Story image

Ziften & Microsoft: The partnership bringing threat defence to almost every OS

29 May 18

Endpoint security firm Ziften Is making serious headway into a partnership with Microsoft and its Windows Defender Advanced Threat Protection (ATP) platform, as it continues to bring Microsoft technology into macOS and Linux, including Ubuntu, CentOS, RedHat Linux, Scientific Linux, Fedora, and others.

Last month Ziften announced its membership in Microsoft’s new Intelligent Security Association as part of a collaborative effort to strengthen endpoint protection, share threat intelligence, and protect organisations from threats.

Ziften joins Barracuda, Forcepoint, Zscaler, Palo Alto Networks, SailPoint and other global security firms that have also joined the Association.

Microsoft 365 Security general manager Andrew Conway says the Association is all about improving cooperation from leading vendors to improve security for mutual customers.

“Continued integration and intelligence sharing from Ziften within the context of the Microsoft Intelligent Security Graph enables customers to more quickly and accurately detect, investigate and respond to attacks across their entire endpoint and cloud base.”

Ziften’s involvement in the Microsoft Intelligent Security Association will benefit mutual customers through a number of processes, including endpoint and cloud threat protection for Windows, macOS, and Linux, as well as ‘2-click’ integration with Windows Defender ATP.

  • Threat Protection for all Endpoints and the Cloud: The integration delivers advanced endpoint detection and response solutions, and cloud visibility and security solutions for Windows, macOS, and Linux systems.
  • Easy to Integrate Security Solutions: The simple Ziften “2-click” integration with Windows Defender ATP enables customers to detect, view, investigate, and respond to advanced cyber-attacks using only the Windows Defender ATP management console.
  • Intelligence Sharing to Turn the Tide to Customers’ Advantage: Working within the Intelligent Security Association, Ziften’s integration brings intelligence signals from additional sources to bear, helping customers detect and respond to threats faster.
  • Putting the Power of the Cloud to Work: The power of the cloud transforms monitoring at scale. The integrated, Azure powered approach means customers can instantaneously search 6 months of rich machine timeline unifying security events from Windows, macOS, and Linux-based systems – both physical and virtual.

Ziften CEO Chuck Leaver says the membership is a huge win for mutual customers and prospects.

“As security vendors, we all recognise the need to cooperate and collaborate to protect our customers and their employees. Kudos to Microsoft for leading this industry effort,” he says.

Ziften has been heavily involved with Microsoft and other security vendors on projects revolving around Windows Defender ATP.

In November 2017 Ziften, Bitdefender and Lookout were named as three vendors who would integrate their respective platforms with Microsoft’s Windows Defender ATP. The integration enables customers to run Windows Defender ATP on macOS and Linux-based devices.

Ziften’s Zenith systems and security operations now provide the ability for customers to detect attacks and zero-day exploits to uncover the full extent of a breach and to quickly respond to attacks.

“The days of siloed endpoint security tools that provide only incomplete, point-in-time data exposing organisations to unacceptable risks and unnecessary costs is ending. Together, we help security teams to address today’s visibility, security and control challenges at the endpoint and in the cloud,” Leaver concludes.

Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t.