Chat with us, powered by LiveChat
    • Solutions

    • Network Vulnerability Scanning Software Services
    • Analyze
    • Score
    • Automate
    • What is on my network?
      Quickly, comprehensively and accurately assess endpoints and servers for operating system and application vulnerabilities.

    • Which assets are at risk, and what should I do about their vulnerabilities?
      Identify which assets are at risk and receive actionable intelligence to reduce workload and increase effectiveness.

    • How do I measure my overall risk and where should I focus remediation efforts?
      Benefit from a clear, easy-to-understand metric to determine your organization’s security posture.

    • How can I integrate Frontline vulnerability findings into my security workflow?
      Easily integrate discovered, analyzed, scored, and prioritized vulnerabilities into leading security workflow management platforms and SIEMs.

    • Test
    • Educate
    • Compliance
    • How do I assess where I’m exposed from an attacker’s perspective?
      Assess your “network attack surface” and your “personnel attack surface”.

    • How do I ensure all personnel are cognizant of risky “digital behavior”?
      Increase the security IQ of employees, contractors, and patrons to effectively defend against a security breach.

    • Am I meeting requisite compliance standards?
      Leverage the expertise of one of the world’s longest tenured PCI Approved Scanning Vendors (ASV) to achieve compliance AND an optimal level of security.

    • Frontline.Cloud Subscriptions

    • Frontline ATS Advanced™
    • Frontline Advanced™
    • Frontline Pro™
    • Frontline Active Threat Sweep Advanced (Frontline ATS Advanced) complements your existing endpoint protection technologies providing an agentless, easy to deploy method to quickly and reliably analyze assets for active threat activity and indications of compromise.

    • Frontline Advanced is Digital Defense’s flagship vulnerability management offering. Powerful and effective, the service is delivered in a rich, affordable and easy to consume subscription.

    • Frontline Pro provides the same industry leading solution subscription as Frontline Advanced, but adds a Personal Security Analyst (PSA) to help lift the burden of vulnerability management.

    • Frontline PCI Pro™
    • Frontline Pen Test™
    • Frontline WAS Advanced™
    • Frontline Payment Card Industry-Professional (PCI-Pro) service guides businesses through the PCI Data Security Standards (DSS) requirements maze with security expertise and personalized recommendations to achieve compliance.

    • Frontline Pen Test offers a conveniently packaged sequence of periodic (and scheduled) pen tests into an annual subscription.

    • Frontline Web Application Scanning Advanced (WAS Advanced) as a subscription will provide the highest level of results through a system that is easily deployed and maintained.

    • Frontline.Cloud Platform

    • Frontline Active Threat Sweep™
    • Frontline Vulnerability Manager™
    • Frontline Web Application Scanning™
    • Frontline Active Threat Sweep (Frontline ATS), an agentless system, enhances your existing defense-in-depth coverage by uncovering gaps in your present endpoint protection, active threats and indicators of compromise.

    • Frontline Vulnerability Manager (Frontline VM) is the industry’s most comprehensive, accurate, and easy to use VM system – bar none.

    • Frontline Web Application Scanning (Frontline WAS) has been developed to provide the highest level of dynamic web application testing results through a system that is easily deployed and maintained.

    • Technologies

    • DDI NIRV™
    • DDI VRT™
    • DDI DNA™
    • DDI NIRV – the technology core of Frontline RNA™ – works on the principle of real-time event-based tuning. As it learns more about hosts and the network, NIRV adjusts its plugin sets and auditing mechanisms in real time – leading to far more accurate and complete scanning data.

    • While Digital Defense has achieved public acclaim for its superior vulnerability scanning, vulnerability management, and best practice consultative services, we are also actively involved in security threat research.

    • Digital Node Attribution (DNA) is the core technology within Frontline VM that eliminates network drift. As point in time scans from RNA are fed into Frontline Vulnerability Manager™.

    • Professional Services

    • Frontline Pen Test Project™
    • Frontline Social Test™
    • Frontline Cyber Threat Management™
    • Understanding and addressing network and host vulnerabilities is, of course, an essential element to strong information security.

    • Social engineering is a popular technique attackers use to gain access to your network and, ultimately, valuable information held by your organization.

    • Frontline Cyber Threat Management solutions offer organizations expert threat intelligence to evaluate their level of risk in the ‘open, deep and dark web’.

    • SecurED® Training
    • TEAM™
    • Consultative Services
    • SecurED, an entertaining awareness training designed to optimize employee retention of serious security intelligence and best practices.

    • TEAM is a comprehensive online learning management system that helps you address Security Training, Education, and Awareness Module (TEAM™) to reduce risk.

    • As your organization grows in size and complexity, determining exposure to information asset risks becomes more challenging, as does your ability to identify threats and implement effective plans to address them.

  • Get a Quote

Hello out there and welcome to the birth of this brand new Blog titled “Information General” and which includes a series of ongoing blog posts related to internet security defense.  This Blog includes social information sharing, games, interviews, guest blog posts and much more, all surrounding ongoing regular educational and interactive content primarily related to the topic of Internet Security Defense.  My name is Gordon, and I am first and foremost a participant taking part and interacting within this Blog.  I am also the primary blogger as well as your host within this forum. 

What is this Blog about?

Whether you are the CIO, the Senior IT Staff Engineer, one of the HR representatives at your company, or perhaps you are retired and simply interested in this exciting and evolving field, this blog is for you.

I’ve always enjoyed strategy games, and especially those related to war, such as Risk, Stratego and Chess, but I had stopped playing these games until one day about 5 years ago, one of my friends invited me over for a friendly game of Risk.  That same day I realized the internet security defense field has many similarities to the field of warfare.  I often enjoy using interesting analogies to situations because in addition to entertaining myself, they often help me to better understand the given situation.  Shortly after having that fun day playing Risk, I starting considering the need for a company to protect their information as analogous to nations or organized societies, that have valuable resources others desire, and for which these threats are willing to “go to war” for this value.  In this analogy, the IT leaders of companies are replaced by military Generals who face many challenges such as the vast technical aspects of internet security defense, understanding the enemy (who and/or what wants my data, what are their motivations, strengths and weaknesses), socializing and planning with the nation leaders in order to obtain defense resources (money and soldiers) and much more.  I often lose myself in this mind game, and I find it much more entertaining when I imagine that I am this wise, strategic General.

Over time in exploring the above analogy, and in my interactions with other internet security experts, I realized we often lose ourselves in specific cool products and services and we are distracted from considering the big picture, the General’s point of view.  However, when we play “the game” and take on the General’s role, things become clearer, we become aware of challenges we had not seen before and we enter a space that allows us to think in different ways.  From this space, we even experience creative moments during which radical solutions we had never before considered, occur much more commonly.

My goal with this Blog is to provide a forum within time and space which includes a prevailing spirit of openness, cooperation and creativity and which encourages all participants, including its blog authors as well as its readers, to expand our understanding of, as well as to share information related to, the challenges we face within the realm of internet security defense.   To achieve this encouraging environment, the Blog’s administration, its content and activities, the forms of interactive communication as well as its structure, are all created with a specific underlying spirit and intention; they emerge from the space I described above and which I refer to as “The General’s point of view.”  The Blog posts will primarily be focused on challenges, observations, solutions and more, related to internet security defense.  Since a good defense requires a deep understanding of the threats faced, some blog articles will also include case studies with much detail on the anatomy of attacks that have occurred in the industry. The Blog will also include regular fun, creative and engaging activities (including games) for its participants, interviews with internet security experts, experiments and much more.

Why this Blog?

Having just shared openly my relationship and appreciation for DDI, I must next share two of the possible outcomes that I have explored and which are possible direct effects of this blog and my participation.  The first possible effect this may produce is the possibility that I, your blog host, am perceived by our blog participants as biased in favor of my employer with regard to those topics and discussions within the blog for which DDI offers specific solutions.  I also realize that were this possibility to occur, it would likely reflect negatively upon DDI.   Further, since I know DDI also realizes this, I must conclude DDI trusts me and I am fully aligned with this trust.  Without further description, I reveal now we (DDI and I) have weighed the risks associated with the first possibility, versus gain which may be realized by the second possibility described next.  The second possible effect explored with regard to the life of this blog is the potential gain that may be realized by the internet security industry, resulting from my true intentions; To participate with others in our quest for the complete truth surrounding any curiosity we may all feel towards the internet security industry, its defense, its attacks, its mysteries and its misconceptions.  I feel it important to clarify and restate this in a different way.  My intention with this blog is to participate with others in shared learning within this industry.  It is a simple action.  DDI and I, view this blog and its intention as a contribution to the internet security industry. We believe this contribution will provide value and further, will ripple outwardly and positively affect those who interact with those who have directly participated.

You are the General, You Must Act

To start this Blog off right here and now and to get us thinking and bring us into this space of “The General’s point of view”, I will ask a set of questions of myself and of all its readers.  As the General, consider the following:

  • What are you protecting?
  • Who are your enemies, what motivates them, what capabilities and resources do they currently have?
  • What are your capabilities?
  • What are the capabilities and resources of your “army”?
  • What would your overall defense strategy be?
  • How would you organize your defenses?
  • What solutions, technical and human do you need in order to achieve your goal?
  • What are the equations and variables that come into play with respect to all of the above, including those related to all involved humans?

I look forward to sharing, interacting and learning with you in this space.

Sneak Peak at Upcoming Blog Posts

Thank you for participating and experiencing the birth of Information General and I look forward to interacting with you.  I conclude this post with a glimpse of a few of the upcoming Information General Blog posts by sharing their titles shown below.

  • A deep look into the recently released 2014 Verizon Data Breach Investigations Report
  • Analysis of the recently disclosed Heartbleed Vulnerability
  • Overview of Network Security Defense
  • Exploring Enterprise Security Intelligence
  • An Ideal Security Intelligence Solution