Blogs

    Publish
     
      • Integrations, Integrations, Integrations…

        Jul 20 2017, 7:12 PM

        by peter_doggart 3

        In June 2017, we officially announced the new Symantec Technology Integration Partner Program (#TIPP), bringing together the Blue Coat and Symantec worlds and creating the largest and broadest technology partner eco-system in cyber security.

        In this blog, I wanted to share what this means for our customers as well as our technology partners and showcase a new tool we call the Integration Cyber Defense Map  - Download the Map 

        Defending ourselves from cyber threats is hard. If you look at a typical enterprise, they will have acquired around 30-60 security vendors over the years, but unfortunately maybe only half of those would have been deployed. Why? Cyber-security requires discipline, a long-term viewpoint and for all these systems to work together to make operational sense. And that simply hasn’t happened. It’s a shame that many of these systems are just left on the shelf and not fully utilized.

        One can argue whether deploying 10 vendors is better than 60, but in any case, it is critical that cyber security systems be able to share data and context about what they know, what has been blocked and why, what they have detected as suspicious and so on. The Symantec Integration Cyber Defense Platform together with TIPP sets up this framework

        To help our customers understand how the Integrated Cyber Defense platform can help, we have created an interactive map of all internal and external partner technology integrations.

                                                                       

        This showcases many hundreds of integrations across our entire product portfolio and how they map to our own 24 product areas as well as our 23 partner solution categories and our 100+ TIPP partners.

        If you are a Symantec End Point or ProxySG customer, simply mouse-over that product to see all the current active partner solutions and then drill down to learn more. Alternatively, if you have deployed deception technologies, another EDR solution, simply mouse-over and find quickly which Symantec products work together. Access the Map Here.

        We have a very strong pipeline of additional integrations for 2017 so this map will be updated frequently.

        For our technology partners, we have also worked hard to make this the best program in the industry, with access to a rich set of APIs’, product support, demo licensing for engineering and certification, documentation as well as access to our community portal; Symantec Connect, with direct access to over 700,000 users.

        Any customers and partners wanting to learn more about TIPP, click here. https://www.symantec.com/partners/programs/technology-integration-partners

        • Endpoint Protection Small Business Edition
        • PacketShaper
        • Endpoint Encryption
        • Managing Mobility
        • Endpoint Virtualization Suite
        • Endpoint Virtualization
        • Content & Malware Analysis
        • Symantec Website Security
        • Cloud Workload Protection
        • IT Management Suite Documentation
        • Web Security.cloud
        • Symantec Security Information Manager
        • Network Access Control
        • Network Forensics & Security Analytics
        • Protection Engine for Network Attached Storage
        • Cyber Security Exercise
        • Advanced Threat Protection
        • Endpoint Detection and Response (EDR)
        • Symantec Mobility Device Management
        • Virtual Secure Web Gateway
        • Endpoint Protection Cloud
        • Data Loss Prevention and CASB - Symantec DLP Cloud and Symantec CloudSOC
        • Cloud-Delivered Web Security Services
        • Web Application Firewall & Reverse Proxy
        • Command Line
        • WebFilter Intelligence Services
        • Protection Suite Enterprise Edition
        • Protection for SharePoint Servers
        • CacheFlow
        • Control Compliance Suite
        • DeepSight™ Technical Intelligence
        • Symantec Mobility Suite
        • Data Center Security
        • Email Security.cloud
        • Data Loss Prevention
        • Data Loss Prevention Cloud Service for Email
        • Messaging Gateway
        • Advanced Threat Protection for Email
        • Management Center
        • Endpoint Management
        • Symantec Mobility Threat Protection
        • Encrypted Traffic Management
        • Client Management Suite
        • Symantec Protection Suites (SPS)
        • Partners
        • Endpoint Suite
        • CloudSOC CASB Gateway
        • Protection Engine for Cloud Services
        • Web Gateway
        • Products
        • Authentic Document IDs for Brew
        • Certificate Lifecycle Platform
        • Endpoint Protection
        • Symantec Mobility Application Management
        • Embedded Security Critical System Protection
      • Most Dangerous Web Application Security Risks

        Sep 02 2015, 4:01 AM

        by Sathya Narayanan Balakrishnan 1

        As everybody know the top 10 dangerous web app security risks:

        1. Injection flaws
        2. Cross - site scripting
        3. broken authentication and session management
        4. insecure direct object reference
        5. cross site request forgery
        6. security misconfiguration
        7. insecure cryptographic storage
        8. failure to restrict URL access
        9. insufficient transport layer protection
        10. Invalidated redirects and forwards

        Being an new techie to Symantec and Symantec products, may I know what are Symantec's contributions, updates for these security risks?

        May I also ask everyone to kindly share an example of an incident which you may came across in the past, where one of these security risks wasn't detected which ended up in major chaos.

        Many thanks

        Best regards

        Sathya Balakrishnan

        Information Security Response Analyst

        Symantec  Norton.png

        • Symantec Security Information Manager
        • Voice of the Customer
        • Endpoint Encryption
        • DigiCert Code Signing
        • Security Community Blog
        • Web Gateway
        • Products
        • 12.x
        • Malware Scan
        • Vulnerability Assessment
        • Symantec Website Security
        • DigiCert SSL TLS Certificates
        • Endpoint Protection
        • Web Security.cloud
      • Symantec SSL Certificates Now offer a FREE SAN for Base Domain Names.

        Mar 31 2015, 4:43 PM

        by The SSL Store™ 1

        The world’s most trusted online security brand Symantec has just announced that they will now secure www & non-www domain names with single SSL certificate & it will be considered the same FQDN! This is big news for us and all of our partners and customers.

        Symantec-Free-San

        Finally, all Symantec SSL certificates will now consider the base domain as a free SAN or Subject Alternative Name, which simply means you can secure both versions of your website, www.name-of-site.com and name-of-site.com with single Symantec SSL Certificate. This is any easy thing that will reduce your cost and time to manage multiple certificates for one website.

        As the world’s leading brand, Symantec is always thinking about their partners and customers’ well-being and implementing new features like this to provide the best web security solutions on the planet. Symantec SSL certificates secure the majority of websites in the world and boasts the strongest encryption, unparalleled brand recognition, free Norton secured seal, which is just icing on the cake if you ask me.

        Here are the 3 use case for Symantec SSL certificates:

        • When you enroll with Common Name as www.name-of-site.com , Symantec SSL now automatically secures and adds the non-www version of the same domain (name-of-site.com) as a SAN for free.
        • When you enroll the Common Name as name-of-site.com, Symantec will automatically add www.name-of-site.com as a free SAN.
        • For a wildcard certificate: When the enrolled Common Name is *.name-of-site.com, Symantec will automatically add name-of-site.com as a free SAN.

        Details/Examples:
        1) When the Common Name is www.name-of-site.com

        Symantec SSL will add the common name’s base domain as a SAN value for all certificates where the common name begins with “www” and does not contain sub-domains.

        –  It’s free and it does not count as part of the max # of allowed SAN
        –  Of course, it will only be added if TLD is valid.

        TLD Domain Types Example of Domain Names Add base domain as a SAN value?
        1-­‐level TLD (such as a gTLD) www.domain.com Yes –add domain.com
        1-­‐level TLD (such as a gTLD) www.subdomain.domain.com No
        2-­‐level TLD(such as a ccTLD) www.domain.co.uk Yes – add domain.co.uk
        2-­‐level TLD(such as a ccTLD) www.subdomain.domain.co.uk No
        Internal host/IP server.local No

        2) When Common Name is domain.com

        Symantec SSL certificates automatically add “www” to the common name’s domain as a SAN value for all certificates where the common name is a simple domain name without any sub-domains.

        –  It’s free and it does not count as part of the max # of allowed SAN
        –  Of course, it will only be added if TLD is valid.

        TLD Domain Types Example of Domain Names Add base domain as a SAN value?
        1-­‐level TLD (such as a gTLD) domain.com Yes –add www.domain.com
        1-­‐level TLD (such as a gTLD) www.subdomain.domain.com No
        2-­‐level TLD(such as a ccTLD) domain.co.uk Yes – add www.domain.co.uk
        2-­‐level TLD(such as a ccTLD) www.subdomain.domain.co.uk No
        Internal host/IP server.local No

        3) When Common Name is *.domain.com (Wildcard SSL)

        Symantec SSL Certificate automatically add the common name’s base domain as a SAN value for all certificates where the common name is wildcard and does not contain sub-domains.

        –  It’s free and it does not count as part of the max # of allowed SAN
        –  Of course, it will only be added if TLD is valid.

        TLD Domain Types Example of Domain Names Add base domain as a SAN value?
        1-­‐level TLD (such as a gTLD) *.domain.com Yes –add domain.com
        1-­‐level TLD (such as a gTLD) *.subdomain.domain.com No
        2-­‐level TLD(such as a ccTLD) *.domain.co.uk Yes – add domain.co.uk
        2-­‐level TLD(such as a ccTLD) *.subdomain.domain.co.uk No
        Internal host/IP *.server.local No

        The following SSL products of Symantec are enhanced from this change:

        Symantec Thawte GeoTrust
        Secure Site Pro with EV SSL Web Server with EV True BusinessID with EV
        Secure Site with EV SGC Supercerts True BusinessID
        Secure Site Pro SSL Web Server ———-
        Secure Site Wildcard SSL Web Server Wildcard True BusinessID Wildcard
        Secure Site SSL SSL123 (DV But Allow) ———-

        *GeoTrust already offers domain.com as a free SAN when the common name is www.domain.com, but will now also add www.domain.com as a free SAN when the common name is domain.com.

        • Products
        • Voice of the Customer
        • Symantec Website Security
        • DigiCert Code Signing
        • About Symantec SSL Symantec Web Security
        • Web Security.cloud
        • Security Community Blog
      • Bridging the Gap between IT and the Business with Next Generation Cloud Security

        Mar 18 2015, 11:16 AM

        by Mike Smart 0

        To those of us that have been brought up in the world of IT, there is nothing scarier than users and lines of business choosing and deploying their own IT.  We’ve labeled it ‘Shadow IT’ because it’s technology that is used in the dark, without the knowledge of the IT Department.

        But actually, to the user or the line of business, it’s just innovation. The typically risk-averse IT departments are all about mitigating risk; after all we’ve deployed Anti-Virus, Intrusion Prevention technologies to mitigate the risk of viruses and intrusions. This attitude of preventing risk is making us unpopular and irrelevant to the business, and this is why they often choose to bypass the IT procurement process.

        The fact is, users are more mobile than ever, and are comfortable taking corporate data and storing it on mobile devices or cloud storage applications all in the name of innovation and increased productivity.  Perhaps those of us in IT should find a way to embrace this and at the same time protect the business without imposing impractical policies and process.

        To help you bridge the gap, and allow users and the business to adopt flexible working practices that drive innovation through the adoption of mobility, cloud based systems and infrastructure, Symantec has released Identity: Access Manager.  Symantec™ Identity: Access Manager is a next generation access control platform that offers users and administrators control, convenience, and compliance for cloud-based applications.

        Access manager starts by using Symantec Validation and ID Protection (VIP) and Symantec Managed PKI to bring integrated single sign-on (SSO) and strong authentication to mobile devices. With Access Manager, users can login one-time using a password, PIN, or even a fingerprint to safely access all of their cloud apps and information. This helps secure mobile devices by eliminating bad password practices and gives your users fast, easy access to the resources they need.

        Also, Access Manager provides flexible, easy-to-create connectors and unified identity and context-based access control for virtually any cloud app or service, which means you can enforce your security and compliance policies, log your activities to stay compliant, and ultimately turn those rogue apps into legitimate productivity tools.

        Access Manager is every bit as flexible as it is powerful. You can choose to deploy it on-premise or in the cloud, depending on the needs of your organization. And because Access Manager integrates seamlessly with your existing infrastructure, it reduces complexity by providing a convenient central point for managing all of your different user directories.

        In summary, there are five good reasons to try Symantec Identity: Access Manager in your environment:

        • Ensures control, convenience, and compliance for public and private cloud applications
        • Enhances security with strong authentication and identity/context-based access control
        • Streamlines compliance auditing by consolidating access logs for protected users and applications
        • Boosts users’ productivity with Single Sign-On – one password grants access to all apps
        • Offers flexible deployment options, choose from on-premise or hosted service

        If you want to find out more, visit our home page here:

        • cloud security
        • Security Community Blog
        • User Authentication
        • Web Gateway
        • Products
        • Symantec Enterprise Security
        • Thought Leadership
        • Identity Access Manager
        • Device Certificate Service
        • Identity and Authentication Services
        • Digital IDs for Secure Email
        • Data Loss Prevention
        • VIP (Validation ID Protection)
        • Web Security.cloud
        • Managed PKI for SSL
      • Let’ not Talk About PHI for a Moment, let’s Talk about Intellectual Property

        Aug 30 2014, 3:03 PM

        by Axel Wirth 0

        Why this post?

        Over the past few months we have seen a number of reports on breaches of healthcare organizations and medical device manufacturers where the suspected or documented target was intellectual property data related to medical devices.  Some of these recent cases have received wide press coverage.

        As a result, the FBI has issued a warning to US healthcare companies that they may be the target of further cyberattacks (FBI warns healthcare firms they are targeted by hackers). The document indicated that several companies in the sector had been targeted and intellectual property, rather than personal data or PHI, may be the main target of the attacks.

        "These actors have also been seen targeting multiple companies in the healthcare and medical device industry typically targeting valuable intellectual property, such as medical device and equipment development data" (FBI)

        It is suspected that nation states and/or well-organized cybercrime organizations are behind these highly sophisticated and well-executed attacks. This is in line with a trend cybersecurity experts have been observing for a number of years – the trend towards politically and financially motivated attacks executed with unprecedented degree of stealth, determination, and precision.

        In other words, cybersecurity is not what it used to be. Not by a long shot.

        What it means for the Healthcare Industry

        The healthcare industry has traditionally underinvested in security, yet at the same time we have seen breaches and attacks increase. Hackers focus on healthcare institutions because they are perceived as the easier target compared to other industries. We have seen focus on patient demographic information (i.e. identities), personal identifiers (social security, insurance, or medical record numbers), and medical data (PHI).

        We have seen data being stolen for the purpose of financial or medical identity theft, insurance fraud, sale of information on the underground marketplace, blackmailing of patients, financial gain, and ransoming of healthcare providers. And now we can add to that list corporate espionage and intellectual property theft.

        The recent attacks and breaches highlight the risk of companies in the medial device, biotech, and pharmaceutical industries, as well as their medical research and clinical trial partners – i.e. the hospitals and clinicians they are cooperating with. This does move the discussion to another, higher and very concerning level.

        The security industry has, for the past years, developed the concept of “Defense in Depth” … meaning that security as a point solution is no longer good enough. Not only do we need security across all layers, those security layers need to be integrated to allow reliable detection, coordinated defense, and efficient response.

        As cyber criminals are getting better, we need to up our game, too. Unfortunately, the bad guys need to be right only once, we need to be right every time. Hence, we have developed concepts of layered security, defense in depth, edge to endpoint, and lastly the importance of selecting the right security partner.

        Symantec can help you to protect your infrastructure and information on all levels through:

        • Endpoint Security: Symantec Endpoint Protection, Mobile Security Solutions, and specific solutions for mission critical systems (e.g. servers hosting clinical research and other intellectual property data) or difficult to protect and patch systems (e.g. COTS-based medical devices).
        • Data Loss Prevention: to understand data location, data access and usage so to allow for the appropriate protection of such data.
        • Encryption: to protect critical information on endpoints, fileshares, in email, or data being transmitted.
        • Altiris IT Infrastructure Management: to discover IT assets, assess IT compliance, identify vulnerable systems, and manage configuration, patching, and upgrades.
        • Validation and ID Protection Services: to enable strong (two factor) authentication and reduce the risk external access channels being exploited.
        • Symantec Web Gateway: Backed by Symantec Global Intelligence Network, it provides multiple layers of malware protection and URL filtering, securing web access and detecting malware related traffic.
        • Symantec Mail Gateway or Hosted Email Services: to block email-based malware or spam and reduce the risk of phishing attacks.
        • Security advisory, implementation, assessment and consultancy services.
        • Security Education: to make sure your employees understands today’s security threats and their obligation to prevent e.g. spear-phishing attacks.
        • Managed Security Services: Defend against today’s sophisticated cyber threats, accelerate detection, and optimize response to relevant security events.

        Large breaches can be costly and result in fines, remediation costs, class action lawsuits, loss of reputation and trust, and can affect your business and market opportunity if intellectual property is affected.

        As a security professional, that makes me wonder if not paying attention to what is happening in cybersecurity today, not understanding the changing threat landscape, and not being prepared for modern threats could be considered 'willful neglect'?

        Conclusion:

        Traditionally, lost or stolen equipment (laptops, thumb drives, backup tapes) were the biggest breach risk in healthcare, and looking at some of the breach statistics, we are still struggling to prevent. Yet, in reality, the bad guys are stepping up their game rapidly and healthcare is now in the crosshair, leading to a growing gap between threats and the industry's security capabilities.

        The paradigm is shifting and we need to be ready to deal with these new risks now, not at some point in the future. In a recent interview, John Halamka, CIO Beth Israel Deaconess Medical Center, stated that: “to guard against hackers, health care CIOs are investing in security like never before.”

        We have to - the gap is getting bigger as I am writing this.

        For a further discussion on healthcare breaches, see also Kevin Haley's blog post here: Responding to Data Breaches in the Healthcare Industry

        • Drive Encryption Powered by PGP Technology
        • Gateway Email Encryption
        • Desktop Email Encryption
        • Endpoint Encryption
        • HIPAA
        • 12.x
        • Control Compliance Suite
        • Critical System Protection
        • Endpoint Encryption - Removable Storage Edition
        • DeepSight™ Technical Intelligence
        • File Share Encryption
        • Symantec Enterprise Security
        • Thought Leadership
        • Mobile Email Encryption
        • Data Center Security
        • Email Security.cloud
        • Endpoint Encryption - Device Control
        • intellectual property
        • Identity and Authentication Services
        • Digital IDs for Secure Email
        • Data Loss Prevention
        • PHI
        • Messaging Gateway
        • Web Security.cloud
        • Encryption Management Server Powered by PGP Technology
        • breaches
        • Managed PKI for SSL
        • Key Management Server (Key Management)
        • Endpoint Encryption Management Server
        • Symantec Protection Suites (SPS)
        • Healthcare Online User Group
        • Managed Security Services
        • Web Gateway
        • Products
        • PGP Command Line
        • ECA Certificates
        • Enterprise Security Manager
        • Healthcare
        • Endpoint Encryption - Full Disk Edition
        • Device Certificate Service
        • VIP (Validation ID Protection)
        • Endpoint Protection