Attending RSA 2016? Connect with the Professionals From GuidePoint Security!

2016 RSA Invite2

GuidePoint Security will be in San Francisco at RSA from Feb. 29 – March 4, 2016 with some of our technology partners getting to know the Information Security professionals of the community. In addition, GuidePoint will be featuring live demos of our Virtual Security Operations Center (vSOC) and hosting a reception. See details below.

This year, GuidePoint has teamed up with CrowdStrike, Exabeam, ForeScout Technologies and Skybox Security to sponsor the 2016 GuidePoint Security Social Hour.

About Our Technology Partners:

CrowdStrike: CrowdStrike™ is a leading provider of next-generation endpoint protection, threat intelligence and pre- and post-incident response services. CrowdStrike operates on a highly scalable subscription-based business model that allows customers the flexibility to use CrowdStrike-as-a-Service to multiply their security team’s effectiveness and expertise with 24/7 endpoint visibility, monitoring, and response.

Exabeam: Exabeam is a user behavior analytics solution that leverages existing log data to quickly detect modern cyber attacks, prioritize security incidents, and accelerate effective response. Unique among UBA products, Exabeam’s Stateful User Tracking™ automatically creates a complete timeline of every event and anomaly tied to an attack — across devices, IP addresses, and credentials — and uses that timeline to assess risk and automate many tasks of incident response. As a result, Exabeam not only improves security, but also transforms SOC efficiency and productivity.

ForeScout Technologies: ForeScout enables organizations to continuously monitor and mitigate security exposures and cyber-attacks. The company’s flagship CounterACT™ appliance dynamically identifies and assesses network users, endpoints and applications to provide visibility, intelligence and policy-based mitigation of security issues. ForeScout’s open ControlFabric™ technology allows a broad range of IT security products and management systems to share information and automate remediation actions.

Skybox Security: Skybox Security meets the network vulnerability and threat management needs of our clients. With the help of Skybox’s predictive analytics, enterprises can monitor and protect their networks in a timely manner. They can also eliminate attack vectors, manage firewalls, and stay ahead of threats using one platform−without ever disrupting normal network operations.

You’re Invited: 

Schedule a time to see GuidePoint Security’s vSOC demo
When: March 1, 2016 – March 3, 2016
Where: Hotel Zelos | San Francisco, CA
Registration: http://gpsec.me/1KfTkrM

Attend 2016 GuidePoint Security Social Hour
When: February 29, 2016 | 6:00 PM – 9:00 PM
Where: John Colins |138 Minna St. | San Francisco, CA
Registration: http://gpsec.me/rsa2016

At GuidePoint Security, our mission is to serve as trusted security experts who address your pressing security challenges. Our team is excited for the opportunity to participate in the upcoming RSA conference, as well as interacting with the community through our vSOC demos and networking reception.

Looking forward to seeing everyone at RSA!

About GuidePoint Security

GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, and with offices in Georgia, Massachusetts, Michigan, Minnesota, Missouri, Florida, Texas, and North Carolina, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

vSOC: Not Your Father’s Security Operations Center

GuidePoint’s vSOC Disrupts the Market with Numerous Differentiators

Basic CMYK
GuidePoint Security’s Virtual Security Operations Center (vSOC) is shaking up the Managed Security Services Provider (MSSP) market by offering an unrivaled enterprise security monitoring service brimming with differentiators. vSOC has taken the concepts of the traditional enterprise Security Operations Center (SOC), virtualized them and embedded them in the Amazon Web Services (AWS) cloud. Our cloud-based architecture allows us to leverage dynamic scaling of compute and storage resources to build a robust and flexible monitoring infrastructure.

Flexibility and Customization

GuidePoint has purposefully built the vSOC offering to be agile and customizable. vSOC strives to be a minimally invasive supplement to your existing security operations while providing maximum return on investment (ROI) and value to the security of your enterprise. Our flexibility and configurability options ensure a custom fit that provides the services and support you need without paying for things you don’t.

Cloud-based Implementation

vSOC is a cloud-based enterprise security solution architected and implemented in Amazon Web Services (AWS). AWS provides a robust and secure cloud environment with state-of-the-art compute and storage resources, encryption and automation capabilities. vSOC can dynamically provision and grow customer resources as needed, transparently and effortlessly, to ensure consistent levels of operation and performance.

Splunk Enterprise

vSOC’s enterprise monitoring solution leverages the extensibility and analytical power of Splunk to provide unparalleled security monitoring and event correlation. GuidePoint has enhanced and extended the native capabilities of Splunk Enterprise with the addition of integrated applications to provide vSOC analysts with comprehensive security dashboards and workflows that reduce the mean time to detection, resulting in quicker notification and remediation of security incidents. Additionally, GPS has enriched Splunk’s native correlation capabilities through strategic partnerships with global threat intelligence aggregators and providers.

Volume-Based Pricing

Our pricing model addresses the common feeling of being “nickel and dimed” by your MSSP every time a new information system or log source is added to the network. vSOC uses volume-based pricing to provide maximum flexibility to the customer to provision and remove network resources as needed. Our volume tiers directly correlate to the amount of log data vSOC will ingest in a 24-hour period.

Ownership of Data

Regardless of whether your security logs are in your security tools or the vSOC monitoring platform, the data is yours and you should have access to it. vSOC’s monitoring platform has been purposefully built without proprietary data formats or unnecessary restrictions on the customer’s ability to access their own data at any time. All vSOC customers are provided with accounts to their Splunk implementations so they can create their own searches, view dashboards and reports, and interact with the data any way they see fit.

Virtual Team of Experienced Security Professionals

vSOC not only leverages the well-trained cyber security analysts dedicated to our customers, but also has access to the breadth and depth of technical expertise throughout the entire company. GuidePoint’s staff of highly-trained and experienced professionals can be utilized by the vSOC analysts to consult on difficult security matters or to provide insight into challenging incidents. Our virtual team of experienced security professionals ensure that no customer is ever without an answer or solution to even the most challenging security incident or event.

More Than a Security Operations Center

vSOC customers, as part of the GuidePoint family, have access to other security services and support without having to seek out other potentially unknown and untrusted vendors. GuidePoint’s reputation as “Trusted Advisors” to our customers means we have the ethics and experience needed to consult on a wide range of security matters. From making recommendations for best of breed security tools, security services and much more, GuidePoint can help.

About GuidePoint Security

GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, and with offices in Georgia, Massachusetts, Michigan, Minnesota, Missouri, Florida, Texas, and North Carolina, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

Update Your Cisco ASA ASAP

Introduction

On February 10, 2016, Cisco publicly acknowledged CVE-2016-1287 – a CVSS 10.0 rated vulnerability in their ASA line of products. ASA devices are often generically referred to as firewalls, but they are also often used for terminating Virtual Private Network (VPN) connections (the important part of this disclosure), and less often utilized for network anti-virus and intrusion prevention. The topic of this post highlights an issue that exists in Cisco’s implementation of the Internet Key Exchange (IKE) protocol (versions 1 and 2), which is used to negotiate the security settings of the IPSec protocol stack, and most importantly, IPSec VPN connections. While this vulnerability doesn’t exactly fit the criteria that many would consider “high profile” in the same way that the vendor agnostic Heartbleed and Shellshock disclosures were, it is still worthy of significant attention. According to this Shodan report, there are currently over 5.8 million devices on the Internet with the IKE protocol available. Granted, not all 5.8 million of those devices are ASA devices, but given Cisco’s popularity in the market, even a conservative 20%+ market share would be north of a million affected devices. Combine that with the general latency associated with patching infrastructure equipment, and odds are unfortunately in favor of the nefarious.

Overview

There are two functions within the algorithm that ASA devices use to reassemble fragmented IKE payloads that chiefly contribute to this vulnerability. One is responsible for parsing the fragment and maintaining the fragment reassembly queues, and the other monitors the reassembly queues and handles the actual reassembly of the fragments once all of the fragments have arrived. The problem begins with the function that is responsible for maintaining the fragment reassembly queues. There are three primary logical issues that make this code vulnerable:

  1. The calculation that is performed to make sure that the size of an incoming fragment is acceptable checks for a maximum value, but not a minimum value;
  2. The code assumes that the fragment is at least as large as the header (8 bytes); and
  3. The length of the header is subtracted from the length of the fragment before the queue size is updated.

With no minimum value and the assumption that all fragments are at least as large as the header, an attacker can use a tool like Scapy to craft a packet with a fragment that is smaller than 8 bytes (the size of the header). When we move to step three where the length of the header (8) is subtracted from the size of the fragment (< 8), we end up in negative memory space, causing a Denial-of-Service (DoS) condition.

David Barksdale, Jordan Gruskovnjak, and Alex Wheeler of Exodus Intelligence discovered this vulnerability and are credited with disclosing it to Cisco. In addition to this, they have also posted an excellent technical explanation of their research as well as a proof-of-concept explanation of the methodology they used to achieve remote code execution.

Impact

Ultimately, exploitation will either result in remote control of the affected system or Denial-of-Service. Depending on how authentication is handled (local versus RADIUS/TACACS, etc.), credential reuse, network segmentation, and many other potential factors, a skilled attacker could eventually leverage control over the device into control over the environment in a worst-case scenario. If cryptographic key information can be discovered, capturing and decrypting traffic flowing through these devices is also a possible risk.

Identification

According to Cisco’s advisory, ASA administrators can run the following command on their devices to test their configuration for the vulnerability:

# show running-config crypto map | include interface

Should the device be configured to terminate IKE VPN connections (i.e. vulnerable), a crypto map will be present for at least one interface.

Monitoring for and detection of attempted exploits will likely require very flexible monitoring tools or a subscription service with aggressive signature SLA’s. Packet inspection needs be configured on a device that captures inbound traffic to the ASA device and flags any inbound packets in the IKE protocol that have a value of less than eight (8) in the length field of a fragmented (type 132) packet. Detection is further complicated by the need to consider that multiple fragmented payloads could potentially be linked inside of a single IKEv2 packet and therefore also that the payload may not be the only, or even the first, payload in the packet.

Remediation

Currently, there are no workarounds for this issue. Cisco has issued a patch and an advisory with information on what versions of the ASA software are affected. Additional information and a link to the relevant patch can be found in Cisco’s advisory.

Summary Opinion

Shortly after this vulnerability was announced, HD Moore (perhaps jokingly) tweeted that he was ordering an ASA. Rest assured, despite the current lack of a publicly available exploit at the time of this writing, it is likely coming in the near future. The Internet Storm Center detected a significant spike in scanning for the IKE protocol across the Internet following the announcement. If you have ASA devices exposed to the Internet, and they are being used to facilitate VPN connections with the IKE protocol, you need to deploy this patch yesterday. VPN and firewall devices are the entryway to protected environments, and the risks associated with this vulnerability extend far beyond the device itself.

As a penetration-testing consultant, I’ve seen many different environments in a variety of sizes and configurations. I’ve seen large companies with seemingly limitless budgets continue to maintain end-of-life systems in a flat network with vulnerabilities that are nearly a decade old. Conversely, I’ve seen smaller organizations without dedicated security personnel lock down a network to the point that all systems are patched within 48 hours of release. However, one thing that is still unfortunately very common, despite the current landscape of the industry, is that many organizations still do not regularly check for and apply security patches for applications and devices, such as web platforms, virtualization tools, networking infrastructure, and storage solutions. These, and any other third-party applications in use, whether on a server or an endpoint, should be included in any vulnerability and/or patch management program that aspires to be truly effective. Furthermore, evaluating the environment for missing patches and vulnerabilities should not be an activity that only occurs when a significant vulnerability disclosure (such as this one) triggers widespread panic. Regular vulnerability scanning and metric reporting should be a minimum requirement for any organization that claims to take security seriously.

About GuidePoint Security

GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, and with offices in Georgia, Massachusetts, Michigan, Minnesota, Missouri, Florida, Texas, and North Carolina, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

GuidePoint Security and Exabeam Join Forces for AFCEA WEST 2016

west_logo2016The United States is facing more technological and security challenges than ever before. Identifying the right solutions for the unique and pressing needs of the military and government are just some of the issues that will be discussed during the upcoming AFCEA WEST Conference and Exhibition, on Feb. 17-19, 2016, at the San Diego Convention Center in San Diego California.

Experts from both GuidePoint (GuidePoint Security) and Exabeam will be on hand in booth #1011 to provide valuable insight on technological services, strategic solutions related to national cybersecurity issues, and concerns about protecting critical information and data.

GuidePoint delivers innovative solutions that address the tough security challenges facing the country’s defense and armed forces divisions. Exabeam is a user behavior analytics solution that leverages existing log data to quickly detect advanced attacks and accelerate incident response. As industry leaders, GuidePoint and Exabeam were natural partners for the three-day event, which will include exhibitor presentations, town hall discussions and an exchange of ideas on best practices and methods for stopping future threats and attacks.

Stop By and See the Latest Security Solutions Demos

GuidePoint’s team of experts will be focusing on services including Identity Access Management (IdAM), which specializes in deploying Security Access Managers (SAM) and seamlessly integrating the customer’s Public Key Infrastructure (PKI) to meet the goal of securing sites and applications while safeguarding data.

Consider the most devastating information breaches of the decade, involving insiders like Chelsea Manning and Edward Snowden; solutions must include the means to stop such access threats while ensuring that classified information remain protected and in the hands of authorized users only.

GuidePoint’s IdAM solution delivers the necessary layer of protection to stop such incidents while safeguarding valuable data. IdAM is a culmination of over two years of work by the GuidePoint federal services team, who set out to develop a solution that would provide the simplicity of a single information system while providing PKI authentication and authorization for hundreds of web applications.

Through GuidePoint’s unique services, organizations are able to strengthen their security posture and improve the ease of use of their web applications. This secures the agency from insider threats while simultaneously meeting the requirements of current policies and directives in regard to information access.

Exabeam, a leader in security analytics and intelligence solutions, will demonstrate its user behavior analytics and threat hunting software. The product enables security analysts to detect insider threats and external hackers within a network, to hunt for new threats on the network, and to automate investigation and response. Detection includes key signals such as lateral movement and privilege escalation. Threat hunting includes searching for user sessions based on any combination of attributes or activities. Investigation includes automatically stitching together all activities and context related to an attack and presenting that in a way that even Tier 1 analysts can understand. The Exabeam demo will show all of the above to clearly highlight the productivity and security benefits of the solution. For more information visit www.exabeam.com.

About GuidePoint Security

GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, and with offices in Georgia, Massachusetts, Michigan, Minnesota, Missouri, Florida, Texas, and North Carolina, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

 

Vulnerability Identified in Linux Kernel: Local Privilege Escalation 0-Day

Overview

A local zero-day found in the Linux kernel can escalate privileges and may impact the mobile sector on an ongoing basis. Perception Point Research Team reported Analysis and Exploitation of a Linux Kernel Vulnerability (CVE-2016-0728) to the Red Hat Kernel security team and posted a proof of concept exploit.

The 0-day takes advantage of a reference leak in the keyring library. MITRE currently marks CVE-2016-0728 as reserved.

Here is a high level explanation of the proof of concept:

The Perception Point Research Team explains, “The [reference] leak occurs when a process tries to replace its current session keyring with the very same one.” A part of the Kernel code skips the key_put function and leaks the reference increased by find_keyring_by_name. The proof of concept takes advantage of the reference leak along with the lack of bounds checking to overflow the usage field and free the keyring object. The freed keyring object’s revoked function is used to execute functions with root privileges.

The Perception Point Research Teams ends the article with, “Thanks to David Howells, Wade Mealing and the whole Red Hat Security team for that fast response and the cooperation fixing the bug.”

Impact

This vulnerability may impact as much as tens of millions Linux PCs and Servers along with 66% of all Android devices. Unfortunately, since most carriers do not push updates to Android phones, the keychain vulnerability may linger for some time on mobile devices.

The issue can be traced back to a 2012 commit 3a50597de8635cd05133bd12c95681c82fe7b878 in kernel version 3.10. It affects Android KitKat 4.4 and higher, Red Hat Enterprise Linux 7 kernel and derivatives, and Ubuntu 14.04 LTS, just to name a few. You can find a list of vulnerable Linux distributions here.

The proof of concept escalates privileges from a local user to root, takes about 30 minutes to run with a Core-i7 and was tested on kernel 3.18 64 bit.

Identification

Identification is simple. Check your kernel version with the command uname –r . If you are running anything above kernel version 3.10, it is imperative to look for a patch and upgrade when one is available.

If the proof of concept exploit is successful, no log events will be generated.

One advantage to the proof of concept exploit is that it can take thirty minutes or more to execute, so it is possible to detect the exploit running by observing key file’s excessive usage counts with the cat /proc/keys command.

Remediation

Enabling SMEP (Supervisor Mode Execution Protection) and SMAP (Supervisor Mode Access Protection) may make the exploit more difficult.

The Red Hat Security Advisory has put out a patch for the kernel vulnerability.

Ubuntu Security Notice USN-2870-2 recommends updating your 12.04 LTS system to package versions outlined below.

  • linux-image-3.13.0-76-generic
  • linux-image-3.13.0-76-generic-lpae
  • 13.0-76.120~precise1

Overall, everyone is working diligently to push out an update. GuidePoint recommends patching as soon as a patch is ready. GuidePoint Security is available to assist our customers with any remediation efforts. Please contact your Account Executive or click here for more details on how GuidePoint can help.

About GuidePoint Security

GuidePoint Security LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

GuidePoint Security Wins SmartCEO’s Future 50 Award

GuidePoint Security was recently recognized as a winner of the SmartCEO magazine’s 2016 Washington
Future 50 Awards program.Smart ceo Banner_16_NEW2

GuidePoint Security, along with 49 other organizations, was selected for being one of the region’s fastest growing mid-sized companies that represent the future of the region’s economy and embody the entrepreneurial spirit critical for leadership and success. In addition to being profiled in the January/February edition of SmartCEO Magazine, GuidePoint will be honored during a black-tie awards gala in Reston, Virginia, on February 4, 2016.

GuidePoint has spent the last four years at the forefront of Information Security, helping our clients understand the evolving threat landscape as well as the increasingly complex and expanding solution sets.

“We are thrilled to be recognized as one of the 2016 Washington Future 50 Award winners,” Founder and Managing Partner Michael Volk noted.

“Staying true to our core values, acquiring top tier talent, and being laser focused on our clients’ Cybersecurity needs has enabled us to achieve so much in a relatively short period of time,” he added.

“We will continue to incorporate the same entrepreneurial spirit as we expand our role in the community and the Information Security industry,” Volk concluded.

About GuidePoint Security

GuidePoint Security LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

Security Platform as a Service (SPaaS)

vSOCCan an entire security platform replete with people, processes, and technology be delivered as a service? It sure can.

Introducing: Security Platform as a Service (SPaaS) and GuidePoint Security’s Virtual Security Operations Center (vSOC). SPaaS combined with vSOC is one of the first such offerings to hit the market. SPaaS is the combination of Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and the logical next evolution of Security Information and Event Manager as a Service (SIEMaaS). vSOC is proof that the entire security platform from data ingest, security analytics, human validation, reporting and incident response can be delivered quickly and affordably to customers as a holistic security solution.

  • Software
    • Our core vSOC offering is based around Splunk Enterprise. Splunk is a SIEM market leader and an industry standard tool for machine-data analysis in every single industry.
  • Platform
    • vSOC leverages the powerful and dynamically scalable Amazon Web Services (AWS) platform. Amazon’s EC2 virtual instances power the vSOC for customers large and small. AWS commands the cloud market with approximately 27% market share and five times more cloud infrastructure than the next fourteen providers combined.
  • Infrastucture
    • The AWS platform components in conjunction with the shared resources and data comprise the vSOC infrastructure. We achieve economies of scale through the use of this infrastructure to serve many customers simultaneously.
  • SIEM
    • vSOC utilizes the Splunk Enterprise Security app to provide the SIEM-functionality not inherent in the base Splunk Enterprise software. Providing the SIEM is only part of what makes vSOC a SPaaS.

Incorporating all of the above components into a single unified package with the addition of trained cyber security analysts, security engineers and a proprietary blend of threat intelligence sources makes vSOC a unique and well positioned SPaaS in a world with a significant need for such an offering.

Making the SPaaS Intelligent

The vSOC SPaaS, while extremely versatile and powerful out-of-the-box, has been made intelligent with the addition of a threat intelligence platform designed to feed Indicators of Compromise (IoC) into Splunk for near real-time machine-based correlation. By leveraging Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII), the vSOC is able to process standardized threat information through open-source, standardized exchange services.

User Behavior Analytics (UBA)

No enterprise security platform is complete without User Behavior Analytics. vSOC addresses UBA through our partnership with Exabeam. Exabeam’s Splunk integration provides a robust platform for risk-based scoring of user activity within the enterprise. Exabeam uses multiple behavior models to dynamically track credentialed activity across the network. Exabeam extends the capabilities of our Splunk platform by adding Stateful User Tracking, Behavioral Analysis and a powerful Risk Engine. By identifying risky user-based activity on a customer network, vSOC can alert the customer to quickly remediate a potential insider threat.

Third-Party Threat Intelligence

vSOC has built an extensible threat intelligence platform integrated into Splunk to ingest indicators and threats from trusted third parties. This threat intelligence data is then used to detect malicious or dangerous activity within customer environments that use Splunk’s machine-based correlation capabilities. Our threat platform is Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII) compliant. GuidePoint has established a relationship with the Department of Homeland Security (DHS) that enables vSOC to ingest and distribute Indicators of Compromise (IoC) from the DHS United States Computer Emergency Readiness Team (US-CERT) and the National Cybersecurity and Communications Integration Center (NCCIC).

Why Choose SPaaS?

Outsourcing your security activities to a third-party provider is a cost effective and expedient solution for bringing your organization into compliance with security monitoring. While having top-quality technologies is an important component of the security process, they don’t generate much value to your business without security experts available to manage them. GuidePoint’s vSOC brings years of experience, an astounding depth of technical knowledge and the critical strategic partnerships and investments we’ve made in security technologies and threat intelligence solutions. vSOC’s SPaaS augments your existing security team and infrastructure to transform your organization into a consumer of technologies while empowering your security practitioners to focus on what’s important.

GuidePoint Security and Exabeam at the RSA Conference 

GuidePoint Security and Exabeam will be at RSA Feb. 29-March 4 hosting live demos of GuidePoint’s vSOC and Exabeam’s UBA. To schedule a time to see the demo visit: http://gpsec.me/1KfTkrM.

GuidePoint will also be hosting a reception at the RSA Conference on Feb. 29, 6-9 PM. Click here for more details: http://gpsec.me/rsa2016.

About GuidePoint Security

GuidePoint Security LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.