Skip to content

Context 對 IT Security 的重要性

上下文在安全漏洞管理中,佔了重要而不可或缺的必要地位。不僅如此,上下文帶來的作用遠遠超出了漏洞管理的範圍,並且實際上在企業IT安全的所有領域(尤其是在安全威脅情報方面,以下簡稱情報資訊為情資)都具有重要的意義。安全威脅情報的核心目的是獲取有效訊息資訊,以有效地保護網路及資訊系統。不論在防護上或安全評估當中,Context Analysis意味著更少的誤報和更多的有效發現。令人遺憾的是,由於大部分安全系統缺乏上下文資訊,使得許多防護工作未能取的應有的優勢。

甚麼是Context上下文

根據牛津辭典的解釋,“Context上下文”的定義就是“構成事件,陳述或想法的發生情境,可以被充分的理解和評估”。從這定義中,可以看到出上下文在安全威脅情報的必要性:就是上下文內容在安全威脅情報中提供了有效的清晰度。而清晰度是在處理安全事件時,可以保持高度操作效率的因素。清晰度可以換個角度理解,就是被越少的雜訊干擾就越清晰。

安全事件的清晰度很少是由單一訊息就可以提供的。相對的,它來自專業人士無數的經驗淬鍊和現有手邊可取得的調查跡證。近來在“威脅情報整合”概念的推動下,使得越來越有一種趨勢;朝向更深入的整合黑名單和其他取證蒐集技術。儘管這些情報數據非常寶貴,但缺乏上下文分析,又沒有適當調整,可能會導致資安管理上效率低下,難以成為有效解決方案。

舉例來說,發佈黑名單的依據是基於以IP情報為準。這些組織捕獲的訊息是大量直接勞力工作下的結果。其中包括檢測威脅,弄清它們在做什麼,確定其來源,確定其造成威脅的作法(行為特徵)以及其他訊息。可惜的是,所有這些工作通常都侷限於單一資訊,例如IP地址或DNS名稱。

對於採用該整合情報資訊,作為其關鍵資安政策判斷的人員而言;如此運作的最後結果是導致分析效率低下。這是由於資安專業人員必須操作各種過濾篩選,與經驗判斷過程,才能有效利用所萃取出的情資;並確保這些訊息與網路、設備裝置上所發現的上下文,具有一定程度相關性。

上下文資訊在資安上的幫助

這些情資整合有很大落差(例如單純以IP為基礎的資訊來源)的現象非常普遍,主要是因為要建立包含上下文,具有情報價值的資訊非常困難。以前發展成熟的安全團隊(例如SOC team),能夠通過大量的團隊合作,和團隊間訊息共享的模式,利用適當的平台整合,建立上下文有關情資。但由於發展至今,訊息體系結構的複雜性和檢測威脅所需的工作量,正在迅速爆量增加,這樣的運作模式已超過人類可合理管理的上限。

最終結果是,我們需要對收集的資訊進行集中化分析,和自動化處理人工手動的程序。目前的現實是,絕大多數已採用的安全技術或產品,大多集中在針對攻擊行為的特定技術發出警報,而不是針對攻擊的起始來源肇因提出警告,因此將偵測的過程高度自動化可能是非常困難。為了更進一步實現自動化偵測,需要將多種安全事件與情境訊息結合起來,以分析事件的上下文關聯的內涵真相,並據此實施正確的反應行動措施。

採取的反應行動策略,主要取決於組織對特定事件類型安全策略。此外,當此事件訊息集中在日誌管理解決方案,或端點資訊監控系統時,對制定上下文分析及反應策略會很有幫助。

 

建立上下文資訊輔助判斷

例如,如果洩漏防護系統、使用者活動監視的事件中心,在發出特定警報的情況之下,為了確定事件的嚴重性,以及對此事件施以適當反應,必須思考以下問題:

由直接資訊判斷

  • 什麼事件發出的警報?
  • 事件的來源是什麼?
  • 造成警報的流量(通訊協定等)的詳細資訊是什麼?是實際攻擊還是誤報?

而上下文資訊可以進一步提供

  • 警報可靠嗎?還是因誤判導致?
  • 此事件常見嗎?以前是否將類似事件記為誤報?
  • 關於事件訊息來源細節?
  • 是否曾經因為與流量相關的原因而將其列入黑名單?
  • 是否還有其他事件,可能使攻擊者觀察獲得了執行此攻擊所需的權限?
  • 系統上是否有相關事件?
  • 攻擊前或攻擊後流量異常嗎?
  • 是否已知該目標系統,本身容易受到此類攻擊(已知已存在的漏洞)?
  • 還有其他有用的訊息嗎?

看起來簡單的警示,若找出有了這些訊息關聯,就可以進一步的過濾不必要的雜訊;精確地觸發自動化反應流程。這是由於包含上下文訊息的安全情報,可以更精確地指出事件肇因所在。最終結果不論人工分析人員或自動化集中式分析,都將能夠更準確地識別問題並提供更好的回應行動。

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於精品科技
精品科技(FineArt Technology) 成立於1989年,由交大實驗室中,一群志同道合的學長學弟所組合而成的團隊,為一家專業的軟體研發公司。從國內第一套中文桌上排版系統開始,到投入手寫辨識領域,憑藉著程式最小、速度最快、辨識最準等優異特性,獲得許多國際大廠的合作與肯定。歷經二十個寒暑,精品科技所推出的產品,無不廣受客戶好評。

Scale Computing and Mustek announce partnership to bring HCI and edge computing solutions to market in South Africa

Midrand, ZA – June 18, 2020 – Scale Computing, a market leader in edge computing, virtualisation and hyperconverged solutions, today announced a strategic partnership with Mustek, one of the largest assemblers and distributors of personal computers and complementary ICT products in South Africa. The agreement will enable Mustek to provide Scale Computing’s hyperconverged infrastructure (HCI) series, including the HC3, to partners throughout South Africa. Scale Computing are currently Mustek’s only HCI vendor and are well placed to service Mustek’s needs throughout South Africa with its local presence, and the expertise of Regional Sales Manager MEA at Scale Computing, Jaco Delport.

Established in 1987, Mustek is a technology reseller to SMEs, large corporates, and complex enterprises across many verticals, from telecommunications to public sector, in South Africa. Built to satisfy the growing need for information technology solutions in the South African market, Mustek expertly supports a passionate customer base of resellers, who in turn supply products that Mustek assembles and distributes to all parts of the consumer, business, and public sector market, including the retail industry. With 100% commitment to customer satisfaction, Mustek will work with its dealers to take advantage of Scale Computing’s edge computing, virtualisation, servers, storage, and backup/disaster recovery solutions in one complete, easy-to-use platform.

With all components built-in, including the hypervisor, Scale Computing’s HC3 customers have no need for third-party components or licensing. This all-in-one configuration simplifies management and maintenance, which helps to streamline tasks, saving time and money. This makes the technology ideal for industries that require IT infrastructure with high performance and minimal management, especially during the current uncertain circumstances around COVID-19.

The partnership will enable businesses in South Africa to build affordable, high performance HCI and edge solutions where existing technologies were previously too complex to deploy and manage.

“We are very excited to be working with Mustek, who have a long and proven reputation as one of the easiest and most professional distributors for South African resellers to do business with,” said Johan Pellicaan, Vice President and Managing Director EMEA at Scale Computing. “Their team has an unwavering commitment to customer satisfaction, and adherence to the highest quality standards and benchmarks, that will bring our HCI technology to market and meet demand in the channel for affordable, deployable solutions for businesses looking to innovate at the edge.”

“We are honoured to introduce Scale Computing as not only one of our latest brands, but as our sole supplier of HCI,” commented Marina Lancaster, Enterprise Product Manager at Mustek. “We expect to see a high volume of demand for HCI and edge solutions from our channel partners, as their customers across various verticals look to digitalise and modernise amidst the current climate.”

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Scale Computing 
Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.

About Mustek
Mustek combines the best of local assembly capabilities with the multinational product portfolio by affording its customers a choice of the renowned Mecer brand of computing equipment and a broad range of top-tier ICT brands which address every level of the technology stack.

This strategy enables Mustek to offer its customers a perfect match for their technology needs, whether driven by configuration and customisation requirements (as is the case with the Mecer brand), or through tried and trusted best industry practices and competitive pricing (as is the case with the multinational brands which Mustek distributes).

Mustek’s position in the South African market has been built on an unwavering commitment to customer satisfaction, the development of some of the most sought-after relationships in the international ICT market, adherence to the most stringent international quality standards and benchmarks, and a staffing policy that sees it retaining staff that are trained and accredited to the highest possible level.

All of this culminates in Mustek being one of the easiest and most professional distributors for South African resellers to do business with.

Cyber ​​Attack on Twitter

Last Saturday (18), the digital world was shocked by another episode of data leaks, and the protagonist this time was Twitter. That’s right, hackers were able to steal data from users of the microblogging platform. And it was not ordinary users, but celebrities, public people and even organizations with millions of followers who had their data exposed, including the use of bitcoin wallets in the scheme. Although it is still under investigation, it is already clear that this episode exposed a major vulnerability of Twitter.

But what were the dynamics of this attack? Also, in times of elections, can we trust the process of choosing future leaders?

By targeting the accounts of world leaders and celebrities on Twitter, hackers managed to orchestrate an attack based on social engineering, and thus promote a scheme involving cryptocurrencies through administration tools of the social network itself. According to the Verizon Data Breach Investigations Report 2020, 22% of the nearly 4,000 incidents and security attacks surveyed involved social engineering. Bill Gates, Elon Musk, Barack Obama, Warren Buffet, and even US presidential candidate Jon Biden were some of the hacked profiles. Not to mention the Apple and Uber accounts.

But how did these hackers manage to perform this well-orchestrated attack?

The answer comes in the form of two words: SIM Swapping. SIM Swapping is a technique used by malicious agents that aim to transfer the number and data of the victim’s SIM chip to another one in their possession. In this case, through social engineering attacks, the hacker convinces a telephone line’s user that a problem has occurred with their chip and needs to transfer the number to another. This type of attack requires that some information, such as the number, name, and other data, is already in the attacker’s hands. Depending on the situation, it is not that difficult to obtain this information if it has already been leaked, for example. Similarly, agents can also persuade operators to perform this transfer, since they have access to all data required for the swap.

Through Social Engineering techniques, malicious attackers deceive their victims to gain improper access to credentials and administrative tools. By obtaining this access, hackers changed their victims’ email addresses on the microblogging network. Then, the attackers disabled the two-factor authentication. This makes it possible to prevent any account modification alerts from being received by its legitimate user. With absolute control of the accounts, hackers start promoting the cryptocurrency-based scam scheme.

Typically, the logic of a cyberattack like this involves several phases:

  1. Recognition: In this first phase, malicious attackers try to identify IT routines, as well as security measures and data traffic flow. Also, hackers scan the entire environment to get a clear view of network resources, as well as privileged credentials and services. Domain controllers, Active Directory, and servers are the attackers’ first targets to find other privileged credentials and complete the cyberattack. In many cases, this prior knowledge may exist due to some previous link between the attacker and the victim organization. 
  2. Invasion: based on what was discovered in the Recognition phase, hackers are able to enter the environment normally through malware or exploitation of vulnerabilities.
  3. Exploitation: This phase involves the act of exploiting vulnerabilities to compromise the environment.
  4. Escalation of Privilege: attackers usually need more privileges on systems to gain more access and privileges. This is usually done by escalating administrator privileges.
  5. Lateral Movement: Once in the infected environment, attackers can move laterally to other devices and credentials, in order to obtain more data and more access.
  6. Obfuscation: For a cyberattack to be successful, attackers need to erase all tracks left in the environment. At this point, it is even possible to change log data and confuse the incident investigation team.
  7. Denial of Service: disruption of the normal access by users and systems to prevent the actions of the attack from being monitored or blocked.
  8. Extraction: when the malicious user is able to improperly extract the data.

A unanimity among cybersecurity professionals is that this attack on Twitter involved privileged or administrative credentials. According to the Data Breach Investigations Report, the use of privileged credentials occurs in 20% of the attacks. This type of credential, also called “keys to the kingdom”, allows access to add, remove, and modify settings in accounts, applications, and systems. In this specific case, the hacker was able to compromise a credential from the Twitter administration tools. By gaining access, the attacker was able to move around the environment, compromising other privileged accounts. 

According to confirmation by Twitter itself, the nature of the attack was an insider threat. When it comes to data breaches, employees themselves can be one of the biggest risks to the organization. According to Verizon, these threats can be: accidental, when personnel is only poorly trained; negligent, when employees try to bypass the implemented policies; or malicious – the most dangerous – when an employee is motivated by financial gains, espionage, or revenge. An important fact, according to Verizon, is that 30% of cyberattacks performed in 2019 involved insider threats.

But how to prevent this type of attack?

It is complicated to deal with an attack coming from someone inside the organization. This is mainly because this insider threat knows (very) well the organizational environment, the mechanisms, and tools installed. So, it is easy for these attackers to deceive these control mechanisms. In this case, using Zero Trust-based controls can be a good way to mitigate the risks associated with a cyberattack. In terms of credential protection, the implementation of this strategy must not only be focused on identity only, such as access and permissions, but also on the aspect of user behavior. So much so that, in this specific case, the compromised credentials had protection mechanisms, as two-factor authentication. Finally, Zero Trust-based policies recommend the implementation of policies to allow people to take only the necessary actions, based on the concept of Least Privilege.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

SigRed: A Wormable Microsoft DNS Server RCE Vulnerability

SigRed Overview

SigRed is a vulnerability that was exposed yesterday (July 14th 2020) by the security firm Check Point. Successful exploitation of the vulnerability could lead to a malicious actor gaining control of the organizational DNS server, often leading in turn to domain administrator privileges, allowing the attacker complete control of any domain-joined Windows machine.

The vulnerability lies in Microsoft’s DNS server and could be triggered from either inside the network, by an attacker controlling an internal asset, or, in some conditions (as stated below), from outside the network, making it even more dangerous.

As Microsoft Active Directory is deeply integrated with DNS services, the DNS service is virtually always enabled on domain controllers. An attacker gaining control of a domain controller through the DNS service could lead to a complete compromise of the network, allowing the attacker complete access to all Windows machines joined to the domain, whether patched or not, using the domain administrator privileges of the compromised domain controller. Even if the compromised DNS server does not serve as a domain controller, It is likely that the Domain administrator credentials are stored locally and can be retrieved by a tool such as Mimikaktz. Furthermore, the attacker is also able to return custom responses to DNS, allowing man-in-the-middle for unencrypted protocols, such as HTTP, FTP and others.

Exploitation Methods

The precondition for this exploit is that the local organization’s DNS server is configured to recursively resolve queries to external domains using root-hints. This configuration is the default configuration when the DNS service is installed.

Exploitation is either impossible or further complicated in the following cases:

  1. The DNS server is an authoritative server of a DNS zone and does not recursively resolve queries to other domains.
  2. The DNS server is part of an independent DNS infrastructure, such as an air-gapped network. In such a case, the attacker will need either write access to the DNS server or existing control over an authoritative DNS server serving an arbitrary zone on the network.
  3. The DNS server is configured to use a forwarder server (such as 8.8.8.8 or 1.1.1.1) instead of directly using root hints. In such a case, the attacker will need to propagate the attack through the chain of recursive calls, which has not yet proven possible but cannot be completely discarded.

The vulnerability can be exploited in two ways:

  1. From inside the network:
    An attacker that has a hold of an asset inside the network, can compromise the organization’s local DNS server by sending queries for external domain records which are controlled by the attacker (e.g. http://www.evil.com). Such a request will cause the local DNS server to communicate directly with the attacker’s DNS server. A malicious crafted response from the attacker’s server could lead the attacker to compromise the local DNS server.
  2. From outside the network:
    An attacker can send a malicious link to a user inside the network to a website it controls (via e-mail, for example). Once the user opens the link in either Microsoft Edge Legacy or Internet Explorer (does not apply to Google Chrome, Mozilla Firefox or Microsoft Edge Chromium, not tested on other browsers), a malicious web page is sent back to the client that causes the client itself to perform a series of DNS queries to the local organization’s DNS server, that in turn, would query the attacker’s DNS server, at which point the DNS server can be compromised in the same manner as presented above.

 

Exploitability in OT Networks

Most OT networks have Windows endpoints that are used for process control, technical maintenance and others. An attacker successfully exploiting this vulnerability from either inside or outside the network can gain domain administrator privileges, allowing full access to all domain-joined workstations and servers even if already patched.
At this point, the attacker will be able to install ransomware, malware, steal information, disrupt OT operations and/or access any machine in the domain for any purpose.

As many OT networks are slower to patch systems than IT networks, they are exposed for a longer period of time, allowing attackers to exploit this vulnerability. As a successful exploitation often results in domain administrator privileges, a single unpatched DNS server is sufficient to compromise the entire network, even if all other DNS servers are already patched.

Mitigation Recommendations

Microsoft has released a patch (July 14th 2020) to the vulnerability. We urge everyone to update their Microsoft Windows Servers as soon as possible.

If for any reason one is unable to currently patch its Windows Servers, running the following command would limit the DNS response size to 0xFF00 (65280), and will prevent the vulnerability from running

 

reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters” /“TcpReceivePacketSize” /t REG_DWORD /d 0xFF00 /f && net stop DNS && net start DNS

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SCADAfence
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world’s most complex OT networks, including Europe’s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.

802.1X Protocol for Network Authentication

EAP

802.1X uses an Extensible Authentication Protocol (EAP) for a challenge and response-based authentication protocol that allows a conversation between a Supplicant (the wireless/wired client) and the RADIUS (the authentication server), via an Authenticator (a wired switch or wireless access point which acts as a proxy). EAP supports multiple authentication methods, some of them are secure and some of them are vulnerable (although old endpoints still support them).

802.1X authentication with Portnox CLEAR

DIAGRAM: An example of how EAP works with Portnox CLEAR.

EAP-TLS

With 802.1X authentication via EAP Transport Layer Security (or EAP-TLS), there is a mutual certificate authentication, as it relies on the Supplicant (endpoint) and RADIUS certificate’s “handshake.”

Advantages:

  • Mutual certificate authentication
  • The authentication process takes place inside a secure SSL tunnel
  • The user/machine certificate is linked to the relevant user/computer identity, which makes stealing attempts useless (in contrast to stolen credentials)

Disadvantages:

  • The identities are sent in a clear text before the certificates exchange process starts
  • Deployment and lifecycle maintenance of endpoint certificates might be costly in small environments

EAP-TTLS

By using 802.1X EAP Tunneled Transport Layer Security (or EAP-TTLS) is an extension of EAP-TLS. After the RADIUS is authenticated to the Supplicant by its certificate (including an optional TLS authentication of the Supplicant to the RADIUS), the Supplicant proves its identity via PAP or MSCHAPv2

Advantages:

  • The authentication process takes place inside a secure SSL tunnel
  • User identity is not exposed
  • Can use multiple methods to authenticate inside the tunnel – certificates / user identities
  • EAP-TTLS can be used for network authentication by Azure Identity when AD-DS is not enabled (MSCHAPv2 is not available)

Disadvantages:

  • It does not support MSCHCAPv2 without enabling Directory Services with Azure AD (a limitation of Azure AD itself)
  • Client-side certificate is not required, only optional

EAP-PEAP

With 802.1X authentication via EAP Protected Extensible Authentication Protocol (or EAP-PEAP), only the RADIUS needs a certificate. With that certificate, the endpoints create an encrypted TLS tunnel to pass the authentication details. The most common protocol used to authenticate the endpoints, when using PEAP, is MSCHAPv2 challenge and response, which is used to authenticate both the server (usually Active Directory / Azure AD) and the supplicant (endpoint). The process involves challenge – response where both share a random hash that’s computed with the identity’s credential without sending the password across the network.

  • The authentication process takes place inside a secured SSL tunnel
  • User identity is not exposed
  • Simple deployment – allow the usage of username and password which the end-user is already familiar wit,h such as Active Directory or local account credentials

Disadvantages:

  • This method requires a password changing policy to remain secure
  • If the endpoints are not hardened they are exposed to “evil twin” attacks

EAP-MD5

One of the legacy 802.1X approaches of EAP is Message Digest 5 (or EAP-MD5), the RADIUS server sends a random challenge to the Supplicant which generates an MD5 Hash of its credentials and the challenge, which is then sent back to the RADIUS for validation. By using this method of 802.1X authentication, however, the supplicants don’t send their passwords to the RADIUS for validation, but rather use hashes.

Advantages:

  • EAP-MD5 is compatible with legacy network equipment and older type of endpoints

Disadvantages:

  • It is exposed to dictionary attack – password “guessing”
  • Vulnerable to man-in-the-middle attacks since there is no mutual authentication

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

About Distology
Distology is a Market Enabler and offers true value for the distribution of disruptive IT Security solutions. The vendors we work with represent innovative and exciting technology that continues to excite and inspire their reseller network. Our ethos is based on trust, relationships, energy and drive and offers end to end support in the full sales cycle providing vendor quality technical and commercial resource.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×