Reduce the attack surface, prevent lateral movement
With the proliferation of ransomeware attacks, companies struggle to secure where critical information resides—and control access.
Cyber attackers exploit this.
70% of all attacks now involve attempts at lateral movement.
When an endpoint is compromised, it's essential to prevent adversaries from spreading throughout the network. The network must be adequately segmented, ideally micro-segmented, to reduce the attack surface and prevent lateral movement.
Furthermore, if you are a business with any supply chain, you can be especially vulnerable. The level of trust afforded to partners and vendors across key applications can expose holes and vulnerabilities that adversaries are actively seek.
Excess trust in a corporate network increases the odds that a breach will be debilitating.
“Zeroing in” on Zero-Trust
Zero Trust Networking is a proactive layer used to contain, and minimize, the impact of a breach. Using this defense strategy is essential for securing critical corporate assets and information—because today's business leaders recognize it's not “if ” but “when” a breach will occur.
Deployed correctly, a Zero Trust micro-segmentation initiative can help prevent widespread data breaches. Its purpose is to reduce the attack surface to minimize unauthorized lateral movement.
- Maintain strict network access controls
- Reduce the attack surface, and
- Remove implicit trust by default
Network Detection and Response (NDR)
WhiteDog's Network Detection and Response (NDR) offering is a SaaS-based, managed micro-segmentation solution. More than a traditional VLAN or hypervisor-based product, our NDR (aka Zero Trust Networking) solution provides a comprehensive approach.
- Secures access across networks
- Reveals and protects against visibility gaps, and
- Reduce the attack surface
Our NDR offering focuses on system-to-system segmentation of east-west traffic. This host-based micro-segmentation restricts lateral movement significantly and reduces the impact a malicious actor can have on the network.
WhiteDog's NDR is agnostic to the applications’ underlying network, hypervisor, or physical hardware. It allows organizations to set policies based on their business applications rather than how they connect to the network.
Because these systems are entirely independent of the network and underlying infrastructure, they work across cloud, on-premises, physical or virtual systems. Regardless of the underlying infrastructures hosts run on, they have the freedom to move them into and between clouds and hypervisors while maintaining the micro-segmentation policies applied to a given host.
Segmentation projects and implementations are notorious for their complications and high failure rates. Many don’t take the time to build out or lack a solid understanding of the dependencies between your systems and the application. Without this, you lack the foundation the entire project requires.
WhiteDog’s NDR solution integrates Application Discovery & Dependency Mapping to address the most challenging part of moves, migrations, or segmentation. We help you dynamically discover your applications, understand your flows, identify blind spots, and visualize communications.
This allows us to help you:
- Map application dependencies
- Define and enforce policies, and
- Alert on policy violations.
Our application discovery mapping process requires only a small amount of fine-tuning and maps most of the applications.
Full application stacks, or individual hosts, can be moved into and between any infrastructure or location. There is no need to constantly plan segmentation into your data center moves or migrations
To have a Zero Trust posture that effectively and consistently contains threats and revokes access, it must be part of an overall security practice, not just a part of the network layer. WhiteDog’s NDR offering is unique in its focus on deception and threat feeds, enabling continuous monitor and redirection of indicators of compromise to honeypots while alerting and blocking communication if a policy is violated.
You benefit from our understanding of best practices and pitfalls. Rather than attempting a DIY project that can extend a year or two, our 90-day implementation helps dramatically accelerate your customer's time to maturity, giving them a fighting chance to protect critical applications, decrease dwell time, and detect bad actors.
Our team of Security and Infrastructure experts have deep industry roots along with the necessary certifications to position, plan and enable Zero Trust to secure access for your customer's workforce, workloads, and workplace.
- Essentials: Full Visibility, Full Enforcement, Basic Breach detection (Standard breach detection capabilities included are Reputation, Network scanning, and alerts. Threat Intelligence Firewall.
- Premium: Add on dynamic deception capability per agent. Detects blocked or broken connections that suggest malicious behavior and redirects these attempts to a centralized, high-interaction deception environment (honey pot).
- Complete: Add on querying Windows and Linux systems through SQL commands.
- Legacy OS: NDR Agent for Legacy OS is for any of these OS’s Solaris/ AIX/ HPUX/ FreeBSD/Win pre 2008.
- EDR Endpoint: For companies on WhiteDog's Endpoint Detection and Response (EDR) service, we can use the EDR Client rather than the NDR client to reduce agent sprawl on endpoints. However, please note that this solution is limited in functionality.