B2B Tech Talk with Ingram Micro
B2B Tech Talk with Ingram Micro

Episode · 4 months ago

How Bitdefender EDR Provides Reliable Protection Against Cyber Risks to SMBs


SMBs are under attack, which is why it’s essential that owners invest in reliable protection against cyber risks.

Bitdefender’s Endpoint and Response (EDR) platform can save the day.

In a special As the Gears Turn edition, Devaughn Bittle and Patrick Cash talk with Michael Reeves, technical director, MSP and cloud at Bitdefender, about:

- How Bitdefender is investing in EDR

- Three critical areas for a good security architecture

- Special services for the SMB space

For more information, reach out to Lisa Waite (lisa.waite@ingrammicro.com), Michael (mreeves@Bitdefender.com) or visit Bitdefender GravityZone Cloud MSP Security.

To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk

Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or tune in on our website.

...you're listening to B two B. Tech talk with ingram Micro a place to learn about how to grow your business and stay ahead of technological advances before they become mainstream in today's episode we're introducing a new business and technology minded series brought to you by ingram Micro's smb alliance community called as the gears turn, hosted by to ingram micro snb alliance council leaders Mr Devin biddle and Mr Patrick Cash both successful M. S. P. S. And both ready to call the business of I. T. As they see it. So with that said let's make it happen. Welcome to as the gears turn. Welcome to another episode of B two B Tech talk with ingram Micro special as the gears turn edition where your host, Stephen biddle from computer cations out of Frederick Maryland and Patrick Cash from blue store networks out of Atlanta Georgia today we have the pleasure of speaking with Mr Michael Reeves. He is the technical director of MSP and cloud bit defender. Michael welcome. We are super excited to have you with us today. Yeah, thanks so much for having me. I really appreciate your guys time and for having us on. I bring you greetings from sunny Arizona today, so very nice. Well hey before we jump into all things bit defender, let's get a little bit of Michael Reeves history and how long have you been in the industry and maybe what's a what's the favorite part of the work that you're doing? Good question. So I started I'm kind of dating myself now but I started in the late 90s, quickly developed. Just a love for security, I think, um, it's, it's helping customers defend their environments against malicious actors that wanna, you know, do harm to them. So I feel like, you know, we're one of the good guys and we're uh, you know, I get to help them actually secure there organization in a much more efficient and better way. And so that's, that's what I love. And I love the people I work with. It's, this industry is a fantastic industry for, for great people. So Michael, that's great, definitely cybersecurity keeps everybody on their toes, doesn't it? Oh yes, it does. Because the threats are constantly evolving. It's never static. So it's always an adventure each week. Absolutely is an adventure. And you know, it's, but it's, I think what's been really encouraging for me, at least being in the industry for so long back in the day when I first started the talking about security is what you used to do with just very specialized, highly trained individuals that are, you know, hardcore security folks. And um, and the rest of business didn't really talk a lot about security. So it wasn't top of mind, but then I would say about a decade ago or so automation tools started getting into the security space and especially on the malicious actor side. And so it became very simple for someone with malicious motives to enter into the cybersecurity space and then really do damage two businesses globally, whether they're large, whether they're small. And I think that's really raised the awareness of, hey I need to be at least cognizant of the fact that my business is at risk, whatever the size. And so it's that's that's what's kind of changed in the industry over the last decade or so. Yeah, so as S. And B. S. We know how important it is to have reliable protection against cyber risks in order to protect things like our work data and finances, right, devon. And as we just mentioned, you know, I mean the threat landscape is evolving...

...and it's constant. We're getting these notices all the time and it can be a lot to deal with that on an ongoing basis. Yeah. And which is why it's so great. We have Michael on today to talk with us through how bit Defender can actually be a really valuable tool to help mitigate all of these security concerns. From prior conversation, Michael, you told us that Bit Defender is really focusing in on the advanced threat, security and and er platform. Can you talk us through how bit defender is investing in the D. R. And why the technology should be something R. S. And B. S. Should all be aware of? Uh great questions. So yeah, definitely S and B. S are under attack at this point and it's it's sad to say, but the malicious actors have become automated and so they have platforms that they can use to affect a wide variety of businesses, including S and B. S in a very simplistic way. So you don't even need to know anything about security and you can wreak havoc. All you need to do is have malicious intent and go for it. And uh the industry provides the tools to do that. So bit defenders saw this, you know, a couple of years ago where you started to see these automated tools come in to the market on the malicious actor side. And so bit defender started to invest pretty heavily actually and it's our number one priority over the last year or so and will continue to be moving into next year because DDR and DDR, if you don't know, stands for endpoint detection and response, it's it's the ability, it basically is to abilities that are required in a good security architecture. And and the first one is the visualization, so the ability to know if you're being attacked or not. So that's the threat intelligence that is creating incidents so that you can look at them and see, hey, is this benign behavior in my environment or is this malicious behavior that hopefully my antivirus software or endpoint security solution has stopped in an automated way. And if not, I need to jump in and do something so that the second piece of that. So the first pieces, visibility, the second piece of that is the response piece and there's two types of responses in this area. The first one is like the automated response that hopefully software is taking care of for you. But the second is where the automated security kind of comes to the end of its limit and you as a person as a human need to take some sort of response. So for example, in the past it used to be, I'm going to go unplug the network cable from my computer or my servers or from my work stations. Nowadays you can do that remotely and we call that isolating your host. It's basically pulling the network cable out so you protect that endpoint from further damage. So you can do that now through E D. R consoles where I can say I want to isolate that host. It's being inundated with malicious activity. Maybe that activity is starting to spread to other systems in your environment. So you get all these detection zones going on in your E D. R. Console and then you can take response. So that's where it's why it's called endpoint detection and response. And really, really critical nowadays. And so what bit defenders investing in is making that simpler for small medium business and MSP s to consume. Because a lot of the challenge in that space is just in the area of alert fatigue where you're just flooded with stuff and you...

...don't know what it is. So big defenders helping to explain what each of those threats are. We're also helping you to correlate those threats. So they don't come over as isolated incidents. Sometimes they come over as a correlated behavior. So maybe something affects four or five endpoints will show you the relationship between those. And then also just um the area of of other types of sources of information and bringing that in. So things like email, things like networking where you get a real full picture in a very easy to understand format that's already correlated for you. You already have a timeline documented. And so you can say very quickly, is this benign, is this malicious and then take action? So that's kind of where bit defender is is investing and it's really exciting to see the value that it's bringing to both MSP. S and S. And B. S. Out there. Well, it sounds like there's been a lot of time and development focused on a tr um in the way bit fender takes this approach. I feel like there's probably a couple of other ways that bit defender is kind of trying to encompass, you know how we're tackling this approach. Maybe there's a couple other items that we want to talk about. Yeah. I mean I i if you take a step back, I like to keep things simple, especially for business owners that are not really security professionals. But here here are the three. I call them the three big buckets or the three legged stool or I'll liken it to after. I explain it to an analogy of sports analogy, but there are three critical areas that you want to look at to have a really good security architecture for your business. The first area is the area that everybody knows and this is the what I call the prevention layer, it's the automated security controls. In other words, the automated security actions that defend your environment. Think of this as antivirus software or endpoint security software, it's the stuff that's supposed to protect you in an automated way so you can go about doing what you should be doing in your business. So that's the only the first area. The second area is what we've been talking about and that is the detection and response area, which is the visibility and the ability to actually impact a threat in your environment in a defensive way, so be able to see a malicious activity and then be able to take some sort of action. So that's the second area. The third area that just doesn't get enough press and should be talked about all the time because one is one of the simplest things that you can do and to it's just never done. So this is the area that I call system hardening. It is the area where in most businesses, especially small businesses, it is very easy to penetrate that environment if you're a malicious actor, you could do it on an automated basis and I'll give you some very specific in this area passwords of your employees and yourself you need to have a policy in place and you need to enforce that policy where your employees our number one not using the same password on multiple websites. So there so your employees and yourself your facebook password should not be your business password and it should not be your banking password and stuff for...

...simplified reasons. Right? I know it's very complicated and there are tools that can help you to rotate your passwords or create complicated passwords. Just something that is makes it more difficult for malicious actors to get into your environment with rights already and be able to wreak havoc in your environment. So that's like simple number one. That's what we call system, hardening other area. Ransomware has been in the news a lot this year and there's been some sectors of our economy that have been impacted greatly by ransomware. Every single one of those attacks, if you look through the news article, they don't spell it out for you. But the way the ransomware got in the environment is what's called anonymous guest accounts or insecure guest log on accounts. What that is. Is there's accounts on your computers and I have yet to find a single environment that does not have these in their environments. It's turned on by default but allows me as an external entity to log into your environment without a password and start to do reconnaissance and start to move around and figure out what your other accounts are. Those are called anonymous guest accounts. They can be eliminated by just changing some operating system settings. That is probably the number one way that ransomware gets into environments. And yet every business doesn't close those accounts. I can't think of one reason from a security perspective to have an account in your environment that does not have a password associated with it. So just basic blocking and tackling, we call that system hardening. That's the third way third leg of the stool. So I think of it from a football analogy. You know, great football teams have great offenses, great defenses and great special teams you've got, especially as you get to the highest level. You've got teams that can, that are very effective on all three sides. When you're missing one of those areas, your team doesn't go as far and the same thing in security, you want to have all three legs of that stool, All three phases of the game they call it working well to ensure that your business is secure against malicious actors. So anyway, sorry, that was a long winded answer. But that's perfect. That's, you know, I mean really breaks it down into uh, the knowledge level, you know, the too long didn't read and a great analogy to Yeah, I like that. That's a good answer. Can you tell us what else is coming from? Bit defender. I know, you know, for instance, bit defender is starting to integrate with several socks solutions, which is really important for a lot of other MSP s and maybe expand on other innovations that bit defenders got coming. Yeah, sure. Yeah, great question. So we we just uh well we didn't announce it, but like Rocket cyber, we're getting integrated into Rocket cyber. They're very excited about that, integrating into Fortify. Were they're very excited about that And and bit defenders platform is really built for integrations. We've got a fantastic way to integrate very simplistically with defender via API So we're integrated into lots of R M. M. S. There are more coming, we are working with them now and hopefully very soon here will announce a couple of other integrations with some very popular are memes out there and what's really cool is they're motivated to work with Bit defender because one bit defenders got a great reputation for just working really well and two, it's really simple to...

...integrate with us. So the, the arm MSR are very motivated to work with us and then also distribution. So there's some some great work being done actually by ingram Micro now and hopefully we'll have some some great press here very shortly where we can integrate into their marketplace. So I'm very excited about that right now. We're great partners with ingram and to be able to bring automation into that partnership so that you as a customer or you as a partner, you want to consume. Bit defender and do it on a monthly basis. You can just go to website click and you get a build, you know, every 30 days for what you use. That's awesome. So we're looking forward to that. That's coming here very shortly. So always uh integrating and developing new partnerships along the way. So very exciting area for us, Michael, maybe you can give us um some bit defender wins maybe a success story or to that kind of stand out that, you know, folks could say, hey, that sounds like a product that I would want to use. Great question. So a lot of the work, so being a bit defender employee, we get to see a lot of this internally but is not really talked about publicly. A lot. Bit defender is a very we are dedicated security company. Over half of our employees are our engineers by trade. So we we take this very seriously. We're not a real great sales and marketing company but we're we we write really good code and but there's a bit, there's a piece of our business that doesn't get a lot of accolades publicly. But I will tell you, we've got teams globally that work with law enforcement. So they work with the FBI here in the U. S. They work with Euro pool, Interpol, things like that. There are behind it seems team, we internally refer to them as as team Draco. That's kind of our kind of our mascot or our symbol and it's a really cool icon really. But this team, they are very highly specialized security personnel that are trained in forensics and they do threat hunting and they help our customers and our partners, some of which this year have been in the news and they what's really cool and some wins for us that are not really stated publicly. It's really neat as an employee to have one of our partners get attacked in some way. And the first call that's made to that partner that partner reaches out to us as bit defender employees. And we basically say how can we help and we get these internal highly specialized security skilled professionals involved in helping partners too do combat with with these folks, these malicious actors and also to be able to help provide forensics information to hopefully bring these folks to justice. That's kind of the big wins for us. We don't get a lot of press um about that. But it really, you know, as a security professional, you really see one bit defender coming to the aid of partners that are a lot of times overwhelmed with various attacks, some of them very sophisticated and require highly specialized resources. So it's really cool to see bit defender come to the aid of these partners and customers and helping them out. So those are the ones like you said, you've got to be able to...

...share those stories. Yeah, it's interesting. I I wish now what we do, see what you do see publicly sometimes is a bit defender will reverse engineer various forms of ransomware and we will release the decrypt er for customers on our website and say mr customer, you've been hit by this particular ransomware. Here's a free decryption tool, go release yourselves. And so that comes out publicly. It's all the other stuff that happens behind the scenes. It just doesn't it doesn't make it to the news, but whenever we can well, like I said, we're we've got hard coded hardcore engineers who really smart technically and they if they can reverse engineer it, they will do it and then we'll release it into the wild. It creates a a lot of angst and sometimes we get some I don't know why we get some bad press from some people for doing that. But um I think it's great. I think I look at security as a community involvement and the more we can help each other in this area, the better. So bit defender releasing descriptors for ransom where I think it's awesome. I think it's great too. So you got a supporter on this side too. So are there any um specific like S and B. Because this is the S and P podcast any any special offers or services that bit defender provides that may just fit the SMB space. Oh yeah, great question. So I in my opinion. So this is just take this with a grain of salt but in my opinion in this space and I think the market is bearing this out over the last probably 18 months or so that what we call the cloud security for MSP product is specifically built for the SMB space. Like it is simple to use, it's automated so you can integrate it with your platforms. But it yet I don't think the simplicity and the automation makes it a simplistic defense. In other words we've taken very high grade enterprise type security products and we have simplified the front end for them. And so you can get as an SMB and enterprise grade security platform where you can cover the endpoint, you can cover the web, you can cover networking, you can cover email, you can, you've got built in E. D. R. It will integrate with various socks services if you want to expand in that area. All in a very easily consumed like monthly billable option that you can deploy out very very simple into your environment. And it just works in fact Just hot off the presses last week we won the North American customer choice for gardener. So you know kudos to our product team but the the market is starting to see that bit defender just works. It's easy to use very powerful. It does what it's supposed to do and um and so are our business is just booming. So um if you haven't checked it out, I highly recommend you try it. Most customers. In fact, I would say 99% of partners and customers that try our solution never take it out. They just love it. And and I would say...

...again, specifically built for the S. And B. It's it's uh I don't know what else to say about that but it's it's really great. That's awesome. So uh one question we'd like to ask all of our guests on B two B tech talks as the gears turn edition is when you think of technology as a whole, where do you see it going within the next year. Wow. Uh Great question. I would say Hybrid is here to stay. So I think the whole mobile workforce we used to talk about it is uh some sort of theory about a decade ago where you had mobile users that were kind of looked at from a security perspective as a one off situation. Now it's the norm. So you have to have a security architecture that allows your users wherever they are, whether they're at home, whether they're in a trailer somewhere on vacation and they're doing work from there or they're in a hotel or an airplane or wherever they are, they have to be able to be secure in that environment with those unknown networks that they connect to. So I think the mobile workforce is going to be the standard from now on. But the other thing that really concerns me and maybe this isn't a year out, but looking out maybe a little bit past that is we are interconnecting everything so from your car to your refrigerator, your tv, like everything is going to be connected. And what really scares me is malicious actors starting to penetrate those types of environments like as our cars become more automated, What happens if a malicious actor gets ahold of the car and starts to wreak havoc that way or, you know, our energy sector is digitally, I mean there's so many interconnectedness now with technology, the endpoints and things like that are kind of small potatoes in my mind, that's what scares me is looking out. How do I protect my family from malicious activity, you know, over the next 567 years it's going to become way more complicated as we connect more and more devices to our, even our home based networks, home based security I think is going to become extremely important where you're going to need, you know, like corporate security architecture where you've got firewalls, you've got, you know, web application kind of firewalls, you're gonna have to be inspecting traffic to and from your house and then you're going to need to make sure that the devices that you're buying out there also have some sort of embedded security so that you can trust them enough to use them, whether it be on the road or wherever you are and you take that technology. So that's kind of where I see things going over the next 56 decade, you know, tight time frame. Nice. Well hey Michael, we've covered a lot in a very short window here today. Where can people learn a little bit more either about you or a bit defender? Yeah, so you can find me on linkedin. Um so I've got a linkedin profile if you want to connect up with me, it's just Michael Reeves. If you search for Michael Reeves, C. I. S. S. P. Uh you'll find me on linkedin. You can also connect with me via email. We've got my email address is m Reeves at bit defender dot com. Feel free to reach out to me. That's totally fine. And...

...yeah, I just really appreciate your guys this time and talking about security. I think it's a really important topic. Absolutely. Michael, thank you so much for sharing your knowledge. Uh cybersecurity is is a hot topic and I think this is very helpful. Hopefully helpful for a lot of listeners. So yeah, on behalf of Patrick and I thank you, I appreciate you coming on, you're welcome. There's more information for this episode found on the ingram micro Smb portal. If you're already a member, you can access this information at any time. If you have a specific question, you can always reach out to your ingram micro rep for more information on how you can get involved with SMB. Thank you for tuning into as the gears turn and subscribing to B. Two B tech Talk with ingram Micro, you've been listening to B two B tech talk with ingram Micro special as the gears turn edition, hosted by Devin biddle and Patrick Cash. This episode was sponsored by ingram Micro's SMB Alliance B two B Tech Talk is a joint production with Sweet Fish Media and Anger Micro. Anger Micro production handled by Laura Burton to not miss an episode. Subscribe to the show on your favorite podcast platform. If you're listening on apple podcast, we'd love for you to leave a quick rating of the show. Just tap the number of stars you think the podcast deserves? Until next time. Yeah.

In-Stream Audio Search


Search across all episodes within this podcast

Episodes (395)