由網址連結記錄看出端倪–企業應重視網路分析、偵測與反應

隨著雲端服務、人工智慧與高速連網普及,企業的資安威脅風險與日俱增,資料外洩手法層出不窮,加上新興勒索軟體威脅,再再都為企業資安管理者帶來更多負擔。

凡走過必留下痕跡,管理者銜命稽核、分析員工的網路記錄時,像是[網址連結記錄]、[WebPost上傳行為]、[使用者網頁瀏覽記錄]等網路活動是否出現異常行為,然而在分析外部網路活動時,有些值得注意的是:

Insider與Hacker外部連線有何不同?

Insider內部人員的外部連線,通常是生活上常用的知名、入口網站,國內型網站及雲端服務為多,產生的網路流量,也多在上班時間,有登入本機才有網路連線活動。

Hacker的外部連線則不同,通常連線目的之所在國家、區域大有不同,且具備一定程度規律行為模式,如定期、定點向特定目標,以特定連接埠傳送,也可能是多台內部電腦經惡意程式感染後,統一回報至相同的主機,而產生網路流量的時段,亦常發生在下班時間或規律的連線,甚至可能未登入仍有網路連線活動。 


而系統查出的制式報表,呈現的海量數據如網址、IP,急需快速區分:

1. 連線區域、國家,無法立即區分;

2 .網路連線時間,無法彈性區分;

3. 使用CMD操作駭客常用指令連線,難有記錄和警示;

4. 透過儀表板呈現上述數據

X-FORT W-Console對應上述需求。

1. 國家名稱可正確顯示

讓管理者能更快速的區分異常連線的對象,有利風險控管。

2. 自訂的【時間條件】來篩選記錄

日曆功能,可進一步過濾符合條件,以各種時段來篩選,讓可疑記錄能快速呈現。

3. CMD and PowerShell指令的執行記錄及警示

只要在上述兩款軟體執行高風險命令(可自建資料),即可記錄與警示。

運籌策帷幄中,決勝千里外,快的能打敗慢的

要有效因應資安威脅的發生,整體而言,管理者對於事前的預防、事中的察覺、事後的處理,都必須具備足夠的能力,而持續產生資安動能,不能單靠企業本身的自律,需要更多外部管控的工具力量。



About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於精品科技
精品科技(FineArt Technology) 成立於1989年,由交大實驗室中,一群志同道合的學長學弟所組合而成的團隊,為一家專業的軟體研發公司。從國內第一套中文桌上排版系統開始,到投入手寫辨識領域,憑藉著程式最小、速度最快、辨識最準等優異特性,獲得許多國際大廠的合作與肯定。歷經二十個寒暑,精品科技所推出的產品,無不廣受客戶好評。

AV-Comparatives recognizes ESET consumer products with gold medals in cybersecurity awards

BRATISLAVA, February 6, 2020 – ESET, a global leader in cybersecurity, has been recognized with gold and bronze awards in the AV-Comparatives Summary Report 2019. AV-Comparatives, a leading independent testing organization, uses one of the largest sample collections worldwide to create a real-world environment for highly accurate testing. Their Summary Report 2019 provides commentary on the consumer antivirus products tested over the course of the year, and highlights the high-scoring products from the different tests that took place over the 12 months.

The report looked at consumer Windows products from 16 different vendors, with excellent results for ESET, taking awards in three categories: Overall Performance (Low System Impact), Enhanced Real-World Test (Advanced Threat Protection), and the False Positive Test.

Overall Performance (Low System Impact)

ESET was awarded a gold medal in the Low System Impact category, which assesses each product’s impact on system speed and performance. ESET has consistently achieved great results in this category, improving on its silver award in the same category in 2018.

Enhanced Real-World Test (Advanced Threat Protection)

ESET took a gold medal in the Advanced Threat Protection category, which is a new category for 2019 and 2020. This test addresses a program’s ability to protect against advanced targeted and fileless attacks. ESET was also one of only two vendors to block all 15 targeted attacks in the testing process.

False Positive Test

ESET was awarded a bronze medal in the False Positive Test. As the report notes, false positives can cause as much trouble as a real infection, and avoiding them is a crucial element of any antivirus product. AV-Comparatives carried out extensive false-positive testing as part of the Malware protection tests and the Real-World Protection Test.

Commenting on the results, Jiří Kropáč, head of threat detection labs at ESET, said: “ESET’s recognition from AV-Comparatives is testament to our dedication to our customers and our promise to always deliver the best in IT security solutions. Ensuring consumers are equipped with cutting-edge protection against the latest threats is extremely important to us. We are honored to receive these awards and to be recognized as a key player in making technology safer for everyone.”

Read AV-Comparative’s Summary Report 2019 for more information.



About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

遠端工作及在家防疫的需求升溫 訊連科技「U 會議」提供居家辦公者免費下載

【2019年2月6日,台北訊】新型冠狀病毒疫情來襲,政府除規定企業提供防疫照顧假外,企業亦提供彈性,讓員工可以居家工作,避免群聚感染之風險。多媒體領導廠商訊連科技(5203.TW)宣布,旗下雲端視訊會議產品「U 會議」提供免費下載使用,協助有居家工作需求者透過視訊會議進行遠距溝通。

此次新型冠狀病毒傳染途徑主要為近距離飛沫傳染,除以口罩、酒精消毒外,居家工作亦是建議的防疫方式。訊連「U 會議」可運行在Windows、Mac、iOS、Android的個人電腦和行動裝置上,進行高品質雲端視訊會議。

「U 會議」獲美國權威媒體MSN.com選為「2020年最佳網路視訊會議軟體」。「U 會議」的桌面分享功能可於視訊會議中分享簡報、報表等畫面,更可透過虛擬雷射筆、白板等方式互動。除了方便進行多人、多點視訊會議外,也可讓行銷、業務人員不需出門進行遠距簡報。此外,年後轉職潮面試需求增加,「U 會議」的虛擬會議室功能,可讓使用者透過Chrome瀏覽器開啟會議連結,免安裝軟體即可加入視訊會議進行視訊面試。

針對居家工作者的溝通需求,訊連於U整合通訊官方網站中,提供「U 會議」免費版本,可提供30分鐘、多達25人同時加入會議。此外,針對企業員工訓練需求,亦提供「U 簡報」直播服務,讓企業可使用雲端直播方式,取代實體研討會、面對面教育訓練等實體活動。

產品資訊
即日起可於U官方網站下載,並內建繁體中文、簡體中文、英文、法文、德文、義大利文、西班牙文、日文及韓文等九國語系。 您可根據與會人數及直播時間需求,選擇不同的 U 會議訂閱方案。免費版本最多可支援25名與會者及30分鐘會議長度。

關於訊連科技U整合通訊服務 訊連科技「U 簡報」、「U 會議」及「U 通訊」整合了遠距直播、視訊會議及即時通訊等功能,為企業及教育機構打造即時、跨國界、跨平台、行動優先、高影音品質之新世代視訊溝通服務。更多資訊,請洽:https://u.cyberlink.com/

 

 

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於CyberLink
訊連科技創立於1996年,擁有頂尖視訊與音訊技術的影音軟體公司,專精於數位影音軟體及多媒體串流應用解決方案產品研發,並以「抓準技術板塊,擴大全球行銷布局」的策略,深根台灣、佈局全球,展現亮麗的成績。訊連科技以先進的技術提供完美的高解析影音播放效果、以尖端的科技提供完整的高解析度擷取、編輯、製片及燒錄功能且完整支援各種高解析度影片及音訊格式。產品包括:「威力導演」、「PowerDVD」、「威力製片」、「威力酷燒」等。