ObserveIT’s Looking Forward to the CITRIX Synergy 2013

by Gaby Friedlander on May 9, 2013

2013-05-09_171444We’ve been counting down the days and the CITRIX Synergy 2013 Conference in Los Angeles at the Anaheim Convention Center is right around the corner!

In addition to ObserveIT being there May 22-24 with bells on, we’re going to be available to discuss and demonstrate how ObserveIT has become the SMART Citrix Auditor.

We’d love the chance to meet with you there, so stop by our booth #516, or schedule a meeting by clicking on any one of the icons, which are live on our home page.

See you soon!

Gaby Friedlander

About Gaby Friedlander

Gaby is the Co-Founder and CTO of ObserveIT. Gaby has built ObserveIT into the leading provider of User Activity Monitoring security auditing solutions for Windows, Unix and Linux platforms. Connect with Gaby on Google+

{ Comments on this entry are closed }

ObserveIT Goes to CA World 2013

by Daniel Petri on May 1, 2013

IMG_00000032

We had a great and fruitful experience at the 2013 CA World Conference in Las Vegas.  After attending  some interesting talks and speaking with people about ObserveIT Session Recording, where it was cool to see how it had everyone who saw it was completely impressed with how advanced our IT solution can help drastically reduce risk, improve operational efficiency, and increase business agility in a highly secured system.  I can tell you that I came back completely energized.  Overall, coinciding with the conference’s theme to “Go Big: IT with Impact,” I’m really excited to see how session recording will prove to be a powerful impact in IT security.

 If you have any questions, feel free to contact me via email at dpetri at observeit.

Daniel Petri

About Daniel Petri

Daniel Petri is ObserveIT's Product Architect. He focuses on technical documentation, product road mapping, product demonstrations and deployment. He is also responsible for creating and establishing a new product pilot and deployment plans.

{ Comments on this entry are closed }

ObserveIT for Citrix – The SMART Citrix Auditor

by Avi Weiss on April 25, 2013. Updated May 2, 2013

ObserveIT’s session recording system captures video of all on-screen activity while users work in Citrix XenApp published applications and on XenDesktop virtual desktops – with technology that’s quite a bit smarter than SmartAuditor!  

ObserveIT records user activities – in every application and system area – so that administrators, IT troubleshooters and auditors can replay any session, just as if someone had been standing over the user’s shoulder with a video camera in hand.

download

Video Activity Analysis

ObserveIT knows that while a video is great forensic evidence of any actions that took place, no one has time to sit and watch hours and hours of video. So ObserveIT dives into the video and analyzes what took place. It then provides you with an easy-to-read summary of the user’s actions. Just like chapters on a DVD, each action in the summary links to the exact point in the video that the action took place. So you can start watching right at the moment of interest, not the entire session.

Furthermore, this data is immediately available for free-text keyword searching: you can search for names of applications run, windows opened, URLs accessed, keystrokes typed, check-boxes clicked and much more. Every resulting search hit is linked directly to the portion of the video where that action occurred! This makes it incredibly easy to find the exact moment that an action was performed from among thousands of hours of video.

No other product on the market offers these must-have user auditing features!

Citrix Ready
ObserveIT is certified Citrix Ready for recording and analyzing session activity in Citrix XenApp and XenDesktop environments. This certified integration ensures a reliable, full-featured user recording solution for all XenApp (any edition, not just Platinum!) and XenDesktop users.

integration_citrix_screen_b

 

If you’d like to see more, we offer live demos for every country in every time zone.  Just click here to request a demo at a time that best suits you.

 

Avi Weiss

About Avi Weiss

Back in 2006, Avi Weiss saw a need for a product which would provide the solution to the problem of knowing exactly “who is doing what on your servers”. Bringing his 29 years of experience in Enterprise IT, Security and Communication software, he co-founded ObserveIT – the current market leader in enterprise-level User Activity Monitoring Security and Auditing solutions for Windows, Unix and Linux platforms.

{ Comments on this entry are closed }

SIEMs Give A False Sense of Security

by Gaby Friedlander on April 23, 2013. Updated April 25, 2013

blindersLog analysis is the most commonly used method for detecting unauthorized access to IT resources, especially security information and event management (SIEM) systems.

Their are a couple of pros to using a SIEM system, such as companies using a SIEM system are better able to quickly detect and contain cyber-crimes than those companies not using SIEM.  In addition, companies using a SIEM system also experience a substantially lower cost of recovery, detection and containment than non-SIEM-using companies.

However, although companies using a SIEM can have an advantage over those who don’t, they are still limited in their scope of capabilities.  This is due to one MAJOR and CRITICAL flaw–they cannot perform analysis and generate alerts on every application.  They can only perform analysis and generate alerts based on the data they receive, thus, seriously hampering the software’s ability to identify most unauthorized activity.

Legacy, cloud, system and consumer-oriented applications are examples of typical large SIEM “blind spots” making it a BIG mistake to solely depended on SIEMs to discover data breaches.  In large organizations, which typically rely on SIEM systems, only 8% of data breaches are discovered by the victimized organization’s log analysis and/or review process. (source: Verizon Data Breach Report 2012)

Furthermore, it is extremely difficult to get a clear value from a SIEM due to the fact that extensive collections of disjointed log data do not become magically understandable because they have been correlated into a single system based on time stamps, or other markers. While simple alerts can be defined using rules which look at one or two details, detecting unauthorized activity is an elusive and extremely time-consuming goal.

Only ObserveIT, which can be integrated with SIEMs, can capture every application and provide a clear picture as to what is being done on a company’s server, thanks to high-end session recording with searchable metadata of detailed user activity logs put into simple language.

To find out how our solution can help your company remove those blinders and provide the best IT security, request a live demo.

 

Gaby Friedlander

About Gaby Friedlander

Gaby is the Co-Founder and CTO of ObserveIT. Gaby has built ObserveIT into the leading provider of User Activity Monitoring security auditing solutions for Windows, Unix and Linux platforms. Connect with Gaby on Google+

{ Comments on this entry are closed }

The 8 Large Organizations Which Learned Their Lesson the Hard Way

by Steve Abramowitz on April 22, 2013. Updated April 24, 2013

Computer-ThiefWhat do 8 high-profile organizations all have in common?  They were all recently hacked and had their data breached by remote access.

Did you know that in two separate reports issued in 2012,  remote access service, which provides privileged entry to a corporate network, was indicated as the most common avenue used for data breaches?  Verizon reported that remote access accounts for 88% of data breaches, while Trustwave reported that 76% of data-breaches investigated were due to exploitation of remote vendor access channels.

Here are 8 high-profile organizations that were recently reported in the news, which provides anecdotal support to the reports mentioned above:

  1. Romanian hackers stole consumer credit card data from Subway, the American subway sandwich franchise, via remote desktop access software over a period of three years, enabling them to ring up over $3 million in fraudulent charges. (source)
  2. Hackers entered Sony’s PlayStation network by remotely taking over the PC of a system administrator and compromising the personal information of 77 million user accounts. (source)
  3. Chinese hackers exploited remote support services to steal information from Telvent Canada, a provider of remote administration software to the global energy industry. (source)
  4. Hackers gained remote access to South Carolina Department of Revenue computers and stole state tax data belonging to 6.4 million consumers and businesses.  (source)
  5.  Linode, a major web hosting provider, said it was hacked by hackers, who used a bug in Adobe’s ColdFusion that was recently exposed, which led to the attackers getting access to a web server, some of its source code, and its database, where some passwords in clear text, for its Lish shell program were stored. (source)
  6. Schnuck Markets Inc., a major grocery story chain, now says about 2.4 million debit and credit cards were compromised as a result of a remote data breach from its point-of-sale network.  (source)
  7. Document sharing giant, Scribd, was remotely hacked with as many as 1 million passwords compromised.  (source)
  8. A former system administrator hacked into his former employer’s network, Hostgator, a server hosting company, and gained remote access to 2723 separate servers inside Hostgator’s network.  Among other things, he stole a Hostgator SSH login key file so he could continue to authenticate from the outside.  (source)

In conclusion, no industry is safe from turning a blind eye to the issue of remote access hackers, and intelligent precautionary steps should be taken when it comes to protecting your organization’s valuable data.

_____________________________________________________________________________________

Sources:

[1] Ars Technica: How hackers gave Subway a $3 million lesson in point-of-sale security, December 2011 (source)

[2] NBC News: Hackers stole personal data from PlayStation Network, April 2011 (source)

[3] Krebs on Security: Chinese Hackers Blamed for Intrusion at Energy Industry Giant Telvent, September 2012 (source)

[4] The Island Packet: How hackers stole South Carolinians’ tax-return data, November 2012 (source)

[5] Dark Reading: Web Hosting Provider Breached Via Adobe ColdFusion Vulnerabilities, April 2013 (source)

[6] Bank Info Security: Schnucks: Millions of Cards Exposed: Grocery Chain Reveals Impact of POS Network Breach, April 2013 (source)

[7] CSO Online: Scribd Hacked: As Many as 1 Million Passwords Compormised, April 2013 (source)

[8] Naked Security: Hosting Company, Hostgator, Hacked: Suspect Arrested After Being “Rooted with His Own Rootkit”, April 2013 (source)

Steve Abramowitz

About Steve Abramowitz

Steve Abramowitz is ObserveIT’s Director of Sales in their New York City office. Steve brings over 20 years of experience in sales and business development, selling network management and performance management software solutions as well as different types of network security solutions to the enterprise. Feel free to reach out to Steve with any questions you may have.

{ Comments on this entry are closed }

Whitepaper: Answering the Indian Gov’s IT Security and Auditing Requirements

by Sean Ofir on April 15, 2013. Updated April 24, 2013

Emblem_of_India.svg Did you know that in 2012, 96% of breach victims were not compliant? Although compliance is not equivalent to server security, it certainly helps improve it by far.

Recently, the Department of Telecommunications of the Government of India’s Ministry of Communications & IT Security setup security and auditing requirements for remote access systems.

Read this whitepaper, to find out how server session recordings offers a solution to the DoT Remote Access Requirements, which includes:

  • Complete audit trail of remote access activities pertaining to the network operated in India, maintained for six months
  • Remote access storage servers in India storing remote access command logs locally in the storage server for the purpose of audit
  • All remote access requests/commands given from foreign locations on India network elements are captured and stored directly on the Indian remote access storage server
  • Plus, several more controls that server session recordings solve

If you’d like to discuss this whitepaper further, don’t hesitate to reach out to me via email at “sean at” and I’ll be happy to answer any questions.

Sean Ofir

About Sean Ofir

Sean Ofir is ObserveIT's Director of Sales and Channels for Asia Pacific & Middle East. He conducts seminars, channel recruitment and direct and non-direct sales to: MSP/ISP, VARs, OEM and enterprise markets. He brings 10 years of sales and business development in US and LATM, EMEA, APAC and GCC.

{ 0 comments }

BeSecure Hosts ObserveIT at the 3rd InfoCom Security Event in Athens

by Nachum Yogev on April 14, 2013

WP_000744We want to thank our partners at BeSecure for hosting us at the 3rd InfoCom Security event in Athens. It was an incredible event with over 600 IT security experts in attendance.

Our joint presentation covered the topic, “You Don’t Know What You Don’t Know,” where we discussed how we can improve the effectiveness of SIEM and Log Analysis Systems.  Not surprisingly, it was widely accepted that there is a demand for a new approach to the types of logs fed to log analysis systems.  Since system logs were built by developers for debugging purposes, a new type of log that is built for security purposes is needed.

After our talk, we had a lot of interest at our booth, and we gave away a free license to our Enterprise version to one lucky  raffle winner!

We were especially happy to see that many of our current customers stopped by to say hello.  It was great seeing you all.

We look forward to doing more events in Greece and Cyprus in the near future!

 

Nachum Yogev

About Yogev Nachum

Nachum Yogev is ObserveIT's Sales Manager for east and central Europe. He specializes in international sales, PCI, audits and IT security.

{ 0 comments }

The Shocking Facts about Data Breaches – An ObserveIT Infographic

by Tamar Ben-Moshe on March 24, 2013. Updated April 30, 2013

On a daily basis, news gets out that some large, “respectable,” high-enterprise company’s data has been breached.

ObserveIT has done some research and what we found is shocking.  For example, did you know that in 88% of large organization data breaches, the hacker just walked right through the front door (a.k.a. VNC, RDP), using legitimate, albeit, stolen user credentials?!

Want some more shockers? Check out our infographic that illustrates the facts about data breaches in large organizations.

Data Breach Infographic

 

Tamar Ben-Moshe

About Tamar Ben-Moshe

Tamar is ObserveIT's in-house social media evangelist. On any given day, you can find her roaming around the web; usually writing blogs, tweeting tweets and making new friends for ObserveIT through LinkedIN and Facebook.

{ 0 comments }

Maintain Employee Privacy with Selective Desktop Recording– So Flexible, You’d Think it’s a Yoga Master

by Steve Abramowitz on March 18, 2013. Updated March 19, 2013

Just like a well trained yogi, ObserveIT is so flexible to fit to your needs, it can allow fine-grained control over every aspect of what and how user sessions are recorded, without compromising employee security.

When recording user desktops, you can configure ObserveIT to record only sensitive business applications  (e.g. Salesforce, SAP) and to never record personal apps (e.g. Chat, Facebook).  When a specific-application recording policy is set, only the selected application windows are recorded and not the entire screen – protecting the user’s privacy in other applications.

Yoga4

Of course when recording servers, typically all user activity is recorded – however admins can define which users are recorded on which servers.

In all cases, ObserveIT also allows for granularity of how sessions are recorded – by video, by session meta-data, or both.

For more details,  watch this video or send me an email.

Namaste

Steve Abramowitz

About Steve Abramowitz

Steve Abramowitz is ObserveIT’s Director of Sales in their New York City office. Steve brings over 20 years of experience in sales and business development, selling network management and performance management software solutions as well as different types of network security solutions to the enterprise. Feel free to reach out to Steve with any questions you may have.

{ 0 comments }

Whitepaper on Staying Compliant with Australian InfoSec Regulations

by Sean Ofir on March 12, 2013

ism2012 Did you know that staying compliant can help prevent breaches?  In 2012, 96% of breach victims were not compliant, and although staying compliant does not mean you won’t be breached, we can see that it certainly reduces your chances.

The Australian government has recently published its Information Security Manual (September 2012), specifying a wide range of information security government controls.

Read this whitepaper to find out how server session recordings offers solutions to staying compliant by directly answering 10 of these controls, including:

  • Ensuring that the use of privileged accounts are controlled and auditable
  • Certifying that all users are uniquely identifiable and authenticated every time
  • Plus, 8 more controls that server session recordings solve

If you’d like to discuss this whitepaper further, don’t hesitate to reach out to me via email at “sean at” and I’ll be happy to answer any questions.
Sean Ofir

About Sean Ofir

Sean Ofir is ObserveIT's Director of Sales and Channels for Asia Pacific & Middle East. He conducts seminars, channel recruitment and direct and non-direct sales to: MSP/ISP, VARs, OEM and enterprise markets. He brings 10 years of sales and business development in US and LATM, EMEA, APAC and GCC.

{ 0 comments }

← Previous Entries