Jeremy Murtishaw, CEO
In the light of unprecedented sophistication in cybercrimes, laying down the ideal security perimeter is becoming increasingly challenging for mid-sized businesses and enterprises alike. Moreover, discerning the most relevant and befitting security solution from the expansive spectrum of security product categories which often have overlapping concepts, is quite a task for organizations. Fortify 24x7 efficiently confronts these major pain points of enterprise security, leveraging a comprehensive suite of best-of-breed solutions to help companies meet their security goals. Providing expert consultation under the virtual Chief Information Security Officer (vCISO) program, Fortify assists companies in determining cost-effective and streamlined security solutions pertinent to their specific security requirements.
Fortify provides an array of best-in-class cybersecurity solutions to ensure that an organization is shielded from all potent threat vectors. “A one-size-fits-all solution cannot cater to every enterprise security requirement,” remarks Jeremy Murtishaw, CTO of Fortify 24x7. By leveraging their Cybersecurity Managed™ program, an endpoint solution combined with Fortify Phishing Protection (FP2) solution, an email security solution, and also a vCISO program, Fortify efficiently combats the threats of malware and ransomware.
The firm’s exemplary Fortify Phishing Protection (FP2) approach, which is focused on DNS security and ransomware protection, effectively confronts phishing attacks by deploying real-time threat intelligence to track domains connected with malicious activities.
The solution also provides users with a comprehensive view of the DNS traffic through a single pane of glass to spot anomalies and glean informative insights. Accumulated threat intelligence from different sources melded with user surveillance is the power behind FP2’s efficacy.
For active ransomware like Locky, FP2 has the ability to intercept and impersonate the command and control communication to uninstall and destruct the ransomware
FP2 also curbs malicious ads by enabling simple and effective blocking of access to certain categories of web content to filter malvertisements, allowing the rest of the page to load. “For active ransomware like Locky and its variants, FP2 is able to intercept and impersonate the command and control communication to uninstall and destruct the ransomware,” explicates Murtishaw.
The firm’s novel approach to security— the vCISO program—bolsters the security posture of an organization enabling users to employ the knowledge and expertise of security industry veterans who review and assess the current security framework of a company. After a thorough evaluation, vCISO creates a report to pinpoint the red flags in the security infrastructure and gaps in IT policy. The Fortify vCISO program also provides organizations with a plan to meet requisite compliance requirements— HIPAA, SOX, PCI, GDPR.
Highlighting a successful case study, Murtishaw illustrates an incident where a university, relying on a weak endpoint protection, was impacted by malware that became the infection vector for a ransomware attack. 52 terabytes of still images that represented 100 years of the university’s history were at stake. Because of the university’s space constraints on the shared file drivers, all those images resided on an external drive array connected to an employee’s workstation which when compromised didn’t have any backup data. Fortify came to the rescue and immediately severed the machine from the network, identified the variant of the ransomware, implemented the necessary steps, and recovered the data.
Progressing into the future, Fortify is all set to enter the market space in 2018 with a threat intelligence platform offering of their own, which will be geared towards small and mid-sized businesses at a competitive price point. Fortify believes organizations need access to critical information to make decisions needed to protect their business operations. Furthermore, the firm has envisioned a number of app development projects. “It is going to be extraordinarily useful as our intent is to distill the information into a usable format for a non-IT person as well,” concludes Murtishaw.