ESG Validation

ESG Technical Review: Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

The Challenges

As organizations of all sizes embrace digital transformation and the shift to modern cloud architectures, their IT infrastructure is both growing and becoming more complex. Indeed, two-thirds (68%) of respondents to an ESG research survey said that their IT environment had become more complex in the last two years.1

Complex infrastructures have large attack surface areas, necessitating a variety of cybersecurity tools and techniques to protect them against ever-increasing volumes and sophistication of attacks. However, cybersecurity teams report numerous challenges managing an assortment of security products from different vendors, such as the inefficiencies created by having separate management and operations for each tool, cited by 27% of ESG research respondents as a challenge, or different tools for various parts of the IT infrastructure (24%), or the number of security tools making operations complex and time consuming (22%)

Topics: Cybersecurity

ESG Lab Validation: McAfee Enterprise Security Manager

Co-Author(s): Alex Arcilla


Introduction

This ESG Lab Validation report documents hands-on testing of the McAfee next-generation SIEM solution. ESG Lab focused on the McAfee Enterprise Security Manager (ESM), the core product of McAfee’s end-to-end solution for addressing comprehensive threat detection and remediation. Testing was designed to explore how the solution accurately detects advanced threats using a layered approach, the speed and effectiveness of responding to an attack, and the operational efficiencies of this integrated solution.

Topics: Cybersecurity

ESG Lab Review: ForeScout Extended Module for IBM BigFix

Abstract

This report provides a first look at the key benefits of integrating ForeScout CounterACT with IBM BigFix endpoint management and security solution. ESG Lab focused on how the ForeScout Extended Modules can combine ForeScout’s endpoint insight, classification, and control capabilities with IBM BigFix. This integration is designed to discover and classify users and devices, verify the presence and operation of BigFix Agents, enforce compliance, and take automated host or network actions when needed.

Topics: Cybersecurity

ESG Lab Review: High-fidelity Breach Detection with Acalvio Autonomous Deception

Abstract

This ESG Lab Review documents hands-on testing of Acalvio ShadowPlex autonomous deception. We focused on how easy it is to deploy ShadowPlex at scale, and how Acalvio’s deception technology provides high-fidelity low-volume breach detection.

Topics: Cybersecurity

ESG Lab Validation: Forcepoint Cloud Access Security Broker (CASB)

Co-Author(s): Alex Arcilla

Introduction

ESG Lab evaluated the Forcepoint Cloud Access Security Broker (CASB) to validate how it secures the use of any cloud applications across an organization’s users and endpoints. We tested how the Forcepoint CASB provides visibility into an organization’s cloud applications and its users, identifies and assesses the potential risks associated with the cloud applications, and automates threat prevention and policy enforcement.

Topics: Cybersecurity Cloud Services & Orchestration

ESG Lab Validation: Advanced Cloud Security with Check Point CloudGuard IaaS

Co-Author(s): Alex Arcilla

Executive Summary

ESG Lab evaluated Check Point CloudGuard IaaS to validate that it provides adaptive security in cloud environments via agile and automated deployment methods, while enabling unified management and control across different cloud platforms, specifically those leveraging VMWare NSX, VMWare ESXi, Amazon Web Services (AWS), and Microsoft Azure.

Topics: Cybersecurity Cloud Services & Orchestration

ESG Lab Validation: ThreatConnect TC Complete Security Operations and Analytics Platform

Co-Author(s): Alex Archilla, Domenic Amato

Introduction

ESG Lab evaluated the ThreatConnect threat intelligence, analytics, and orchestration platform, TC Complete, to validate how it enables organizations to identify, manage, and block threats. We also gauged the extensibility of the platform to enable users to adapt and create automation for their processes, rather than forcing them to adapt their processes to ThreatConnect’s paradigm.

Topics: Cybersecurity

ESG Lab Review: ForeScout Extended Module for Splunk

Abstract

This report provides a first look at the key benefits of ForeScout’s bidirectional integration with Splunk Enterprise and Splunk Enterprise Security (ES), with a focus on how the ForeScout Extended Module can combine ForeScout’s endpoint insight, access control, and automated response capabilities with Splunk’s correlation, analysis, and search features. This integration provides visibility into and control of managed and unmanaged endpoints while helping security teams better understand their security risk posture and respond quickly to mitigate security issues.

Topics: Cybersecurity Data Platforms, Analytics, & AI

ESG Lab Review: ForeScout Extended Modules for Palo Alto Networks

 

Abstract

This report provides a first look at the key benefits of ForeScout CounterACT’s integration with Palo Alto Networks next-generation firewall (NGFW) and Palo Alto Networks WildFire threat analysis service. ESG Lab focused on how the ForeScout Extended Modules can combine ForeScout’s endpoint insight, classification, and control capabilities with Palo Alto Networks’ NGFW traffic classification, fine-grained security policies, and WildFire multilayered, cloud-delivered, advanced threat analysis security service. This integration is designed to provide more than just visibility into and classification of users and devices; it shares endpoint properties and labels to enhance dynamic segmentation, provides real-time user identity and context information in support of Palo Alto Networks’ fine-grained security policies and enforcements, and detects known and unknown advanced threats and prevents them from laterally spreading.

Topics: Cybersecurity Cloud Services & Orchestration

ESG Lab Review: Exabeam Security Intelligence Platform

 

Abstract

This ESG Lab review documents hands-on testing of the Exabeam Security Intelligence Platform, Exabeam’s entry in the security information and event management (SIEM) market. We focus on how Exabeam’s Log Management System, Advanced Analytics, and Incident Responder empower security operations center (SOC) and incident response (IR) analysts to be more timely and effective in responding to threats and attacks. Exabeam positions these products collectively as a next-generation SIEM.

Topics: Cybersecurity