastructure – including security policies such as application testing during development or network connectivity at runtime.
Intelligence-led security operations center (SOC) orchestration solutions. These centers go beyond preventive technologies and the perimeter, and event-based monitoring. To meet the challenges of the new “detection and response” paradigm, an intelligence-driven SOC also has to go beyond traditional defenses, with adaptive architecture and context-aware components. To support these required changes in information security programs,
Most attacks start by targeting end users with malware delivered via email, URLs, or malicious websites. A new approach to address this risk is to remotely present the browser session from a “browser server” (typically Linux-based) running on-premises or delivered as a cloud-based service. By isolating the scanning function from the rest of the endpoint. In the corporate network, malware is kept off the end user’s system. And the company significantly reduces the attack surface by shifting the risk of attack to server sessions.
These technologies are emerging across networks, applications, endpoints, and data, with the best systems combining multiple techniques. By 2018, Gartner predicts that 10 percent of organizations will use deception tools and tactics. And actively engage in deception operations against attackers.
General Trust Services
As enterprise security departments are required to extend their protection capabilities to operational technology and the Internet of Things, new security models must emerge to deliver and manage trust at scale. Other security services are designed to scale and support the needs of billions of devices, many with limited processing power. Organizations seeking greater scale, distributed trust, or consensus-based services should focus on trust services that include secure provisioning, data integrity, confidentiality, identity, and device authentication.
You may also be interested in The best technology we expect in 2022