http://blog.solidcore.com/public/blog/183014Recent News & Stories from Solidcoreen-usCopyright (C) 2009 Solidcore--All Rights Reserved -- This channel is part of the Solidcore Blog blogsite--Powered by MyST Blogsite®.Thu, 13 Sep 2007 23:45:19 -0400Fri, 15 May 2009 08:30:59 -0400MySmartChannels V3.0 (MyST Web Service Platform V6.00.0627)http://blog.solidcore.com/styles/blogsite/SolidCore/images/rss.jpg3188http://blog.solidcore.com/public/blog/183014Solidcore: Change Management and Change Control Solutions IT CompliancePCI complianceIT managementIT infrastructureIT change controlIT Data CenterIT ServiceIT response timeService availability http://blog.solidcore.com/public/item/232225Advance Endpoint Security and Risk Management<p><font face="verdana,arial,helvetica,sans-serif" size="2">Today, at McAfee's May 15th Investor Day meeting in New York City, McAfee announced they will acquire <a href="http://www.solidcore.com/">Solidcore</a>. Through this acquisition, McAfee will expand its reach into new markets, secure new platforms and strengthen its hold as the leader in the $6 billion endpoint security market.</font></p> <p><font face="verdana,arial,helvetica,sans-serif" size="2">By continuing to innovate, McAfee is staying one step ahead of customer needs and competitive offerings. With McAfee and Solidcore joined, we will bring together best-in-class technologies and extend the current McAfee security portfolio beyond signature-based anti-malware. McAfee will combine dynamic whitelisting and application trust technology with leading McAfee antivirus, antispyware, host intrusion prevention, policy auditing and firewall technologies, to help customers more readily mitigate the risks associated with vulnerable or malicious applications downloaded by employees.</font></p> <p><font face="verdana,arial,helvetica,sans-serif" size="2">For more information, please visit the <a href="http://www.mcafee.com/us/about/corporate/mcafee_Solidcore.html" target="_blank" title="McAfee to Acquire Solidcore">McAfee acquisition web page</a>.<br /></font> </p>http://blog.solidcore.com/public/item/232225Fri, 15 May 2009 08:30:59 -0400 acquireantivirusmcafeesolidcorewhitelisting http://blog.solidcore.com/public/item/231799Cryptoviral Extortion and other breaches continue to hit healthcare<div align="left"> <p><font size="2"><font face="verdana,arial,helvetica,sans-serif">Going to the doctor may expose more than you think with recent news about breach notifications from <a title="UC Berkeley data breach announcement" target="_blank" href="http://datatheft.berkeley.edu/">University Health Services at Berkeley</a> and the breach with extortion threat at <a title="Breach News on Virginia Data records" target="_blank" href="http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=217201397&amp;subSection=Cybercrime">Virginia Dept. of Health Professions</a></font></font>. Not only are health records at stake which often times requires a Social Security number for identification but also CHD (Card Holder Data) facilitating the co-pay and billing of services. Another example where electronic data is no longer just the bits and bytes or 1's and 0's we were taught about in school but seemingly the lifeblood for cybercriminals. They will do almost anything to get their fix so the prescription is to be prepared and vigilant with real-time file integrity monitoring, dynamic whitelisting and get inoculated against malware.&nbsp; <br /></p> </div><h3>See Also</h3><ul><li><a href="http://datatheft.berkeley.edu/" target=%quot;_blank%quot;>Data Theft announcement at UC Berkeley Health Services</a><br/>Data Theft announcement at UC Berkeley Health Services</li><li><a href="http://www.informationweek.com/news/security/attacks/showArticle.jhtml?articleID=217201397&subSection=Cybercrime" target=%quot;_blank%quot;>Virginia Dept. of Health Professions data leak</a><br/>Virginia Dept. of Health Professions cryptoviral extoration</li></ul>http://blog.solidcore.com/public/item/231799Fri, 08 May 2009 14:33:10 -0400 antivirusbreachhealthcareHIPPAmalware protectionPCI http://blog.solidcore.com/public/item/231632One whitelisting company may have gone overboard in oversell..<p><font size="2"><font face="verdana,arial,helvetica,sans-serif">Let's face facts it is a competitive market out there and as times get rough there are those who aim to make noise in the market with oversell. Whitelisting as a general technology is an alternative and positive approach to providing protection to endpoints and devices. But as the common saying among Security Professionals go - the only really secure system is one that is turned off. This claim would be true only if the unparalled protection was compared to no attempt at endpoint protection at all or doing nothing. </font></font></p> <p><font size="2"><font face="verdana,arial,helvetica,sans-serif">Another false claim is that whitelisting alone provides some sort of system lock-down. This would be like saying having a closed campus for high school is the same experience as a correctional facility.&nbsp; It may have seemed like it for me when I was in high school but as any resourceful teenage can prove it's not hard to be creative and find ways to come and go on campus without detection. </font></font></p> <p><font size="2"><font face="verdana,arial,helvetica,sans-serif">Full endpoint security or lock-down is more than just whitelisting. SC Magazine recently reviewed endpoint security solutions in a <a href="Endpoint%20Security%20Group%20Test" target="_blank" title="http://www.scmagazineus.com/Group-Test-Endpoint-security/GroupTest/170/">group test</a>. The test looked at the following features</font></font></p> <ul> <li>System Security: antivirus/spyware, firewall capabilities and encryption <br /></li> </ul> <ul> <li>Port Management: blocking the ability to add devices or read\write data to and from USB/CD/DVD/wireless devices&nbsp;</li> <li>Host Intrusion Protection: blocking registry changes, privilege escalation, copy/paste features and kernel event management<br /></li> </ul> <p><font size="2"><font face="verdana,arial,helvetica,sans-serif">Solidcore provides both application and configuration whitelisting but our technology also has the ability to actually lock-down systems providing Runtime Control. Host intrusion protection and read/write protection of critical data on the systems does not come with standard whitelisting solutions. Port management is considered a key feature to endpoint security to minimize the unauthorized data access, installation or tampering of pre-set communications on the system. Again application whitelisting alone will stop any new code but won't provide data protection.</font></font></p> <p>Even though we did not participate in the endpoint protection test we have gone through independent testing with <a href="http://nsslabs.com/" target="_blank" title="NSS Labs website">NSS Labs</a> verifying our claims on being able to provide 100% system integrity. &nbsp; <br /></p> <p> </p> <p><font size="2"><font face="verdana,arial,helvetica,sans-serif"><br /></font></font></p> <p><br /></p><h3>See Also</h3><ul><li><a href="http://www.scmagazineus.com/Group-Test-Endpoint-security/GroupTest/170/" target=%quot;_blank%quot;>Endpoint Security Testing</a><br/>SC Magazine Endpoint Security Group Test</li><li><a href="http://nsslabs.com/" target=%quot;_blank%quot;>NSS Labs</a><br/>NSS Labs</li></ul>http://blog.solidcore.com/public/item/231632Tue, 05 May 2009 19:57:26 -0400