In 
“Enterprises are dedicating increasing resources to security and risk. Nevertheless, attacks are increasing in frequency and sophistication. Advanced targeted attacks and security vulnerabilities in software only add to the headaches brought by the disruptiveness of the Nexus of Forces, which brings mobile, cloud, social and big data together to deliver new business opportunities,” said Neil MacDonald, VP and Gartner Fellow.
Gartner highlighted the top 10 technologies for information security and their implications for security organizations in 2014.
Cloud Access Security Brokers
Cloud access security brokers are on-premises or cloud-based security policy enforcement points placed between cloud services consumers and cloud services providers to interject enterprise security policies as the cloud-based resources are accessed.
Adaptive Access Control
Use of an adaptive access management architecture enables an enterprise to allow access from any device, anywhere, and allows for social ID access to a range of corporate assets with mixed risk profiles.
Pervasive Sandboxing (Content Detonation) and IOC Confirmation
Many security platforms now included embedded capabilities to run ("detonate") executables and content in virtual machines (VMs) and observe the VMs for indications of compromise. This capability is rapidly becoming a feature of a more-capable platform, not a stand-alone product or market.
Endpoint Detection and Response Solutions
The endpoint detection and response (EDR) market is an emerging market created to satisfy the need for continuous protection from advanced threats at endpoints (desktops, servers, tablets and laptops) — most notably significantly improved security monitoring, threat detection and incident response capabilities. These tools record numerous endpoint and network events and store this information in a centralized database.
Big Data Security Analytics
Going forward, all effective security protection platforms will include domain-specific embedded analytics as a core capability. An enterprise's continuous monitoring of all computing entities and layers will generate a greater volume, velocity and variety of data than traditional SIEM systems can effectively analyze.
Machine-readable Threat Intelligence
The ability to integrate with external context and intelligence feeds is a critical differentiator for next-generation security platforms. Third-party sources for machine-readable threat intelligence are growing in number and include a number of reputation feed alternatives.
Containment and Isolation as a Foundational Security Strategy
In a world where signatures are increasingly ineffective in stopping attacks, an alternative strategy is to treat everything that is unknown as untrusted and isolate its handling and execution so that it cannot cause permanent damage to the system it is running on and cannot be used as a vector for attacks on other enterprise systems.
Software-defined Security
"Software defined" is about the capabilities enabled as we decouple and abstract infrastructure elements that were previously tightly coupled in our data centers: servers, storage, networking, security and so on. Like networking, compute and storage, the impact on security will be transformational.
Interactive Application Security Testing
Interactive application security testing (IAST) combines static application security testing (SAST) and dynamic application security testing (DAST) techniques. This aims to provide increased accuracy of application security testing through the interaction of the SAST and DAST techniques. IAST brings the best of SAST and DAST into a single solution.
Security Gateways, Brokers and Firewalls to Deal with the IoT
Enterprises, especially those in asset-intensive industries like manufacturing or utilities, have operational technology (OT) systems provided by equipment manufacturers that are moving from proprietary communications and networks to standards-based, IP-based technologies.
Add new comment