76
business elite canada
H
AUGUST 2013
The use of social engineer-
ing via social networks like
Facebook and LinkedIn has
made it that much easier for
a threat actor to launch an at-
tack. Things like “spoofing an
email” are commonplace for
these kinds of attacks.
Haynes says, “They will find
names on Facebook or the
company website and deliver
an email into your inbox. It
will look like it came from a
business partner with a file at-
tachment included, and once
you click on that file attach-
ment or website that is where
the compromise happens.”
According to Haynes, there
has been somewhere between
a six and tenfold increase in
security breaches among large
enterprises.
“There are how-to manuals
on the Internet, and they tell
you how to get these exploits
and target a company,” says
Haynes.
eSentire per forms a Multi-
Dimensional Vulnerability As-
sessment (MDVA) in order to
assess a company’s network.
The MDVA reveals multiple
vulnerabilities to external
threats, internal data leakage,
as well as analyzing the net-
work’s usual traffic.
“We put our sensors in your
network and analyze your
traffic for usually thirty to
forty five days,” says Haynes.
“We will tell you which ma-
chines are being exploited,
which ones have communi-
cation channels established,
and we will look at things like
network architecture because
oftentimes people design net-
works without taking [secu-
rity] into account.”
They also per form Continu-
ous Monitoring as a Service
(CMaaS) following the MDVA.
CMaaS will detect potential
threats by running five value
lines including the Network
Interceptor, Log Sentry, Asset
Manager Protect (AMP), Con-
tinuous Vulnerability Scan-
ner (CVS), and Continuous
Penetration Tester (CPT). The
Network Interceptor identifies
and eradicates all threats. Log
Sentry gathers data like event
log messages, and provides
compliance-based reporting.
Asset Manager Protect (AMP)
discovers a threat, analyzes it
and puts a block in place for
that behavior across the entire
customer base. Continuous
Vulnerability Scanner (CVS),
and Continuous Penetration
Tester (CPT) use frequent
scanning and patch levels to
detect possible threats.
“We monitor the amount of
data that travels through the
firewall, and we put meters
and set thresholds so alerts
start to go off when too much
data is flowing from one work
station,” says Haynes.
eSentire is also compatible
with other security technolo-
gies in place such as fire walls
and anti-viruses. Haynes says,
“If you have an anti-virus, and
you keep it current, there is no
need to throw it out because
the one in one hundred times
that someone gets infected
while they are not connected
to the network, the antivirus
might be able to help you in
that case.”
He explains that eSentire’s
specializes in protecting the
company network, not catch-
ing threats via wireless or
mobile networks connected
to service providers like Rog-
ers.
Mark Sangster, the director
of marketing at eSentire says
large companies are spending
