Editor's Note: This blog post is courtesy of IT Central Station.
Security Operations (SecOps), never a stress-free area of business, is now struggling with additional pressures. While the threat environment has grown more serious than ever, people are at a premium. Solutions that unify SecOps workloads and provide single points of control for multiple processes are in high demand.
In this context, the Morphisec Breach Prevention Platform has emerged as a favored toolset for security against modern attacks. It protects against multiple threats, including spyware, network attacks, viruses, worms, and all types of malware. In this article, IT Central Station members who use Morphisec discuss how the solution helps them detect threats and mitigate the risk of serious data breaches.
IT Central Station members are putting Morphisec to work in a variety of compelling use cases, particularly in layered network security. For example, a VP of IT for a retailer uses Morphisec as a top layer. He explained, “We do a multi-layered security approach. Morphisec is really our last layer of defense. It is our insurance policy. So if a vulnerability gets through the user, network security layer, and antivirus, Morphisec will then come into the fight. We have it deployed across all of our workstations and server environments. We have 800 workstation licenses and 75 server licenses.”
A senior systems admin at a transportation company also uses Morphisec as a layered defense in his security plan. His team views Morphisec as a “protection agent.” He said, “We use it to defend ourselves from any sort of CryptoLocker attacks or ransomware drive-bys, and it should catch auto-executes that come from ads. We haven't been breached, as far as I'm aware. We're using it on all of our endpoints, servers, and desktops that users touch.”
Users cited Morphisec’s deterministic approach to breach prevention as one of its most effective countermeasures against breaches. Jeff M., a
Morphisec’s use of deterministic attack prevention also stood out for the VP of IT mentioned above because this approach doesn’t require investigation of security alerts. In this retailer’s case, Morphisec changes the memory locations of where certain applications run. The VP elaborated, saying, “If you think of Excel, opening a PDF, running an Excel macro, or opening a web page and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run.”
He added that “if an attack comes in and the hackers are doing a vulnerability on an Excel macro, for example, they know macros are always deployed in a certain area of memory. They write their hacks to that area of memory. Morphisec removes that area of memory and deploys all macros into a different place. When the macro goes to run, it runs in that old area of memory, which no longer is running Excel macros. It basically goes to deploy and blows up, so nothing happens.”
“The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler,” said Brian L., director of technical services and information security at SECURA Insurance. He added, “We don't have to really track down various alerts anymore – they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up.”
Morphisec has reduced the amount of time Billy S. and his team spend investigating false positives. Billy, who is IT operation manager at Citizens Medical Center, used to spend hours identifying infected machines when they got an alert. Now, he said, “It's really fast and simple because Morphisec provides a full report. We can then jump in there and see exactly what process or script kicked off the alert. We can go directly to it to see if it's legitimate or not. Usually, now, it takes a few minutes.” They use Morphisec on AWS.
Before Clune Construction adopted Morphisec, they were dealing with “a ton of infections,” according to Mike C., their director of IT. His team needed the right solution for this problem, especially because the company was in the process of doubling in size. He said, “Morphisec helps us to save money on our security stack. First and foremost, it helps by preventing infections, which prevents my technicians from having to re-image machines or remediate the problem itself. That rate right off the bat is savings.”
Layered defense and deterministic attack prevention are not Morphisec’s only advantages for security managers. Jeff M., mentioned above, felt that the signatureless nature of the solution is a valuable feature. He said, “It's very light on the endpoint and does not have any performance hindrance on the endpoint.”
Tom M., chief information officer at Houston Eye Associates, benefits from the solution’s visibility. He “really likes” its integration with Microsoft Defender. He remarked, “In addition to having third-party endpoint protection, we're also enabling Defender ... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec.” The retailer’s VP of IT also takes advantage of Defender integration, sharing that the solutions “go hand in hand, at least from an antivirus standpoint.”
The Morphisec Prevention Platform contributes to an organization’s breach prevention capabilities. It accomplishes this by enabling a layered approach to security and backing it up with deterministic attack protection. The solution helps cut down on false positives, which helps SecOps teams work more efficiently – a critical need at this moment. At the same time, Morphisec does not negatively affect endpoint performance, which is yet another plus.
To learn more about what IT Central Station members think about breach prevention solutions, visit https://www.itcentralstation.com/products/morphisec-breach-prevention-platform-reviews