Transforming Security Through Visibility ForeScout Technologies, Inc.

The Silicon Review

“Don’t just connect the dots. Control them.”

ForeScout provides visibility of devices on the company network, in turn giving enterprise security teams the ability to control these endpoints by allowing, denying or limiting access. With the explosion of the Internet of Things (IoT) and connected devices, ForeScout has expanded its agentless discovery, profiling and classification abilities to meet the needs of the modern enterprise network.

ForeScout in the Market

Today’s enterprise networks are being bombarded by personally owned and non-traditional IoT devices, connecting unseen and unknown, such as partners’ and contractors’ laptops, smartphones and tablets, building automation systems and rogue endpoints. ForeScout occupies a unique space among security solutions because of its agentless approach to device visibility and control. The company’s technology enables security teams to instantly identify devices with IP addresses. ForeScout is able to integrate with existing infrastructure to control these devices and orchestrate information sharing and operation among disparate security tools, accelerating incident response and increasing the value of existing security investments.

With ForeScout, companies gain more comprehensive and up-to-date information about the vulnerable endpoints on the network, as well as the ability to automate remediation to more rapidly mitigate risks, increasing the overall security posture of the network.

Security at its Best

ForeScout offers a security platform that dynamically identifies and evaluates infrastructure, devices and applications the instant they connect to the network. Because ForeScout doesn’t require agents, it works with a business’s devices—managed and unmanaged, known and unknown, PC and mobile, embedded and virtual—including Bring Your Own Device (BYOD) and IoT devices. ForeScout quickly determines the user, owner, operating system, device configuration, software, services, patch state and the presence of security agents. Next, it provides remediation, control and continuous monitoring of these devices as they come and go from the network. ForeScout integrates with leading network, security, mobility and IT management products via ForeScout Extended Modules.

The Client Spectrum

ForeScout’s technology is innovative due to its agentless approach and ability to work in tandem with existing security infrastructure, providing enterprises with broad interoperability with and detailed visibility into the number of connected devices on their network. ForeScout is gaining rapid acceptance across the healthcare, federal, enterprise and financial sectors. The company offers Global 2000 enterprises and government organizations the unique ability to see and control devices, including non-traditional devices, the instant they connect to the network. As of January 2016, more than 2,000 customers in over 60 countries use ForeScout to improve their network security and compliance posture.

Into the Future

IoT security is a major area of focus for ForeScout, beginning with the ability to identify and auto-classify IoT devices. It took 25 years for the world to get to 5 billion connected devices, but with the explosion of the IoT, industry experts predict there will be around 25 billion by 2020—representing a massive market opportunity, but also a new threat vector for business, government and consumer markets.

The Happy Client: State of Missouri

The Center for DigitalGovernment lists Missouri among the leading states for implementing information technology to serve its citizens. The state’s Information Technology Services Division supports 14 state agencies and roughly 40,000 employees distributed across more than one hundred state offices.

Business challenge: Given the increased importance of cybersecurity and security compliance, Missouri State Chief Information Security Officer (CISO) Michael Roling posed this question to his staff: “Exactly what devices are on our network, and are they all secure?” As Roling suspected, this was a difficult question to answer. A 2012 compliance audit made it clear that Missouri had limited visibility into what was on its networks. “We already knew we had visibility issues with unmanaged and BYOD devices,” said Roling. “So, the compliance finding helped us obtain funding to address the issue.”

ForeScout to the rescue: CISO Roling spoke at length about his team’s pre-ForeScout assumptions as well as discoveries once ForeScout CounterACT^® was in place: “I really didn’t have any idea of how many devices were on our network. We thought it was in the neighborhood of 30,000 devices at any given moment. Buried in these numbers are the machines we didn’t know about. We found a lot of industrial control systems, HVAC, building automation systems—a lot of devices with embedded operating systems. We also detected a number of devices that did not meet our compliance policies—devices running out-of-date OSs that weren’t manageable, as well as some personal devices that shouldn’t have been on our network. It’s that handful that you need to be concerned about. CounterACT gave us visibility into those machines that we needed to take action on.”

From Startup to a Global Cybersecurity Innovator
ForeScout was founded by Hezy Yesherun, Oded Comay and Dror Comay in 2000 in Tel Aviv, Israel. ForeScout’s CEO and President is Michael DeCesare, who, before joining ForeScout, served as president of Intel Security (formerly McAfee) and held senior roles at EMC, Documentum and Oracle. The company recently relocated its corporate headquarters from Campbell, CA to San Jose, and maintains offices in Dallas, London, New York, Sydney, Tel Aviv and Washington, D.C.

Today, ForeScout is focused on addressing security issues in a world where virtually every conceivable type of device is joining the network. The company is a pioneer in agentless cybersecurity and has quickly become one of the fastest-growing network security companies.