Search results

Explore Algosec's customer success stories to see how organizations worldwide improve security, compliance, and efficiency with our solutions. Atruvia (formerly Fiducia IT AG) Reduces Security Risks For Banks With Algosec Organization Atruvia Industry Technology Headquarters Karlsruhe, Deutschland Download case study Share Customer
success stories "AlgoSec’s Security Management Solution is incredibly powerful. Its intelligent process improvements have directly translated into the highest level of security and compliance for our customers’ networks" Background With over 45 years’ experience in the banking sector, Atruvia ( formerly Fiducia IT AG) is one of the top ten IT providers in Germany. Today, Atruvia manages the IT networks of nearly 1,100 banks, constituting more than 100,000 PC workstations, 6,600 servers and 25,000 self-service banking terminals. Responsible for ensuring the smooth and secure processing of more than 16 billion transactions per year for its customers, Atruvia’s risk mitigation and regulatory compliance strategies are of utmost importance. Challenge To protect its customer networks, Atruvia implemented a number of security solutions, including 60 Check Point and 20 Juniper firewall clusters. However, managing multiple firewalls in a multi-vendor environment proved challenging. “Performing vulnerability assessments for such a large and complex firewall environment was extremely time-consuming, labor-intensive and prone to human error,” says Lutz Bleyer, Atruvia’s Chief Information Security Officer. With multiple stakeholders at each of its client organizations, Atruvia required a structured change management process to prevent firewall policies from growing unmanageable and creating security risks. “We needed a proven firewall management and workflow solution to eliminate potential security risks while providing us with complete visibility into our customer networks, anytime, anywhere,” says Bleyer. Solution After an in-depth analysis, Atruvia chose the AlgoSec Security Management Solution to optimize its security, compliance and change management processes. “AlgoSec provided the most comprehensive, intelligent automation solution for our firewall operations, helping us increase efficiency while improving risk mitigation and compliance,” says Bleyer. Results AlgoSec’s topology-aware technology provides Atruvia with complete visibility into the security landscape of its customers’ networks. “AlgoSec’s in-depth visibility enables us to easily create a hierarchy profile and establish a competency baseline of operations for each networks’ firewalls, even when multiple vendor technologies are involved,” says Bleyer. Atruvia’s security consultants and auditors are now closely aligned with their customers’ IT teams, regardless of their location. “The level of visibility AlgoSec provides across our customers’ security networks, and the ability to perform coordinated tasks remotely with them, enables us to work hand-in-hand as a joint team,” says Bleyer. Atruvia also uses AlgoSec to automate policy change management across customers’ firewall environments, enabling the company to eliminate manual and inefficient processes associated with the security policy change lifecycle, save time and reduce the potential for human error. “AlgoSec has fundamentally changed how we manage sophisticated, multi-device, multi-vendor firewall environments. By automating our workflows, we’ve eliminated unnecessary policy changes and reduced the time required to process changes by half,” explains Bleyer. “Thanks to AlgoSec’s intelligent automation, we’ve gained valuable optimization capabilities enabling our teams to operate smarter and faster.” Another important AlgoSec feature is its automatic assessment and reporting capabilities, which help Atruvia ensure that it remains in continuous compliance with corporate governance rules and adheres to regulatory standards, including ISO 27001, ISO 27002 and Sarbanes-Oxley (SOX). Data and network security, particularly within the financial sector, requires incredible focus on risk management and mitigation. “With AlgoSec we can now analyze every change and its impact on the network before it is live, and focus on risk mitigation rather than crisis management.” In summary, Bleyer commented, “Not only does AlgoSec more than measure up from a technology perspective, but the integrity of the company and its employees has surpassed our expectations and raised the bar for what we look for in other partners.” Schedule time with one of our experts

Explore Algosec's customer success stories to see how organizations worldwide improve security, compliance, and efficiency with our solutions. State of Utah Network Security Management Breaks the Service Bottleneck Organization State of Utah Industry Government Headquarters Salt Lake City, Utah, United States Download case study Share Customer
success stories "With AlgoSec, I am able to get requests completed within minutes." State government rapidly accelerates security policy changes while increasing security and compliance Background Utah is home to over three million people. It is one of America’s fastest-growing states and the fastest-growing economy by job growth in the nation. The Department of Technology Services (DTS) is the technology service provider for the executive branch of the State of Utah, providing services to Utah’s citizens. DTS supports the computing infrastructure for the state government, including 22,000 telephones, 20,000 desktop computers, 2,400 servers, 1,300 online services, monitors over 4 million visits to Utah.gov per month, and secures against more than 500 million daily IT intrusion attempts. Challenge Over forty firewall pairs and hundreds of other devices help the Department of Technology Services serve and secure the Utah government.“Before AlgoSec, it was very challenging for us to manage firewalls,” stated the department’s Director of Information Technology. Some of the challenges included: Firewall rule requests took up 70% of employees’ daily time. Agencies and staff frequently complained about slow response times, impacting their productivity while staff worked through a lengthy manual process to fulfill requests. Human errors slowed down the processes, requiring extra layers of quality assurance. Large rule request projects took several months to complete. Employee onboarding took several months. New employees could not independently support firewall request changes for the first few months after joining the team. Solutions The State of Utah was searching for a solution that provided: Automation of firewall management Actionable reports to ease compliance requirements Ease of deployment Following an in-depth evaluation, the State of Utah selected AlgoSec’s security policy management solution.“We evaluated several other products but none of them really automated at the level that we wanted,” said the director of IT. “AlgoSec’s automation really stood out.” The State of Utah chose to start with AlgoSec Firewall Analyzer (AFA) and AlgoSec FireFlow (AFF), two of the flagship products in the AlgoSec suite.AlgoSec Firewall Analyzer delivers visibility and analysis of complex network security policies across on-premise, cloud, and hybrid networks. It automates and simplifies security operations including troubleshooting, auditing, and risk analysis. Using Firewall Analyzer, the State of Utah can optimize the configuration of firewalls, and network infrastructure to ensure security and compliance. AlgoSec FireFlow enables security staff to automate the entire security policy change process from design and submission to proactive risk analysis, implementation, validation, and auditing. Its intelligent, automated workflows save time and improve security by eliminating manual errors and reducing risk. Results By using the AlgoSec Security Management solution, the State of Utah was able to accelerate their security policy management, provide better and faster service to state agencies, accelerate employee onboarding, and enhance network segmentation.Some of the benefits gained include: Fast and easy deployment – they were up and running within a few weeks. Faster turnaround to firewall requests from staff supporting agencies and priority initiatives. Reduced time to implement large rule request for projects, such as deployments, migrations, and decommissions — from months to minutes. Better knowledge sharing – hosting staff and extended staff outside of network operations get more accurate insights into firewalls and infrastructure topologies and traffic flows. This sped up troubleshooting and reduced superfluous requests covered by existing rules. Elimination of human error and rework thanks to policy automation. Accelerated employee onboarding – employees joining our network operations team are now able to fulfill firewall change requests within two weeks of starting work – down from 3 months – an 80% reduction. “I’ve been able to jump in and use AlgoSec. It’s been really intuitive” , concluded the IT director. “I am very pleased with this product! ” Schedule time with one of our experts

Partner solution brief AlgoSec and Zscaler Download PDF Schedule time with one of our experts Schedule time with one of our experts Work email* First name* Last name* Company* country* Select country... Short answer* By submitting this form, I accept AlgoSec's privacy policy Continue

The firewall audit checklist: Six best practices for simplifying firewall compliance and risk mitigation Download PDF Schedule time with one of our experts Schedule time with one of our experts Work email* First name* Last name* Company* country* Select country... Short answer* By submitting this form, I accept AlgoSec's privacy policy Continue

Sunburst Backdoor - A deeper look into The SolarWinds’ Supply Chain Malware Download PDF Schedule time with one of our experts Schedule time with one of our experts Work email* First name* Last name* Company* country* Select country... Short answer* By submitting this form, I accept AlgoSec's privacy policy Continue

Webinars Firewall Rule Recertification - An Application-Centric Approach As part of your organization’s security policy management best practices, firewall rules must be reviewed and recertified regularly to ensure security, compliance and optimal firewall performance. Firewall rules which are out of date, unused or unnecessary should be removed, as firewall bloat creates gaps in your security posture, causes compliance violations, and impacts firewall performance. Manual firewall rule recertification, however, is an error-prone and time-consuming process. Please join our webinar by Asher Benbenisty, AlgoSec’s Director of Product Marketing, who will introduce an application-centric approach to firewall recertification, bringing a new, efficient, effective and automated method of recertifying firewall rules. The webinar will: Why it is important to regularly review and recertify your firewall rules The application-centric approach to firewall rule recertification How to automatically manage the rule-recertification process Want to find out more about the importance of ruleset hygiene? Watch this webinar today! Asher Benbenisty Director of product marketing Relevant resources Tips for Firewall Rule Recertification Watch Video Firewall Rule Recertification Read Document Choose a better way to manage your network Choose a better way to manage your network Work email* First name* Last name* Company* country* Select country... Short answer* By submitting this form, I accept AlgoSec's privacy policy Continue

Robert Bigman is uniquely equipped to share actionable tips for hardening your network security against vulnerabilities Don’t miss this opportunity to learn the latest threats and how to handle them Webinars Measures that actually DO reduce your hacking risk Learn from the best how to defeat hackers and ransomware As incidents of ransomware attacks become more common, the time has come to learn from the best how to defeat hackers. Join us as Robert Bigman, the former CISO of the CIA, presents his webinar Measures that Actually do Reduce your Hacking Risk. Robert Bigman is uniquely equipped to share actionable tips for hardening your network security against vulnerabilities. Don’t miss this opportunity to learn the latest threats and how to handle them. April 20, 2022 Robert Bigman Consultant; Former CISO of the CIA Relevant resources Ensuring critical applications stay available and secure while shifting to remote work Keep Reading Reducing risk of ransomware attacks - back to basics Keep Reading Ransomware Attack: Best practices to help organizations proactively prevent, contain and Keep Reading Choose a better way to manage your network Choose a better way to manage your network Work email* First name* Last name* Company* country* Select country... Short answer* By submitting this form, I accept AlgoSec's privacy policy Continue

Ensure your network security is up to par with a comprehensive firewall audit checklist. Review and optimize security policy rules to prevent vulnerabilities. Firewall audit checklist for security policy rules review Ensuring continuous compliance More regulations and standards relating to information security, such as the Payment Card Industry Data Security Standard (PCI-DSS), the General Data Protection Regulation (GDPR), Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and ISO 27001, have forced enterprises to put more emphasis—in terms of time and money—on compliance and the regular and ad hoc auditing of security policies and controls. While regulatory and internal audits cover a broad range of security checks, the firewall is featured prominently since it is the first and main line of defense between the public and the corporate network. The number of enterprises that are not affected by regulations is shrinking. But even if you do not have to comply with specific government or industrial regulations and security standards, it is now commonplace to conduct regular, thorough audits of your firewalls. Not only do these audits ensure that your firewall configurations and rules meet the proper requirements of external regulations or internal security policy, but these audits can also play a critical role in reducing risk and actually improve firewall performance by optimizing the firewall rule base. In today’s complex, multi-vendor network environments, typically including tens or hundreds of firewalls running thousands of rules, completed a manual security audit now borders on the impossible. Conducting the audit process manually, firewall administrators must rely on their own experience and expertise—which can vary greatly across organizations—to determine if a given firewall rule should or should not be included in the configuration file. Furthermore, documentation of current rules and their evolution of changes is usually lacking. The time and resources required to find, organize and pour through all of the firewall rules to determine the level of compliance significantly impacts IT staff. As networks grow in complexity, auditing becomes more cumbersome. Manual processes cannot keep up. Automating the firewall audit process is crucial as compliance must be continuous, not simply at a point in time. The firewall audit process is arduous. Each new rule must pre-analyzed and simulated before it can be implemented. A full and accurate audit log of each change must be maintained. Today’s security staffs now find that being audit-ready without automation is impractical if not virtually impossible. It’s time to look to automation along with the establishment of auditing best practices to maintain continuous compliance. Below, we share a proven checklist of six best practices for a firewall audits based on AlgoSec’s extensive experience in consulting with some of the largest global organizations and auditors who deal with firewall audit, optimization and change management processes and procedures. While this is not an exhaustive list that every organization must follow, it provides guidance on some critical areas to cover when conducting a firewall audit. FIGURE 1: Overview of the Recommended Firewall Audit Process Get a Demo Schedule a Demo Gather key information prior to starting the audit An audit has little chance of success without visibility into the network, including software, hardware, policies and risks. The following are examples of the key information required to plan the audit work: Copies of relevant security policies Access to firewall logs that can be analyzed against the firewall rule base to understand which rules are actually being used An accurate diagram of the current network and firewall topologies Reports and documents from previous audits, including firewall rules, objects and policy revisions Identification of all Internet Service Providers (ISP) and Virtual Private Networks (VPN) All relevant firewall vendor information including OS version, latest patches and default configuration Understanding all the key servers and information repositories in the network and the value of each Once you have gathered this information, how are you going to aggregate it and storing it? Trying to track compliance on spreadsheets is a surefire way to make the audit process painful, tedious and time-consuming. Instead of spreadsheets, the auditor needs to document, store and consolidate this vital information in a way that enables collaboration with IT counterparts. With this convenience access, auditors you can start reviewing policies and procedures and tracking their effectiveness in terms of compliance, operational efficiency and risk mitigation. Schedule a Demo Review the change management process A good change management process is essential to ensure proper execution and traceability of firewall changes as well as for sustainability over time to ensure compliance continuously. Poor documentation of changes, including why each change is needed, who authorized the change, etc. and poor validation of the impact on the network of each change are two of the most common problems when it comes to change control. Review the procedures for rule-base change management. Just a few key questions to review include:Are requested changes going through proper approvals? Are changes being implemented by authorized personnel? Are changes being tested? Are changes being documented per regulatory and/ or internal policy requirements? Each rule should have a comment that includes the change ID of the request and the name/initials of the person who implemented the change. Is there an expiration date for the change? Determine if there is a formal and controlled process in place to request, review, approve and implement firewall changes. This process should include at least the following:Business purpose for a change request Duration (time period) for new/modified rule Assessment of the potential risks associated with the new/modified rule Formal approvals for new/modified rule Assignment to proper administrator for implementation Verification that change has been tested and implemented correctly Determine whether all of the changes have been authorized and flag unauthorized rule changes for further investigation. Determine if real-time monitoring of changes to a firewall are enabled and if access to rul Schedule a Demo Audit the firewall’s physical and OS security It is important to be certain as to each firewall’s physical and software security to protect against the most fundamental types of cyberattack. Ensure that firewall and management servers are physically secured with controlled access. Ensure that there is a current list of authorized personnel permitted to access the firewall server rooms. Verify that all appropriate vendor patches and updates have been applied. Ensure that the operating system passes common hardening checklists. Review the procedures used for device administration. Schedule a Demo Cleanup and optimize the rule base Removing firewall clutter and optimizing the rule base can greatly improve IT productivity and firewall performance. Additionally, optimizing firewall rules can significantly reduce a lot of unnecessary overhead in the audit process. Delete covered rules that are effectively useless. Delete or disable expired and unused rules and objects. Identify disabled, time-inactive and unused rules that are candidates for removal. Evaluate the order of firewall rules for effectiveness and performance. Remove unused connections, including source/ destination/service routes, that are not in use. Detect similar rules that can be consolidated into a single rule. Identify overly permissive rules by analyzing the actual policy usage against firewall logs. Tune these rules as appropriate for policy and actual use scenarios. Analyze VPN parameters to identify unused users, unattached users, expired users, users about to expire, unused groups, unattached groups and expired groups. Enforce object-naming conventions. Document rules, objects and policy revisions for future reference. Schedule a Demo Conduct a risk assessment and remediate issues Essential for any firewall audit, a comprehensive risk assessment will identify risky rules and ensure that rules are compliant with internal policies and relevant standards and regulations. Identify any and all potentially “risky” rules, based on industry standards and best practices, and prioritize them by severity. What is “risky” can be different for each organization depending on the network and the level of acceptable risk, but there are many frameworks and standards you can leverage that provide a good reference point. A few things to look for and validate include: Are there firewall rules that violate your corporate security policy? Are there any firewall rules with “ANY” in the source, destination, service/protocol, application or user fields, and with a permissive action? Are there rules that allow risky services from your DMZ to your internal network? Are there rules that allow risky services inbound from the Internet? Are there rules that allow risky services outbound to the Internet? Are there rules that allow direct traffic from the Internet to the internal network (not the DMZ)? Are there any rules that allow traffic from the Internet to sensitive servers, networks, devices or databases? Analyze firewall rules and configurations against relevant regulatory and/or industry standards such as PCI-DSS, SOX, ISO 27001, NERC CIP, Basel-II, FISMA and J-SOX, as well as corporate policies that define baseline hardware and software configurations to which devices must adhere (See Figure 4 on page 9). Document and assign an action plan for remediation of risks and compliance exceptions found in risk analysis. Verify that remediation efforts and any rule changes have been completed correctly. Track and document that remediation efforts are completed. Schedule a Demo Ongoing audits Upon successful firewall and security device auditing, verifying secure configuration, proper steps must be put in place to ensure continuous compliance. Ensure that a process is established for continuous auditing of firewalls. Consider replacing error-prone manual tasks with automated analysis and reporting. Ensure that all audit procedures are properly documented, providing a complete audit trail of all firewall management activities. Make sure that a robust firewall-change workflow is in place to sustain compliance over time.This repeats Audit Checklist item #2 because is necessary to ensure continuous compliance, i.e., compliance might be achieved now, but in a month, the organization might once again be out of compliance. Ensure that there is an alerting system in place for significant events or activities, such as changes in certain rules or the discovery of a new, high severity risk in the policy. Schedule a Demo Automating firewall compliance audits with AlgoSec When it comes to compliance, the firewall policy management solution must have the breadth and depth to automatically generate detailed reports for multiple regulations and standards. It also must support multiple firewalls and related security devices. By combining this firewall audit checklist with the AlgoSec Security Management Solution, organizations can significantly improve their security posture and reduce the pain of ensuring compliance with regulations, industry standards and corporate policies. Furthermore, they can ensure compliance continuously without spending significant resources wasting time and effort on complex security policies on a regular basis. Let’s go back through the checklist and look at a few examples of how AlgoSec can help. Gain visibility of network policies and their changes AlgoSec enables you to gather the key information needed to start the audit process. By generating a dynamic, interactive network map AlgoSec visualizes and helps you analyze complex networks. (See Figure 2.) You can view routing tables and effectively detect interfaces, subnets and zones. Additionally, AlgoSec provides you with visibility of all changes to your network security policies in real-time and creates detailed firewall audit reports to help approvers make informed decisions about changes that affect risk or compliance levels. Lastly, AlgoSec discovers all the business applications that run on your network and each of their associated connectivity flows. FIGURE 2: AlgoSec provides network topology awareness with a map that provides visibility of all firewalls and routers including all relevant interfaces, subnets and zones, and the ability to drill down to specific information about each device. Understand the firewall changes in your network and automate the process AlgoSec intelligently automates the security-policy change workflow, dramatically cutting the time required to process firewall changes, increasing accuracy and accountability, enforcing compliance and mitigating risk. In addition, AlgoSec provides flexible workflows and templates to help you manage change requests and tailor processes to your business needs. Clean up and optimize your rule base AlgoSec enables you to optimize and clean up cluttered policies with actionable recommendations to: Consolidate similar rules. Discover and remove unused rules and objects (See Figure 3). Identify and remove shadowed, duplicate, and expired rules. Reorder rules for optimal firewall performance while retaining policy logic. Tighten overly permissive rules based on actual usage patterns. Not only does this help you improve the performance and extend the life of your firewalls, it also saves time when it comes to troubleshooting issues and IT audits. Plus, it creates a time savings during rule recertification, as each application is associated with multiple connectivity needs requiring multiple firewall rules. FIGURE 3: Unused rules that AlgoSec has identified for removal. Conduct a risk assessment and remediate issues AlgoSec enables you to instantly discover and prioritize all risks and potentially risky rules in the firewall policy, leveraging the largest risk knowledgebase available. The knowledgebase includes industry regulations, best practices and customizable corporate security policies. AlgoSec assigns and tracks a security rating for each device and group of devices to help you to quickly pinpoint devices that require attention and to measure the effectiveness of a security policy over time. FIGURE 4: AlgoSec identifies and prioritizes risky rules based on industry standards and frameworks and provides detailed information of source, destination, service, as well as user and application when analyzing next-generation firewalls. Out-of-the-box compliance reports AlgoSec ensures continuous compliance and instantly provides you with a view of your firewall compliance status by automatically generating reports for industry regulations, including Payment Card Industry Data Security Standard (PCI DSS), GDPR, Sarbanes-Oxley (SOX), Financial Instruments and Exchange Act (J-SOX, also known as Japan-SOX), North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), and International Organization for Standardization (ISO 20071). If the network security policy doesn’t adhere to regulatory or corporate standards, the reports identify the exact rules and devices that cause gaps in compliance. A single report provides visibility into risk and compliance associated with a group of devices. FIGURE 5: PCI DSS firewall compliance report automatically generated by AlgoSec. Schedule a Demo Conclusion Ensuring and proving compliance typically require significant organizational resources and budget. With the growing litany of regulations, the cost and time involved in the audit process is increasing rapidly. Armed with the firewall audit checklist and with the AlgoSec security policy management solution you can: Reduce the time required for an audit — Manual reviews can take a significant amount of time to produce a report for each firewall in the network. AlgoSec aggregates data across a defined group of firewalls and devices for a unified compliance view, doing away with running reports for each device, thereby saving a tremendous amount of time and effort that is wasted on collating individual device reports. AlgoSec enables you to produce a report in minutes, reducing time and effort by as much as 80%. Improve compliance while reducing costs — As the auditor’s time to gather pertinent information and analyze the network security status is reduced, the total cost of the audit decreases substantially. AlgoSec facilitates the remediation of non-compliant items by providing actionable information that further reduces the time to re- establish a compliant state. Schedule a Demo Select a size Ensuring continuous compliance Gather key information prior to starting the audit Review the change management process Audit the firewall’s physical and OS security Cleanup and optimize the rule base Conduct a risk assessment and remediate issues Ongoing audits Automating firewall compliance audits with AlgoSec Conclusion Get the latest insights from the experts Choose a better way to manage your network

Empower your cloud security posture with AlgoSec s Prevasio CSPM Achieve compliance and peace of mind Dive deeper now Cloud security posture management (CSPM) Real-time monitoring for comprehensive cloud security Schedule a demo Watch a video Watch a video Remove blind spots and take control of your multi-cloud Uncover all services and resources within your multi-cloud environment. Supporting Amazon AWS , Microsoft Azure and Google GCP, Prevasio scans a comprehensive range of asset classes such as Lambda functions, S3 buckets, Azure VMs and 60 other cloud service assets. Prioritize risks and misconfigurations to focus on what's critical Thousands of alerts are generated by over 600 CSPM alert types at the asset, service and aggregated levels. Build a prioritized risk list according to CIS Benchmarks to make sense of the deluge of alerts and misconfigurations. Confidently meet compliance requirements With Prevasio , compliance posture is constantly being assessed through continuous monitoring of cloud assets. Organizations can prioritize data security and adhere to regulatory frameworks such as PCI-DSS and HIPAA . Close the loop on your risk mitigation through Jira integration Turn Prevasio CSPM alerts into Jira tasks to ensure a streamlined approach to risk mitigation. Empower collaborative efforts between teams to address and resolve security posture issues. Get the latest insights from the experts What is a Cloud Security Assessment? Read blog Shaping tomorrow: Leading the way in cloud security Read blog CSPM importance for CISOs. What security issues can be prevented\defended with CSPM? Read blog Schedule time and secure your cloud Schedule time and secure your cloud Work email* First name* Last name* Company* country* Select country... Short answer* By submitting this form, I accept AlgoSec's privacy policy Schedule a call