AlgoSec

Intelligent change management from Fortinet and AlgoSec

Fri, 29 Mar 2024 06:00:00 GMT

In this webinar we will walk through a live demo and highlight how the Fortinet solutions and the integrations with AlgoSec help companies add a range of intelligent automation to speed up the change request process and improve accuracy.

In this webinar, we will cover:
• An overview of the Fortinet and AlgoSec partnership
• Security policy change management using intelligent automation
• Use-cases and demos of our joint solutions

Case Study: NCR Corporation's Network Security Transformation with AlgoSec

Tue, 04 Jul 2023 16:59:33 GMT

Discover how NCR Corporation successfully integrated AlgoSec's Security Policy Management Solution into their network infrastructure. Learn how AlgoSec Firewall Analyzer, FireFlow, AppViz, and AppChange enabled NCR to automate security policy changes, improve visibility, streamline auditing, and achieve zero trust. Explore the benefits of AlgoSec's comprehensive suite of tools in enhancing network security for a global organization like NCR.

Simplifying Firewall Audits and Demonstrating Compliance

Tue, 22 Mar 2022 11:15:34 GMT

AlgoSec Firewall Analyzer delivers out-of-the-box compliance reports for the widest range of industry standards including PCI-DSS, ISO 27001, Sarbanes Oxley and more. These reports help you dramatically reduce the time and effort required to prepare for audits - by as much as 80%.

AlgoSec FireFlow's Seamless Integration with Remedy

Mon, 21 Mar 2022 09:44:51 GMT

AlgoSec FireFlow complements existing change management systems with intelligent automation that enables IT to process firewall changes more quickly and with less risk.
This video examines how AlgoSec FireFlow seamlessly integrates with BMC Remedy to eliminate the need for opening and tracking change requests in multiple systems.

AlgoSec FireFlow CMS Integration

Mon, 21 Mar 2022 09:44:24 GMT

A demonstration of how AlgoSec FireFlow integrates with change management systems (in this case HP Service Manager) to add intelligent automation to the security change workflow.

Top 5 Predictions & Best Practices for 2022

Tue, 21 Dec 2021 14:09:54 GMT

In this video, Prof. Avishai Wool, AlgoSec CTO and co-founder, provides his expert opinion on the Top 5 ongoing and new challenges in cybersecurity and network security management expected to take place in 2022 and offers invaluable best practices. To learn more, please contact us to set up a demo at https://www.algosec.com/lp/request-a-demo/

Gain control of your network security with complete visibility: An AlgoSec...

Thu, 29 Jul 2021 12:53:13 GMT

In this technical demo of the AlgoSec Security Management Solution, we will show you how network security visibility is an important part of your security arsenal.

Join the session and discover how to:
• Gain visibility of your multi-vendor devices and traffic flows throughout your entire network – on-premises and in the cloud.
• Ensure continuous compliance and reduce the effort needed to prepare for audits with out-of-the-box regulatory compliance reports.
• Visualize and map firewall rulesets.
• Identify and mitigate risky rules and provide intelligent recommendations to remediate the risks.

Gain control of your network security policies with complete visibility.

The 6 best practices to stay secure in the hybrid cloud

Sun, 02 May 2021 16:13:13 GMT

Omer Ganot(AlgoSec) | April 2021

Doug Hurd (Cisco) Henrik Skovfoged (Conscia) Oren Amiram (AlgoSec) Tsippi Dach (AlgoSec)
What if we told you that there were just six things that you can start doing to be more secure in your hybrid cloud environment?
In this session, you’ll get clear insight on what you can do right away to tighten your hybrid cloud network security. From visibility through network management, to risk and cleanup – security expert Omer Ganot will guide you through the steps to help you stay secure. Click here for a personal demo: https://www.algosec.com/lp/request-a-demo/

Customer Story - Mark Grady from Leading payment solutions company

Tue, 16 Feb 2021 22:22:25 GMT

Leading payment solutions company credits AlgoSec for increasing security and compliance.

Click here for a personal demo: https://www.algosec.com/lp/request-a-demo/

Panel Discussion: Network Security and Compliance best practices for...

Tue, 15 Sep 2020 20:06:08 GMT

Financial institutions are forced to invest heavily in digital transformation to gain a competitive edge, especially with customer-facing technology innovations. However, delivery often trails behind the need. New apps are developed, but network security policy
management is often perceived as holding up progress, impeded by manual change-management processes, growing compliance requirements and never-ending audits.

There’s a better way to manage your network security!

Watch our special panel discussion to learn how you can simplify your network security management, reduce risk and ensure continuous compliance.

Topics include:

• How to overcome security management complexities with automation
• How to pass compliance audits in the face of demanding regulations
• Key industry metrics that compare security environments within and beyond the finance industry
• Real financial customers case studies

"Achieving intent-based network security across your hybrid network" with...

Wed, 24 Jun 2020 16:49:12 GMT

Avishai Wool, AlgoSec CTO and co-founder, discusses how to achieve intent-based network security across your hybrid network at Check Point Cyber Security Summit 2020.

Learn about:

How to reduce the attack surface of your network

The benefits of lateral segmentation

How to manage micro-segmented networks

Policy Optimization

Mon, 22 Jun 2020 11:01:54 GMT

Learn how to clean up and optimize your firewall policies with the AlgoSec solution

Cessation of Misconfigurations: Common Network Misconfiguration Risks & How...

Tue, 02 Jun 2020 12:06:41 GMT

Misconfigurations aren’t simply inconvenient mistakes but serious security threats. According to Gartner, 99% of all firewall breaches will be caused by misconfigurations by 2020 and misconfigurations made OWASP’s list of Top 10 most critical web application security risks.

A single change to a network device can have far-reaching effects on your business and create security holes for cybercriminals, impact your audits, and cause costly outages that bring your business to a standstill.

In this webinar, Avivi Siman-Tov, AlgoSec’s Director of Product, will show examples of common misconfigurations, including device changes, business application connectivity changes, and data center migrations. He will also reveal specific techniques to help you avoid them.

Watch the webinar to learn how to:

Understand and map your entire network before you make a change
Proactively assess the impact of a change to ensure it does not break connectivity, affect compliance or create a security hole and understand the impact of changes to your entire network
Maximize the capabilities of network management automation to avoid common misconfigurations
Avoid common mistakes when making changes to your network security devices

Reece Group empowers business and IT teams with ChatOps – Case Study

Mon, 25 May 2020 14:07:56 GMT

Reece Group, the leading Australian plumbing and HVAC company, was able to empower their application developers, get faster response time, reduce risks and increase compliance and more. Watch the video case study to find out more or read the full case study here.

Optimize your Juniper Investment with Intelligent Network Security Automation

Wed, 25 Mar 2020 19:30:22 GMT

Max Shirshov, EMEA Solutions Architect (AlgoSec) | March 24, 2020
Are you maximizing all the capabilities that your Juniper solutions offer? Expand its potential and maximize your ROI. Discover how to secure your homogeneous and multi-vendor network with intelligent automation.

In this webinar, Max Shirshov, EMEA Solutions Architect at AlgoSec, will demonstrate how to assess risk and audit the firewall estate for regulatory compliance, address security breaches caused by misconfigured network devices, and provide fast and efficient change management utilizing the AlgoSec Security Management solution for your Juniper devices.

Join the webinar to learn how to:

Gain complete visibility into your Juniper-estate as well as multi-vendor and hybrid networks
Intelligently push security policy changes to your Netscreen and SRX firewalls, MX routers and Juniper Space, as well as other vendors’ security devices, SDN and public clouds
Automate application and user aware security policy management and ensure your Juniper devices are properly configured
Assess risk and ensure regulatory compliance across your entire enterprise environment

Managing Effective Security Policies Across Hybrid and Multi-Cloud Environments

Wed, 18 Mar 2020 14:04:50 GMT

Yitzy Tannenbaum, Product Marketing Manager | Oct 25 2018

Enterprises are not only migrating applications to the cloud from on-premise data centers, but they are developing multi-cloud strategies to take advantage of availability and cost structures as well as to avoid vendor lock-in. In fact, IDC has predicted that more than 85% of IT organizations will commit to multi-cloud architectures already by the end of this year.

In complex, multi-cloud and hybrid environments, security teams need to understand which network flows and security controls impact application connectivity, including cloud-specific security controls (Network ACL and security groups) as well as virtual and physical firewalls that protect cloud resources. They need to manage policies that maintain their compliance posture across multiple clouds and hybrid environments.

In this webinar, Yitzy Tannenbaum illuminates security-policy issues in multi-cloud and hybrid environments and show you how to achieve:

Visibility across the multi-cloud network topology to ensure deployment of security controls that support network-segmentation architecture
Uniform security policy across complex multi-cloud and hybrid environments
Automatic monitoring of multi-cloud and hybrid network-security configuration changes to analyze and assess risk and to avoid compliance violations
Instant generation of audit-ready reports for major regulations, including PCI, HIPAA, SOX and NERC, in the context of multi-cloud environments
Automatic provisioning of application connectivity flows across a variety of security controls in hybrid environments

Network Security Vision with Application Visibility | Live discussion and demo

Mon, 09 Mar 2020 15:53:57 GMT

Avishai Wool, CTO & Co-founder (AlgoSec) & Yoni Geva, Product Manager (AlgoSec) | March 5, 2020

You’re always making changes to your network, commissioning and decommissioning servers, moving data to and from the cloud, revising application connectivity settings and policies, and/or adding and removing business applications.

But how do you make sure that you are not running blind and making network configuration mistakes that may lead to outages? Are you leaving firewall openings for unused applications, making your network vulnerable to insider threats or outside attackers?

Stop running blind. Expand your vision with application visibility.

With application visibility, you associate your traffic flows to the related business applications, enhance network visibility, improve troubleshooting, gain enhanced compliance reports, and even save time while improving security on your network.

In this webinar, Avishai Wool, AlgoSec’s co-founder and CTO, and Yoni Geva, AlgoSec’s Product Manager, will demonstrate – in a live demo - how to overcome these challenges and ensure business continuity through application visibility.

Join the webinar and learn how to:
• Associate your business applications with your security policy rules.
• Identify the network traffic relevant for each application.
• Identify hidden risks and vulnerabilities in your applications.
• Associate compliance violations with the relevant business applications.
• Improve troubleshooting by identifying affected applications.
• Better document the applications on your network.

5 Dinge, von denen Sie sicherlich nicht gewusst haben, die Sie mit einer...

Thu, 05 Mar 2020 14:08:47 GMT

Dietmar Wyhs, Regional Sales Manager DACH | Oct 9 2017

Die heutigen Unternehmen entwickeln sich kontinuierlich weiter, um neue Anwendungen, Transformationsinitiativen wie Cloud und SDN zu unterstützen und täglich neue und anspruchsvollere Cyber-Attacken abzuwehren. Aber die Sicherheits- und Netzwerk-Mitarbeiter haben Schwierigkeiten mitzuhalten. Dies wirkt sich nicht nur auf die Business-Agilität aus, sondern setzt Ihr Unternehmen Risiken aus und behindert dessen Fähigkeit, sich der modernen Bedrohungslandschaft zu stellen.

Viele Fachleute sind der Meinung, dass sie die neuesten Anwendungen brauchen, um diese Herausforderungen zu bewältigen. Aber was, wenn Sie bereits haben, was Sie brauchen und diese Anwendung in Ihrem Unternehmen genutzt wird: Ihre Security Policy Management Lösung?

Die heutigen Sicherheitsrichtlinien-Management-Lösungen machen weit mehr als die Automatisierung von traditionellen Änderungsmanagement Aufgaben. In diesem technischen Webinar zeigt Ihnen Dietmar Wyhs fünf wichtige Sicherheitsmanagement-Herausforderungen, denen Unternehmensorganisationen sich heutzutage stellen. Gleichzeitig erklärt er, wie die Lösung von AlgoSec Ihnen helfen kann, Sicherheitsbedrohungen zu bewältigen, Risiken zu verringern, und schnell auf Ausfällen zu reagieren, bei gleichzeitiger Maximierung der Geschäftsagibilität und Sicherstellung der Compliance in den unterschiedlichen, sich ständig verändernden Hybridnetzwerken.

Dieses technische Webinar konzentriert sich auf:

•Verwalten von Sicherheitsrichtlinien von End-to-End-Lösungen öffentlicher und privater Clouds einschließlich Microsoft Azure, Amazon Web Services AWS, Cisco ACI und VMWare NSX
•Zuordnung von Sicherheitslücken zu Anwendungen, zur Bewertung und Priorisierung des Risikos
•Möglichkeit Cyber-Attacken mit Geschäftsprozesse zu korrelieren
•Migration von Firewall-Richtlinien zwischen Firewall-Herstellern
•Durchführung einer vollautomatischen, Zero-Touch-Sicherheitsregelwerksänderung

Stop putting out fires. Pass network security audits – every time

Tue, 29 Oct 2019 17:37:31 GMT

Compliance with network and data security regulations and internal standards is vital and mission-critical. But with increasing global regulations and network complexities, it’s harder than ever to keep up.

Firewall management and network security policies are critical components in achieving compliance. Firewall audits are complex and demanding and documentation of current rules is lacking. There’s no time and resources to find, organize, and inspect all your firewall rules. Instead of being proactive and preventative, network security teams are constantly putting out fires.

In this webinar, you will learn:

• The golden rules for passing a network security audit
• Best practices to maintain continuous compliance
• How to conduct a risk assessment and fix issues

Learn how to prevent fires and pass network security audits every time.

Tal Dayan, AlgoSec’s product manager, will reveal the Firewall Audit Checklist, the six best practices to ensure successful audits.

By adopting these best practices, security teams will significantly improve their network’s security posture and reduce the pain of ensuring compliance with regulations, industry standards and corporate policies.

Cisco ACI & Hybrid Networks Breaking Down Silos with Central Policy Management

Tue, 30 Jul 2019 19:56:43 GMT

Yonatan Klein, Director of Product Management | July 30, 2019

While your network extended beyond the confines of the physical data center and you started using Software Defined Networks (SDN) such as Cisco ACI, managing security policies within your hybrid estate is complex.

Each part of your network estate is managed in its own independent silo instead of being holistically managed.

Learn how to unify, consolidate and automate your entire network security policy management including both the Cisco ACI SDN fabric and elements outside the SDN fabric.

In this webinar, Yonatan Klein, Director of Product Management at AlgoSec, explains how to centralize your security policy management throughout your network and the unique challenges required to manage an SDN fabric, such as Cisco ACI, in order get the most out of your entire network.

He covers how to:
Proactively assess risk throughout your network, including Cisco ACI contracts, and recommend the necessary changes to eliminate misconfigurations and compliance violations
Gain full visibility and unify security policy management of your entire hybrid network estate, simulate traffic routes and security policy for ACI and other network devices
Manage traffic change requests in a holistic manner, including automatically pushing security policy changes to Cisco ACI by creating contracts and filters to enforce data center whitelist policy; as well as identifying and provisioning changes to firewalls both within the ACI fabric as well as other network security controls that are on-premises and in the cloud

Effectively Managing Security Policy | Joint Fortinet & AlgoSec Webinar

Mon, 01 Jul 2019 13:56:06 GMT

Satish Veerapuneni, Director of Products and Solutions (Fortinet) and Yoav Karnibad, Product Manager (AlgoSec) | Jun 26 2019

In today’s complex and dynamic environment with growing digital business demands, IT often struggles to gain adequate visibility and control, and to ensure compliance with security policies and regulatory guidelines. Effective security policy management that accommodates the dynamic nature of today’s organizations is a key challenge for many IT departments.

In this webinar, Satish Veerapuneni, Director of Products and Solutions at Fortinet and Yoav Karnibad, Product Manager at AlgoSec will discuss how joint customers benefit from AlgoSec’s multi-vendor security policy management capabilities while leveraging Fortinet’s industry-leading Security Fabric’s FortiManager & FortiAnalyzer.

Join this live webinar to learn how to:
• Automate policy optimization and risk assessment across all your security devices.
• Enhance visibility and exercise greater control over your hybrid / heterogeneous network
• Tie application connectivity needs to network security policies, reduce planning time and costs for network change automation
• Assess risk and ensure regulatory compliance across the entire enterprise environment
• Realize single pane of glass management with advanced analysis and management of policy modifications through Fortinet Security Fabric’s FortiManager/FortiAnalyzer and AlgoSec’s Firewall Analyzer, FireFlow and BusinessFlow

Securely Managing Application Connectivity – Best Practices

Sun, 16 Jun 2019 11:42:42 GMT

Yoni Geva, Product Manager | June 12, 2019
New business applications are added, changed or removed every day, forcing implementation of complex, time-consuming network security changes. Migrating business applications to the cloud adds additional complexities, such as understanding the network connectivity of each application prior to deployment, provisioning the relevant firewalls and routers in the cloud, and then migrating and adjusting existing network connectivity to support them.

In this webinar, Yoni Geva, Product Manager at AlgoSec will present:

•Innovative application-discovery technologies
•Application-centric use cases, including policy cleanup and documentation
•How to simplify and accelerate rule recertification through automation
•How to prevent breaches by associating vulnerabilities to business applications and
firewall rules
•How to ensure ongoing compliance and audit-readiness

Firewall Rule Recertification with Application Connectivity

Mon, 29 Apr 2019 11:39:25 GMT

Asher Benbenisty, Director of Product Marketing | Apr 24 2019

Firewall rules must be reviewed and recertified regularly for an organization to stay secure, ensure continuous compliance and gain the optimal firewall performance. Firewall rules which are out of date, unused or unnecessary should be removed, as firewall bloat creates gaps in your security posture, causes compliance violations, and decreases firewall performance.

However, manual firewall rule recertification is complex, time-consuming and prone to errors.

Join Asher Benbenisty, AlgoSec’s Director of Product Marketing, on a special webinar introducing an application-centric approach to firewall recertification.

In this webinar Asher will cover:
• Why it is important to regularly review and recertify your firewall rules
• How to use application connectivity for firewall rule recertification
• How to automatically manage the rule-recertification process

Migration to Cisco Firepower

Wed, 10 Apr 2019 00:00:00 GMT

How to utilize the AlgoSec solution to migrate to Cisco Firepower

Taming the storm clouds: managing network security across hybrid and multi-cloud

Thu, 28 Mar 2019 13:04:00 GMT

Yonatan Klein, Director of Product Management | Mar 27, 2019

Good old perimeter security, enforced by traditional firewall protection, is now combined with distributed firewalls, public cloud native security controls and third-party security services. The shared-responsibility security model means that IT organizations need to assume accountability for the data and overall security posture, as this is not exclusively the cloud providers’ responsibility.

Today, more than ever, enterprise security teams are challenged to stretch their tried-and-true security policies to their extended deployments. They lack visibility across this growing estate, they can’t keep up with DevOps, and they are unable to properly analyze risk. They need integrated security policy management solutions for hybrid-cloud environments.

Join Yonatan Klein, Director of Product Management at AlgoSec to learn how to take advantage of all the benefits of cloud and virtual deployments while maintaining your current security fundamentals.

Yonatan will cover how to:
•Easily and automatically identify security risks and misconfigurations in your cloud
•Centrally manage security controls across accounts, regions and VPCs/VNETs
•Gain complete visibility across subnets and instances, including security groups, network security groups and NACLs
•Obtain a cross-network-estate risk analysis

Movin' On Up to the Cloud: How to Migrate your Application Connectivity

Wed, 20 Mar 2019 10:53:55 GMT

Avivi Siman-Tov, Product Manager | Feb 6 2018

Migrating applications to the cloud or to another data center is a complex and risky process. First, you need to understand the applications you are currently running (application discovery). Then, you need to define and map the existing application connectivity flows (pre-migration), so that you can easily reestablish them post-migration.

If done manually, this is a difficult and time-consuming process, and a single mistake can cause outages, compliance violations and create holes in your security perimeter.

Understanding the migration destination is just as important; cloud security architecture is fundamentally different from physical networks, and it is extremely difficult to translate the network connectivity flows to the cloud security controls and then manage network security policies cohesively across the entire hybrid enterprise environment. All in all, migrating application connectivity is a complex, tedious and error-prone process that can take months and often compromises security, compliance and business agility.

In this webinar, Avivi Siman-Tov, Product Manager at AlgoSec, explores how to simplify and accelerate large-scale complex application migration projects, while making security a priority.

Discover best practices to:

Automatically discover applications and their existing connectivity flows
Analyze, simulate and compute the necessary changes – even between different network security technologies such as traditional firewalls and cloud security groups
Execute the necessary firewall rule changes, and mass-migrate relevant connectivity flows
Assess the risk and ensure compliance throughout the migration process
Deliver unified security policy management across the hybrid enterprise cloud environment

AlgoSec Firewall Analyzer (AFA) Demo

Wed, 20 Mar 2019 00:00:00 GMT

Watch this demo of AlgoSec Firewall Analyzer (AFA). See how AFA delivers visibility and analysis of complex network security policies across on-premise and cloud networks. Discover how AlgoSec Firewall Analyzer lets you view your multi-vendor network topology, and offers audit-ready compliance reports. Learn more at https://www.algosec.com/firewall-analyzer/

Selecting the right security policy management solution for your organization

Wed, 17 Oct 2018 18:30:00 GMT

Kyle Wickert, Worldwide Strategic Architect

IT must deliver more, faster. Yet as cyber-attacks increase in volume and sophistication, IT groups are finding themselves ill-equipped to secure their networks and maintain compliance while supporting business productivity.
In this era of digital transformation, managing security across complex enterprise networks presents huge challenges. Automation will ease the pressure.
Join Kyle Wickert, Worldwide Strategic Architect at AlgoSec, for a technical webinar on tips and best practices to help you select the right security policy management solution that will help drive business agility while ensuring security and compliance.

Key topics include:

Intelligent automation is more than just adding policies
Letting a business-centric approach take the lead
Extracting the best from existing automation processes and creating new ones
Managing it all together: cloud, SDN and on-premise

Network Security Audit? Passing Your Next One with Flying Colors

Thu, 06 Sep 2018 17:00:00 GMT

Prof. Avishai Wool, CTO | Sep 6 2018

Enterprises are required to maintain an unfailing state of compliance with laws and regulations.

Do you know about the upcoming PCI-DSS 3.2.1 standard and what it means for your operation? Are you ready to be audited?

Like fire drills, audits can catch us unprepared and expose inadequacies. What should we do now to make sure we pass the next audit with ease?

Presented by renowned industry expert, Professor Avishai Wool, this technical webinar imparts best practices and reveals specific techniques to help you make sure that your compliance posture stands up to any audit.

In this webinar, Professor Wool discusses:

Know if your network is compliant with the new PCI standard
Upgrade to the secure alternative to SSL to safeguard your payment data
Prepare for the next audit
Assure continuous compliance

Cisco ACI and AlgoSec Integration (ActiveChange Demo)

Mon, 18 Jun 2018 03:00:00 GMT

nhanced Security Policy Visibility and Change, Risk, and Compliance Management

Through the integration of AlgoSec and the Cisco® Application Centric Infrastructure (Cisco ACI™) architecture, customers can monitor security policy changes across their Cisco ACI system, obtain risk and compliance context for both managed and unmanaged security devices, and extend automation across their entire security
environment.

For more information contact AlgoSec at info@algosec.com or visit our website at www.algosec.com

DevOpsifying Network Security: AlgoSec - Ansible Demo

Thu, 31 May 2018 03:00:00 GMT

This demo describes how developers can seamlessly incorporate network connectivity into their DevOps methodology, using their existing CI tools, in order to fully automate the application delivery process end-to-end.

Sharing Network Security Information with the Wider IT Community With Team...

Tue, 30 Jan 2018 02:00:00 GMT

Firewall Management 201: Lesson 18

Collaboration tools such as Slack provide a convenient way to have group discussions and complete collaborative business tasks. Now, these automated chatbots can be used for answering questions and handling tasks for development, IT and infosecurity teams.

For example, enterprises can use chatbots to automate information-sharing across silos, such as between IT and application owners. So rather than having to call somebody and ask them “Is that system up? What happened to my security change request?” and so on, tracking helpdesk issues and the status of help requests can become much more accessible and responsive. Chatbots also make access to siloed resources more democratic and more widely available across the organization (subject, of course to the necessary access rights).

In this video, Prof. Wool discusses how automated chatbots can be used to help a wide range of users for their security policy management tasks – thereby improving service to stakeholders and helping to accelerate security policy change processes across the enterprise.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

The Benefits of Mapping Firewall Rules to Business Applications

Fri, 05 Jan 2018 02:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

New! How to Manage Dynamic Objects in Cloud Environments

Fri, 05 Jan 2018 02:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 7: How to Prepare for Network Segmentation by Identifying the Segment...

Fri, 05 Jan 2018 02:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at

How to Intelligently Select the Security Groups to Modify When Managing...

Tue, 26 Sep 2017 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 7

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 7: How to Aggregate Network Flows Into Application Flows

Tue, 26 Sep 2017 03:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 17: PCI - Linking Vulnerabilities to Business Applications

Tue, 29 Aug 2017 03:00:00 GMT

Firewall Management 201: Lesson 17

PCI-DSS 3.2 regulation requirement 6.1 mandates that organizations establish a process for identifying security vulnerabilities on the servers that are within the scope of PCI. In this new lesson, Professor Wool explains how to address this requirement by presenting vulnerability data by both the servers and the by business processes that rely on each server. He discusses why this method is important and how it allows companies to achieve compliance while ensuring ongoing business operations.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

The Right Way to Audit AWS Policies

Wed, 12 Jul 2017 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 6

In this whiteboard video lesson Professor Wool provides best practices for performing security audits across your AWS estate.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

How to Integrate Security into the Test Environment

Wed, 12 Jul 2017 03:00:00 GMT

Best Practices for Incorporating Security into DevOps

In a typical DevOps scenario development team adds new functionality to an existing business application and then rolls it out into production. However, while the new functionality worked as planned in both the test and pre-production environments, the application then fails when moved into the live production environment. In this video, Professor Wool will discuss the reasons why this process went wrong, and how you can fix it.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Tips for Adding Capacity Without Changing Your Security Policies

Wed, 12 Jul 2017 03:00:00 GMT

Best Practices for Incorporating Security into DevOps

In theory adding capacity should be fairly straightforward, with minimal need for any intervention by the organization’s security team. But in practice it’s a little more complex. In this video Professor Wool provides some tips and best practices to help you add capacity without having to change your security policies, complete a security review or worse still, cause an outage or gap in the security perimeter.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

How to Integrate Security into the CI Process

Wed, 12 Jul 2017 03:00:00 GMT

Best Practices for Incorporating Security into DevOps

In previous lessons Professor Wool discussed how building security into DevOps processes at an early stage helps organizations maximize the speed and agility of application development, while minimizing the risks of problems and outages when the applications go live. In this whiteboard video Professor Wool looks at how security automation helps to speed up the practice of Continuous Integration (CI) - a core element of DevOps.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Onboarding New Firewall Devices Using AlgoSec's APIs

Fri, 12 May 2017 03:00:00 GMT

Security integration is a common requirement for many enterprise customers and MSSPs. This video showcases the process to operationalize this requirements including:
1. Onboarding new firewall devices through a web portal
2. Easily get compliance scores for newly onboarded devices
3. Identify firewall cleanup opportunities
4. Identify if security policies are blocking application connectivity

The AlgoSec QRadar App for Incident Response

Fri, 03 Mar 2017 02:00:00 GMT

This video demonstrates a new AlgoSec App for incident response which integrates with the IBM QRadar Security Intelligence Platform.

Through AlgoSec’s integration with IBM QRadar, this App enhances and automates the Security Incident Response process by:

* Augmenting security incident data with business context
* Automatically associating applications with compromised servers
* Identifying network connectivity to/from a compromised server
* Automatically isolating a compromised server from the network

Demo: AlgoSec's Cisco ACI App Center

Fri, 03 Mar 2017 02:00:00 GMT

The AlgoSec Connectivity and Compliance App provides insights into your network and security posture, including a current snapshot of risk and compliance across your ACI fabric.

Key capabilities of the App include:

- Traffic assessment to determine if specific traffic is traversing the network or if its blocked - including visibility into security devices and their status across the traffic route

- The ability to automatically update the firewall policy in the event that connectivity is blocked erroneously

- Instant risk analysis for Cisco ACI contracts alongside firewall security policies

- A detailed PCI compliance report for your Cisco ACI fabric, that’s ready for auditors

Lesson 14: Synchronized Object Management in a Multi-Vendor Environment

Fri, 10 Feb 2017 02:00:00 GMT

Firewall Management 201: Lesson 14

Many organizations have different types of firewalls from multiple vendors, which typically means there is no single source for naming and managing network objects. This ends up creating duplication, confusion, mistakes and network connectivity problems especially when a new change request is generated and you need to know which network object to refer to. In this lesson Profession Wool provides tips and best practices for how to synchronize network objects in a multi-vendor environment for both legacy scenarios, and greenfield scenarios.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 16: How to Take Control of a Firewall Migration Project

Fri, 10 Feb 2017 02:00:00 GMT

Firewall Management 201: Lesson 16

Some companies use tools to automatically convert firewall rules from an old firewall, due to be retired, to a new firewall. In this lesson, Professor Wool explains why this process can be risky and provides some specific technical examples. He then presents a more realistic way to manage the firewall rule migration process that involves stages and checks and balances to ensure a smooth, secure transition to the new firewall that maintains secure connectivity.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 15: How to Synchronize Object Management with a CMDB

Fri, 10 Feb 2017 02:00:00 GMT

Firewall Management 201: Lesson 15

Many organizations have both a firewall management system as well as a CMDB, yet these systems do not communicate with each other and their data is not synchronized. This becomes a problem when making security policy change requests, and typically someone needs to manually translate the names used by in the firewall management system to the name in the CMDB, which is a slow and error-prone process, in order for the change request to work.

In this lesson Professor Wool provides tips on how to use a network security policy management to coordinate between the two system, match the object names, and then automatically populate the change management process with the correct names and definitions.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

AlgoSec Splunk App for Incident Response

Mon, 28 Nov 2016 02:00:00 GMT

This video demonstrates a new AlgoSec App for incident response which integrates with Splunk.

Splunk can detect and analyze potential breaches while AlgoSec manages security policies and augments them with business context.

The new AlgoSec Splunk App enhances and automates incident response by highlighting the potential impact on business applications and business processes; adding information regarding the infected server's exposure to the internet, or access to sensitive internal networks; and automating the action needed to contain the incident.

Best Practices for Incorporating Security Automation into the DevOps Lifecycle

Wed, 16 Nov 2016 02:00:00 GMT

Best Practices for Incorporating Security into DevOps

In this lesson, Professor Wool examines the need for and the process of adjusting application connectivity throughout each stage of the DevOps lifecycle.

Lesson 13: Zero-Touch Change Management with Checks and Balances

Tue, 15 Nov 2016 02:00:00 GMT

Firewall Management 201: Lesson 13

In this lesson, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. He explains how, using conditional logic, its possible to significantly speed up security policy change management while maintaining control and ensuring accuracy throughout the process.

Cisco ACI and AlgoSec Integration (Overview and Demo)

Mon, 31 Oct 2016 02:00:00 GMT

Enhanced Security Policy Visibility and Change, Risk, and Compliance Management

For more information contact AlgoSec at info@algosec.com or visit our website at www.algosec.com

Combining Security Groups and Network ACLs to Bypass AWS Capacity Limitations

Thu, 29 Sep 2016 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 5

AWS security is very flexible and granular, however it has some limitations in terms of the number of rules you can have in a NACL and security group. In this lesson Professor Wool explains how to combine security groups and NACLs filtering capabilities in order to bypass these capacity limitations and achieve the granular filtering needed to secure enterprise organizations.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Using AWS Network ACLs for Enhanced Traffic Filtering

Mon, 26 Sep 2016 03:00:00 GMT

In this lesson Professor Wool examines the differences between Amazon's Security Groups and Network Access Control Lists (NACLs), and provides some tips and tricks on how to use them together for the most effective and flexible traffic filtering for your enterprise.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 3: Best Practices for Bringing NSX Security Policy Management into the...

Mon, 22 Aug 2016 03:00:00 GMT

Network Security for VMware NSX: Lesson 3

Once the NSX environment is up and running it needs to be part of the organization’s network security policy change process, and subject to the organization’s governance, audit, and regulatory compliance requirements. In this lesson Professor Wool discusses how to approach managing changes, auditing and compliance when the security team doesn’t ‘own’ the virtual environment.

Lesson 1: Migrating to NSX: Understanding the Why in Order to Figure Out the How

Mon, 22 Aug 2016 03:00:00 GMT

VMware’s NSX enables datacenter owners to secure East-West traffic using filtering policies that are enforced by the VMware infrastructure. However, migrating from existing traditional filtering technologies to VMware NSX can be a daunting task. In this lesson Professor will discuss why it’s important to understand the motivations for a migration to NSX in order to successfully plan and implement the actual migration to the VMware NSX platform.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts athttp://blog.algosec.com

Lesson 2: Tips on How to Create Filtering Policies for NSX

Mon, 22 Aug 2016 03:00:00 GMT

Network Security for VMware NSX: Lesson 2

When setting up an NSX data center you need to write filtering policies for any traffic that goes into an NSX data center, exits from it, or moves between different servers inside the NSX data center. In this lesson, Professor Wool recommends a multi-stage process to help users write secure and effective policies for east East-West traffic.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts athttp://blog.algosec.com

Lesson 4: Using Next Generation Firewalls for Cyber Threat Prevention

Thu, 19 Nov 2015 02:00:00 GMT

Next Generation Firewalls: Lesson 4
As part of the blacklisting approach to application security, most NGFW vendors now offer their customers a subscription based service that provides periodic updates to firewall definitions and signatures for a great number of applications especially the malicious ones. In this lesson, Professor Wool discusses the pros and cons of this offering for cyber threat prevention. It also discusses the limitations of this service when home-grown applications are deployed in the enterprise, and provides a recommendation on how to solve this problem.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 3: Managing Your Security Policy in a Mixed Next Gen and Traditional...

Thu, 19 Nov 2015 02:00:00 GMT

Next Generation Firewalls: Lesson 3
Next generation firewalls (NGFWs) allow you to manage security policies with much greater granularity, based on specific applications and users, which provides much greater control over the traffic you want to allow or deny. Today, NGFWs are usually deployed alongside traditional firewalls. Therefore change requests need to be written using each firewall type’s specific terminology; application names and default ports for NGFWs, and actual protocols and ports for traditional firewalls. This new lesson explains some of challenges of writing firewall rules for a mixed firewall environment, and how to address them.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 12: Managing Your Security Policy for Disaster Recovery

Thu, 19 Nov 2015 02:00:00 GMT

In this lesson Professor Wool discusses ways to ensure that your security policy on your primary site and on your disaster recovery (DR) site are always sync. He presents multiple scenarios: where the DR and primary site use the exact same firewalls, where different vendor solutions or different models are used on the DR site, and where the IP address is or is not the same on the two sites.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Protect Outbound Traffic in an AWS Hybrid Environment

Wed, 06 May 2015 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 2

Outbound traffic rules in AWS Security Groups are, by default, very wide and insecure. In addition, during the set-up process for AWS Security Groups the user is not intuitively guided through a set up process for outbound rules – the user must do this manually. In this lesson, Professor Wool, highlights the limitations and consequences of leaving the default rules in place, and provides recommendations on how to define outbound rules in AWS Security Groups in order to securely control and filter outbound traffic and protect against data leaks.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

The Fundamentals of AWS Security Groups

Wed, 06 May 2015 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 1

In this lesson Professor Wool provides an overview of Amazon Web Services (AWS) Security Groups and highlights some of the differences between Security Groups and traditional firewalls. The lesson continues by explaining some of the unique features of AWS and the challenges and benefits of being able to apply multiple Security Groups to a single instance.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Change Management, Auditing and Compliance in an AWS Hybrid Environment

Wed, 06 May 2015 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 3

Once you start using AWS for production applications, auditing and compliance considerations come into play, especially if these applications are processing data that is subject to regulations such as PCI, HIPAA, SOX etc. In this lesson, Professor Wool reviews AWS’s own auditing tools, CloudWatch and CloudTrail, which are useful for cloud-based applications. However if you are running a hybrid data center, you will likely need to augment these tools with solutions that can provide reporting, visibility and change monitoring across the entire environment. Professor Wool provides some recommendations for key features and functionally you’ll need to ensure compliance, and tips on what the auditors are looking for.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

AlgoSec Case Study: BM&FBOVESPA (English)

Wed, 01 Apr 2015 03:00:00 GMT

Hear Wellington Vita, Information Security Manager, explain how AlgoSec helps BM&FBOVESPA maintain a secure, compliant trading environment.

Lesson 9: How to Structure Network Objects to Plan for Future Policy Growth

Mon, 08 Dec 2014 02:00:00 GMT

Firewall Management 201: Lesson 9
In this lesson, Professor Wool explains how you can create templates - using network objects - for different types of services and network access which are reused by many different servers in your data center. Using this technique will save you from writing new firewall rules each time you provision or change a server, reduce errors, and allow you to provision and expand your server estate more quickly.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 8: NAT Considerations When Managing Your Security Policy

Tue, 11 Nov 2014 02:00:00 GMT

Firewall Management 201: Lesson 8
A business owner makes a simple change request to allow traffic to a new application. You now need to figure out the right firewall rules to change. This should be pretty simple… but what if you’re using NAT (Network Address Translation) in your environment? In this lesson, Professor Wool explains some key principles of NATing and why it’s critical to understand your NAT policy in order to identify the right paths for network traffic, which firewalls rules really need to be modified, and how to write your security policy correctly.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

AlgoSec Overview: Managing Security Policies in Your Data Center

Wed, 29 Oct 2014 02:00:00 GMT

As your data centers and the security infrastructure that protects them continue to grow in size and complexity, so too does your security policy. Yet, manually managing complex security polices across devices and operations teams is no longer viable. It’s costly, risky and inefficient, and prevents you from keeping up with the speed of your business.

What if you could manage your security policies in a way that's simple, automated, and orchestrated? Now you can with AlgoSec. AlgoSec empowers organizations to manage security at the speed of your business. Through its application-centric approach, AlgoSec automates and simplifies security policy management across virtual, cloud and physical environments to accelerate application delivery while ensuring security.

Segmenting your Network for Security - The Good, the Bad, and the Ugly

Wed, 16 Jul 2014 00:00:00 GMT

Segmenting your network is one of the foundations of a sound security strategy. It limits the movements of an attacker, and therefore limits the overall impact of a security breach.
So why is it that most organizations struggle when it comes to defining, implementing and enforcing effective network segmentation?
In this webcast, AlgoSec and expert penetration tester Mark Wolfgang examine common segmentation mistakes and review best practices for defining and enforcing effective network segmentation.

Lesson 3: Using Object Naming Conventions to Reduce Firewall Management Overhead

Thu, 10 Apr 2014 03:00:00 GMT

Firewall Management 201: Lesson 3
In this lesson, Professor Wool offers some recommendations for simplifying firewall management overhead by defining and enforcing object naming conventions.
Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Tips for Secure Decommissioning of Business Applications

Fri, 14 Mar 2014 02:00:00 GMT

Managing Business Application Connectivity: Lesson 4

In this lesson, Professor Wool examines the challenges of decommissioning business applications and offers recommendations for improving security without impacting network operations by removing firewall rules that are no longer in use.

Managing the Security Policy in Your Data Center and Network

Thu, 06 Mar 2014 02:00:00 GMT

Overwhelmed with managing the security policy in your data center and network? What if you could...

Easily provision connectivity for your data center applications?
Process firewall changes 4x faster - and get it right every single time?
Discover and eliminate security policy misconfigurations?
Prepare for firewall audits at the click of a button?

Now you can... with AlgoSec

Mitigating Risk in Your Firewall Policy

Fri, 21 Dec 2012 02:00:00 GMT

http://www.algosec.com/ - AlgoSec Firewall Analyzer helps you understand the level of risk in your network security policy, providing complete visibility of your security posture and enabling you to mitigate risk across traditional and next-generation firewalls as well as routers. Firewall Analyzer analyzes your policy against the broadest database, which can also be customized to address your corporate policies, of more than 120 industry best practices, which includes application-based risks.

Lesson 4: Tips for Firewall Rule Recertification

Thu, 18 Oct 2012 02:00:00 GMT

Firewall Management 201: Lesson 4
In this lesson, Professor Wool examines some tips for including firewall rule recertification as part of your change management process, including questions you should be asking and be able to answer as well as guidance on how to effectively recertify firewall rules.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 6: Analyzing Routers as Part of Your Security Policy

Tue, 25 Sep 2012 02:00:00 GMT

Firewall Management 201: Lesson 6
In this lesson, Professor Wool examines some of the challenges when it comes to managing routers and access control lists (ACLs) and provides recommendations for including routers as part of your overall security policy with tips on change management, auditing and ACL optimization.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 1: Examining the Most Common Firewall Misconfigurations

Mon, 17 Sep 2012 03:00:00 GMT

Firewall Management 201: Lesson 1

In this lesson, Professor Wool discusses his research on different firewall misconfigurations and provides tips for preventing the most common risks.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

New Customer Collection Video

Tue, 07 Aug 2012 03:00:00 GMT

Lesson 2: Automating the Firewall Change Control Process

Thu, 28 Jun 2012 03:00:00 GMT

Firewall Management 201: Lesson 2
In this lesson, Professor Wool examines the challenges of managing firewall change requests and provides tips on how to automate the entire workflow.
Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 2: NGFWs - Whitelisting & Blacklisting Policy Considerations

Wed, 06 Jun 2012 03:00:00 GMT

Next Generation Firewalls: Lesson 2
In this lesson, Professor Wool examines the pros and cons of whitelisting and blacklisting policies and offers some recommendations on policy considerations.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 1: Next-Generation Firewalls: Overview of Application and User-Aware...

Mon, 21 May 2012 03:00:00 GMT

Next Generation Firewalls: Lesson 1
In this lesson, Professor Wool examines next-generation firewalls and the granular capabilities they provide for improved control over applications and users.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 5: Managing Firewall Policies in a Disappearing Network Perimeter

Mon, 07 May 2012 03:00:00 GMT

Firewall Management 201: Lesson 5
In this lesson, Professor Wool examines how virtualization, outsourcing of data centers, worker mobility and the consumerization of IT have all played a role in dissolving the network perimeter and what you can do to regain control.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com