ITEXPO Keynote Speaker: Only Allow What is Needed and Block Out Everything Else

ITEXPO Keynote Speaker: Only Allow What is Needed and Block Out Everything Else

By Greg Tavarez

Endpoint security is a modern strategy when it comes to cybersecurity. Limiting communication and access from everyone to only those authorized mitigates the risk of viruses and malware attacks.

ThreatLocker, an expert in endpoint security technologies, has a phrase for this strategy: “never trust, always verify.” ThreatLocker keeps this phrase at its core.

Danny Jenkins, CEO and co-founder of ThreatLocker, gave his thoughts on the purpose of endpoint security during a keynote presentation at the ITEXPO in Ft. Lauderdale, Florida. ThreatLocker is a platinum sponsor at the 2023 MSP Expo.

ThreatLocker is known for operating a zero-trust endpoint security platform that assists organizations from businesses to government agencies and academic institutions to stop ransomware and other cyberattacks.

Jenkins talked about the past with security. Anti-virus was comforting for most. People felt protected with it. Then the internet came to fruition. People had the ability to download software. Well, in comes malware. Not only was malware an issue, people also saw each other on the network when dialed up.

“Even with antivirus, which was making feel secure, warm and fuzzy, I was a sitting duck,” said Jenkins.

In 2002, the Baster virus came out and changed the security landscape. It attacked Windows update. That “warm and fuzzy” feeling went away. To mitigate, Microsoft added firewall to Windows XP. The protected feeling came back.

Fastforward to 2017, EternalBlue happened. This made people realize servers didn’t have firewalls. And those servers got hit – hospitals, government agencies and business.

With things like ransomware, trojans, adware, etc., there is a misconception that antivirus, AI and threat hunting – layers and layers and layers of protection – is the right strategy. Those layers are not protecting at all. Here’s how, according to Jenkins: Attackers use an advanced IP scanner and backup software to see through those layers.

Because the items listed above are software, they are distributed through email, messaging apps, attachments and embedded malware, as a few examples. Another way malware and software get distributed is through vulnerabilities. Look at Microsoft “Follina,” a zero-day vulnerability in Windows that was exploited by state-backed hackers.

“When opening a document, Office crashed,” said Jenkins, when describing his experience with Follina. “We waited and waited, then PowerShell launched and downloaded a piece of Malware on the machine.”

So how do MSPs and companies stop attacks? Jenkins said to allow only what is needed and block out everything else.

“The best solution is to allow what you need and block everything else. If someone wants to introduce anything new, they request it and you approve it,” said Jenkins. “You stop ransomware, malware and Shadow IT by only allowing what you need and blocking everything out.”

Just as a side note, Shadow IT is when endpoint users install their own software and download their own apps without being aware of vulnerabilities and patches.

ThreatLocker’s application allowlisting, Ringfencing, storage control, elevation control and endpoint network access control solutions, when combined, provide a more secure approach of blocking the exploits of unknown application vulnerabilities. Ringfencing, for example, reduces the chance of a cyberattack by limiting what applications can do, whether it’s interacting with another application, files, data or the internet.

Jenkins then came full-circle and asked the audience, “what is the purpose of endpoint security?” To stop bad stuff from happening.

Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Mutare Brings Together Cybersecurity Community to Raise Vishing Awareness

By: Greg Tavarez    3/28/2023

Mutare is collaborating with government agencies, business coalitions and private industry in an educational campaign to raise awareness of the risks …

Read More

Only 15% of Organizations Deemed Mature Enough to Defend Against Cybersecurity Risks

By: Greg Tavarez    3/28/2023

Fifteen percent of organizations globally have the maturity level of readiness needed to be resilient against today's modern cybersecurity risks, acco…

Read More

Opti9 Offerings Strengthen Veeam Customers' Security Stacks

By: Greg Tavarez    3/28/2023

Opti9 introduced its standalone offerings for Veeam, which are managed services for Veeam Software and its AI-based ransomware detection and remediati…

Read More

How Businesses are Navigating Migrations and Marketplace Shifts

By: Alex Passett    3/28/2023

Westcon-Comstor recently published a report that explored challenges found amongst shifting subscription and recurring revenue models for businesses.

Read More

Cybersecurity Essentials: BSA Expands Managed Security Solutions

By: Alex Passett    3/24/2023

Bridge Security Advisors (BSA) has announced an addition to its Essential Security Solution (ESS): the Managed Security Solution (MSS) offering.

Read More