KuppingerCole Blog

15 to 20 years ago, a virus scanner – or let me call it Endpoint Protection – on your private or corporate computer was standard. Today, you must also have something like a virus scanner on your endpoint device. But in 2020, is it sufficient to detect viruses, worms, and rootkits or botnets like we did in the past? There have been a lot of changes in the way attackers try to steal data, get access to your computers, or even block you from working with your computer. This evolution must be part of your strategy for protecting your endpoints. It is called Endpoint...

It’s October and it means that we are having the European Cybersecurity Month again. ECSM is the European Union’s annual campaign dedicated to promoting cybersecurity among EU citizens and organizations. To be completely honest, I do not remember it being much of a thing in previous years, but apparently, in 2020, cybersecurity awareness is much more important for the European Commission and not without, ahem, a very big reason. I have always had mixed feelings about the whole notion of “awareness”. On one hand, raising awareness is basically what we analysts...

Whether you are a firm believer in the bright future of Artificial Intelligence or somewhat of a skeptic like me – you simply cannot ignore the great strides AI technologies have made in recent years. Intelligent products powered by machine learning are everywhere: from chatbots to autonomous vehicles, from predicting consumer behavior and detecting financial fraud to cancer diagnostics and crop harvesting. There is however a major factor limiting even further applications of AI and ML in almost any industry: AI algorithms are very computationally intensive and until quite recently,...

For today’s companies, IT service management is more than IT support. ITSM is about working behind the scenes to help employees to do the work that drives your business – providing a one-stop shop for service needs, upgrades, improvements, and asset management. If IGA doesn’t play a critical role in your ITSM strategy, it should. We frequently hear from customers who are looking to better align IGA and ITSM, and our conversations with the analyst firm KuppingerCole often focus on this topic as well. Simply put, it just makes sense to marry IGA and ITSM....

Symantec Enterprise: With more informed decisions comes more automated security. In today’s Zero Trust world, where the principle of least privilege is ubiquitous, enterprises are struggling to balance security while simultaneously enabling a highly agile business environment. There has always been friction with security and making highly specific security decisions quickly and efficiently contributes to this. Moreover, decision-making in enterprises exists on a spectrum from completely manual to completely automated. Regardless of where your organization resides on this scale,...

Even before COVID-19 entered our lexicon, privileged access management (PAM) was widely recognized as a foundational cybersecurity technology . In recent years, almost every cyberattack has involved compromised or misused privileges/privileged credentials. Most malware needs privileges to execute and install payload. Once a threat actor has infiltrated an IT network, privileges are typically needed to access resources or compromise additional identities. With privileged credentials and access obtained, a threat actor or piece of malware essentially becomes a malicious...

Informatica has just announced that they have made another acquisition this summer: GreenBay Technologies, a startup focused on AI and machine learning. Read about their July 2020 acquisition here . GreenBay Technologies brings CloudMatcher to Informatica’s Intelligent Data Platform (IDP). CloudMatcher uses machine learning to automate entity matching and schema matching tasks with high accuracy. This impacts several key data management capabilities such as master data management, data cataloging, data quality, governance, and data integration. This acquisition adds to the...

NIST, the US National Institute for Standards and Technology, recently released SP 800-207 Zero Trust Architecture . The NIST special publication examines the principles of and motivations for ZTA, as well as implementation considerations, security concerns, and suggestions for improvements to architecture. NIST SPs are authored primarily for consumption by other US government agencies. In practice, however, their documents often become de facto standards and guidelines used more broadly in industry. In this post I’ll review the strengths of the SP and identify areas for...

Privileged Access Management (PAM) software comes in many forms. Some are heavy with software components (the thick client model) while others are leaner (the thin client model). Since we at SSH.COM are firm believers in the thin client model, I wanted to present five solid reasons why this is the case. 1. No constant cycle of installing, patching and configuring agents Thick clients require that you have to install agents on the client - and usually on the server as well. Moreover, you need to ensure that those agents are always up-to-date, patched and compatible with the...

In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. They allow new applications to be rapidly developed, existing applications to be modernized and deployed without additional capital spend. This provides important business benefits but also increases the challenges for the cloud customer to ensure cyber-security and regulatory compliance. It is in this light that the recent announcements from GCP (Google Cloud Platform) need to be understood. Trust but Verify Initially, cloud...