Charles Leaver, CEOAs technology continues to change at a rapid rate, the security industry needs to transform and adapt to the growing threats. Although threats are constant in the security world, new ones continue to pop up as attackers gain the expertise to design new tactics. In such a scenario, enterprises ought to make investments in continuous detection and response capabilities. A ray of hope for the security sector is an Austin, TX based company, Ziften, which offers continuous real-time visibility and intelligence, enabling incident prevention, detection and response. Ziften continuously identifies, analyzes, and prioritizes threats and stocks up extensive details to allow security teams to efficiently take corrective and forensic action. “Our Open Visibility architecture receives threat intelligence feeds and shares our unique endpoint visibility with other security tools,” says Charles Leaver, CEO, Ziften.
Ever since its inception in 2009, Ziften has led the way in creation of superior security solutions. “Ziften has a serious security DNA with personnel with over 100 years combined experience, over 40 patents, and lineage from Symantec, Whole Security, and others,” says Leaver. Ziften develops its approach to reduce dwell time through advanced Indicators of Compromise (IOC), monitoring, and providing actionable threat analytics and alerting.
Moreover, continuous monitoring of the endpoint is at the core of what Ziften is doing. For instance, “Recently, a CIO, one of our customers was travelling in Mexico. Even though he was remote, our collector on the device had discovered malicious activity and instantly sent IOC details to the company’s security team. The CIO was blown away that Ziften was able to find the problem when he was not even connected to the corporate network,” explains Leaver.
Ziften’s solutions enable companies to enhance their security posture. The company captures and correlates massive endpoint data to provide prioritized and useful threat information to security teams that are applied across compliance, vulnerability and attack “kill chain” dimensions.
Our Open Visibility architecture receives threat intelligence feeds and shares our unique endpoint visibility with other security tools
Currently, Ziften is the only EDR (Endpoint Detection and Response) vendor directly integrated into Splunk Enterprise and integrates the entire endpoint data set to Splunk without requiring a Ziften server and allows users to stay in the Splunk environment with enhanced endpoint threat visibility.
The company fosters an innovative and nimble mentality and believes in yielding greater means to adapt to the customers’ and partners’ requirements. The company stands out from the crowd by not just delivering business advantage, but also providing products which have numerous functional advantages. “Our endpoint solution is not a driver, but a lightweight collector that has negligible impact on machine resources and network traffic,” says Leaver. Being so non-intrusive, Ziften makes itself faster to deploy and easier to manage with a low TCO to its customers.
Moving forward, the company is focused on innovating and enhancing its solutions. Ziften will be considering various influencing factors such as the IoT, cloud applications, and thin clients to define its roadmap ahead. Other factors that characterize Ziften’s direction in the security landscape are the industry’s progress to standardize threat intelligence descriptions as well as the product interoperability and managed service trends. Ziften’s strategy is to support all types of endpoint computing and to vigilantly advance their threat analytics. The company will work to enhance its Open Visibility architecture to readily embrace new threat intelligence mechanisms. Ziften will make its threat detection technology pervasive and offer interfaces and licensing flexibility to continue to enable further security vendor and service provider adoption.