We sincerely appreciate people reading the blogs we produce, and recently we had some great feedback on our post about logs. The strong reaction I’ve seen — and keep it coming! — shows there is a place for log collection and SIEM correlation to protect against well-resourced adversaries with time on their hands. In addition, there is the idea that prevention, detection and response are all equally important.
This is a great discussion, and I believe central to how we currently pursue attackers after they get into our environment instead of preventing access in the first place. I honestly believe prevention is more important than detection and remediation. As a cybersecurity community, our lack of prevention innovation led to the situation we find ourselves in today: chasing attackers and turning up details only after the damage has been done. I realize emphasizing prevention over detection and remediation is not popular. And, I’m not saying that detect and response aren’t important. The prevention limitation bleeds over into boardrooms and companies reactively create human resource intensive disjointed technology efforts that do not scale. This approach is not only lopsided, but also prompts reactions based on fear, uncertainty and doubt.
An innovative prevention approach accomplishes the following: …Continue reading
Gartner, Inc. has released its latest Magic Quadrant for Enterprise Network Firewalls and for the third time, we are positioned in the “Leaders” quadrant. Here are some noteworthy enterprise firewall market data points from Gartner that I want to highlight: …Continue reading
Thanks to the technologies we are acquiring with Cyvera and already acquired with Morta Security, the Palo Alto Networks platform will become the first commercial system to provide network defenders the ability to set policy for detection and blocking all the way down the Kill Chain, including the host, and laterally across the network using one simple interface.
What’s more, we’re doing this at a fraction of the cost to deploy equivalent point products from a conga line of security vendors that is the norm for today’s cyber security solutions.
Let me share some details of what this means to you.