For Gustavo Cornejo Lizama, Network Manager for a large public sector organization in Santiago, Chile, moving to a Sophos cybersecurity system has halved his team’s workload.

A team of twenty IT professionals supports the organization’s one thousand employees, however only three ‑ a security expert and two admins ‑ focus on cybersecurity.

To protect against malware and other threats, they use a Sophos cybersecurity system: a Sophos XG Firewall along with Sophos next-gen endpoint and server protection.

Everything is managed through the cloud-based Sophos Central administrative console.

Gustavo shared the impact the Sophos system had on their day-to-day cybersecurity operations.

Life before Sophos: entire work days spent monitoring cybersecurity

With their previous cybersecurity products, Gustavo and team faced a huge amount of daily administration and were slowed down by network issues.

In fact, they used to spend a full eight hours a day between them monitoring for security issues. This took up a significant proportion of their overall capacity, limiting the team’s ability to work on other tasks.

Life after Sophos: 50% reduction in admin time plus improved bandwidth

Since switching to the Sophos system, Gustavo and team have been able to reduce the time spent monitoring for security issues from eight hours to four hours a day.

Management is now simpler and easier, as they can control everything through the Sophos Central console. At the same time, they also experience far fewer network issues.

One feature which has been particularly beneficial is the ability to identify and control all applications on the network, which we call Synchronized App Control.

Sophos endpoint protection and XG Firewall constantly share information in real time, enabling the firewall to identify all apps, including those that would prefer to remain hidden.

Armed with this insight, Gustavo has been able to block social media and streaming, resulting in improved user productivity and bandwidth.

Favorite feature

A favorite feature of Gustavo and team is the ability to manage firewall, server, and endpoint security through a single cloud-based platform, giving them one-stop shopping for security management. Everything they need is at their fingertips with a single login.

Whether managing bandwidth, controlling apps, or dealing with general security issues, everything is handled through a unified console, cutting the time spent on these weighty tasks in half.

See it in action

Watch this demo video to see just how easy day-to-day security management is with a Sophos system.

To try the system for yourself, the easiest way is to start a free trial of one of our products.

And for anything else, or to discuss your own challenges, the Sophos team is here to help.

The COVID-19 era has ushered in a global organisational transition to remote working policies and highlighted the need to bolster protection against cyber-attacks and inadvertent data misuse at the hands of employees.

Top cybersecurity leaders outline key areas to facilitate successful remote workforce environments in this latest article by HelpNetSecurity, including HelpSystems CEO Kate Bolseth, who discusses the value of data classification in protecting vulnerable corporate assets.

“One thing must be clear” Kate Bolseth writes: “your entire management team needs to assist in establishing the right infrastructure in order to facilitate a successful remote workforce environment.

Before looking at any solutions, answer the following questions:

• How are my employees accessing data?
• How are they working?
• How can we minimize the risk of data breaches or inadvertent exposure of sensitive data?
• How do we discern what data is sensitive and needs to be protected?

The answers will inform organizational planning and facilitate employee engagement while removing potential security roadblocks that might thwart workforce productivity. These guidelines must be as fluid as the extraordinary circumstances we are facing without creating unforeseen exposure to risk.

When examining solutions, any option worth considering must be able to identify and classify sensitive personal data and critical corporate information assets. The deployment of enterprise-grade security is essential to protecting the virtual workforce from security breaches via personal computers as well as at-home Wi-Fi networks and routers.

Ultimately, it’s the flow of email that remains the biggest vulnerability for most organizations, so make sure your solution examines emails and files at the point of creation to identify personal data and apply proper protection while providing the link to broader data classification”.

We’re pleased to announce the addition of new reporting capabilities for Sophos Central Firewall Reporting (CFR). If you’re a customer of CFR Advanced, you’ll see new options to save, schedule, and export your favorite reports in Sophos Central, further extending your powerful custom reporting capabilities in the cloud.

What’s new and how to use it

• Save reports as templates – Central Firewall Reporting Advanced lets you save custom report templates. First, customize a report with the columns, filters, and chart type you want. Then save it in your template library for quick access whenever you need to run it.
• Schedule reports – Getting your favorite and custom reports is now even easier, as you can schedule them to be delivered your inbox or picked up in Sophos Central at your convenience. The scheduler allows you to set a frequency for your reports, including daily, weekly, and monthly options.
• Export your reports – Reports can now be exported in HTML, CSV, and (coming next month) PDF formats. As an additional bonus, the exported reports provide up to 100,000 records in a report, whereas the interactive reports in Central are limited to 10,000 records. Download your favorite report for offline viewing directly from Sophos Central or have it delivered to your inbox.

You have complete control over the scheduling frequency, report format, and delivery…

We will be covering Central Firewall Reporting in more detail in an upcoming article in our Making the Most of XG Firewall v18 series.

What you need

CFR Advanced is a new subscription license that offers additional firewall log data storage for historical reporting, and now adds these new features for saving, scheduling, and exporting reports.

CFR Advanced subscriptions are on a per-firewall basis, so each firewall you wish to report on in Sophos Central will require its own CFR Advanced license.

CFR Advanced licenses are purchased in 100GB storage quantities. You can use the storage estimation tool (at sophos.com/cfrsizing) to quickly determine the estimated storage required for your particular needs.

XG Firewall v18 is required to take advantage of Central Firewall Reporting. We encourage everyone to upgrade today to take advantage of all the great new performance, security, and feature enhancements.

Talk to your preferred Sophos partner today about adding CFR Advanced to your account so you can take full advantage of the rich customizable reporting options in Sophos Central.

New to Sophos Central Reporting?

If you’re new to Sophos Central Reporting, you can try it for free. Simply set up your firewalls for Sophos Central management and log into Sophos Central to give it a go.

You can learn more about what’s included with Sophos Central management and reporting on our website or download the PDF brochure. And if you’re new to Sophos XG Firewall, be sure to check out how you can add the best visibility, protection, and response to your network.

Security services bestow organizations with the security expertise they desperately need to combat ever-increasingly capable threat actors, as illustrated by the momentum in uptake of our Managed Threat Response service.

Remote Desktop Protocol (RDP), while a legitimate tool, is also a common ingress point for attackers looking to break into an organization. A recent Sophos survey found that in 9% of ransomware attacks, RDP was the method used to gain entry.

Fortunately, Intercept X Advanced with EDR makes it easy to identify devices that have open RDP connections and remotely shut them down, all from a single management console.

Sophos EDR includes Live Discover, which leverages a collection of pre-written, fully customizable SQL queries to answer IT operations and threat hunting questions.

To begin, we select which devices we want to check.

There are a variety of different categories to choose from depending on your needs. We have a couple of options for RDP. Identifying devices with running processes that have active RDP connections or finding devices that have RDP enabled.

In this case we want to do the latter, so we’re going to create a short query for the task. A quick search of the Live Discover query sharing forum gives us exactly what we need. A couple of clicks later and we have our query ready to run (we also had the option to select a pre-written query to identify devices with active RDP connections).

The query identifies a device that has RDP enabled. From the same console, we launch a Live Response remote terminal session to the device and use the command line interface to disable RDP.

It’s that easy to detect RDP and disable it across your entire endpoint and server estates. To learn more about Sophos EDR head over to Sophos.com or to try it for yourself, you can start a no-obligation 30-day trial.

We often get asked about the inner workings of Netsparker’s vulnerability scanning engine. People familiar with network and virus scanners also ask what vulnerability databases we use and how often we update them. In reality, it’s all a lot more interesting than ticking boxes on a list of known issues. Time to set the record straight about how a cutting-edge web vulnerability scanner works.

Two Sources of Vulnerability Information

When most people hear the word “scanner”, they think of software that looks for known risks. This is generally what virus scanners and network scanners do: check targets against a list of known issues, such as (respectively) malware signatures and CVE vulnerability reports. So when customers see how effective Netsparker is, their first question is often: “What vulnerability database do you use?” Well, the short answer is: “None, mostly.” The full answer is that Netsparker is an advanced heuristic scanner that also checks for known web application vulnerabilities – but let’s break this down a bit.

The Mundane Part: CVEs

The idea of relying on a vulnerability database comes from the systems and network security world, where a software or hardware bug is discovered, publicly disclosed, and added to a vulnerability database such as CVE. Network scanners, for example, work by finding such known issues in target systems. To fix the vulnerability, you simply patch or update the affected component.

Some CVEs also apply to web applications. These are bugs in widely-used products that need to be patched to avoid attacks. As one part of its scanning process, Netsparker checks for such issues based on the CVE registry and other vulnerability databases, so scans also cover vulnerabilities such as Heartbleed (CVE-2014-0160) or POODLE (CVE-2014-3566). In fact, the Netsparker security advisory program actively contributes to finding bugs in open-source packages by scanning them for vulnerabilities during engine testing. To learn how our security researchers do this, see our article on vulnerability disclosures.

Although an important part of overall security, checking for known issues is relatively easy and not terribly exciting. Things get interesting when you have to check for unknown issues – and this is when you find out how effective your web application security solution truly is.

The Really Clever Part: Heuristics

The vast majority of web application vulnerabilities are brand new issues that were introduced in new code in custom-built applications – so how are you supposed to know about them? This is the main difference between web application security testing and signature-based security checks: web vulnerability scanning is primarily about finding new vulnerabilities resulting from underlying weaknesses categorized in the CWE system. To find previously unknown issues, Netsparker uses a cutting-edge heuristic scanning engine that probes websites and applications for vulnerabilities just like a penetration tester would.

Netsparker uses a variety of advanced heuristic techniques to find all entry points in web applications and test them for vulnerabilities. This includes automatic URL rewriting to provide maximum scan coverage, automated fuzzing to generate unexpected inputs that may reveal a weakness, and proprietary Proof-Based Scanning™ technology to safely test weaknesses and provide proof that the vulnerability is real.

Because web vulnerability scanners don’t rely on signatures, their effectiveness is highly dependent on the quality and maturity of the underlying heuristic scanning engine. If the scanning engine is too eager to flag suspicious responses as signs of vulnerabilities, it will flood the user with false positives. If it is too cautious or simply not advanced enough, it will miss real vulnerabilities or even bypass whole pages, for example because it can’t deal with authentication. As an industry veteran and technology leader, Netsparker knows how to strike the right balance.

Get the Best of Both Worlds

The purpose of a web application security solution is to help the user improve security more efficiently than with manual testing alone. This goes way beyond vulnerability databases and even beyond scanning itself. To get measurable security improvements, you need a holistic view of web application security that pulls together accurate information from all relevant sources and applies it through effective automation.

Netsparker combines high-quality heuristic results from its industry-leading vulnerability scanning engine with information about known issues listed in vulnerability databases. All these vulnerability results are complemented by asset discovery and crawling information, warnings about outdated web technologies, detailed vulnerability descriptions complete with suggested remedies, best-practice recommendations, compliance reports, and more. This gives you a complete picture of what you need to fix in your web environment, so you can start getting real value from Netsparker in a matter of days.

ProLock ransomware emerged on the threat scene in March, a retooled and rebranded version of PwndLocker.

As SophosLabs reveals in its detailed analysis, while ProLock ransomware gives you the first eight kilobytes of decryption for free, it can still cause significant business disruption and economic damage.

Protect against ProLock with Sophos Intercept X

Intercept X gives you multiple layers of protection against ProLock, keeping the data on your endpoints and servers safe:

• CryptoGuard identifies and rolls back the unauthorized encryption of files. In fact, Sophos first detected ProLock when CryptoGuard caught it on a customer network
• Deep learning identifies and blocks ProLock without signatures
• Signatures block variants of ProLock either as Troj/Agent-BEKP or Malware/Generic-S

If you’re running Sophos Intercept X you can relax knowing that you are automatically protected against ProLock, as all three of the above features are enabled by default in our recommended settings.

(If you’re not yet running Intercept X and want to give it a try, visit the web page to learn more and start a no-obligation free trial.)

To check that you have CryptoGuard and Deep Learning enabled:

• Open your Sophos Central Admin console and select Endpoint Protection in the left-hand menu
• Select Policies
• Review the list of threat protection policies already created
• Toggle the buttons to make any necessary changes

Endpoint protection and firewall best practices to block ransomware

51% of IT managers surveyed for our recent State of Ransomware 2020 report said their organization was hit by ransomware last year, and that cybercriminals succeeded in encrypting data in 73% of incidents.

With stats like these it’s worth taking the time to ensure all your ransomware defenses are up-to-date.

The earliest detection of ProLock by Sophos was traced to a compromised server, most likely through an exploit of a Remote Desktop Protocol (RDP).

Putting RDP access behind a virtual private network and using multi-factor authentication for remote access are just a couple of the best practices we recommend to reduce your ransomware risk.

For additional best practices, take a look at our guides Endpoint Protection Best Practices to Block Ransomware and Firewall Best Practices to Block Ransomware.

We are excited to announce that Intercept X for Server Advanced with EDR has been enhanced with powerful cloud visibility features from Cloud Optix.

In addition to even more detail on your AWS, Azure, and GCP cloud workloads, this integration gives customers critical insights into their wider cloud environments, including security groups, hosts, shared storage, databases, serverless, containers, and more.

See your complete cloud environment

The dynamic nature of cloud environments – with assets being spun up and down as and when necessary to meet changing demands – can make security and compliance assessments time-consuming. In many cases, you’ll need to log into multiple consoles and manually collate information to get a full picture.

With Sophos, it’s easy. You get details about your entire cloud infrastructure across different public cloud providers on one screen, in a single management console. You can dive directly into assets to get more detail about your asset inventory and cloud security posture.

Secure your complete cloud environment

Automated scans will detect any insecure deployments, with guided recommendations about how to fix potential issues. Additionally, guardrails can be deployed to lock down configurations, ensuring that they can’t be accidentally or maliciously tampered with and left in an unsafe state.

Artificial intelligence tracks normal behavior patterns, looking for any suspicious activity such as anomalous traffic patterns or unusual login attempts to cloud accounts. Issues are then flagged and prioritized by risk level if they require manual intervention.

Here’s the full list of what’s available:

• Cloud asset inventory – see a detailed inventory of your entire cloud infrastructure (e.g. cloud hosts, serverless functions, S3 buckets, databases, and cloud workloads), eliminating the need for time-consuming manual collation
• Access and traffic anomaly detection – unusual login attempts and suspicious traffic patterns are automatically detected and blocked or flagged to the admin as appropriate
• Security scans – daily and on-demand scans monitor your cloud environment to ensure its on-going security. Issues are automatically resolved where possible, with admin notification if manual intervention is required
• Configuration guardrails – stop accidental or malicious tampering with configurations that could negatively impact security posture
• Compliance policies – ensure that your cloud environment conforms to Center for Internet Security (CIS) best practices, helping keep your security posture at its best
• Alert management integrations – receive email notifications when manual intervention is required

Powerful visibility and protection for every setup

This exciting new cloud functionality is available to all Intercept X Advanced for Server with EDR customers at no additional cost. Log into your Sophos Central console, select Cloud Optix, and you can get started right away.

Current customers using Sophos Central that would like to try out this new functionality – in addition to the recently released EDR IT operations and threat hunting capabilities – can start a trial from within the Sophos Central console.

If you don’t have a Sophos Central account, you can register for a trial on Sophos.com.

Intercept X Advanced for Server with EDR and Intercept X Advanced with EDR give organizations unparalleled visibility and protection across their cloud, on-premises, and virtual estates. Cloud Optix shines a spotlight on complete cloud environments, showing what’s there, what needs securing, and making sure that everything stays safe and secure.

Most privileged access management solutions just focus on passwords. BeyondTrust is different. Our innovative Universal Privilege Management approach to cyber security secures every user, asset, and session across your enterprise. Deployed as SaaS or on-premises, BeyondTrust’s Universal Privilege Management approach simplifies deployments, reduces costs, improves usability, and reduces privilege risks.

Increased remote working makes it more important than ever to secure computers and the data on them. With the huge number of laptops that are lost, misplaced, or stolen every day, a crucial first line of defense for devices is full-disk encryption.

With full disk encryption rolled out, admins can ensure sensitive company data can’t be accessed, even if a device falls into the wrong hands. And while disk encryption has long been a vital component of device security, it has also frequently been associated with complexity and admin overhead. Setting up and maintaining servers, dealing with encryption keys, and helping users who’ve forgotten their credentials all takes time and effort.

Hassle-free encryption

With Sophos Central Device Encryption, we focus on making device encryption intuitive and hassle-free. There’s no server to install, and encryption is enabled in a handful of clicks. Sophos Central Device Encryption uses the same core agent as Intercept X, meaning existing Sophos customers have no additional agent to deploy and can start encrypting computers in mere minutes.

Under the hood, we leverage Windows BitLocker and macOS FileVault technology to do the heavy lifting when it comes to encrypting and decrypting data on the disk. With these technologies being integrated deeply into each operating system, performance and security is first-class.

Demonstrate compliance

As a part of compliance requirements, companies often need to verify which computers in the organization are encrypted. The cloud-based Sophos Central Admin console provides great visibility into device status, including which disks are encrypted and the last time a device checked in. The next version of Central Device Encryption adds a new Encryption Status report, further drilling down into device encryption status, making it even easier to help demonstrate compliance across the organization.

Fast recovery

An important consideration with disk encryption is how users will regain access to their devices if they forget their credentials. The Sophos Central Self-Service Portal lets users retrieve their own recovery keys without needing to contact the IT helpdesk. Users get back up and running faster, and IT teams have fewer tickets to deal with.

Sophos Central Device Encryption

The shift towards remote working makes full disk encryption more important than ever. Sophos Central Device Encryption makes it a breeze to deploy and manage devices with full disk encryption. Head over to Sophos.com to find out more and to sign up for a free trial.

Analysis of public cloud accounts across Amazon Web Services, Microsoft Azure, and Google Cloud Platform reveals a silver lining when it comes to the protection of cloud data.

New research shows that in the last year, 70% of organizations that use public cloud services experienced a security incident. These incidents included attacks from ransomware and other malware (50%), exposed data (29%), compromised accounts (25%), and cryptojacking (17%).

Ninety-six percent of these organizations are concerned about their current levels of cloud security, with data security being the top concern for 44% of them. It’s a good time to address the fundamentals of cloud security best practices: access to cloud environments and the protection of sensitive data.

Secure who gets in

Identity security represents a huge challenge for organizations. A review of cloud accounts by the Sophos Cloud Optix cloud security posture management service discovered worrying trends in organizations’ security posture as it relates to cloud account access, with 91% of organizations having over-privileged Identity and Access Management roles and 98% without MFA enabled on their cloud provider accounts.

Managing access to cloud accounts is an enormous challenge and yet only a quarter of organizations in our research saw it as a top area for concern, while a third reported that cybercriminals gained access by stealing cloud provider account credentials

Why securing access matters

Granting extensive access permissions to IAM users, groups, and cloud services is a risky practice. If such credentials get compromised, cybercriminals may gain access to any services and data those permissions grant. All user accounts should have MFA enabled, as it adds an extra layer of protection on top of usernames and passwords.

Secure what can get out

You won’t have to look far to find stories of shared storage-related data breaches caused by misconfiguration, where security settings with public read/list permissions had been enabled. AWS has even released an update to help customers from running afoul of this – one of the biggest causes of cloud data breaches. In our review of cloud accounts, we discovered that accidental data exposure through misconfigured storage services continues to plague organizations, with 60% leaving information unencrypted. Organizations are making it easy for attackers to search for and identify new targets.

The silver lining in all this is that the number of organizations exposing data to the public internet is declining, with Sophos Cloud Optix identifying that only 13% of organizations left database ports open to the internet and 18% of organizations had storage services with public read/list permissions enabled. Assuming there will always be use cases for public access being available, organizations are starting to close the door on this, the most common attack method for obtaining sensitive company and customer data.

Why secure configurations matter

Encryption is critical when it comes to stopping cybercriminals from seeing and reading stored information, and is a requirement for many compliance and security best-practice standards. “Public mode” – a setting that can be applied to databases, shared storage, and other cloud provider services – is a major cause of data breaches, and misconfiguring cloud services in “public mode” allows cybercriminals to automate their searches for security weak points. Guardrails should be in place to prevent such misconfigurations.

Think you know what you’ve got in the cloud?

Take control of your cloud security with a free inventory assessment and security check powered by Sophos Cloud Optix. Activate a free trial to get to get 30 days of commitment-free usage, including:

• Comprehensive inventory of everything you’ve got in the cloud: virtual machines, storage, containers, IAM roles, etc.
• Visualize IAM roles like never before and stop over-privileged access roles and stolen credentials from being exploited in cyberattacks
• Harden Amazon Web Services, Microsoft Azure, Google Cloud Platform, Kubernetes clusters, and Infrastructure-as-Code environments to reduce your surface area for attack
• Automatically detect security and compliance vulnerabilities, suspicious access, network traffic and cloud spend anomalies
• No agent, no install, no tie-in

Once you have a Cloud Optix account set up, follow the step-by-step instructions on the screen, which will walk you through adding your AWS, Azure, and GCP environments. For more information, read the Getting Started guide.

Should you need help at any point, check out the community forum or reach out to our technical support team.

In a cloud-first world, the traditional line between network security and application security is becoming blurred. Physical IT infrastructure can now be hidden behind layers of virtualization, and web applications are frequently designed, developed, tested, and deployed entirely in the cloud. At the same time, web applications have become the main target of cyberattacks and now account for 3 out of 4 data breaches worldwide. Web application security has never been more important – and yet there is still some confusion as to its place in the overall security posture. Established organizations often have mature network security programs, while web application security tends to receive far less attention and funding.

As companies continue to shift data and business logic onto cloud platforms and become reliant on web technologies to do business, information security has become a top priority. Business data, intellectual property (IP), and other sensitive information are now prized commodities, so cybercriminals are increasingly focusing their attacks on web applications to extract this data. This means that traditional network perimeter defense with firewalls to filter network traffic is no longer enough to ensure data security and proper access control. If exploited successfully, web application vulnerabilities can not only allow unauthorized access to sensitive data but also provide a foothold to mount denial-of-service attacks or even serve malware to website visitors.

Modern web assets include not only websites and web applications but also web services and application programming interfaces (APIs) that are used to exchange data between systems and provide the back-end for countless mobile applications. In a large organization, there can be thousands of different web assets spread across multiple systems and geographies. At this scale and level of complexity, protecting them all from cyberthreats is only possible with dedicated web application security solutions that deliver accurate and actionable results, such as modern dynamic application security testing (DAST) products.

Our white paper Web Application Security or Network Security – Do You Have to Choose? examines the history of web security and analyzes current trends to set the record straight on the role of web application security and network security in any mature cybersecurity program.

Download the PDF version of our white paper: Web Application Security or Network Security – Do You Have to Choose?

NSS, an international Value Added Distributor of leading edge IT solutions, announces today its partnership with BeyondTrust, the worldwide leader in Privileged Access Management and Secure Remote Access. NSS will distribute the most seamless solutions to prevent data breaches related to credential theft, misuse of privileges and breach of remote access in the markets of Greece, Cyprus and Malta as well as in the other Balkan countries. Being an international distributor of cybersecurity solutions in this region, NSS is in a strategic position regarding the distribution of the entire Privileged Access Management (PAM) suite of tools offered by BeyondTrust.

BeyondTrust’s Privileged Access Management portfolio is a comprehensive solution providing visibility and control capabilities to all privileged accounts and users. By integrating a wide range of privileged access security features, the platform simplifies implementation, reduces the risks associated with privileged credentials, reduces costs and significantly improves usability.

“As our strategic partner, NSS will be able to exploit BeyondTrust’s Universal Privilege Management model, a modern approach that addresses the entire universe of privileges across organizations said Alexis Serrano, Director – Channel & Alliances EMEIA of BeyondTrust. “Combining the know-how and in-depth knowledge of NSS in the regional market and its extensive network of partners, along with BeyondTrust’s best solutions, this partnership will help businesses and organizations improve their security strategies and operational resilience”, added Alexis Serrano, Director EMEIA Channels & Alliances.

“As a leader in Privileged Access Management (PAM) with numerous certifications and international distinctions from analysts such as Gartner, in NSS, we are thrilled to offer BeyondTrust’s solutions in the markets of the Balkan Region”, said George F. Kapaniris, NSS Executive Director. “BeyondTrust’s comprehensive PAM solution will allow us to lead our customers through a secure path helping them deal with critical vulnerabilities and immediately shrink the attack surface on their infrastructure”.

The flexible and expandable BeyondTrust platform allows organizations to easily maximize the security of privileges as the threats evolve into endpoint environments, server, cloud, DevOps and network devices. BeyondTrust’s platform integrates the broader range of privileged access capabilities with central management, reports and analytical reports, allowing administrators and security managers to take decisive and informed action and make decisions to successfully deal with attackers. The holistic approach platform stands out for its flexible design that simplifies consolidation, improves user productivity and maximizes IT and security investment.

BeyondTrust gives organizations the visibility and control they need to reduce risk, meet compliance goals and enhance business performance. NSS will expand its product portfolio by offering the innovative Universal Privilege Management approach solutions from BeyondTrust. This partnership will allow NSS to provide a customized PAM solution that meets the unique requirements of each customer.  Find out more on https://www.nss.gr.