Heimdal - The Cyberthreat Security Suite - We protect what others - - PowerPoint PPT Presentation

Heimdal - The Cyberthreat Security Suite

• We protect what others can’t

About Heimdal Security

Our ground-breaking intelligence alerts have been featured in media such as:

Part of the best in the Cyber Threat space

Heimdal Security is part of the best in cyber risk protection with a proven track record from FBI, Europol, US DOJ and a active partnership in the No More Ransom project. We deliver market- leading threat intelligence to

• rganizations and users around the world.

Devised by world champions

The Heimdal Security software was devised in 2011 by the 19th and 20th Team Defcon CTF World Champions in hacking. Heimdal is now used to protect

• rganizations and users across the world

against advanced attacks, wherever they may go.

Driven by experienced experts

Since its incorporation in early 2014, Heimdal has driven by experts in cyber security and cyber security development. This includes specialists from security

• rganizations such as BitDefender, BullGuard

and Secunia. We are now one of the world’s fastest growing security platforms.

Our ground-breaking intelligence alerts have been featured in media such as:

Endorsed by Leading Organizations

The power of Heimdal is the intelligence

At Heimdal, we gather our leading intelligence from a variety of sources in order to combat cyber threats:

• Reverse engineering malware
• Penetrating and infiltrating malware infrastructure
• Sinkholing
• Domain monitoring
• Zero hour monitoring
• Attack analysis
• Cracking Domain generation algorithms (DGA’s)
• Crawling the darkest places of the internet

Why Heimdal ? And what can it do ?

2nd generation threat tool

with 2 unique technologies

Opposed to all other endpoint products, Heimdal does not focus on the code of the threat, making it the only threat type autonomous endpoint suite in the market. Heimdal focuses on closing vulnerabilities and mitigating exploits, whilst blocking incoming attacks, botnets, data leakage and command & control server communication. Working holistically on any Windows™ device and agnostic of any operating system processes it will detect malware inn ways that no other endpoint protection can. Analyzing all HTTP, HTTPS and DNS traffic with Machine-Learning-Detection ensures that Heimdal discovers even hidden 2nd generation malware systems. Heimdal works proactively to detect APT’s, Ransomware’s, Botnet’s and Trojan’s, whilst blocking them until removed.

Heimdal matches the threatscape and market challenges

• Attack protection and C&C

protection for APT’s, Ransomware, Trojans

• Polymorphic malware attack

protection

• Protection being included in

botnets and having your systems work as zombies

• Preventing data leakage,

exfiltration and data theft of company information

• Link protection for spear-

phishing, whaling and malicious redirecting

• Protection against drive-by-

attacks and Zero-hour exploits

• Code autonomous Exploit kit

protection against Rig, Neutrino

• Compromise prediction on

endpoints

• Malware traffic pattern

scanning identifying yet unseen or unknown malware

• n your systems
• Get vulnerable software up-

to-date at worlds quickest time to update, reducing 85%

• f attack risk according to

Cisco

• 3rd party software

deployment and maintenance

• Reduced response time to

infections with e-mail alerts

• Data compliance and IT audit

reporting

• Reducing IT maintenance

time and manpower time Heimdal covers a broad palette

• r IT security problems for SMB’s

to Entreprise. Heimdal is code autonomous and does not care about whether attacks are Exploit kits, Ransomware or APT’s.

Let us tell you more!

The current threatscape is vicious

Threat types are complex and the goals typically financially orientated

• ne way or the other.

Directly Financial / Organized Crime:

• Email attacks, DDOS or Drive-by-attacks

targeting to deliver Ransomware, Trojans, Botnets, Social Media hijacking or Black Market Cyber-crime toolkits for capturing credentials or ransoming financial means.

Social / Political Groups:

• Website Hacking, Email or Drive-by-attacks

targeting to expose the party or to deliver Trojans / APT type malware to steal credentials or sensitive information over time.

Government / States-ponsored:

• Infrastructure attacks, Email attacks, DDOS
• r Drive-by-attacks targeting to bring down

infrastructure or deliver Trojans / APT type malware to steal military strategy, trade secrets or intelectual property

Heimdal has a unique, client-based 2-Way Traffic Scanning Engine which detects and blocks network communication to mitigate Zero Hour exploits, Ransomware C&C’s, malware backbones, next-gen attacks and data leakage. Heimdal is the traffic scanning solution for any business to build protection beyond the edge of the firewall and perimeter. Tracking device-to-infrastructure communication,

• ur

enables you to detect and mitigate 2nd generation malware strains, regardless

• f the attack vector. Using Machine Learning

(MLD), Indicators of compromise/attack (IOC/IOA) and Network forensics Heimdal has a unique add-

• n to any other form of endpoint security.

Our technology is accredited in takedowns of Ransomware by the US DOJ, the FBI and Europol.

Software Management

Mitigate exploits, close vulnerabilities and install software from anywhere in the world. Heimdal can with zero setup, automatically, silently and

• n-the-fly manage manage your software from

secure servers anywhere on the globe. This is a key security measure as exploits are used in 85% of all attacks*. In depth reporting on vulnerabilities and updates is included.

Works in any Windows environment

Heimdal is compatible with any Windows client environment from Windows 7 to 10. Heimdal can also work on VM Ware and Hyper V hosted

• environments. Enjoy a safer environment!

*Data supported by US CERT - https://www.us-cert.gov/ncas/alerts/TA15-119A?hootPostID=b6821137ae5173095390bd502ae04892

• 3. is a supplement for

Antivirus, which is reactive

Antivirus looks for files and actions, whereas Heimdal looks at Internet traffic. Therefore, what Heimdal covers and antivirus products cover varies greatly. Heimdal prevents cyber criminals from taking data from your workstations and moving it out of your network.

Why Heimdal

• 2. to block malicious traffic

Dangerous Internet traffic can be used to infect your workstations and network. This makes scanning and blocking malicious traffic a core security component. Making use of HTTP/HTTPS/DNS Heimdal protects your workstations against the most modern attacks with DNS alone being 91,3% of Hackers attack angles.

• 1. Patches 99,5% of security-critical

software

Heimdal patches Java 7 / 8, Acrobat Reader, Acrobat Flash, Quicktime, VLC Player, Silverlight and many other applications, covering 99% of security-critical software

• apps. Heimdal works automatically and silently, without

interrupting the user.

Heimdal’s Software Management In-depth

Heimdal’s patch & install engine – key benefits

1. Automatic deployment/redeployment of patches 2. Silent software installation and on-the-fly 3. Silent patching without user interruption 4. HTTPS deliver from Heimdal servers anywhere in the world 5. Covers both feature and security patches 6. Patch release to install time of less the 4 hours avg. 7. Integrates with the active directory without any setup 8. Configurable what you want installed and patched 9. Version management included 10. Un-installation of software supported 11. Scheduling of updates according to PC clock

Advantages

1. Less time spent on following up 2. Less time spent on building images, packages and no reboots 3. Increased productivity and less time spent on support 4. Secure packages and updated machines – anytime/anywhere 5. Ensures you are always covered 6. Quick exploit kit protection 7. Ensures minimal deployment overhead 8. Can be customized to fit your organization’s needs 9. Choose what specific versions to run 10. Can remove unwanted software from your machines 11. Updates always fit to employees in their time zone

Heimdal Anti-Exploit Software Protection

Heimdal offers protection where antivirus products give up. Software exploits, especially in Adobe Flash and Oracle Java, are a common path of attack. Overall, software exploits account for 85% of attack angles. Antivirus products and firewalls cannot shield you from these attacks, as no file is executed on the PC. Heimdal protects you both by keeping your software up to date, and by blocking malicious traffic.

Heimdal Exploit protection

Heimdal Banking Trojan/Data Protection

Heimdal offers protection where antivirus products give up. Banking Trojans and data stealers are

• ften delivered through a morphed

Zeus infection, which has a low 2,25% antivirus detection rate. This means that cyber criminals are

• ften successful in bypassing Antivirus

defenses with their attacks. Heimdal blocks access to the Zeus / Data Trojan servers, thus ensuring banking funds or data is not lost even though your are infected.

Heimdal Data Protection

Heimdal offers 5-layers Cryptoware Protection

CTB-Locker, Cryptolocker, Cryptodefence or Cryptowall is likely the most advanced malware in the world. Heimdal offers protection where antivirus products give up - offering Attack blocking, Patching, Exploit blocking, Dropper protection

• r key delivery filtering.

Infections can happen either via vulnerabilities

• r via exploits delivered from legitimate website

banners and go undetected by antivirus. Once the exploits are executed, Malware droppers deliver the payload, which can avoid your antivirus. By doing so hackers bypass traditional endpoint protection. Heimdal uses the 5-layers to stop Ransomware attacks at different levels.

Heimdal Cryptoware protection

What is the difference?

The key difference between Heimdal and Antivirus products: Heimdal focuses on the communication from and to the PC to combat and detect incoming 2nd generation malware, combined with patching to close security gaps used by

• attackers. In unison, Heimdal offers

cutting edge protection for endpoints.

Heimdal as an Antivirus Complement

Even adds to leading protection

Antivirus products and Heimdal complement each other, because they address different endpoint security aspects. Today’s leading antivirus products offer great signature and file based scanning, with firewall and phishing protection, but they are still different from Heimdal.

Works with any antivirus

Yes, Heimdal works with any antivirus engine on the market. The combined protection you receive will depend on the engines you use, but Heimdal will always add traffic-based protection against new 2nd generation attacks, where as no antivirus product is able to intercept these attacks.

Unified Threat Platform

Heimdal UTP (With API option)

Heimdal Corporate offers real-time threat and status reporting, delivered in intervals of your choosing. Data is graphed and scaled daily, weekly or monthly for an easy overview and can be integrated into SIEM via API. The Heimdal UTP stores the entire history as long as you are a customer and is meant to help you perform compliance audits, asses and prevent risk of infection (IDP/HIPS) and find infections that no other solutions can detect, as well as prevent data leaks (DLP). Coupled with weekly reports, data exports, e-mail alerts and data drill down built-in, this offers a powerful and simple way to manage your environment. Heimdal Corporate UTP helps you perform:

• 2nd Generation malware prevention and detection
• Quick response and Forensics on malware infections
• Data leakage prevention
• Malicious traffic tracking and risk prevention
• Vulnerability management and compliance (GDPR)
• Lifetime history storage for auditing and compliance

Group Policies and Active Directory integration

Heimdal UTP allows you to define policies for Traffic scanning, malware detection, software management and installation – as well as whitelisting and blacklisting of websites per active directory group of your Heimdal corporate environment. This gives you a powerful option to individually tailor your entire IT environment and create policies, which applies to your exact needs across the Active Directory groups in the organization. Once configured Heimdal deployment is simple and easy and can happen through any MSI deployment tool.

Easy policy creation and deployment

Managed Solution

At Heimdal we know time is money and this is why Heimdal also can be purchased as a managed solution, where we keep an eye on the environment for you. Our service is scaled to fit your size (<100 / <1000 / 1000+):

• Real-time alerting of malware infections and potential APT’s.
• Monitoring and advice of potential risks, threats and

vulnerabilities on a Monthly/Bi-weekly/Weekly basis

• Monthly/Bi-Weekly or Weekly advice on how to improve your

security environment.

• Input and suggestions on solving infection problems.

Services offered

Over-the-wire

If a malware infection is spotted by your Heimdal solution, the next logical step is, of course, to remove it. Our support team is standing by to help you. You can buy our

• ver-the-wire removal service and use it to offload some of the

time-consuming effort your IT department makes on this issue. Heimdal will access the computer via Teamviewer to identify the malware infection source, if possible, and attempt to remove it. This helps you maintain the highest possible uptime in your environment, with the least possible business impact.

We patch and install software automatically

No more 3rd party software package deployment through SCCM, WSUS or CAPA.

What is in Heimdal for me?

Low support

We work silently, without user interruption. Your CEO will not be interrupted when you update his/her software.

Vulnerability monitoring

Make sure you’re as protected as you can. With Heimdal, you will be as up to date as possible, if you choose to be.

Significantly increased security

Heimdal increases security before, under and after cyber attacks. Vulnerabilities are closed, Penetration risks are filtered, Data leaks are blocked.

Unparalleled UTP overview

With Heimdal, what happens in your network and with your users becomes very clear. We provide key information on what vulnerabilities, malware, security liabilities and risks you have.

Tedious tasks turn more interesting

Network support staff and Patching operators become security specialists instead, and have more interesting tasks to handle.

Managed solution

Heimdal is a perfect choice if you prefer spending your time elsewhere. Let us keep and eye on your IT environment and keep it safe.

Take the proactive approach

Heimdal is the market’s most proactive security solution. Prevent a long list of infections such as Ransomware, APT’s, Banking trojans and other cyber criminal tactics from compromising your environment. Should you get hit, we can also keep your data safe.

Heimdal market position

Unique Market Position

Heimdal is specifically designed to protect clients against security threats that target data and financial assets, covering a market gap. No other client-based software can protect computer systems against data leakage and advanced, system-hooking malware.

Heimdal vs. Secunia

Heimdal gets the patching done

A key difference in Heimdal and Secunia’s CSI is the fact that Heimdal actually gets the patching job done. By patching anywhere in the world and automatically applying and re-applying necessary patches, you save time and significantly increase your security level.

Silent and no interruption

Heimdal’s silent and no user interruption patching, means that your users will get patched when they don’t use applications, without popups or work interruption. For you, this means less support throughout the IT department and a more satisfied

• rganization.

Easy setup and easy deploy

You setup Heimdal cloud management policies to match the requirements for your active directory structure. Once done, you simply deploy Heimdal through MSI either using SCCM, WSUS or GPO. This will take less than 1h to accomplish.

For internal training only

Heimdal and Malwarebytes

Proactive vs. Reactive

Heimdal is about making sure you don’t get infections on your endpoints, by protecting them via patching and traffic filtering. Malwarebytes has a strong reactive file and heuristic detection engine for when infections have already hit your endpoint. This is where Heimdal uses its traffic-based detection mechanisms. Overall, there is a big difference in the approach to malware.

Exploit Filter vs. Block

Heimdal filters exploits before they hit the endpoint. Malwarebytes blocks exploits targeted towards a range of applications such as Java and Chrome. The technology difference is reactive vs.

• proactive. Using Heimdal’s patching

module removes a lot of the exploit concern altogether.

Complementary

In the end, both technologies are complementary. Heimdal patches software and ensures attacks don’t reach the endpoint, while making sure you aren’t leaking data if infected. Malwarebytes tries to stop execution in Java and Chrome and to detect infections that have already penetrated the system.

For internal training only

Heimdal and Emsisoft Anti-Malware

Proactive vs. Reactive

Emsisoft uses a reactive file and heuristic detection engine for when infections have already hit your endpoint. Heimdal is about making sure you don’t get infected in the first place, by patching vulnerabilities and using traffic-based detection mechanisms. Overall, there is a big difference in the approach to malware.

URL Filtering

Emsisoft Anti-Malware’s “surf protection” refers to blocking dangerous websites. Heimdal looks at all your internet traffic

• n a DNS level, not only in browsers. It

then filters dangerous traffic going in and

• ut. This also prevents data leakage, as

well as ransomware’s communication with Command & Control servers.

Complementary

In the end, both technologies are complementary. Heimdal patches software and ensures attacks don’t reach the endpoint, while preventing data leakage if infected. Emsisoft Anti-Malware uses file & behavior detection to stop infections that have already penetrated the system.

For internal training only

Heimdal and Carbon Black

Heimdal Corporate and the Carbon Black tool

Heimdal is a software used proactively for protecting against infections, detecting them when they occur and blocking any data leakage from happening until they are removed. Carbon Black is used for tracing and intelligence-gathering to gain knowledge about occurring attacks and preventing them in future.

Can I use both security applications together?

Yes, absolutely. Heimdal is all about keeping you and your data out of harm’s way and giving you tools to prevent attacks. Carbon Black is the tool you would use after attacks have happened, to analyze, develop and pre-empt future similar attacks.

For internal training only

Heimdal and Cisco AMP

Heimdal Corporate and the Cisco AMP tool

Heimdal is a tool used proactively for protecting against infections, detecting them when they occur and blocking any data leakage from happening until they are removed. Cisco AMP is used for tracing and intelligence-gathering to gain knowledge about occurring attacks and preventing them in future.

Can I use both security applications together?

Yes, absolutely. Heimdal is all about keeping you and your data out of harm’s way and giving you tools to prevent attacks. Cisco AMP is the tool you would use after attacks have happened, to analyze, develop and pre-empt future similar attacks.

For internal training only

Heimdal and Crowdstrike

Heimdal Corporate and Crowdstrike host protection

Heimdal is a tool used proactively for protecting against infections, detecting them when they occur and blocking any data leakage from happening until they are removed. Crowdstrike is used for multi vector indicator of compromise and intelligence-gathering to gain knowledge about occurring attacks and preventing them in future.

Can I use both security applications together?

Yes, absolutely. Heimdal is all about keeping you and your data out of harm’s way and giving you tools to prevent attacks. Crowdstrike is the tool you would use after attacks have happened, to analyze, develop and pre-empt future similar attacks.

For internal training only

Heimdal and Cylance

Heimdal Corporate and Cylance

Heimdal is a tool used proactively for protecting against infections, detecting them when they occur and blocking any data leakage from happening until they are removed. Heimdal is a great support tool for Cylance Cylance is used for multi vector indicator of compromise, execution/runtime protection to protect the core operating system against compromise or downtime and provide rapid response intelligence.

Can I use both together?

Yes, absolutely. Heimdal is all about keeping you and your data out of harm’s way and giving you tools to prevent attacks from happening in the first place. Cylance is the tool you would use after attacks have happened, to reduce the impact of infection and to provide rapid response against the spread of malware. In essence the two provide a perfect protection match.

For internal training only

Heimdal and Sophos Intercept-X

For internal training only

Heimdal Corporate and Intercept X

Heimdal is used proactively for protecting against 2nd generation malware, such as Ransomware, Trojans and Botnets – Utilizing a multilayer approach, Heimdal blocks incoming attacks and exploits, but also blocks any data leakage and C&C communication from happening until they are removed. Sophos Intercept-X works reactively by trying to detect exploit code execution and by monitoring for Encryption of files and folders. It is the difference of building a safe car or just focusing on the Airbag.

Can I use both together?

Yes, you can, but Intercept-X, is what you should expect to get from your Antivirus vendor working at Harddrive and Memory level to do exploit code detection and file encryption protection, by comparing hashes of files on the Harddrive layer. Heimdal uses a new approach at NIC level scanning HTTP/HTTPS/DNS to keep attacks out and data inside the device. Heimdal also works preemptively to block exploits by physically updating software and if the attack completes, works to block communication to Malware infrastructure.

Heimdal and Sentinel One

Heimdal Corporate and Sentinel One

Heimdal is used proactively for protecting against 2nd generation malware, such as Ransomware, Trojans and Botnets – Utilizing a multilayer approach, Heimdal blocks incoming attacks and exploits, but also blocks any data leakage and C&C communication from happening until they are removed. Sentinel One works reactively by trying to detect exploit code execution and analyzing process behavior to detect infecitons. It is the difference of building a safe car or just focusing on the Airbag.

Can I use both together?

Yes, you can, but Sentinel One is a Antivirus replacement. Heimdal is a 2nd generation add-on working at NIC level with HTTP/HTTPS/DNS level to keep attacks out and data inside the

• device. Heimdal also works preemptively to block exploits by

physically updating software and if the attack completes, works to block communication to Malware infrastructure. Sentinel One works to block exploit code execution and by detecting behavior of malicious processes at the Memory and Harddrive layer.

For internal training only

Heimdal and Tanium

Heimdal Corporate and Tanium

Heimdal is a tool used proactively for protecting against infections, detecting them when they occur and blocking any data leakage from happening until they are removed. Heimdal also provides automated patching/software management for third party software Tanium is used for indicator of compromise to gain knowledge about occurring attacks and preventing them in future. Tanium provides patching for both 3rd party and windows software

Can I use both together?

Yes, absolutely. Heimdal is all about keeping you and your data out of harm’s way and giving you tools to prevent attacks. Tanium is the tool you would use after attacks have happened, to analyze, provide quick response and pre-empt future similar attacks. Both solutions provide patching, but you could purchase either Heimdal or Tanium patching as an option

For internal training only

Heimdal and Infocyte

Heimdal Corporate and Infocyte

Heimdal is a tool used proactively for protecting against infections, detecting them when they occur and blocking any data leakage from happening until they are removed. Infocyte is used for tracing and intelligence-gathering to perform malware tracking and gain knowledge about malware inside the infrastructure. Heimdal performs active protection by patching and blocking malware communication, where as Infocyte provides a reaction tool.

Endpoint vs. Perimeter

Heimdal is a End-point based protection tool and will follow the endpoint, with its protection anywhere in the world. This ensures the end-point is not infected or leaking data, when it is outside the infrastructure and that it is always up-to-date. Infocyte is a perimeter based “in-infrastructure” based product, which detects malware within the infrastructure. Infocyte uses a combination of intelligence and forensics to find malware, where as Heimdal uses a range of automated traffic based algorithms to find malware.

For internal training only

Heimdal and Symantec

Heimdal Corporate and Symantec Endpoint

The key difference in Heimdal to Symantec Endpoint is that Heimdal focuses on the communication from and to the PC, and combines this with patching to combat and detect incoming 2nd generation malware. Heimdal also provides data leakage protection when penetration does occur. Symantec provides file and signature scanning, combined with firewall. In unison, we offer cutting-edge protection for endpoints.

Can I use both security suites together?

Yes, absolutely. Heimdal is all about keeping you and your data out of harm’s way and giving you tools to prevent attacks. If penetration does occur, Heimdal will also protect you from leaking confidential data. Symantec Endpoint protection aims to keep your environment clean of infections and to prevent infections from spreading.

For internal training only

Heimdal and Mcafee

Heimdal Corporate and McAfee Endpoint protection

The key difference in Heimdal to Mcafee Endpoint is that Heimdal focuses on the communication from and to the PC, and combines it with patching to combat and detect incoming 2nd generation malware. Heimdal also provides data leakage protection when penetration does occur. McAfee provides file and signature scanning, combined with a firewall. In unison, we

• ffer cutting-edge protection for endpoints.

Can I use both security suites at the same time?

Yes, absolutely. Heimdal is all about keeping you and your data out of harm’s way and giving you tools to prevent attacks. If penetration does occur, Heimdal will also protect you from leaking confidential data. McAfee Endpoint protection aims to keep your environment clean of infections and to prevent infections from spreading.

For internal training only

Heimdal and F-Secure

What about patching: is there an

• verlap?

Yes, there is. Both Heimdal and F-Secure provide software patching. Heimdal’s patching is built for simple and easy usage from 5- 50.000 end-user environments. It has enterprise-class vulnerability reporting, and lightning quick updating as well. Heimdal outclasses the market by also offering on-the-fly (no reboot) software updates and offering installation of software.

Heimdal Corporate and F-Secure Endpoint

The key difference in Heimdal to F-Secure Endpoint is that Heimdal focuses on the communication from and to the PC to combat and detect incoming 2nd generation malware, and combines it with data leakage protection when penetration does occur. F-Secure provides file and signature scanning, combined with a firewall. In unison, we offer cutting-edge protection for end points.

For internal training only

Heimdal and Trend Micro Endpoint

Heimdal Corporate and Trend Micro Endpoint

The key difference in Heimdal compared to Trend Micro Endpoint is that Heimdal focuses on the communication from and to the PC to combat and detect incoming 2nd generation malware, and combines it with patching to close security gaps used by cyber criminals. In unison, the two technologies offer cutting-edge protection for endpoints.

Is there a overlap on Zero Hour protection?

In wording, yes. In real-life, no. Heimdal blocks communication with domains that try to exploit your computer and provides actual application patching to close gaps. Trend Micro provide Zero Hour exploit protection by closing ports, which are targeted by exploits, therefore the services actually complement each other.

For internal training only

Heimdal and Forticlient

Heimdal Corporate and Forticlient

The key difference in Heimdal compared to Fortinet Forticlient is that Heimdal focuses on the communication from and to the PC to combat and detect incoming 2nd generation malware, and combines it with patching to close security gaps used by cyber criminals. Forticlient focuses on scanning for vulnerabilities, providing firewall technology and executing files in sandbox to screen them a Antivirus technology.

Will they work together ?

Yes, absolutely. Heimdal blocks communication with infrastructures that try to exploit your computer, provides data leakage protection, ransomware attack and dial back protection, as well actual application patching to close gaps. Fortinet provide vulnerability scanning, sandbox execution, file signature and heuristic antivirus scanning so there is a clear complement in technologies.

For internal training only

Heimdal and OpenDNS

Heimdal and OpenDNS

OpenDNS has a cloud only DNS filtering approach. Heimdal on the other side uses a local/glocal approach for faster response. Heimdal also covers and closes vulnerabilities at the endpoint and has the ability to tackle Zero Hour exploits. Ideally as a user, you can setup a OpenDNS perimeter solution to work with Heimdal locally to gain advantage of both intelligence sets and the speed that Heimdal offers.

Will they work together ?

Yes, absolutely. Heimdal blocks communication at the endpoint level locally, whilst OpenDNS blocks communication at cloud level. Using them together gives the advantage of different intelligence sets and the capability of Heimdals exploit and vulnerability handling mechanisms with the OpenDNS capability as well.

For internal training only

Heimdal and Infoblox

Heimdal and Infoblox

Infoblox Endpoint side has a cloud only DNS filtering approach. Heimdal on the other hand uses a local/glocal approach for much faster response. Heimdal also covers and closes vulnerabilities at the endpoint and has the ability to tackle Zero Hour exploits. You can setup a Infoblox perimeter solution to work with Heimdal endpoint to gain advantage of both intelligence sets.

Will they work together ?

Yes, absolutely. Heimdal blocks communication at the endpoint level locally, whilst Infoblox blocks communication at cloud level. Using them together gives the advantage of different intelligence sets and the capability of Heimdals exploit and vulnerability handling mechanisms with the Infoblox capabilities at perimeter level as well.

For internal training only

Heimdal and Webroot

For internal training only

Heimdal References

Vallensbaek Municipality saves time and stops attacks with Heimdal

Interview with Bjoern Borup, Digitalization Manager at Vallensbaek

• Municipality. The Municipality purchased Heimdal and shared their

experience with the solution and Heimdal’s positive impact on the

• rganization.

How were you introduced to Heimdal Security?

”We had a proof of concept period, during which Heimdal was successfully

• tested. The security software from Heimdal was installed on a range of

computers, and after successfully completing the test, we implemented it on

• ur over 1000 clients.”

What is especially interesting about Heimdal – and how does it provide you with added value?

”We had a series of challenges with vulnerabilities and maintenance before getting the solution from Heimdal Security. The product effectively solves 2 major problems:

• time optimization through automatic updates, which also resulted in less

downtime.

• and the product also gives us and effective solution for preventing

attacks. The first challenge, regarding vulnerabilities, is especially related to Java and

• Flash. In this case, Heimdal makes sure that our many clients always have the

latest version of the software installed. Everything runs automatically and we save a lot of manual work. Also, it all runs in the background, so users can continue working, while their software is being updated. The other challenge is the rising amount of malware and ransomware, which

• ur antivirus had a hard time dealing with. Heimdal makes sure that hackers

have a harder time encrypting data and demanding ransom for it. We know that a lot of other public companies have issues with this as well – and we save a lot of time and money with this solution, as well as considerably reduce our risks.”

Can you recommend Heimdal Security to others?

”Most certainly! We are very happy with the solution. Not just the software itself, but also Heimdal Security as a company. They always keep an open line with us, communicating constantly, and they actively work to enhance management reporting for us. They always have a strong recommendation from our part!”

Heimdal References

Heard County frees up resources and time

Interview with Andrew Williams from Heard County, Georgia. The County has used Heimdal for almost a year and shares their experience with the solution and Heimdal’s positive impact on the organization.

How were you introduced to Heimdal Security?

”I read the Heimdal blog and found it to be quite informative and very

• educational. After also reading some of their threat alerts we decided to look

further into the Heimdal product.”

What is especially interesting about Heimdal – and how does it provide you with added value?

”Running software updates across our systems has always been a headache for us. Since this is a key route for keeping cybercriminals out, we had to do something and we were surprised about the value:

• The automatic update system just works automatically and seamlessly

and I was surprised, because doing updates can be tricky.

• and just recently we also discovered the threat filtering system and keeps

finding threats we weren’t even aware that we had. Using Heimdal to solve our challenge, regarding vulnerabilities, is especially related to web plugins, but Heimdal has proved really effective in maintaining any third party applications. The ease of use is phenomenal and

• nce it is set, it just goes by itself. Amazing time saver, without a doubt.

Keeping software up-to-date is a breeze for a change. With the threat filtering now also in place, we can see how much our Antivirus and perimeter firewall systems are actually missing out. And the fact that Heimdal works anywhere you go – is just great.

Can you recommend Heimdal Security to others?

”Most certainly! We are very happy with the solution. Not just the software itself, but also Heimdal Security as a company. They always keep an open line with us, communicating constantly, and they are very knowledgeable. They always have a strong recommendation from our part!”

Heimdal References

NRGI frees up resources and time

Interview with Michael Warrer, CIO of NRGI, Denmark. The company has used Heimdal for almost 2 years and shares their experience with the solution and Heimdal’s positive impact on the organization.

Heimdal evolution

One of the key things we noticed is how the Heimdal software has evolved

• ver time. For us Heimdal continuously evolves the product in terms of

threat protection, detection and uptime management and offers us solutions, which are key to our environment, such as new software to the updating list and which fits us immensely well. Heimdal is very agile and very forthcoming on new requests.

What is especially interesting about Heimdal – and how does it provide you with added value?

Running Heimdal across all our 1.000 endpoints and keeping them secure has always been a headache. Heimdal keeps this simple

• The automatic update system works on the fly and without any reboots

and catches updates faster than any other system we have seen.

• In terms of attack mitigation, the filtering service built in to Heimdal has

also proven its value time and again, helping us prevent Ransomware attacks, Trojans and botnets on our network

• Overall the protection added is of good value to us and we are able to

measure this value in the dashboard.

Can you recommend Heimdal Security to others?

“Absolutely. Heimdal is a core part of our protection environment, which with very low support and a timesaver on a daily basis, just means that running IT is simpler and better.”

Heimdal References

Danish Cancer Society increases threat barrier with Heimdal

Interview with Morten Rye Christiansen, CIO at Danish Cancer Society. The Company purchased Heimdal and shared their experience with the solution and Heimdal’s positive impact on the organization.

How were you introduced to Heimdal Security?

”We ran a proof of concept period, during which Heimdal showed great value

• n our systems. Heimdal was easy to install, setup and configure, but also

starting working immediately after. The impact was quite obvious. After successfully completing the test, we implemented it on our over 800 clients.”

What is especially interesting about Heimdal – and how does it provide you with added value?

”Heimdal covers a broad aspect of threats from Ransomware, APT’s to Banking Trojans and exploit kits, all of which were areas we were looking to enhance protection against. The product effectively our problems by 3 important criteria for us:

• The solution was fully automated once implemented, which meant that

we could actually save time on implementing a new product

• We had to increase our protection against more modern day attacks.
• Our vulnerability management was handled manually before and we

wanted to automate it. Using Heimdal in our environment is simple and straight forward and the management dashboard is great and equally simple. After having used Heimdal for 6 months we have logged a total time saving effort in excess of 50.000€ with all the tasks Heimdal has handled for us automatically. It is a great asset.

Can you recommend Heimdal Security to others?

”Absolutely! We are very happy with the solution. Not just the software itself, but also Heimdal Security as a company. They actively work to enhance management reporting for us and any feedback from us is always listened to.

Heimdal References

Boreal Transport chooses Heimdal for simpler patch management

Interview with Kjell Magnus Hernar, IT Coordinator at Boreal Transport. The Company purchased Heimdal and shared their experience with the solution and Heimdal’s positive impact on the organization.

How were you introduced to Heimdal Security?

”We found Heimdal online and thought of it as being a simple and straight forward alternative to handling software updates through SCCM. We tried Heimdal in a POC period and were very satisfied with how simple it really is to use.”

What is especially interesting about Heimdal – and how does it provide you with added value?

”Heimdal is very simple to setup and very simple to use. We use Heimdal for both installing and updating software. We thought we would only do software updating with Heimdal, but we are now also using it for complete 3rd party application software management. On top of this we also got additional value in the fact that we can use Heimdal in protecting against Ransomware, Trojans and other threats. We had a small issue during the implementation of the Heimdal filtering, but the support has been great and very helpful, whenever we have had the need for them. Heimdal is also constantly evolving the solution and adding more features at no extra cost to us.

Can you recommend Heimdal Security to others?

”Yes, most certainly. Heimdal is a great solution for any company and their support and follow up is great.”

Heimdal References

Donegal County Council

Takes the security of its data security very seriously. In light of current cyber threats – ransomware in particular – and their many ramifications, Donegal made the decision to add an additional layer of security to their current protection. Donegal explored a number of various solutions and, after evaluating them, identified Heimdal asthe best solution for them. After a successful proof of concept, Heimdal CORP was selected and pushed out across 900 endpoints.

SOLUTION PROVIDED

Heimdal CORP was installed on all the endpoints used in the Donegal County

• Council. The installation was simple: it only entailed downloading an MSI file

from the Heimdal dashboard and rolling it out via GPO. As a result, the Country Council can now monitor the Traffic Overview for each endpoint, can automate Patch Management for the top 40 security- critical applications, and enjoy the Advanced Malware Engine and Reporting – all through a simple, user-friendly Unified Threat Dashboard. Consequently, they can prevent infections from taking over the network and can mitigate risks before they turn into fully-blown cyber-attacks.

Why Heimdal

“The main reason we went for Heimdal is that it offered another layer of security (patch management and traffic monitoring/blocking at the network interface level) for us to counter-act the very real and numerous threats of Ransomware that are out there at the moment”. Sean Dunnion, Project Leader, Information Systems, Donegal County Council

Heimdal References

Skive Business Academy

Risks to administrative systems have been a risk to us for a while and Skive Business Academy wanted to work proactively against these threats. We wanted to explore opportunities where we could work proactively in mitigating modern threats against our systems. We explored the security market and Heimdal proved the perfect solution for us.

Clear Value

Being a highly automated solution the value provided through Heimdal was

• clear. We can easily see how many security gaps Heimdal addresses and also

easily see how it helps us keep attackers out. We were quite surprised with the positive effect on our systems!

The most positive

We have been very pleased with the Heimdal product, throughout the trial, the startup of usage, but the best experience with Heimdal is, the continuing delivery of value to us every day. It really makes our lives simpler and Heimdal follow up to ensure we get the maximum possible value from our product.

Why Heimdal

“Heimdal offers a different approach to endpoint security and gives us a fantastic addition to our antivirus product. The patch management is great, the traffic blocking is straight forward and we have to consider risks from all angles and cover as much as possible. Heimdal is great at doing just that. I would definitely recommend Heimdal to everyone. Ulrik Mikkelsen IT Manager, Skive Business Academy

Heimdal References

Interview with DK Company, Christian Foder, IT Operations manager

DK Company runs Heimdal to support their Trend Micro endpoint security

DK Company has been running Heimdal alongside their Trend Micro to help prevent attacks and contain unfolding attacks. Heimdal was selected after a strong POC and purchased, because

• f the multiple layers of additional protection it offered on top of
• ur existing endpoint security.

A helping hand and Ransomware value add

The value of Heimdal offered is clear to us. Heimdal handles all our software updating in a breeze. This helps us keep a range of exploits at bay before attacks can even happen, as well saving us a lot of time. Heimdal consistenly delivers updates to our systems, shortly after they are released. Not only that – and something really big for us, is to see how Heimdal time and again, has added value against ransomware attacks, shielding us from encryption, by containing the malware, when it entered our systems. Heimdal has contained ransomware upon infection and given our Trend Micro ample time to get the signature updates it needed to remove the Ransomware from our computers. Heimdal has sometimes contained the infection for several days before Trend Micro picked up the infection.

Can you recommend Heimdal Security to others?

”YES! Heimdal has been very responsive to us, the support is great and we are very happy with the solution.