ESG Validation

ESG First Look: Deterministic Protection with Virsec

Cybersecurity Challenges:12

The percentage of organizations that report they’ve been impacted by the global cybersecurity skills shortage in 2021. The percentage of organizations that describe preventative protection to be a core capability in terms of endpoint security.

The ongoing cybersecurity skills shortage has two major implications. The most obvious is a shortage of talented cybersecurity professionals, with simply more cybersecurity job openings than qualified candidates to fill them. The second is at least as important: Many members of the current cybersecurity workforce lack the advanced skills necessary to safeguard critical business assets or counteract sophisticated cyber-adversaries. This helps to explin why preventative protection was the most cited core capability of endpoint security solutions in an ESG survey of cybersecurity professionals.

Topics: Cybersecurity

ESG First Look: How Cyber Shield Features within Cobalt Iron Compass Enable Ransomware Recovery

Co-Author (s):Tony Palmer


Cyber-recovery Data Protection Challenges

The percentage of IT/information security executives and managers that believe cyber-risk is greater than it was 2 years ago.1 The percentage of data protection professionals that identified loss of employee productivity as a major impact that could result from application downtime or lost data.2

IT executives are noticing an increasing risk of cyber-attacks. And this risk is leading them to build more comprehensive data protection and cyber-resiliency strategies in an effort to protect their organizations from the detriments of application downtime and lost data. ESG research also shows that loss of employee productivity is the most cited impact that respondents believe could result from application downtime or lost data, followed by other challenges such as diversion of IT resources from business-critical projects, loss of customer and employee confidence, loss of revenue, and more.

Topics: Cybersecurity Data Protection

ESG Technical Validation: IBM Cloud Pak For Security

Introduction

This ESG Technical Validation documents testing of IBM Cloud Pak for Security, with a goal of verifying how it can help organizations to maximize both the effectiveness and efficiency of incident response, threat remediation, and risk management within their existing security operations workflows.

Topics: Cybersecurity

ESG First Look: Reinforcing Zero Trust Posture with Arista Multi-Domain Segmentation Services - Group

Network Security Challenges: 1

Of organizations believe that cybersecurity is one of the business initiatives that will drive the most technology spending within their organization over the next 12 months. Of organizations will increase their spending specifically in network security over the next 12 months.
Topics: Cybersecurity

ESG Technical Validation: Google Cloud Security for Data Analytics

Introduction

This ESG Technical Validation documents evaluation of security features and controls for Google Cloud Data Analytics. We evaluated how five aspects of security—encryption, data loss prevention (DLP), identity and access management (IAM), protection from data exfiltration, and logging/access transparency—contribute to increasing security and transparency for data analytics projects using Google Cloud Platform.

Topics: Cybersecurity Cloud Services & Orchestration Google

ESG Technical Review: Continuous Application Security with HCL AppScan

Abstract

This ESG Technical Review documents ESG’s evaluation and analysis of how HCL AppScan can help developers continuously secure applications using policies defined by security specialists. We also evaluate how AppScan can easily be integrated into CI/CD pipelines and support other aspects of DevSecOps initiatives to provide continuous application security at scale.

Topics: Cybersecurity

ESG Technical Review: Google reCAPTCHA Enterprise: Frictionless, Flexible, and Effective Web App Security

Abstract

This ESG Technical Review documents ESG’s evaluation and analysis of how developers can easily integrate Google reCAPTCHA Enterprise into public-facing web applications. We also evaluate how effectively reCAPTCHA can defend web applications from common automated threats and attacks while never interrupting users with a challenge.

Topics: Cybersecurity

ESG Technical Validation: Illusive Networks

Introduction

ESG evaluated the Illusive Networks Platform with a focus on validating its ability to simply and efficiently preempt attacks before they occur where possible, protect against attackers inside the perimeter, and respond to incidents with fast data-driven decisions, regardless of where assets are located, or where the attacks originated. Illusive’s ability to scale deception technology quickly and easily was also of interest.

Topics: Cybersecurity

ESG Technical Review: Respond Analyst - The Virtual Security Analyst


Abstract

This ESG Technical Review of Respond Analyst focuses on how the solution functions as a virtual cybersecurity analyst, analyzing cybersecurity telemetry, aggregating many events and alerts into security incidents, and efficiently and effectively presenting incidents to the security team for investigation and remediation.

Topics: Cybersecurity

ESG Technical Review: BMC TrueSight Automation for Networks

Abstract

This ESG Technical Review documents testing and analysis of BMC’s TrueSight Automation for Networks, with a focus on configuration, patching, vulnerability management with automated remediation, and compliance features.

Topics: Cybersecurity Networking patch management endpoint management