AppSense, the leading provider of user virtualization solutions for the secure endpoint, today announced that its approach to delivering trusted endpoint security solutions was recently validated in a white paper published by the SANS Institute. The paper, “Updates to the CSCs: More Effective Threat Protection with Privilege Management and Application Control,” examines the Centre for Internet Security’s latest version of Critical Security Controls (CSCs)1. CSCs are a prioritised list of 20 security controls that, when implemented well, have proved effective in blocking most advanced target threats and supporting faster detection and resolution of those that do get through initial defences.
Application control and privilege management, two hallmarks of AppSense’s Application manager endpoint security solution, were identified as “quick wins” with immediate risk reduction against advanced target threats.
“The security benefits of application control and privilege management are well known—they are often considered to be just Security 101. Nonetheless, the majority of breach reports have determined that attacks succeeded because of either missing or ineffective controls and processes in these areas,” according to the SANS paper authored by John Pescatore, SANS Insitute director of emerging technologies. “Conversely, enterprises and government agencies that avoid breaches or minimise the damage of advanced targeted attacks almost invariably have implemented controls such as Application Control and Privilege Management and have mature processes that both respond to changes in threat and meet business needs for flexibility and adaptability.”
“AppSense’s innovative Trusted Ownership® approach to whitelisting prevents ransomware and malware incidents before they can start, while requiring minimal configuration by IT and without reducing user productivity. Powered by this philosophy, AppSense secures over 9 million endpoints today,” said Jon Rolls, Vice President of Product Management for AppSense. “AppSense provides a range of endpoint security features that enable delivery of productive, least-privilege desktop together with tools that enable easy ongoing self-service and maintenance by the IT and Security Team. This SANS whitepaper underlines the critical role AppSense plays in reducing the most common security threats.”
In addition to application control through Trusted Ownership, AppSense provides a wide range of endpoint security functions including:
- Granular Windows privilege management for a practical approach to least privilege practise
- Network access control to minimise damage through compartmentalization
- Desktop software licence compliance and enforcement
- Granular visibility into security and privilege activities in a live environment
The SANS Institute was established in 1989 as a cooperative research and education organisation. Its programmes now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organisations from corporations to universities working together to help the entire information security community.
SANS Institute’s Pescatore will be a featured speaker tomorrow for the webinar, “Overcome Privilege Management Obstacles with CSC v.6.” The live webinar on Tuesday, April 26 will cover the changes in controls that can help streamline privilege management and make it less visible – and annoying – to users.
AppSense is the leading provider of user virtualization solutions for the secure endpoint. The technology allows IT to secure and simplify workspace control at scale across physical, virtual and cloud-delivered desktops. AppSense solutions have been deployed by 3,600 enterprises worldwide to 9 million endpoints. AppSense is now a part of the LANDESK family with offices around the world.
 The CIS Controls for Effective Cyber Defence Version 6.0, www.cisecurity.org/critical-controls.cfm