Over 90% of all network data loss events now follow the same path. First a network endpoint is compromised and then held for months, or years, while the attacker searches deeper into the network. They are looking for vulnerabilities on servers and other network infrastructure which is then used as a stepping stone on the path to finding data gold mines. Network vulnerabilities allow attackers to gain root access to servers and network control points - after which the whole network can be compromised. These existing vulnerabilities on equipment, applications and web apps are not unknown; they are well understood and could be fixed by network admins if they have the correct tools and resources.
This vulnerability path bypasses endpoint defenses like Antivirus and endpoint security because many devices brought into networks by employees aren't controlled by the network admin. If the visiting laptop or smartphone isn't deeply owned by the network admin, it is likely owned by someone else. Additionally, even careful employees can be talked into clicking on a bad link, opening a mysterious file or plugging in an unknown thumb drive on a company computer or laptop.
This path bypasses IPS because attackers use multiple access points to fly under the IPS radar. Commands are sent in and data taken out in a way that will not trigger real-world IPS settings. If IPS controls are strict enough to catch this traffic, it also stops business critical communications.
This path bypasses firewalls because it uses packet types, sizes and destinations that must be allowed to continue to do business.
Given that use of AV, FW and IPS is nearly universal and reports on data loss events are increasing in number and size of loss, it is a logical conclusion that these technologies are leaving a path through network security barriers.
What can be done to shut down this route into networks? The common denominator of network data loss is that KNOWN VULNERABILITIES are used by nearly all attackers to establish or further their reach and control.
Fine Tec is announcing a new program to ensure that their clients understand that the biggest security gap is made up of the KNOWN VULNERABILITIES that exist on customer networks right now. The current consensus up until now is that network vulnerabilities aren't worth fixing because the bad guys are stopped by AV, FW and IPS. This is now being seen as short sighted, to say the least.
Fine Tec is teaming up with Beyond Security to help fill the security gap created by the presence of known vulnerabilities on networks. With an agreement recently reached, Fine Tec will distribute Beyond Security's Vulnerability Assessment product line, AVDS; the most accurate, most easily used and least expensive corporate VA solution in the world.
About Fine Tec
Fine Tec is a Value Added Distributor that brings channel partners together with leading solutions specializing in network security and data integrity products. Fine Tec has been proudly serving channel partners since 2000 by providing personalized services in all aspects of sales every step of the way. With a focused and selective product line, Fine Tec aims to provide in-depth knowledge and support for all partners. More information about Fine Tec is available online at www.finetec.com.
About Beyond Security
Beyond Security's testing solutions accurately assess and manage security weaknesses in networks, web applications, industrial systems and networked software. We help businesses and governments improve and simplify their network and application security thus reducing their vulnerability to attack and data loss. Our product lines, AVDS (network and web application vulnerability management) and beSTORM (software security testing), will help you secure your network and applications, comply with your security policy requirements and exceed industry and government standards. For more information about Beyond Security see www.beyondsecurity.com or contact Brian Pearce at firstname.lastname@example.org.