Category Archives: Forcepoint

  • 0

Complying with Data Protection Law in a Changing World

Category : Forcepoint

Failure to meet legal and political expectations for data security can torpedo your enterprise’s reputation by exposing it to fines, lawsuits, negative publicity and regulatory investigations. These expectations are rapidly evolving across the world. In general, the expectations are calling for greater control over personal information. They are emerging at a time when public attention is focused on data security breaches. For many enterprises, effectively protecting your brand and meeting legal and political demands for security can be perplexing.

This webcast will explain methods that enterprises can deploy to lower the risks of non-compliance worldwide. It will identify major steps a large, multinational enterprise can take to assure the public, authorities and business partners that it is behaving responsibly and is on a commendable path of compliance.

Register for this webcast and be among the first to receive the associated whitepaper written by Benjamin Wright.

  • Thursday, June 29th, 2017 at 10:00 AM EST (14:00:00 UTC)
  • Benjamin Wright and Neil Thacker

Register now


  • 0

Forcepoint Achieves Highest Overall Security Effectiveness Out of 10 Vendors in NSS Labs’ NGFW Test

Category : Forcepoint

NSS Labs tests prove that Forcepoint NGFW offers the leading combination of enterprise security and low cost, making it particularly effective for SD-WAN and other modern networking initiatives

Global cybersecurity leader Forcepoint announced that its Next Generation Firewall (NGFW) blocked 99.95 percent of exploits in NSS Labs’ 2017 NGFW Test. Forcepoint is the only vendor to block 100 percent of tested exploits run from the NSS Labs static exploit library, and over a continuous live testing period of 31 days, blocked 99.89 percent of “drive-by” exploits that target client applications. NSS Labs is the leading independent, third-party assessment that tests network security products under real-world conditions.

“The security effectiveness of the Forcepoint NGFW 3301 was unsurpassed in the NSS Labs 2017 NGFW test,” said Thomas Skybakmoen, Distinguished Research Director at NSS Labs. “The Forcepoint NGFW should be on every company’s short list.”

Forcepoint’s firewall also blocked all evasions while properly identifying malicious content without any false positives, all at a low total cost of ownership.

As a result of these high enterprise security ratings and demonstrated operational efficiency, Forcepoint NGFW received its fifth consecutive “Recommended” rating since NSS Labs began testing next-generation firewalls.

“With Forcepoint NGFW, we are able to get best-in-class firewall protection and expert management with low upfront investments. The results our users have seen with Forcepoint NGFW have been extraordinary. I’m not surprised to see the Forcepoint NGFW receive the NSS Labs Recommended Rating,” said Hendrik Walter, IT director for Avency in Germany.

“Enterprises and government agencies are looking for more efficient ways to connect their people and data without exposing them to increasingly malicious attacks on their internal or wide area networks,” said Rob Ayoub, research director of Security Products at IDC. “Many organizations use NSS Labs test results as independent validation of security effectiveness and performance when selecting a next generation firewall.”

The Forcepoint NGFW integrates enterprise-class security with scalable, centralized management. It offers interactive visualizations for 360° visibility and rapid incident response throughout distributed networks – from data centers and headquarters to software-defined wide area networking (SD-WAN)–enabled remote branches and the cloud.

Organizations are recognizing that a human-centric approach to network security better protects their employees, critical business data and intellectual property. This entails tighter integration of network management and security, which is particularly important for branches and remote offices where SD-WAN technologies provide greater access but require additional levels of cybersecurity. Forcepoint’s groundbreaking NGFW ratings validate that enables enterprises and global governments can have strong security and outstanding manageability in a single system.

“Forcepoint delivers the best combination of price and security among next-generation firewalls,” said Antti Reijonen, vice president and general manager of the Network Security business at Forcepoint. “Our breakthrough architecture uniquely combines centralized management with software-based security that has now been proven to surpass hardware-centric designs in both efficacy and efficiency. These innovations are a key part of Forcepoint’s strategy to protect the human point, where people and data come together.”

Source:  https://www.forcepoint.com/newsroom/2017/forcepoint-achieves-highest-overall-security-effectiveness-out-10-vendors-nss-labs?utm_medium=Social&utm_source=LinkedIn&utm_campaign=Worldwide%20Organic%20Social%20Corporate%20LinkedIn%202017&utm_content=Press%20Release%206June&sf_src_cmpid=70137000000QGcQ&adbsc=forcepoint72764127&adbid=UPDATE-c7584467-6277904137367666688&adbpl=li&adbpr=7584467

Author: Virginia Satrom


  • 0

Forcepoint Achieves Highest Overall Security Effectiveness Out of 10 Vendors in NSS Labs’ NGFW Test

Category : Forcepoint

NSS Labs tests prove that Forcepoint NGFW offers the leading combination of enterprise security and low cost, making it particularly effective for SD-WAN and other modern networking initiatives

Global cybersecurity leader Forcepoint announced that its Next Generation Firewall (NGFW) blocked 99.95 percent of exploits in NSS Labs’ 2017 NGFW Test. Forcepoint is the only vendor to block 100 percent of tested exploits run from the NSS Labs static exploit library, and over a continuous live testing period of 31 days, blocked 99.89 percent of “drive-by” exploits that target client applications. NSS Labs is the leading independent, third-party assessment that tests network security products under real-world conditions.

“The security effectiveness of the Forcepoint NGFW 3301 was unsurpassed in the NSS Labs 2017 NGFW test,” said Thomas Skybakmoen, Distinguished Research Director at NSS Labs. “The Forcepoint NGFW should be on every company’s short list.”

Forcepoint’s firewall also blocked all evasions while properly identifying malicious content without any false positives, all at a low total cost of ownership.

As a result of these high enterprise security ratings and demonstrated operational efficiency, Forcepoint NGFW received its fifth consecutive “Recommended” rating since NSS Labs began testing next-generation firewalls.

“With Forcepoint NGFW, we are able to get best-in-class firewall protection and expert management with low upfront investments. The results our users have seen with Forcepoint NGFW have been extraordinary. I’m not surprised to see the Forcepoint NGFW receive the NSS Labs Recommended Rating,” said Hendrik Walter, IT director for Avency in Germany.

“Enterprises and government agencies are looking for more efficient ways to connect their people and data without exposing them to increasingly malicious attacks on their internal or wide area networks,” said Rob Ayoub, research director of Security Products at IDC. “Many organizations use NSS Labs test results as independent validation of security effectiveness and performance when selecting a next generation firewall.”

The Forcepoint NGFW integrates enterprise-class security with scalable, centralized management. It offers interactive visualizations for 360° visibility and rapid incident response throughout distributed networks – from data centers and headquarters to software-defined wide area networking (SD-WAN)–enabled remote branches and the cloud.

Organizations are recognizing that a human-centric approach to network security better protects their employees, critical business data and intellectual property. This entails tighter integration of network management and security, which is particularly important for branches and remote offices where SD-WAN technologies provide greater access but require additional levels of cybersecurity. Forcepoint’s groundbreaking NGFW ratings validate that enables enterprises and global governments can have strong security and outstanding manageability in a single system.

“Forcepoint delivers the best combination of price and security among next-generation firewalls,” said Antti Reijonen, vice president and general manager of the Network Security business at Forcepoint. “Our breakthrough architecture uniquely combines centralized management with software-based security that has now been proven to surpass hardware-centric designs in both efficacy and efficiency. These innovations are a key part of Forcepoint’s strategy to protect the human point, where people and data come together.”


  • 0

Safely Embracing the Cloud – Forcepoint CASB Overview

Category : Forcepoint

In order to understand your organization’s risks and protect your users, your security teams need visibility into how users interact with data in the Cloud.

The ability to monitor and control how your users engage with sanctioned cloud applications is key. Learn about Forcepoint CASB (Cloud Access Security Broker) while we review your options for safely embracing cloud apps.

Register

 

 


  • 0

Forcepoint Cloud Security Delivers Value and Protection Against Today’s Cyber Attacks

Category : Forcepoint

Forcepoint announced the availability of a host of new features to help businesses safely adopt cloud applications and provide human centric security to users everywhere they work. These updates can be downloaded now from the Forcepoint Support Portal.

Among the 15 features and updates we launched today, I’d like to highlight four in this post:

  1. Forcepoint Web Security cloud application discovery and risk reporting
  2. Forcepoint CASB and Forcepoint Advanced Malware Detection integration
  3. Forcepoint DLP for Web and Email Incident Risk Ranking
  4. Forcepoint Trusted Cloud Data Center expansions in North America and Europe

IT organizations lack the total control they once had to evaluate and deploy safe applications into the enterprise. Increasingly the technology budget is under direct control of the business unit leader who may fund cloud application subscriptions and cloud development projects without the in depth understanding of the associated compliance requirements or data protection best practices. IT is always responsible for determining the risk and preventing the loss of data.

Forcepoint understands the need to securely embrace innovation, cloud apps and mobility – and to do so easily without requiring yet another appliance to procure and manage. That’s why Forcepoint Web Security 8.3 now includes cloud application discovery and risk reporting, new features aimed at eliminating those Shadow IT blind spots. Because you can’t protect what you can’t see.

Forcepoint Web Security – Cloud Application Risk Reporting

Forcepoint Web Security utilizes the same cloud app catalog and risk scoring engine as our CASB product, giving customers the ability to better visualize cloud app adoption, usage volume, and risk exposure as a result of Shadow IT. And with GDPR on the horizon, gaining (and maintaining) visibility of risky applications in your organization may be a competitive advantage.

For organizations seeking more control of sanctioned cloud use, Forcepoint CASB provides the visibility and control of applications like Office 365 and Infrastructure as a Service (IaaS) platforms including Azure and AWS. But what really makes this announcement timely in the wake of recent malware attacks like WannaCry is the Forcepoint Advanced Malware Detection (AMD) integration that delivers added protection from malware to your information stored in cloud storage services. This layer is fast becoming a requirement in today’s mobile environment.

Forcepoint CASB real-time reporting of ransomware encryption of files on Google Drive.

Not all threats come from outside the organization. Some threats to your IP come from your users’ accidental or even malicious exfiltration of data. Forcepoint is leading the industry in understanding the human interaction with critical business data and technology – or simply the human point. Last year Forcepoint DLP introduced Incident Risk Ranking (IRR)  in our data loss prevention (DLP) product, an innovation in risk-based data modeling that applies statistical data modeling and behavioral baselines to automatically identify and cluster incidents. Today this IRR feature is included in Web Security and Email Security products when DLP is added on. The integration of IRR with Web Security and Email Security makes it easier for security admins and investigators to quickly assess employee behaviors and prioritize responses to true insider threats from compromised or malicious intent instead of inadvertent errors caused by lack of awareness and broken business processes.


IRR with Web Security DLP Incidents

You have choices when it comes to cloud hosted security and Forcepoint continues a tradition of securing web and email traffic with an expansion of our global cloud data centers and certifications. These certifications are your verification that we have the required controls to protect your data and your customers’ personally identifiable information (PII). We value the trust thousands of users place in us to deliver the premier cloud security service to protect users and data anywhere.


  • 1

WannaCry Post-Outbreak Analysis

Category : Forcepoint

Many of the technical aspects of the WannaCry ransomworm outbreak on Friday 12 May 2017 are well documented by this point: the primary means by which the malware spread appears to have been the use of the DoublePulsar and EternalBlue code released by the Shadow Brokers earlier this year and patched as part of Microsoft’s MS17-010 update on 14 March 2017.

As we noted in our initial blog post on the topic (https://blogs.forcepoint.com/security-labs/wannacry-ransomware-worm-targets-unpatched-systems), WannaCry’s ability to self-propagate marks something of a watershed moment in the evolution of ransomware. Whereas previous variants have relied on social engineering tactics to infect users (e.g. email campaigns with malicious URLs or attachments), once WannaCry started to spread it had the capacity to affect users without any need for human intervention, often resulting in an office full of machines displaying the now-familiar ransom demand window. In this post we will examine the malware’s self-propagation capabilities in further detail.

Forcepoint NGFW first provided protection against the exploit now known as EternalBlue as part of dynamic update 105, released 9 May 2007, under the signature name ‘SMB-TCP_CHS-Windows-Server-Message-Block-Vulnerability’.

EternalBlue attacks detected by Forcepoint NGFW

PROPAGATION

The malware sample analysed follows the basic steps shown below when infecting a new system:

Of note is that the worm functionality is only activated when the malware is started in service mode (i.e. with two or more arguments):

Once running in worm mode, it creates parallel threads to propagate both on the internal network and to external IP addresses.

Internal Propagation

The malware calls GetAdaptersInfo to identify the local ‘seed IP’ based on the current IP and subnet mask.It then creates a number of additional threads to scan the IP addresses for the availability of port 445/TCP. If this port is found to be open, it attempts to use the EternalBlue exploit, waiting ten minutes to see if the exploitation attempt has succeeded. If the thread times out, it terminates and a new one is created to try the next address.

If after the first EternalBlue attempt the presence of the DoublePulsar backdoor is detected, the malware will attempt to use this instead. Otherwise, further EternalBlue attempts will be made.

In the sample analysed, the number of internal propagation threads was capped at ten (see image below). After the initial ten threads are spawned, the malware will sleep until one of those threads terminates before attempting to spread to another address.

External Propagation

Attempts to propagate externally occur concurrently with the internal propagation attempts, but in a slightly different manner. For the purposes of spreading to IP addresses external to the organisation, the malware creates 128 threads, one-by-one, each two seconds apart. These threads employ an IP generation function using srand() – seeded with the current thread ID, time, and tick count – and random() to generate a /24 subnet to scan (see image below). If an open SMB port is found, a new thread is started calling the same EternalBlue /DoublePulsar exploit function as used internally but with a sixty minute timeout.

Implications

Comment: A significant implication of this method of propagation is that the malware requires a ‘bridgehead’ into the network with a routable IP address. As few organisations assign routable addresses to their workstations, it seems highly likely that the bridgehead machine in most cases would have been a server of some sort exposing SMB services to the Internet. The malware’s use of the DoublePulsar backdoor may also suggest that a degree of ‘piggy-backing’ was involved: organisations already compromised by earlier activity – e.g. the cryptocurrency mining botnet discovered only as a result of the WannaCry outbreak [1] – will potentially have been infiltrated via this pre-existing backdoor.

That each instance of the worm functionality spawns threads scanning a total of 128 external subnets goes a long way to accounting for the rapid spread of the malware: in organisations where large numbers of workstations were affected and where permissive firewall policies were in place, it appears that every one of these infected machines may have been trying to infect up to 128 routable /24 subnets a piece.

PROTECTION STATEMENT

Forcepoint™ customers are protected against this threat via NGFW at the following stages of attack:

Stage Four (Exploit Kit) – The EternalBlue exploit attempts are blocked.

CONCLUSION

As of the time of writing, the reported rate of infections appears to have subsided significantly. Furthermore, much feared ’round two’ variants have either not materialised or failed to have the same impact as the Friday’s initial outbreak. Nonetheless, what are presumably ransom payments continue to trickle into the three hard-coded Bitcoin wallets used by the campaign: totalled up, the three wallets contained approximately BTC 32.5 (USD $55,000 approx.) late on Monday 15 May 2017 and this figure has risen to BTC 39.0 (USD $68,000 approx.) as of 12:00 UTC on Tuesday 16 May 2017.

Comment: For a campaign with such significant and global reach the financial returns for the actors are relatively low. Figures obtained from the Bitcoin wallets used suggest that fewer than 200 ransom demands have been paid out of over 200,000 machines reportedly affected [2]. The amount contained in the Bitcoin wallets is, of course, also related to the ransom amount demanded by the attackers, with a USD $300 ransom appearing very low compared to recent campaigns observed demanding over ten times this amount [3].

Perhaps the most striking potential outcome of this campaign is the damage it has likely done to other malicious actors wishing to capitalise on organisations who had yet to respond to the exploits published by the Shadow Brokers earlier this year: while other campaigns also used the EternalBlue exploit, they managed to do so while keeping a low profile. The intensely high profile nature of this attack will likely see much of the EternalBlue attack surface – which malicious actors were no doubt hoping would remain available for as long as possible – closed sooner rather than later.

For additional information and protection advice, please see our earlier blog post at https://blogs.forcepoint.com/security-labs/wannacry-ransomware-worm-targets-unpatched-systems

REFERENCES

[1] https://twitter.com/kafeine/status/864283100385357824

[2] http://www.cnbc.com/2017/05/15/wannacry-ransomware-hackers-have-only-made-50000-worth-of-bitcoin.html

[3] https://blogs.forcepoint.com/security-labs/jaff-enters-ransomware-scene-locky-style


  • 0

WannaCry Ransomware-Worm Targets Unpatched Systems

Category : Forcepoint

Yesterday, the world saw one of the most significant malware outbreaks for quite some time: our news feeds are full of the news of this cyber attack with institutions in many countries being impacted and reports of whole computer networks being shut down. The malware’s ability to self-propagate was a significant change from what we have become used to in recent years, with possibly the most recent major outbreak of this type being the Conficker worm nearly a decade ago.

ANALYSIS

Recent campaigns have tended to be in the form of trojans: pieces of malware that typically arrive on a machine via social engineering tactics and then conduct their malicious behaviour (be that data exfiltration, file encryption, or something else) locally on that machine. The malware used in this outbreak – named variously WannaCry, WCry, and WannaCrypt0r 2.0 – was ultimately of a different family: a worm. Worms have the ability to self-propagate once they are inside an organisation, spreading from machine to machine using unpatched vulnerabilities in the Windows operating system. In this case the malware used the EternalBlue vulnerability for which Microsoft made a patch available through MS17-010 in March 2017.

The initial entry to an organisation in this case appears to have been through a low-volume email campaign linking to a compromised website. If the email makes it through to an end user and they click on the link it starts a chain of events that leads to the download of the WannaCry ransomware worm. The malware then sets about finding vulnerable computers on the network, copying itself to these machines, encrypting their files, and demanding a $300 ransom.

The malware also changes the background on the affected machine:

The actors behind the malware appear to be using multiple Bitcoin wallets to receive payments. At the time of writing, the wallet referred to in the image above had received a total of 23 transactions totaling 4.266 Bitcoins (approximately $7,400 USD) [1], but this is likely only a small fraction of the revenue generated by this campaign.

CONCLUSIONS

Forcepoint users were protected from the initial email by our email, web security, and NGFW security products, but the nature of this attack is that one email missed or accidentally released from quarantine can leave an organisation vulnerable to having its systems encrypted. As we observed in our blog post on the Jaff ransomware earlier this week, taking a defence-in-depth approach to security ensures that an attack can potentially be stopped in several points along the kill chain.

As with any email-based campaign user education is a critical component of limiting these attacks: if self-propagating ransomware becomes the new paradigm the risks posed to organisations by a user – however unintentionally – following a malicious link or opening a malicious file are multiplied greatly. Beyond this, the MS17-010 vulnerability exploited by this malware has been patched for nearly two months. This goes some way to explain the significant variation in impact seen within different organisations and highlights the need for a robust and timely patching process.

As of 13 May 2017, it has been confirmed that the malware will not spread if it can contact a hard-coded ‘kill-switch’ domain: hxxp://www[.]iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com

As always, Forcepoint Security Labs will continue to investigate and monitor this new threat.

UPDATE: SAT 14 MAY 2017

As expected, a new variant of WannaCry has been released without the kill-switch feature. The Forcepoint product suite continues to provide protection against this new variant.

RECOMMENDATIONS

  • Ensure that the MS17-010 security update is installed on all Windows machines within the organisation.
  • Ensure that you have email and web security that can block malicious emails, block intermediate download stages with Real Time Security Signatures (RTSS), and provide URL wrapping for additional protection.
  • In line with Microsoft’s guidance from 2016 [2], disable SMBv1 on all Windows systems [3].

For the time being, it may additionally be desirable to ensure that the ‘kill-switch’ domain iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com is not blocked within your organisation in order to stop propagation of the malware. However, as with any whitelist entry, this should only be employed for long enough to ensure that other, more permanent protections are in place.

For additional general guidance on ransomware, please visit https://www.forcepoint.com/ransomware.

REFERENCES

[1] https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

[2] https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

[3] https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012


  • 0

Forcepoint Extends Commitment to Securing Global Governments, Names New Executive and Sales Leadership

Category : Forcepoint

Global cybersecurity leader Forcepoint™ today announced two leadership appointments that further extend the company’s commitment to delivering the most robust, hardened cyber capabilities to government customers worldwide. Top security talent is increasingly attracted to Forcepoint’s human-focused approach. The company looks beyond technology to understanding the behaviors and intent of people as they interact with critical data, intellectual property and IT systems. These veteran appointments position the company to best serve government customers building cyber programs in the context of this new paradigm.

Tim Solms joins the company as senior vice president and general manager for Forcepoint’s Global Governments business. Solms reports to Chief Executive Officer Matthew Moynahan and is based in the company’s Herndon, Virginia office. Solms joins Forcepoint from Juniper Networks where he was vice president, Federal and managing director, worldwide government. In addition, Sean Berg was named vice president, sales, Global Governments. Berg reports to Solms and is also based in Herndon. Berg comes to Forcepoint from Polycom where he was vice president, public sector.

At Forcepoint, Solms will carry P&L responsibility and will be in charge of leading the growth strategy for the company’s Global Governments business.  He’ll also be chartered with further extending Forcepoint’s leadership in the cross domain and insider threat markets for domestic customers. Under his charge, Forcepoint will deliver new capabilities that support international government customers.

Berg will lead all domestic and international sales efforts for Forcepoint’s Global Governments business. He will also drive new customer and partner relationships around cross domain and insider threat, partnering with the Cloud Security, Network Security, and Data and Insider Threat Security businesses to present a robust system of intelligent security solutions.

“Forcepoint has a rich heritage of supporting our customers’ critical missions in the most demanding and high assurance environments,” said Moynahan. “As the landscape reshapes itself with a more human-centric view of cyber, our Global Governments business is ideally positioned to help intelligence, defense and civilian agencies worldwide address this reality. Tim and Sean are the leaders we need to ensure we’re developing and delivering the most effective solutions that support the complex missions and objectives undertaken by the people who protect national security.”

“As I’ve built a career in both the military and business, two priorities have not changed: focusing on the mission and delivering the very best capabilities possible,” said Solms. “Forcepoint’s history of supporting customer missions and deep understanding of the threats our customers face positions the company like no other. I’m excited for the opportunity to build on our vision for Global Governments moving forward.”

“Forcepoint’s focus on the behaviors and intent of people as they interact with critical data is clearly aligned with the direction the cybersecurity market is taking,” said Berg. “With this in mind, the company’s broad set of capabilities position Forcepoint to best serve customers in the future. I’m looking forward to leading the Forcepoint team in delivering the solutions our global government customers require.”

Solms comes to Forcepoint with more than 30 years of progressive leadership experience in both the military and private sector. Most recently, Solms was vice president, Federal and managing director, worldwide government at Juniper Networks where he held senior leadership responsibility for the company’s worldwide government business. Before joining Juniper, Solms was the general manager, U.S. Department of Defense at Microsoft Corp. and senior director, DoD, NATO and Federal international at VMware. Solms also held a series of government market-focused leadership roles at Dell. Before joining Dell, Solms spent more than 18 years with the U.S. Army. He also served in various leadership roles at AFCEA’s DC Chapter, including a stint as president. Solms earned a bachelor’s degree in administration from The Citadel.

Berg brings more than 25 years of experience in both the military and private sector. Prior to Forcepoint, Berg was vice president, public sector for Polycom where he led sales and strategy for all U.S. federal agencies, as well as state and local, education and healthcare. Before that, Berg spent 15 years at Dell, most recently as the executive director of the company’s Defense and Intelligence business. Earlier, Berg spent six years as an infantry officer in the U.S. Marine Corps. Berg holds a master’s degree of business administration from the College of William and Mary; he gained a bachelor’s degree in business management from the University of South Carolina.


  • 0

Safely Embracing the Cloud – Forcepoint CASB Overview

Category : Forcepoint

Thu, May 18, 2017 11:00 AM – 11:30 AM EDT

In order to understand your organization’s risks and protect your users, your security teams need visibility into how users interact with data in the Cloud. The ability to monitor and control how your users engage with sanctioned cloud applications is key.

Learn about Forcepoint CASB (Cloud Access Security Broker) while we review your options for safely embracing cloud apps.

Register now.


  • 0

Gartner: Critical Capabilities for Enterprise Data Loss Prevention 2017

Category : Forcepoint

Forcepoint Received Highest Product Score For Regulatory Compliance Use Case in Gartner’s Critical Capabilities Report

According to Gartner: “Security and risk management leaders deploy enterprise DLP for three major use cases: regulatory compliance, intellectual property protection and visibility into how users handle sensitive data. This research evaluates DLP products for the three use cases, derived from nine critical capabilities.” *

Forcepoint took a top three spot in each of these categories:

  • Regulatory Compliance (4.08 out of 5)
  • Data Visibility and Monitoring (4.07 out of 5)
  • Intellectual Property Protection (4.06 out of 5)

Read the report for insight into Gartner’s evaluation of Forcepoint DLP.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Forcepoint.

*Gartner, “Critical Capabilities for Enterprise Data Loss Prevention”, by Brian Reed and Deborah Kish, 10 April 2017

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.


Support