Sangfor Releases Extended Detection, Defense and Response (XDDR) Application Containment

Sangfor Technologies | September 17, 2021

Sangfor Technologies announced the release of their long-awaited extended protection solution, XDDR Application Containment. Based on Sangfor's XDDR security framework, Application Containment allows the network and endpoints (both on-premise or in-cloud) to work together to identify, control, and report on all applications running on endpoints, or using the network to communicate. Sangfor's XDDR provides an integrated solution that protects against ransomware, malware, APTs, phishing websites and email, and potentially malicious applications.

Controlling and enforcing internet access policies in the workplace has not been easy. Employees want access to the internet for personal use as well as their work, making overly restrictive security solutions difficult to implement and maintain. Organizations deploy proxy servers to control access to the internet and external applications. This access control is necessary to maintain productivity, ensure users do not access malicious sites and unknowingly download malware, and to maximize bandwidth utilization for critical business applications.  Many users employ VPN (virtual private network) technology, anonymous browsers, and other proxy avoidance applications to bypass organizational security and content filtering policies enforced by the proxy servers. Sangfor XDDR Application Containment solutions enable the organization to quickly create Proxy Avoidance Protection policies for blocking usage of proxy avoidance tools and applications on the endpoint.

Sangfor's NGAF (Next Generation Application Firewall), IAG (Internet Access Gateway) and Endpoint Secure products work cohesively to provide real-time visualization of all application communication throughout the entire network, quickly identifying proxy avoidance traffic. Proxy Avoidance Protection policies can quickly be built on the NGAF or IAG from Sangfor's extensive library of anti-proxy and proxy avoidance applications. These policies are then deployed by Endpoint Secure to block or monitor anti-proxy applications.

Organizations can also create whitelists and blacklists of applications in Application Containment. This gives administrators granular control of applications running on PCs, laptops, and servers to prevent installation of malware and ransomware, especially with users working from home, to prevent infection of corporate, enterprise, or organizational networks, resources, and critical assets. Peripheral Control manages access to connected USB devices to prevent data leakage.

Traditional extended detection and response (XDR) is network security technology designed to provide increased visibility, analysis functions and response to cyber-threats in the network, cloud, applications, and endpoints. XDR is positioned as the most sophisticated technology available but tends to be more marketing hype than reality, having been developed as the progression of EDR, or endpoint detection and response, to work with non-integrated network security products. Unlike XDR products, Sangfor XDDR Application Containment is the only true solution where network and endpoint work together to identify, control, and report on both allowed and malicious applications running on endpoints and communicating across the network. Sangfor NGAF, IAG and Endpoint Secure coordinate responses so Application Containment can provide real-time blocking and monitoring of unapproved or malicious applications.

Control can be regained from rogue applications delivered by ransomware, malware and APTs that users bring into networks. Sangfor Application Containment blocks the bypassing of internet access controls and prevents users from bringing them in again.

About Sangfor Technologies
Sangfor Technologies is a leading global vendor of IT infrastructure and security solutions, specializing in Cloud Computing & Network Security with a wide range of products & services including Hyper-Converged Infrastructure, Virtual Desktop Infrastructure, Next-Generation Firewall, Internet Access Gateway, Endpoint Protection, Ransomware Protection, Managed Detection and Response, WAN Optimization, SD-WAN, and many others.


Introducing VMware Tanzu Mission Control, which provides a single control point for teams to easily manage Kubernetes and operate modern, containerized applications across multiple clouds and clusters. With VMware Tanzu Mission Control, you can give your developers the independence they need to drive your business forward, while ensuring consistent management and operations across environments.


Introducing VMware Tanzu Mission Control, which provides a single control point for teams to easily manage Kubernetes and operate modern, containerized applications across multiple clouds and clusters. With VMware Tanzu Mission Control, you can give your developers the independence they need to drive your business forward, while ensuring consistent management and operations across environments.

Related News


Cohesity Highlights Data Management and Data Security Innovations at VMware Explore

Cohesity | August 24, 2022

Cohesity, a leader in next-gen data management, will highlight how customers can safeguard their data while accelerating the move to hybrid and multicloud environments at VMware Explore August 29 - September 1, 2022. As ransomware attacks continue to rise, cybercriminals have begun developing new methods of cyber mayhem that involve targeting confidential data. Attendees will learn how Cohesity FortKnox, a SaaS data isolation and recovery solution, can help provide a secure copy of data in the event of a cyber attack. Cohesity will highlight and discuss how other next-gen data management solutions, including AI / ML capabilities, provide customers with improved security to protect and recover data from cyberattacks in order to maintain business continuity. Attendees will also learn how to protect their cloud infrastructure with a unified data management solution that also makes it easy to drive business outcomes from data insights. Cohesity’s presence at the event includes: Sessions at VMware Explore: Session 1: Do You Trust your Data Recovery Strategy: WHO: Jon Hildebrand and Mike Nelson, Principal Technologists, Cohesity WHEN: Tuesday, Aug 30 3:15 - 3:45 p.m. PT WHERE: Moscone South, Lower Level, The Expo Theater 1 ABOUT: Enterprise data protection is more important than ever due to the changing cybersecurity landscape and the need to ensure recoverability. Our Cohesity experts will discuss top mistakes to avoid when protecting your data as well as the best practices for data management success for VMware Cloud. Learn how to get ahead by turning your data into an asset instead of a liability using comprehensive data management services to extract more value for security, compliance, and more. Session 2: Reduce Ransomware Anxiety - Practical Advice to Safeguard Your VMware Data: WHO: Brian Spanswick, CISO, Cohesity Theresa Miller, Director, Technology Advocacy Group, Cohesity Victor Camacho, Principal Technologist, Cohesity Robert Shields, Director of Data Security (PMM) WHEN: Wednesday, Aug 31 11:00 - 11:30 a.m. PT WHERE: Moscone South, Esplanade, Room 151 ABOUT: Did you know that the average downtime from a ransomware attack is 22 days? And that even the most ready IT operations teams will need 1 to 2 weeks to be back online? There is an overwhelming amount of information - including CISA’s “Shields Up” guidance - on how to best prepare for these events. Hear from our expert panel on the best practices for optimizing your organization's cyber resiliency strategy with backup and recovery that will quickly restore your mission-critical data when disaster strikes. Session 3: Back to Basics: Business Continuity vs. Disaster Recovery WHO: Theresa Miller, Director, Technology Advocacy Group, Cohesity WHEN: Thursday, Sep 1 10:45 - 11:00 a.m. PT WHERE: Moscone West, Level 2, VMware Communities and {code}, Community Theater ABOUT: Yes, business continuity and disaster recovery are different. So why can this topic be so confusing? Join me for 12 minutes to uncover the difference between the two and some best practices surrounding adoption of both as business recovery strategies. Session 4: Become a Security Genius in 12 Minutes WHO: Theresa Miller, Director, Technology Advocacy Group, Cohesity WHEN: Tuesday, Aug 30 12:15 - 12:30 p.m. PT WHERE: Moscone West, Level 2, VMware Communities and {code}, Community Theater ABOUT: You manage your organization’s infrastructure, so why in the world would you care about security? Let’s first talk about why you could care about security. Then, we will dive into top best practices to improve your security posture now. Session 5: Fun with the WSL WHO: Mike Nelson, Principal Advocate, Cohesity WHEN: Tuesday, Aug 30 2:15 - 2:30 p.m. PT WHERE: Moscone West, Level 2, VMware Communities and {code}, Community Theater ABOUT: The Windows Subsystem for Linux (WSL) is a tool that not only provides cross-platform goodness for administrators, it also allows for some cool interfaces and geeky fun you can play around with in your downtime. We will take a look at a few of these in the time allowed. Session 6: Learn Azure Cloud Shell in 12 Minutes WHO: Mike Nelson, Principal Advocate, Cohesity WHEN: Thursday, Sep 1 10:00 - 10:15 a.m. PT WHERE: Moscone West, Level 2, VMware Communities and {code}, Community Theater ABOUT: Take just 12 minutes to learn the important features and uses for Azure Cloud Shell. We will look at PowerShell, Bash, accessing the shell, and what you can do once you are in it. Session 7: Learn PowerShell by Building a Cool Alarm Clock WHO: Mike Nelson, Principal Advocate, Cohesity WHEN: Wednesday, Aug 31 9:00 - 9:15 a.m. PT WHERE: Moscone West, Level 2, VMware Communities and {code}, Community Theater ABOUT: Back by popular demand is a session given at the last in-person VMworld that featured a quick tutorial on PowerShell basics and then building a really cool alarm clock using functions. Now, the alarm clock is even cooler and more awesome than the last. A Gold sponsor, Cohesity will exhibit at booth #1402 and feature a series of in-booth presentations from technical leaders showcasing its multilayered security architecture designed to help organizations protect themselves from sophisticated ransomware attacks. To learn more about Cohesity’s overall presence at VMware Explore, click here. About Cohesity Cohesity radically simplifies data management. We make it easy to protect, manage, and derive value from data across the data center, edge and cloud. We offer a full suite of services consolidated on one multicloud data platform: backup and recovery, disaster recovery, file and object services, dev/test, and data compliance, security, and analytics — reducing complexity and eliminating mass data fragmentation. Cohesity can be delivered as a service, self-managed, or provided by a Cohesity-powered partner.

Read More


Code42 Incydr Supports Leading Desktop-as-a-Service Offerings and Virtual Desktop Infrastructure Solutions

Code42 | September 26, 2022

Code42 Software, Inc., the Insider Risk Management (IRM) leader, today announced its Incydr product fully supports all major Desktop-as-a-Service (DaaS) and Virtual Desktop Infrastructure (VDI) environments. The Code42® Incydr™ product detects when valuable and sensitive files are moved to untrusted locations, including personal email and cloud accounts, and removable media – and allows security teams to quickly respond in order to stop data leaks and theft. According to a recent survey of IT professionals published by Citrix, nearly 70% of organizations are planning to implement VDIs to accommodate hybrid or remote work strategies, with just under 60% accelerating the adoption of cloud tools. Though DaaS and VDI solutions help security teams better protect against vulnerabilities, malicious actors and other external threats, they do little to reduce the risk from insiders, as virtual environments inherently depend on cloud tools. “We’ve seen a notable uptick in the number of teams that have deployed DaaS and VDI solutions throughout their environments. Given the continued popularity of bring-your-own-device (BYOD) and remote work, coupled with an unstable hardware supply chain, we absolutely expect this trend to continue, In virtual-first organizations where there is pervasive use of cloud collaboration tools, such as Git, Salesforce, GDrive, OneDrive and iCloud, Incydr wraps a layer of protection around data put at risk by insiders, complementing solutions that focus on external threats and malicious actors.” Rob Juncker, CTO of Code42 Code42 Incydr: The Industry’s Leading Data Security Product for Exfiltration Detection and Response Incydr is an Insider Risk Management solution that provides the visibility, context and controls needed to stop data leak and IP theft. Organizations utilize Incydr to detect and respond to data exposure and exfiltration from corporate computer, cloud and email systems. It deploys in hours so security teams can address material risk to the business in a matter of days and drive the secure work habits needed to decrease how often employees put data at risk in the future. Code42 Instructor: Education-Led Insider Risk Response The Code42 Instructor™ micro-learning solution improves Insider Risk awareness by focusing on the creation of holistic, security-oriented cultures. The solution delivers actionable, hyper-targeted and bite-sized video lessons to end-users when they’re needed most, helping to change security behavior for the long term. The Instructor solution helps organizations rapidly mature their Insider Risk Management programs by incorporating data-driven Insider Risk behavioral guidance for end-users. Combining the Power of Incydr and Instructor Instructor works in tandem with Incydr, allowing security, compliance and education teams to immediately send corrective video lessons triggered by employee actions that create risk for the business. For example, when Incydr flags file movement to an untrusted location, like an unauthorized cloud application, an Instructor video specifically explaining the correct activity is sent to educate the employee in real-time through the Incydr solution. Code42 Services: Measure, Manage, Mitigate IRM technology is simpler and faster to deploy than other technologies, such as DLP and CASB, but it does require a strategy and mindset shift. Insider Risk Management isn’t only about data – it’s about a company’s employees and culture. Code42 IRM Services are designed to help organizations establish an efficient and effective IRM program rooted in transparency, training and technology. Code42’s services take a collaborative approach to helping organizations develop, operationalize, and mature an end-to-end IRM program. About Code42 Code42 is the leader in Insider Risk Management (IRM), offering end-to-end data loss detection and response solutions. The Code42 Incydr product is native to the cloud and rapidly detects data exposure, loss, leak and theft as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. Accelerating the effectiveness of Insider Risk programs are the Code42 Instructor microlearning solution, and Code42’s full suite of expert services. With Code42, security professionals can protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. Designed to meet regulatory control requirements, Code42’s IRM solution is FEDRAMP authorized and can be configured for GDPR, HIPAA, PCI and other compliance frameworks. Innovative organizations, including the fastest-growing security companies, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NewView and Split Rock Partners. Code42 has played a defining role in developing a vision and requirements for the IRM category – now recognized by Gartner, IDC and Forrester – and is a founding member of the annual Insider Risk Summit and Insider Risk Community. The Company has several offices across the United States and its clients include large multinational organizations, such as Crowdstrike, Exabeam, BAYADA Home Health Care, Juniper Networks, Lending Club, MacDonald-Miller, MACOM, North Highland, Ping Identity, Shape Technologies, Snowflake, University of Georgia, User Testing, UTEX and Xactly.

Read More


New Hedge Fund Managed IT Trends Report Shows Industry Shift in IT Outsourcing and AI-Driven Services

Agio | September 16, 2022

Agio, a leading cybersecurity and managed IT provider for financial services firms, published its inaugural 2022 Hedge Fund Managed IT Trends Report today. The survey, conducted earlier this year, captures the opinions and perceptions of recent, current, and future technology management and information security programs, initiatives, and readiness from 100 hedge fund practitioners across the technology, operations, cybersecurity, and compliance fields. Survey respondents revealed that, coming out of the pandemic, firms are reevaluating their options with respect to in-sourcing versus outsourcing IT management. Looking ahead to the next two years, 89 percent of firms that currently in-source IT management said they are likely to allocate more spend to outsourced services. The driver behind this shift is a need for heightened security (54%), increased access to public cloud management and support expertise (46%), and more responsive end-user support (44%). 89% of firms that in-source IT management today said they plan to allocate more spend to outsourced services. Of those firms already outsourcing IT management, 91 percent said they are likely to switch providers. Among the largest hedge funds that currently outsource (funds with +$5 billion AUM), nearly two-thirds (64%) reported they were likely to change service providers in the next 24 months because their current vendor is unable to support a public cloud environment. In discussing how the managed service provider (MSP) model will change in the coming years, respondents predicted providers will employ artificial intelligence to remove service friction and increase service uptime (47%), as well as to enable support agents to be more responsive when issues do arise (47%). Most firms (51%) also predicted that MSPs will soon be measured and compensated by how well they limit break-fix issues versus how many issues they resolve. "Viewing IT management and security operations through a single lens is essential to our vision of delivering secure, reliable, and resilient information systems, We also agree with survey respondents that MSPs must evolve now or perish. We've made meaningful investments in AI-driven tools that empower our support agents to deliver better client service and improved system availability. That combination of human brilliance and predictive analytics is the future of managed services." Bart McDonough, CEO and Founder of Agio Other topics explored in this year's report include how firms are adjusting to the impact of new regulations; what steps firms are taking to ensure system uptime and information security while supporting a distributed workforce; and how the industry is shifting with respect to managing systems on-prem, in the cloud, and across multiple cloud environments. About Agio Agio is a hybrid cybersecurity and managed IT organization equipping the financial services and healthcare industries with next-generation cyber protection and technology support. Agio has extensive experience building, maintaining, optimizing, and securing IT infrastructure for the world's most prestigious client organizations. With more than 300 employees, our culture prioritizes frequent and timely communication to provide unrivaled, highly personalized service across all our solutions, including managed detection and response, 360° cybersecurity programs, virtual CISO (vCISO) support, technology hosting, monitoring, management, global service desk, desktop as a service, disaster prevention, and recovery. Agio is headquartered in New York, NY, with additional offices around the world.

Read More