Webinar Recording

Endpoint Protection Made Easy With Privilege Management

Log in and watch the full video!

Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to protect endpoints, they are by no means sufficient. Instead, Endpoint Privilege Management (EPM) solutions must be integrated to protect the systems from within.

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Subscribe to become a client
Choose a package  
Hello and good afternoon or good morning, depending on where you are. And welcome to this latest webinar today is sponsored or supported by Wallix. And we'll be talking a lot about endpoint protection and particularly how that can be made easier with privilege management and delighted to be joined today by Aljandro Soret Madolell, who is the EPM product manager at Wallix, and he'll be joining me after my section of the presentation on Paul Fisher. And I'm a senior analyst with KuppingerCole Analysts. Yeah, just before we kick into the actual webinar, just a little bit of advertising on behalf of KuppingerCole and some events that you might want to mark for your diary. In fact, one is as soon as tomorrow customer identity and marketing automation, that's a KC virtual event tomorrow. And then we have August the sixth, the future of digital identity self-sovereign identity and verifiable credentials.
And a little bit later one, I think I'll be doing is an August 20th, advanced privileged access management and new trends talking about how Pam is developing an order. Those are KC live events, which is our new format, which is fully digital, fully live, fully interactive, and works with a app. Okay. Housekeeping, you mute essentially. So you don't need to worry about muting or unmute yourself. We are recording this whole webinar and it'll be available to you quite early on, and we also provide the slide decks for download. So if any of your colleagues wanting to be here live, but missed it, then they'll have a chance to listen to it again, as will you, if you wish to refresh some of the points that we talk about. And finally, at the end of both our sessions, there's a Q and a, and you can enter questions if you're looking by entering them at the bottom of the go-to webinar control panel. So please at any time, enter your questions as they arise, we won't answer them straight away, but we'll bring them up at the end of the webinar.
So that's the introductions out the way let's have a quick look at what are we talking about and also what Alessandra will be talking about. I'll just be introducing some of the benefits if endpoint management solutions and how we think they work, but not so much, maybe I've said here they're superior, but we're not talking about like for like, but how they work better for protecting end points and privilege accounts. And then after that, Alisandra, we'll go into the multiple, some of the best practices to secure a neutralized attacks and end points at how an APM solution can integrate with your cybersecurity strategy. And as I've said, we'll also have some Q and a at the end.
So to kick off with, I'm just going to give an overview of what I see as the business insecurity landscape that many, many organizations are now finding themselves in. And I separate these into business technology and business process and then security integrations and security processes. And I think without going into detail with every single one of these, but I think at some point small and large organizations are going to be adopting things like the cloud. The cloud is often referred to as kind of a mature technology, but actual fact, we're still quite a long way to go before we reach maturity. And certainly where we might say that all organizations are using the cloud, but a number of organizations still find it hard to move to the cloud for reasons of trust and security. At the same time, we're seeing the growth of virtual machines.
And then what we might call hybrid architectures where different types of architecture are working with each other. And of course that involves things like legacy apps and legacy architecture and infrastructure as well. Quite often, quite recently, there's a lot of talk about dev ops and containerization. Certainly these are areas that for example, the automotive industry is now doing a little bit of catch up in terms of dev ops, as it realizes that the possibly the secret to future success in retailing and manufacturing cars lies in software. And you can see, for example, Daimler launching its new, S-Class only the other week as probably the most amount of software and connected pieces of technology within the, within that car of any car that we've seen so far. And so it's not just a car industry, of course, but dev ops is used because businesses want to be more competitive.
They want to develop applications and processes much faster. And again, added to that is automation advance, sorry, artificial intelligence, machine learning, and of course IOT. So these are what I would say are some of the major trends in business technology and aligned to those are business processes. So we have mobile working. We can't really talk about mobile working these days without mentioning COVID. And I'll come onto that in a little bit later in my presentation, governance risk and compliance it's it's in the last five years, it has become much more important for businesses to not that I'm saying they didn't take it seriously, but the government say in the European union and now increasingly in the United States are punishing companies that are not compliant, or if they do not keep a personal data safe, we're seeing in some areas of industry, customer access customers, and of course, third parties are giving greater access to the infrastructure and the, the wider enterprise itself.
And again, that's tool done to customers, sorry, organizations wanted to get closer to their customers. So it helps them develop better and more bespoke products. And as I said, vendors are also getting much more access to organizations. So companies are becoming much more joined up. The old walls are breaking down. And of course, to our subject of today, that means there are many more endpoints now trying to connect to the core enterprise. And that of course has implications for the security of privilege accounts and indeed the security of data and services within that organization. And finally, agile development. We already mentioned that and that's where developed some kinetic containerization come in and collaborative working. We're seeing the growth of digital workplaces, where employees and other users are interacting on a much more dynamic basis than they perhaps have done in the past where they're working with tools that allow them to do real-time collaboration and sharing documents and all kinds of things.
And within that, we seen also the impact or what might've been called, consumer applications, such as WhatsApp and other social media also being added to the mix. So as for security, all this has meant that security technologies have widened out. So we've gone a long way from what we might've called, the old firewall and antivirus method of keeping organizations secure. We now have things like security incident and event management, much wider use of analytics, multifactor access, single sign on customer identity and access management, which is a development that we've just talked about, how customers are being managed within your organization, identity and access management. And of course, privilege access management, which is also part of our discussion this afternoon.
And as for security processes, it means that we've seen a rise in, again, not just having security prevention, but instant response security management is now becoming more of an art form security management. It goes beyond just as I said, pointing out where vulnerabilities are, but also it includes things like making security efficient, and also the life cycle of a security tools so that, you know, when things need updating, when they might become vulnerable themselves and also how different types of security tools work together, forensics has become hugely important. Particularly as, as we know, there's not much we can do to stop cyber attacks, but we can do a lot to learn about them. And also we can learn from attacks, how to prevent them in a future audit, auditing and reporting relates back to GRC as does Rick management.
We always say a couple of your call that any security deployment or installation should be proceeded by a risk management assessment of both the organization and the tools and processes and people that you may wish to deploy. Correct. So, as I mentioned, cyber crime, which is our common enemy to a soul continues to grow. That's no surprise really, to anyone that works within the security field, but the stat 90% of end points do already include protection. But the attacks continue to grow email, which is something that people have long tried to predict may disappear. Well, it hasn't disappeared in probably world and cyber criminals. Find it a very efficient way of delivering email, sorry, delivering malware through phishing attacks and like 60% of the breaches involve endpoint vulnerabilities, which is something we will talk about in a little bit. And there's also the growth of Phylis attacks 260%.
I mean, that's a pretty, pretty huge growth. And I'll mention that again in a minute, but one of the reasons that peop EPM I'm sorry, EDI is no longer purely sufficient is because of cybercriminals devise ways of attacking with fire lists malware. So they bypassed all the antivirus systems and there is a, also a sobering figure. $2.7 million is the average cost of an incident. Even, even if it doesn't cost that much even the smallest ransomware attack or even the smallest, perhaps a piece of malware that gets into a system is going to cost your company and your employees some kind of time. And that time lost or that data lost is going to result in some kind of financial hit.
Okay. 19 as pro proven that criminals and activists have no moral compass, the cyber threat intelligence league showed that instead of threats going down during COVID-19, they actually went up, they took down 2000 eight hundred and three, eight hundred and thirty three indicators of compromise in March alone. The majority of those 99.4% were malicious domains attempting to exploit the pandemic. And what's worse is that the vulnerabilities targeted the healthcare sector and which shows that just when healthcare sectors across the world are being tested, like never before they also have to deal with attacks on them by cyber criminals. And then there was a spike in disinformation, which for whatever reason, who knows who's behind these kind of malicious campaigns, but they spread disinformation about the 5g equipment and encouraging people to break lockdown orders. So there is a two-pronged attack here. There are cyber criminals, still trying to do what they always do, which is steal data and use rents and wet.
And then there are other more malicious groups for B perhaps potentially nation state groups that use something like COVID to break into systems and spread disinformation. And all of that is done through endpoints. So I'll just quickly go through endpoint detection and response how it works. So we take our remote user logs in to the service and tries to execute some kind of download the traditional firewall network security, AAV intrusion detection, intrusion detection system generate an alert that alert is sent to the threat cloud. For analysis, the EDR can filter and prioritize alerts, and then decision has made whether this execute can go ahead in this case, it's a no, and sad user is, has the download block and that all works very well. And that is still, as I said, a very good first defense against conventional attacks. The problem is, and Alisandra, we'll be talking a lot more about this is, as we've seen that cyber criminals are starting to use Phyliss attacks, which can't be detected by the traditional security installations.
And so these can easily bypass all of that and find their way into the system. And this also has big implications privilege access accounts because increasingly the cyber attackers are going off the privileged accounts because they know they lead them to deeper inside a organization. They also lead them to the most valuable data and, and the stuff that they know is of worth a monetary value to them. And if Pam, sorry, privileged accounts are being protected only by ADR. There's a strong likelihood that our little devil figure there will be able to bypass all the barriers that we set up and get to those privileged accounts.
So just some limitations of ADL for Pam. It is effective, but modern organizations need more, just some here complexity and the vast amounts of data captured by ADR can overwhelm security teams leading to neglect. So they don't see the patterns. They don't see how cybercriminals are perhaps working. Attackers are exploiting remote access and network vulnerabilities rather than installing malware. And as I think I've repeated this time, maybe three times, but so many conventional breach tension tools, aren't catching the intrusions. There's often a trade off between the budget and resource limitations and the number of end points that should be presented that can result in gaps that lived in networks, et cetera, susceptible to attacks EDR that is so statically linked to antivirus and legacy tools will not block the latest malware and attack methods. Each endpoint often needs an installed agent, which is a hassle and an opportunity for error and for agents not to be updated. And as I said, just now, APM APM does not by nature. Do a good job of protecting privilege accounts as it is a wide ranging catch-all device.
So just quickly then talk a little bit about endpoint privilege management, which Alisandra, we'll talk more about. But the key point here is what I said. It's not the endpoint that needs protection. It's the network. The end point is just a, a gateway and both legitimate users and attackers will use it simply as that. So EPM will provide an extra layer on to EDI protect privilege accounts. You will have the ability to counsel privileges from a dashboard. At the point of entry, I can give privileges to specific files and installers. It keeps a log of Pam files. So for analytics, you can get much faster access as to what's happening. It gives you a full audit capability of privilege access management, and it should provide a speedier access and control for privileged accounts because they're being separated out from the EDR. And you'll find a with w w w is much more relevant to DevOps and other new types of privileged users, which includes other applications and machine robotics, et cetera.
So there are some of the advantages of EPM, and let's just quickly look how that might work. So we have our same setup here, our remote user logs into the service and tries to access a privilege, excuse me, a privilege account. It goes through to the firewall network, et cetera. But this time the request is sent to Pam. It might actually be stopped at the firewall network if it's malicious, but let's say it isn't, then that will be split into analysis. And then that process is input into the log file so that you have record of all privileged sessions.
This request is sent to the Pam solution. The policy is applied, a password issued the session recorded, and then our user is given access and can continue their work as, as necessary. And I put it at the bottom there times one thousands. Of course, this is something that in many organizations is happening thousands of times a day, and very, very quickly. So the best Pam solutions will enable such access as quickly as possible speed and convenience are key to modern security. So I don't want to impinge too much on Alexandros time, but I'll just briefly mention how Pam is developing across the board. So we have sort of three pillars now as, as to what we might see as, as development or areas of development for, for Pam. So we have our basic Pam functionality, which is kind of what I was talking about. Illness slide here, and that includes shared account password management, multifactor access, account detection, most importantly, session monitoring, recording, anomaly detection.
And then we might get certificate based issues for access to privilege accounts, which takes away passwords. And then DevOps. We we're increasingly seeing DevOps being, sorry, Pam being developed for DevOps particularly, and that would also have a volt in it, but would also likely to have application to application in there. We definitely have a significant management and dev ops integration. And then the other areas that we're seeing in Pam are integrated into the cloud. So this will also maybe Pam, that is for small businesses as well. And that will also have a credential volt. It may have a multifactor access for admins account life cycles, and the two things that we've spoken about for DevOps. So finally, Pam and India infrastructure digital transformation is increasing the privilege, the, the load on privilege access. And we can see this matrix here tells you what is happening on premises infrastructure as a service within platforms and software as a service and what we have there at the moment, the traditional Pam requirements, but we're conceded that it's happening right now is that as organizations become more digital as they transform, then the demand increases so that we have things like internet of things, which are machines or even edge devices, which may also need access to privileged accounts, microservices, containers, container platforms, themselves dev ops service desk.
I mentioned that right at the start that we are seeing workplace delivery or digital workplaces becoming part of the mix and then vendors, consumers, and workflow. Again, we'll soon maybe part of Pam and to do all that at some everywhere. As I mentioned, at some point, people machines will log on to via an end point end points are now literally anything that users or applications and machines use to gain access to another system. And so that's the end of my section of the presentation. I'll hand over now to Alessandra.
Thank you, Paul. Good evening, everyone. Good morning to a different time zone. So here I am to talk about let's endpoint management and also privileged management. So how, how we can let's say make it easier. So a little bit about myself first. So my name is Alejandro. I have almost 10 years of expert experience on a software development with a strong experience or knowledge in the area of InPoint ecosystems and endpoint administration. And they recently have focused on it. Security is specializing in privileged access management and identity medicine. So I, I live and work in Madrid right now in, based in Madrid, Spain, you know, Madrid offices, and I I'm the current leader product manager of our endpoints VPN solution here in ones. So let's talk about the current situation when it comes to privilege management on the endpoint. Okay. So what I've narrowed it down to is basically two options.
Okay. So option number one, end-user satisfaction is my priority. So I give everyone admin rights and I do not need to manage their credentials, right? So I don't want to deal with privileges and the consequences because I don't have the time or the resources. So I grant admin rights to every end-user right? So with admin rights, the users will be able to do anything they want on their computers. So from a productivity standpoint, this is good because they will not require any intervention from it or any approval entity, right? So that's, that's a good part, but the bad part is the security standpoint. So from a security standpoint, this is the worst situation because such rights can be, and tens of thousands will be exploited by some malware or some attacker might also, the user can install any application that he or she wants. But the problem is that the end user doesn't know if this application is to be trusted or not.
And most of the times they are tricked even into it, check in to installing applications, without even being aware. They don't have to be aware of. But the point is that you should not rely on the end user to decide what applications should or should not be present on the endpoint for the model. The user would also be able to perform management tests on the endpoint that may imply modifying critical parameters in the endpoint. And he, or she would not, they, they should not be doing them because what they, you know, they need to be managed by it. So excessive privileges is the vulnerability that is present in the message. Percentage of any sort of action is the only thing that all these attacks have in common. So according to, for instance, gardener and the very own Microsoft, the, their security reports, they all agreed that removing admin bytes can be the solution to the vast majority of stress.
Okay. Okay. So I am convinced now, and, and now I, I choose option number two, which is the other option to have security now is now my priority. So I don't give users any admin rights in order to avoid any unauthorized or dangerous actions, right? This is good. This is, this is what every one of the commands, this is nothing new. This is something that everyone knows is, you know, the, the, the unicorn desk, I am knowledgeable about security. And I, and I know that I want to implement the least privileged model in the organization because I'm able to bring the tax no matter how big they are, if the attack is huge. And this is activity to be fully stopped, doing a long period of time. Of course, this scenario is much worse than implementing at least try to be I'm dealing with consequences.
So at some point, the end user will complain about not being able to do something because of the lack of this lack of privileges, you know, derived from implementing a least privilege model, right? So at this phase, it's important to gather information as to why this user is demanding privileges to do something. And of course decide is this, the reason is justified and that this chase, we might discover that users weren't taking advantage of an excess of privileges to do things that they aren't authorized to do possibly without even being aware, I'm actions that they are authorized to do are for instance, or not, they should more maybe run a corporate application, which for whatever reason needs to be run with elevated permissions, right? This is the most common use case. Okay. So if the it manager has gather all the information and requested confirmation from the appropriate departments, security departments, for example.
So the user's permission right now, the it manager has two alternatives. Okay. Alternatives, number one is either he grants the user admin rights for, for the user to be able to perform the request action, because it's an action in, in which the company realized them, this person now needs to be able to do this. Otherwise the company will, you know, loose money productivity. Okay. So you granted the user admin rights, meaning that not only you have broken your lease to the strategy, but you also back at option one, get with all the job actions, none of the benefits. Well, then we'll live benefits. It's me not wasting time on approval workflow. So what you have just wasted wasted time. So, you know, and then, so this, this is back at face at option one. So now the F another alternative, which is slightly better, you can give the user, excuse me, credentials I used to in the past, right. A different account, a secondary account, which has privileges to this person, you know, for him or her to use whenever he or she.
Right. And the problem is that as always, you can't trust the user to decide when he or she can use this second, the secondary privileged accounts, meaning that if you are not careful, then the user will most likely end up, you know, using this account for everything. Which means that again, we are back on option one with all the job acts and none of the benefits. Okay. If you, if, if the ICU manager to Mitch, to managing the privileged credentials that you have given to the users that is rotating the password, hiding from the users, you know, run the applications for the use of this will be at a high effort for, for the it personnel. And, you know, having to invest time, resources and stuff, manage this secondary account for each user that really needs it. But which in fact, this results in most of the company, raising tickets, just to be able to run an application to it, something, right.
Even if you succeed in managing these secondary accounts, because you have the resources, the user might feel a big difference on when, when the user ends, you know, works with his secondary account, because whenever he wants an application with this account, you know, he or she will, we'll have quite different environment for that application because it's, it's run with a different user, right? So it be, this means that the user's preferences or network shares or bookmarks, or, you know, I can only, I cannot see, but a few examples, they will be different from the one of the person that is sitting in front of the computer. So this also has some impact. It's not, it's not a great solution here. Okay. So as a way, you know, business productivity gets compromised in the end, either, even, even if in the best case, you, you know, you end up succeeding in this approach, which is, you know, not usually the case from my experience.
So to secure end points, you can decide to eliminate local admin rights from the users, right? So, so that if you succeed in doing that well, you know, like I said, the only way is to have the it team, you know, managing these users requests and, and, you know, and spend this kind of spending this kind of time. You can, you even not have the it team manage this on a daily, you know, on your daily business organization. I mean, this comes down to the it team, not being efficient. No it's acuity is not even fully maintained in reality. And the, and the user satisfaction, the end user satisfaction is, you know, not good, but with what's our approach, you do not need to choose between security and productivity anymore. So let me explain, we are focused on implementing the principle of least privilege, which basically, I mean, it does.
I mean, it means exactly what it says, right? Every user program or process must be able to access all leading information and resources that are necessary at that time. And with, you know, the appropriate justification and the auditing and everything, and nothing more. So, you know, you no longer have to, you know, grant full admin rights to Nazi users with all the risks that imply if you are able to implement the real, this model, this principle of these prisoners. Okay. So peel P paste the way to, you know, an infrastructure that is secure by design that is you can have a starting point to which you can secure your network. If you start by implementing the principle of these pivots. So this is what our solution is mostly focused on our end point solution was called one express safe. Okay. And we bring an innovative endpoint management approach.
It's a disruptive and new innovative approach based on the principle of these permits, you know, by, by design, which is a proactive protection solution. It can smell where ransomware among other things, you know, and, and, and I was used to enable eco trust framework solution within the privileged and non-print endpoints. Okay. So be safe. This is this principle of least privilege, you know, without, because we thought without local admin bytes, you know, an intruder or a malware, won't be able to gain this, this, these privileges, you know, to run whatever malicious process or application it is thinking on, on, on money. Okay. So what our best solution mainly consists is, well, first of all, application control, and when we say application control, we mostly mean changing the, the approach of user privileges to application privileges, meaning that if you focus on the applications privileges, and you are able to elevate efficiently, you do not need to grant admin rights to the users anymore.
And whenever they need an application to be run with privileges, then you, then you, you only have to innovate this up this application, right? So that this is application privileged management at the application level, right? So this is basically what white, gray, and black listings, how we interact these kind of white, gray, and black listings. And even if you are an administrative user, you can run things, applications without these predictors, you know, securing the end points that are but about, but it doesn't, it doesn't end there. We also w our solution also supports privilege management at the user level with, with all of the solutions benefits, you know, it comes fully integrated into it. And so you can, if you have never succeeded in applying at least of its approach, you can use our solution to, you know, remove all of these kinds of these kinds of privileges at the same time that you are in the bidding only applications.
So you have the entire package to achieve this, you know, fully secure, fully productive organization endpoints ecosystem. Okay. But, you know, outside the scope of application level security is, you know, our API hooking technology, which is not really a privileged management anymore, but it has been proven to be very effective against many kinds of malwares right. And the way it does it is, I mean, it can detect in real time when a certain process intends to perform a specific operation before it is scary, of course, these operations, you know, we can, we can think of this registry network. Right. And it will, it will being able to monitor these kinds of operations would be very yeah, of course, but it has, especially, you know, it's especially useful against, right. Because it's only a matter of monitoring encryption operations, you know, you know, other, I mean, apart from this registry and so on, right?
So if you, you, if you have some, you can, if any condition that you specified is Smith, both you, the best, best save can go as far as getting the process or not allowing the operation, but keeping the process of life, if you, so wait. And, and of course, you know, even if it, if it succeeds, you can monitor what the bridge is doing, right. So, so, so th that's mainly what this is mainly built on. So the benefits of what this safe are a lot of things, well, it's a, it's a practice solution. So you do not need to no, the threats to come up with a solution, an antidote, you know, like traditional virus antiviruses did because you have the least privilege model. These attacks will fail. And in, in doing the, their malicious operations, and this means that it doesn't matter if the malware or whatever it is is, is, has occurred or is about to occur.
You know, it doesn't matter what malware comes in the future because you are, you have a disparate model, right? So this is how, I mean, it, it can be, you know, because we are the, at the Colonel level, I mean, we, we do not need to constantly scan, you know, the, the, the file system or anything. We are merely managing the privileges and the restriction is done by the operating system, right. And this allows us to, you know, be, you know, fully granular and, and still, you know, maintain, you know, the, the normal business productivity and as well as the chief on your own, you know, can come and compliance regulations, right? So basically access management, you know, should be addressed at all levels to ensure a complete, you know, serious task security. Again, this comes down to, you know, identity management, you know, also monitoring access to resources and the sessions.
And of course at the endpoint level, which is where everything is going to occur in DNA. So if we're able to achieve this, the, these three scores, we will, you know, have a trust framework. And, and, and that's what, you know, while portfolio is, is, is may not, right. So while X now has, you know, global solutions for a stronger security implantation for companies, you know, mixing these values, the scenarios of items and endpoint product features, right? So we can get more benefits with a mobile solution approach, right? So stronger. So your security as students that aren't trusted factors already exist both inside and outside the network trust must be there for entirely removed from the equation, need to have granular control of access, and clearly identify who does, what on your infrastructure or network. So our four product lines with, with our four lines, you can achieve exactly that.
So we have bastion on one side, which is where it comes from, mainly for doing the pump, the privileged access management. And we have also a to do all this identity management and, and, you know, everything regarding credentials and for the endpoint, we have a safe and which with which you're gonna achieve a least privilege model, and even be protected against some very specific malicious actions that do not require privileges to succeed such as ransomware. And we have the wildfire, which is our solutions for the, the, the manufacturing side of the, of the environment or the network. Okay. And example that we have one recently is a large European car manufacturer that has been, it has been implementing, you know, all of our product lines in, in 20,000 resources, as in service servers, important assets and, you know, 7,000 previous account. And it, it even had 50,000 end points, you know, across the entire company. And, you know, they were because of this fully on his product line, they are able to benefit from, you know, we, we were able to, to win against our, most of the, all the competitors out there, right. Because with, with this, they're able to manage these, these admin rights, they're able to manage them, you know, a distributed model. And even in the manufacturing side of things, they, they are, they are secure even on legacy systems.
So, so this was like a perfect match for them. And, yeah, so that, along with, say with an appropriate post-sales attention, they have come to be more than happy. So a bit about Alex. So what is the, say a public company, you know what we have customer success representatives manage a follow the sun support. We have one center in Vietnam, three centers in Europe, and one in north America, and appreciate history of what the con you started in 2003, as an it services company, private providing managed services to large customers. During this period, we developed proxy a total, the large French petroleum company, and to propose it also in open source now in nine, decided to move from being an it services company to a software provider. And yeah, that's when they launched the first version of the product from 2011 to 2015, while it's developed sales, mainly France and African French speaking countries to develop. And yeah, so to develop business, you know, international business, then what, x-rays 10 million euros and on the uncertainty, 15 and 37 million Euro in 2018 and in 2019, the company, but two other companies, the first one with an endpoint security product C much based in Spain, where I come from and the second one in identity as a service business.
So now is now is the time to, you know, to go get more information. I, Y you're more than welcome to write to me with any, any, any doubts may encounter or head over to the web for more information. And yeah, this has been what presentation. So, well, thank you very much for attending and hope to speak to you.
Thank you, Sandra. Sorry. I just need to get my slides back to normal. Thank you. Okay. Thanks very much other Sandro for that excellent presentation and detail about what X and EPM. Certainly a lot to think about. They're going to, we have some time for a couple of questions. So w what operating systems are covered by this solution? Alisandra
Well, we, the solution started as a, a windows solution, right? So well, because it, you know, it was, that was our line of expertise in the, in the past. And we were able to, well, we have able to manage, let's say the operating system security to a level that has never been seen before. And, you know, w we have some very, very interesting results in that, in that window in windows ecosystems, but recently due to a, let's say a commitment we made to very important customer of ours, which also proves our ability to, to respond to the customer's needs. We have developed a Linux endpoint solution, which is, it doesn't have exactly all the features that the, when the solution has mainly because they're not, obviously they're different operating systems, so don't even make sense. But the point is that we are finally able to cover time each time, or supporting more and more mimics features, but already where we're supporting the most important ones like, you know, and, and the DBS. So, so now we're able to say, we have, we are, you know, real endpoint solution provider because it's not windows only anymore.
That's great. And obviously that's important as a, as a, I was alluding to in this sort of hybrid world that we're moving into, where we have different operating systems within the organization. How, how is the solution actually managed and deployed as well?
Well, that's actually what, one of the, one of the most interesting benefits in, in, from a technical standpoint, because, well, because we started being a windows software developer, we took advantage, and we still take advantage of active directory, which is what, you know, it's, it's a directory database, but, but we're not only using it to obviously manage the, all the end points in your organization. More like, you know, what active directory is good for, but we're also using it for persisting or data. So the way the solution is managed is basically like any other active directory solutions. So the learning curve for any windows it department is, you know, it's very, very easy and everyone gets very, you know, up and running very quickly with the solution and, and those, and, and because the let's say persistence or the data of the solution is in the directory itself, this means that we don't even need any additional infrastructure fully.
You know, I really mean it, and we don't need any additional gateways or any additional database servers, because if every, if you have an active, active directory up and running already, then, then that's what we, what we use, right? So of course with time, we have developed alternatives, especially for those customers that do not have active directory on their environment, but do just recently due to this new Linux in point agents, we have a very interesting approach to managing links and points where you can finally manage all windows and Linux end points through the, your active directory. So management is done just like any windows endpoints for Linux as well. So that, that's, that's very interesting to, to see because well, for a quick, for a test, you know, it's very, very easy to get to get it up and running and, you know, China.
Great, great, thanks. So that Sandra and I, I was impressed by the, the, the example you gave of the European car company, 50,000 endpoints, which shows the scale of the challenge, I would say, you know, and, and that's, that's just one, one business and no doubt, the number of end points will, it will just continue to increase
Exactly well, because, because this, this particular requirement effector had active directory. The start we were asked, scalable as active directory was. So because they had a working environment with 50,000 endpoints in the active directory for us, it was really easy to get, you know, to deploy and to use. And, you know, it's just very simple now, no need to any additional infrastructure or anything, not even, not even opening firewall ports because the communication goes through standard. So it's just, it can't be easier to manage, I think.
Great. Okay. Well, we don't have any more questions, but at the moment, but at the Sandra, as you said, you are available, you gave out your email address. So if anybody wishes to contact him with inquiries, then please do. So. In the meantime, I'm just going to a few more advertising spots here for KC. All our research is now available on our KC plus platform, which is directly available from our website. It's easily searchable. And for 800 euros, you get access to every piece of KC research, including Leadership Compass documents, which will featured in the most recent one digital compass on privileged access management. There is also a 30 day free trial. So you can try it out for free 30 days to see what's available. So obviously highly recommended by me.
We have digital advisories, video conferencing, online collaborations. So this an extension of our other advisory services. So you get technology evaluations, roadmap, definitions, strategy, definitions, and help with architecture development. More information is available at the website address that you see on your screen. And of course, KC masterclass, which is another new product that we've been rolling out throughout 2020, where we've been looking at business resilience, managing in a time of a crisis, which is obviously very relevant to the most recent past, and also identity access management and privilege access management. And we do the masterclasses ended up with a virtual classroom session or a boot room, depending on whether you're American or not, that has an exam and the opportunity to discuss your individual challenges with panelists. And all those masterclasses are held by KC Analyst.
I've already told you about this. Don't forget tomorrow customer identity and marketing automation, KC life, and then walk us to six future of digital identity and the advanced privileged access management and new trends. So lots to look forward to quickly, then some related research. You can, we'll go through all these, but when you get the download, you can look these up. And as I said, all of these are available on KC plus right now. So you can look at these for 30 days free. And that brings us to the end of this. Excellent. Well, I say it's excellent. You might disagree, but I certainly enjoyed having Alessandra with me today and hearing about what Alex is doing in endpoint management. Thank you. And with that, I sure wish you all to remain safe and to remain well, thank you very much for joining us today. Thank you.

Stay Connected

KuppingerCole on social media

Related Videos

Webinar Recording

Championing Privileged Access Management With Zero Trust Security

A modern approach to securing privileged accounts is to apply the principle of Zero Trust: Never trust, always verify. While Zero Trust is not an off-the-shelf solution, it is modern vendors of PAM solutions that recommend using this security principle to cement the technical capabilities…

Analyst Chat

Analyst Chat #156: CIEM Is Entering the Privileged Access Management Market

The PAM market is changing and expanding. Paul Fisher talks about the latest trends for Privileged Access Management, the role of CIEM, mergers and newcomers in this important market segment.

Webinar Recording

Implementing Zero Trust With Privileged Access Management Platforms

Among the many approaches to do that, Zero Trust is one where organizations apply the principle of “never trust – always verify”. Since Zero Trust is not a single product or solution, implementing processes that work accordingly can be a challenge to IT teams that want to…

Event Recording

Exploring the role of Endpoint Security in a Ransomware Resilience Plan

Ransomware attacks continue to increase in frequency and severity. Every organization needs a ransomware and malware resilience plan. Three major components of such plans should include deploying Endpoint Security solutions, keeping computing assets up to date on patches, and backing up…

Webinar Recording

Implementing Modern and Future-Proof PAM Solutions

Privilege Access Management (PAM) is changing, driven by the move of most businesses from on-prem IT applications and infrastructure to the cloud, resulting in a multi-could, multi-hybrid IT environment. This has resulted in a proliferation of privileged identities that need to be…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00