Power-On Investment Holdings

09/08/2024

Join me as we as we congratulate Mary Vilakazi, the newly appointed Group Chief Executive Officer of FirstRand. The company has finally appointed the first woman to lead the financial services giant in its 185-year existence.

Happy Womens Day & Congratulations to all our women leaders in the country and in the world. Those in politics, those in private and public sector we salute you!

11/07/2024

Cyber Security is on the rise
Make sure you protected and securitized.

With phishing attacks on the rise, organizations and governments are seeing an unprecedented rise in phishing attacks that no amount of user training can help prevent. Two important and related ways to drive effective cyber defense and prevent successful attacks are ensuring that cyber insurance pla...

11/07/2024

This promises to be an insightful and much needed event. I look forward to it.

To keep the personal and sensitive data of citizens and employees protected from cyber criminals, the City of Southgate took a stand to digitally transform. City of Southgate is an innovator, deploying modern passwordless authentication across their user base to eliminate the burdens of passwords an...

21/03/2023

Cyber Security: Why is South Africa such an attractive target?
Threat actors may perceive South African organizations as potentially having lower defensive barriers than those more developed economies. They may also think they face a lower chance of incurring consequences for their malicious activity. That’s because there is low investment in cyber security and developing cybercrime legislation in South Africa. Threat actors are taking notice.

Do not be dismayed you can do something about it, This is what can be done:
iDefense recommends a number of actions. These include making use of security and threat intelligence, protecting against internal threats and people-based attacks, and focusing on compliance—applying standards and best practices.
It’s time to get serious about defending your business and protecting your customers against cybercrime.

21/03/2023

As we the need for technology grows in families, with smartphones, work from home and access to the internet so does the Cyber threats grow. Take a look at the size of the problem. But most importantly learn how to protect yourself, your family and organization.

Accenture's iDefense recommends a number of actions to protect your business and customers against cybercrime. Read more.

06/12/2018

FEATURE SPOTLIGHT – FIREWALL CONTROL
By Migo Kedem - December 6, 2018

Consider the following scenario: IT gets an intelligence feed indicating that a specific phishing URL is scraping credentials globally. To protect users on the network, administrators immediately add a rule to the network firewall to block the URL. But what about remote users not behind the firewall? And what if the perimeter protection fails or is circumvented?

Endpoint Firewall Control answers these challenges by governing permitted communications to and from every endpoint. It allows an administrator to control and enforce a policy.

The Why
There are 4 reasons why we’ve built this capability into the SentinelOne agent:

1. Visibility
According to a SentinelOne Ransomware survey, almost seven in ten (69%) of those whose organization had suffered a ransomware attack in the last 12 months said that the attacker was able to gain access to their organization’s network by phishing via email or social media. Around two in five reported that access was gained by a drive-by-download caused by clicking on a compromised website (44%). This clearly shows that the network is the most prevalent infection vector. To make things more challenging, most network traffic is encrypted, which improves privacy but eliminates the option for network firewalls to see beyond the headers. At the same time, a growing number of users are remote, making the network firewall ineffective in providing a defensive shield. Your users can work from anywhere, and the only certainty you have is they are going to use their endpoint device.

The answer is to increase asset protection by dealing with network-related infections using network access control. The ability to see all traffic is part of SentinelOne Deep Visibility feature, which also supports visibility into encrypted traffic.

2. Malware Prevention
There are two primary reasons for network traffic when it comes to malicious adversaries:

Most malware infections attempt to connect to a Command and Control (C2) server to establish remote control or exfiltrate data.
Ransomware typically stores encryption keys on a remote server to increase the chances for a payout.
3. Enterprise Data Loss Prevention
Firewall Control can block unauthorized transfer of data to and from all your endpoints, both on and off the corporate network. This allows you to reduce the risk of data leakage from your assets. Data theft occurs when malware and/or a malicious actor carries out an unauthorized data transfer from a computer. Malware typically tries to stay undetected and to scrape personal data, either for extortion or espionage. For example, earlier this year, we learned about a Tesla employee who shared sensitive information after writing software to periodically export gigabytes of proprietary data and funnel it outside of the organization. Network access control could have prevented this loss.

4. Compliance
As Firewall Control provides yet another measure to mitigate risk in the enterprise, it may help your organization to achieve compliance where network access control is required.

Ease of Management
Adding features to a platform is always a desirable move, but it cannot come at the expense of usability. Building products that require highly-trained personnel to manage might solve some customers’ needs, but it creates another problem. You can still see cases out there where products are not configured correctly or are just not monitored effectively because of the difficulty of using them. The result is complex products can fail to tackle the very problems they were intended to solve. In the case of Firewall Control, we’ve implemented a straightforward rule-based experience that provides flexibility without complexity.

Take Away
Security is not only about preventing malware. Good hygiene across your network can help win the battle before it’s fought. Endpoint Firewall Control is an important part of a layered security model. Securing network traffic is not new to SentinelOne. We’ve seen many attempted attacks and have an automated response to it. The power of the platform is that you get all these capabilities in a single autonomous agent – no additional install is needed.

Firewall Control is supported starting with 2.8 agents (with Eiffel console) and is part of the SentinelOne “Complete” offering.

Liked this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about SentinelOne feature spotlights
Feature Spotlight – Device Control
Feature Spotlight – Behavioral Indicators and MITRE ATT&CK™ for Enterprise
Announcing SentinelOne Nexus Embedded AI SDK!

For a Dem:
Give us a call.

13/10/2018

OPSWAT Certified Security Applications Program:

Our program certifies endpoint security applications on compatibility, false positive handling, and threat protection quality. All certified vendors receive badges to showcase that their applications are powerful, reliable, and efficient.
Compatibility Test

Application compatibility is important when trying to access a network. Without certified compatibility, users risk being denied access and administrators must write policy exceptions. Our certification program ensures CASB, NAC, SSL-VPN, and SSO compatibility with the top market leading access control solutions from vendors such as Palo Alto Networks, Cisco, Citrix, and many others, covering over 200 million endpoints.

13/10/2018

SENTINELONE RECEIVES SILVER CERTIFICATION FROM OPSWAT
By SentinelOne - October 12, 2018

SENTINELONE RECEIVES SILVER CERTIFICATION FROM OPSWAT
By SentinelOne - October 12, 2018

OPSWAT announced that SentinelOne received a Silver certification for the Anti-Malware from the OPSWAT Certified Security Application Program, which tests anti-malware applications for quality and compatibility.

The OPSWAT Certified Security Application Program has awarded Silver certification to SentinelOne for Anti-malware. Originally launched in 2007, OPSWAT’s certification program currently supports over 1,000 applications from various anti-malware engines to ensure their compatibility with all leading access control solutions, their detection quality, and their false positive responsiveness.

SentinelOne unifies endpoint threat prevention, detection, and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks. OPSWAT awarded certification to SentinelOne after determining it met strict criteria for compatibility.

OPSWAT developed the Certified Security Application Program in 2007 after compiling compatibility requirements from over 50 OPSWAT OEM customers, including industry-leading NAC, CASB, SSO, and SSL-VPN solutions from vendors such as Citrix, Pulse Secure, Cisco, IBM, and Dell. The certification program is meant to help IT administrators find compatible and effective applications for their security stack. The program also helps endpoint security applications vendors who want to certify regularly.

“SentinelOne is extremely pleased to have been awarded the Silver certification from the OPSWAT Certified Security Application Program for its anti-malware applications,” said Tomer Weingarten, CEO of SentinelOne. “This recognition from OPSWAT further reinforces SentinelOne’s mission to provide a unique, standalone approach to endpoint security. SentinelOne is continuing to establish itself as an industry leader by creating anti-malware solutions through its next-generation endpoint security approach to replace traditional antivirus methods.”

SentinelOne and OPSWAT encourage all anti-malware, patch management, and encryption application vendors to learn more about the OPSWAT certification program and its benefits, and to certify their latest versions prior to public release. OPSWAT also recommends that all IT administrators check OPSWAT’s list of certified security applications before making a purchase decision.

Find below SentinelOne current OPSWAT certifications:

27/07/2018

7 BEST REASONS TO VISIT SENTINELONE AT BLACKHAT

BlackHat 2018 is just a few weeks away, and the SentinelOne team could not be more excited! We will be located in a prime area of the vendor pavilion, booth #212. Below our the 7 best reasons to visit us:

Best Product – Autonomous endpoint protection with EPP + EDR through a single agent that saves you time.
Best Location – Booth #212. You will see us right when you enter the expo doors.
Best Swag – Grab a cool t-shirt, hoodie, or a pair of socks!
Best Presentations – Experts from our partner & customer ecosystem will present a variety of topics.
Best Demos – The smart guys (and gals) will be showing live demonstrations of our industry-leading solution.
Best Research – Learn how SentinelOne is on the cutting edge of stopping today’s most advanced attacks.
Best Drink – Sip a sparkling lavender lemonade specially poured from our S1 ice sculpture.
See why autonomous endpoint protection is the ONLY answer to diverse modes of attack. Visit Booth #212 at Black Hat, the world’s leading information security event that promotes the latest in research, development, and trends.

Looking forward to meeting you!

Ready to schedule a meeting? Register for a demo? Join our happy hour?

Financial service

12/07/2018

BE AWARE:
HANCITOR BANKING TROJAN IS BACK | USING MALICIOUS WORD ATTACHMENT

By Migo Kedem - July 12, 2018

The Hancitor trojan, also known as Chanitor, is a downloader first observed in 2014. Back then, it distributed its payload via a Microsoft Word document email attachment with embedded malicious macros. Over the years, several flavors have been seen in the wild using a variety of infection techniques. A few examples:
1. A macro in an attached document contains encoded shellcode and uses native API calls within Visual Basic (VB) to pass ex*****on, carving out and decrypting the embedded malware.
2. Another flavor seen in the wild involves a malicious attachment that drops an additional payload to download the Pony/Evil Pony fileless malware or Zeus/Vawtrak executables, which then steals data and connects to a C2 server.
The Hancitor trojan typically uses phishing emails as an infection method. Several phishing email campaigns delivered bogus parking ticket notifications. The message requests the recipient to click the link to pay their ticket and directs the victim to a malicious Microsoft Word document.
Another common email spam seen is originating from Intuit or HalloFax, encourages the user to download a fax, which then triggers the infection.