Skip to content

DTS Case Study: Transitioning to Scale Computing

Strategic Overview: In the Managed Service Provider (MSP) ecosystem, infrastructure changes directly impact margins. When market consolidation creates cost volatility and bloat, teams must adapt. This analysis details why European MSP leader DTS Systeme GmbH migrated its core midmarket virtualization stack to Scale Computing.

Following a major consolidation in the virtualization sector, DTS Systeme GmbH encountered growing friction among its midmarket customer base. Climbing licensing models coupled with an over-engineered feature set meant clients were paying a premium for infrastructure capabilities they never initialized. DTS required a hyperconverged alternative that met strict enterprise requirements without legacy overhead.

Architectural Validation & Onboarding Velocity

DTS approached the ecosystem migration with calculated technical caution. However, initial sandbox testing of the SC//Platform™ quickly proved its engineering value over standard options. Two specific advantages transformed their deployment strategy:

  • Predictable Cost Modeling: Scale Computing operates on a clear, all-inclusive licensing model that natively removes line-item feature tier walls.
  • Radical Turnkey Simplicity: Where traditional hypervisor environments demand multi-day engineering setup times, Scale Computing compressed internal team readiness to a 30-to-60-minute window.
“With Scale Computing, you have one license for everything—and everything is included. You don’t have a complex environment; you need half an hour or an hour to get people up and ready.”
— Oliver Meissner, Solutions Engineer / Projects Team, DTS
 

Capturing Midmarket Market Traction

The operational agility of the SC//Platform quickly translated into an active pipeline engine for the DTS sales ecosystem. Midmarket companies facing platform volatility required a high-performance framework paired with predictable financial forecasting.

Pre-Sales Acceleration

DTS logged between 100 and 150 pre-sales consultative inquiries within the initial months of product rollout.

Fleet Management

Integrating SC//Fleet Manager™ allowed clients to gain absolute, distributed edge orchestration without increasing engineering headcount.

The Support Differential

Beyond baseline software capabilities, the migration succeeded due to structural support alignment. Rather than managing standard ticket queues, DTS was provisioned with dedicated technical and account management resources—paving the way for streamlined live workloads and migration trajectories.

Strategic Realignment Matrix

Operational VectorLegacy Virtualization FrameworkScale Computing SC//Platform
Licensing FrameworkComplex, multi-tier pricing with post-acquisition volatilityUnified, transparent, all-inclusive license
Onboarding PipelineMulti-day architecture alignment and specialization requirements30 to 60 minutes to total operational readiness
Orchestration OverheadHigh configuration drag across distributed nodesCentralized edge infrastructure via SC//Fleet Manager

For DTS, choosing Scale Computing went far beyond replacing an hypervisor—it established a simpler, predictable, and distinctly customer-centric framework for scalable growth.

About Scale Computing
Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

ESET doubles down on tailored solutions with ESET PRIVATE on a global scale

  • Building on years of serving organizations with complex security needs, ESET today elevates its bespoke offering globally as ESET PRIVATE.
  • ESET PRIVATE empowers large enterprise and public-sector environments with custom solutions and tailored cyber-resilience at scale.
  • The solution lineup includes high-speed threat scanning, security for fully air-gapped environments, protection for IT and OT infrastructure, tailored threat intelligence, and complex managed security.
  • At ESET World 2026 held in Berlin, Germany, interested parties can get an in-depth look at what this line of custom solutions brings to the table.

BRATISLAVA, BERLINMay 18 , 2026ESET, Europe’s largest cybersecurity vendor*, today announced that its ESET PRIVATE portfolio will be presented at ESET World 2026.

Large organizations have increasingly complex infrastructures, and face compliance demands and rising threats. For them, standard offerings simply don’t suffice. To ensure uninterrupted operations, tailor-made security that is seamlessly integrated around their infrastructure is required.

As a solution, ESET PRIVATE was developed to offer tailored and advisory-led cybersecurity for complex enterprise and public-sector environments, including the world’s largest companies, defense organizations, critical infrastructure operators, and public institutions, among others, adapting to a wide range of requirements and operational environments—even for environments with strict data-residency and digital sovereignty needs.

“Extending our standard B2B and Enterprise portfolio, ESET PRIVATE solutions are designed to accommodate the specific requirements and context of large corporations and government organizations,” commented David Března, Vice President of CS Operations and Scale Up at ESET. “Differing from industry to industry, our customers are shifting from buying technology to managing cyber risk, while navigating rapidly changing geopolitics, digital architectures, and an overload of tools and data. ESET’s role is evolving from a commodity vendor to a strategic partner, where we deliver purpose built security solutions that fit the business, operational, and regulatory context of each organization.
So whether you’re a bank seeking to protect clients against phishing scams, a long running manufacturer needing to secure critical legacy OT technology, an energy company requiring threat intelligence to safeguard its distribution network, or a government pursuing sovereignty beyond just where data is stored, ESET can do far more than what we are known for.”

Previously known as Corporate Solutions, ESET PRIVATE delivers:

  • Custom design and builds: Dedicated ESET engineers and architects work closely with customers to adapt, implement, and extend these solutions to address their advanced security and operational needs.
  • Modular Solution Portfolio: Customers are able to mix and match any combination of ESET PRIVATE solutions.
  • Cloud or on-premises solutions: Seamless integration around customers’ complex infrastructures and business operations with flexible deployment options.
  • Consultative approach: ESET provides expert advice based on in-depth industry knowledge.
  • End-to-end solutions: ESET supports long-term partnerships and ongoing solution life-cycle management.

Leveraging over 30 years of cybersecurity experience and global threat intelligence, ESET PRIVATE provides robust digital security solutions and bespoke solutions—bringing together ESET’s award-winning products with proprietary core technologies and expert personnel. Enabling companies to move past compliance requirements, ESET’s multilayered security solutions combine the power of AI and human expertise—and are available for cloud and on-premises environments.

Find out more at ESET World 2026

ESET will be showcasing ESET PRIVATE to the public at its annual ESET World conference, bringing together cybersecurity experts from around the world to witness, experience, network, and discuss ESET PRIVATE and its other solutions and services, providing a firsthand perspective.

Among the number of presentations will be those specifically tackling high-pressure, high-risk environments, hosted by ESET’s best and attended by renowned experts:

Beyond One-Size-Fits-All Security: Meeting the Needs of High-Risk Organizations
Juraj Malcho – Chief Technology Officer, ESET
Martin Talian – Chief Corporate Solutions Officer, ESET

As threats grow in complexity and impact, not all organizations can rely on standard, one-size-fits-all protection. Some operate in environments where trust, resilience, and control are critical and require a different level of security approach.

How can we secure systems operating in restricted and autonomous environments?
Patrik Pliesovsky: Director of Delivery and Deployment, ESET

Securing systems that operate in restricted environments presents unprecedented challenges, especially as autonomous AI-driven agents improve their ability to make independent decisions without human intervention. The session explores critical considerations for designing cybersecurity architectures that work in restricted and autonomous systems. It will focus on balancing operational autonomy with robust security controls—ensuring system integrity, continuous behavioral monitoring, and resilience in isolated, resource-constrained, or air-gapped environments.

Cyber Defense at the Digital Front lines
Andrew Lee, Vice President of Government Affairs, ESET
Colonel Mietta Groeneveld, Director of NATO Command and Control Centre of Excellence
Hans De Vries, Chief Cybersecurity and Operations Officer, ENISA

This panel convenes high-level cyber experts to address escalating cyber aggression from nation-states that increasingly disregard international cyber norms in order to conduct espionage and attack critical infrastructure. As hostile regimes exploit digital technologies, carry out damaging cyber-attacks, and now, leverage AI, defenders face the complex challenge of countering asymmetric warfare while upholding civil liberties and defending their citizens.

The panel will explore strategies for resilience, examining how to protect essential services in an era of persistent conflict. Ultimately, the session seeks to answer how defenders can secure their digital front lines without compromising the very values they are seeking to protect.

Strategic Cyber Resilience: The New Front Line Against Nation-State Warfare (fireside chat)
Thomas Hemker – Security CTO, Cyber Risk Advisor, Guter Hafen Cyber-Sicherheit
Colonel Mietta Groeneveld, Director of NATO Command and Control Centre of Excellence

As state actors blur the lines between cyber warfare and cybercrime, adopting sophisticated AI-driven tactics targeting supply chains and critical infrastructure, traditional defense-focused security models prove insufficient. The demand for advanced, resilient security architectures has never been greater. This panel will discuss cyber resilience as the cornerstone of modern defense strategy, transforming cybersecurity from cost center to competitive advantage.

Register and watch the conference taking place in Berlin, Germany, at the JW Marriott Hotel between May 19̶20, online.

*Based on Frost Radar™: Endpoint Security, 2025 (Frost & Sullivan), ESET is Europe’s largest cybersecurity vendor.

Learn more about ESET PRIVATE.

Read more about how ESET PRIVATE Industrial Security solves legacy OT security woes in the manufacturing sector.

 

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Claude for SMB: Operational Architecture & Deployment Guide

Claude for SMB: Operational Architecture & Deployment Guide

Moving Beyond the Chat Window into Agentic Infrastructure
AI has officially graduated from a casual browser tab distraction into a core operational layer. With the launch of Anthropic’s Claude for Small Business, the paradigm has fundamentally shifted from reactive prompting to proactive, agentic workflows designed to systematically eliminate administrative overhead.For small to medium-sized businesses (SMBs) and Managed Service Providers (MSPs), this platform represents a fundamental change in service delivery. This architectural blueprint deconstructs how the ecosystem functions under the hood and outlines a structured approach to safe deployment.

The System Blueprint: Core Components

To safely deploy Claude within an enterprise or small business environment, we must treat it as infrastructure. The ecosystem is built on four distinct layers: structured workflows, native protocol connectors, reusable atomic skills, and an immutable security boundary.

1. 15 Pre-Built Agentic Workflows

These are not open-ended chat rooms; they are deterministic, multi-step task sequences requiring structured inputs and mandatory human confirmation gates. They are mapped across three foundational operational zones: Finance & Operations
  • Payroll Planning: Ingests QuickBooks data, cross-references cash balances against PayPal settlements, projects a 30-day forecast, and structures a payment schedule.
  • Month-End Close: Automatically aggregates multi-source transactions, isolates anomalies, generates plain-English Profit & Loss (P&L) statements, and packages documentation for accounting review.
  • Invoice Chaser: Tracks accounts receivable within QuickBooks and natively automates contextual, non-adversarial follow-up reminders based on settlement logs.
  • Cash-Flow View: Provides a read-only telemetry dashboard tracking upcoming obligations against real-time account balances.
  • Margin Analyzer: Correlates raw revenue metrics against operational costs to surface true line-item profitability.
  • Tax-Season Organizer: Parses and segments corporate expenses, flagging statistical anomalies for rapid accountant schedules preparation.
Sales & Marketing
  • Lead Triage: Ingests inbound CRM traffic via HubSpot, applies custom scoring parameters, and sequences targeted initial outreach.
  • Canva Asset Generation: Targets historical revenue dips identified in CRM data to draft a localized promotional strategy and build ready-to-edit, brand-compliant creative assets directly in Canva.
  • Campaign Analysis: Tracks attribution models and conversion funnels across active HubSpot pipelines.
  • Content Strategist: Evaluates existing asset footprints to build comprehensive editorial calendars and topic hierarchies.
  • Customer Pulse: Analyzes HubSpot deal velocity and communication cadence to automatically flag stalling, at-risk client accounts.
Legal, HR, & Administration
  • Contract Reviewer: Scans active legal documents via DocuSign, isolates high-risk clauses via pre-set compliance parameters, and generates plain-language executive summaries before attorney handoff.
  • DocuSign Follow-Through: Monitors signature workflows and sends targeted reminders to remove bottlenecks in contract pipelines.
  • Business Pulse: Consolidates daily high-level business indicators (cash posture, sales metrics, and pipeline depth) into a single executive dashboard.
  • Weekly Commitments: Aggregates disparate schedules and task registries from Google Workspace and Microsoft 365 into an actionable, prioritized weekly agenda.

2. 8 Native MCP Connectors

Claude connects directly to operational layers using the open-source Model Context Protocol (MCP). Rather than full system takeovers, these integrations function through highly scoped, user-permissioned access windows:
  • Intuit QuickBooks & PayPal: Manage the transactional data fabric—powering general ledger processing, accounts receivable matching, and cash runway reporting.
  • HubSpot & Canva: Bridge client data with creative generation tools to ensure data-driven marketing execution.
  • DocuSign: Automates contract lifecycle tracking, verification, and filing logistics.
  • Google Workspace & Microsoft 365: Provide the identity, communications, and task framework needed for daily administrative scheduling.
  • Slack: Unlocks conversational search indexes and internal team signaling context.

3. The Reusable Capability Layer

While workflows handle orchestration, Skills are the repeatable, atomic units of logic. Once an instruction set is optimized, it remains static across sessions. This eliminates instructions drift and ensures that standard processes execute identically every single time.

4. The Immutable Trust Boundary

Crucial Safety Architecture: Claude operates on a strict “Read-Draft-Wait” loop. It possesses zero autonomous transactional execution rights. It cannot independently move funds, broadcast live code, or email clients without explicit human sign-off via a verification interface.
Furthermore, permissions are entirely inherited. If a staff member is restricted from a ledger in QuickBooks or a folder in Sharepoint/Google Drive, Claude cannot access or surface that data for them. For organizations using Team or Enterprise tiers, data processing occurs inside a secure boundary where customer telemetry is never used for default model training.

Technical Implementation Framework

Deploying Claude for Small Business is a configuration process rather than an intrusive software installation. MSPs should adopt a phased approach to prevent configuration sprawl.

Phase 1: Initial Workspace Activation

  1. Navigate to the Claude Cowork workspace utility within the desktop app (available across Pro, Max, and Team profiles).
  2. Enable the Claude for Small Business core plugin suite.
  3. Define account authorization tiers. Note: Claude inherits the permission profile of the user who authenticates the connector. Ensure the owner, not a temporary contractor, links the master accounting ledgers.

Phase 2: Customization and the Context Engine

Every workspace instance reads a markdown file located in the root directory: CLAUDE.md. This file houses your unique business context and operates as the final filter for all pre-built workflows. Instead of editing individual skills, use the CLAUDE.md file to document:
  • Industry-specific technical vocabularies and compliance guardrails.
  • Standard billing tiers, approved supply chains, and preferred vendors.
  • Brand tone guidelines and explicit approval thresholds before tasks escalate to executives.
MSP Playbook: Build localized CLAUDE.md templates categorized by industry vertical (e.g., Professional Services, Trades, Retail). Providing a pre-packaged context file during client onboarding represents a predictable, repeatable, and billable AI integration package.

Connector-to-Skill Dependency Topology

Before launching training sessions, verify that the required connectors are active for your target workflows. Skills activate dynamically based on active integrations:
Active MCP Integrations Unlocked Capabilities & System Skills
QuickBooks + PayPal Automated payroll forecasting, monthly reconciliation packets, smart accounts receivable follow-up, tax organizer parsing.
HubSpot CRM Inbound lead scoring, campaign ROI attribution, churn risk warning, margin decay alerts.
Canva Integration Automated brand asset staging, synchronized publishing, seasonal ad template generation.
DocuSign Workspace Risk clause parsing, active contract tracking, non-invasive execution reminders.
M365 / Google Workspace Cross-application operations briefing, secure employee onboarding templates, context-aware schedule optimization.
Deployment Strategy: Do not connect all eight applications simultaneously on day one. Identify the single biggest operational bottleneck, activate the two corresponding integrations, validate the integrity of the output data, and scale incrementally from there.

Data Telemetry Briefing: The Fallacy of the AI Data Explosion

Strategic Overview: Enterprise technology narratives claim that the proliferation of generative AI will trigger an exponential spike in corporate data volumes and subsequent backup infrastructure costs. However, empirical telemetry from the Keepit Annual Data Report reveals a far more controlled reality. Backup volumes are not exploding—and the data exposes exactly why.

Vague predictions and analyst projections often fail to survive contact with actual production telemetry. When evaluating macro-level storage trends across massive enterprise environments, the data points to a highly predictable, linear optimization cycle rather than an untamed data explosion. For storage architects and CISOs, this predictable baseline is a welcome operational stability.

1. The 2% Equilibrium: Predictable Linear Growth

When an enterprise initially onboards its SaaS estate (such as Microsoft 365, Google Workspace, or Salesforce) to Keepit, the baseline ingestion represents 100% of the active data footprint. Following this initial ingestion, the daily change rate settles down immediately. Across all global enterprise tenants, subsequent daily incremental backups average a stable change rate of approximately 2% relative to the original baseline.

This linear progression is maintained due to two key structural mechanisms:

  • Intelligent SaaS Infrastructure: Native cloud ecosystems handle high-frequency file compression and intelligent version control internally, suppressing the raw storage overhead before it transits the network.
  • Always-Incremental Ingestion: Keepit’s architecture isolates changed blocks or objects natively. This allows enterprises to bypass traditional consumption-based storage billing and optimize predictability.

2. Deconstructing the Delta: File Count vs. Ingested Bytes

Analyzing what actually populates that daily 2% delta reveals a counter-intuitive split between file volume and actual bit weight. The metrics expose a highly specific behavioral pattern in corporate document storage:

Metric ClassificationFile Count PercentageActual Ingested Bytes Weight
Entirely New Assets42% of daily file additions~68% of total ingested data weight
Modified Existing Assets58% of daily file modifications~32% of total ingested data weight

The operational takeaway is clear: the vast majority of active user modifications occur within lightweight, text-centric files (e.g., transactional documents, spreadsheets, and collaborative team communication text). Conversely, large, data-heavy assets—such as media renders, raw exports, and massive archive structures—are typically written once, stored permanently, and rarely altered.

3. The AI Air-Gap: Reality vs. Speculation

Why has generative AI failed to break standard backup cost models? The answer lies in the current topology of enterprise AI workflows:

Today, the overwhelming majority of generative data—including raw user prompts, high-dimensional vector embeddings, context states, and intermediate model artifacts—resides natively within the isolated infrastructure of individual AI cloud providers. This data does not land automatically inside tenant storage structures like SharePoint Online or OneDrive for Business unless a user intentionally exports it.

Even when AI-generated content enters the corporate tenant ecosystem, it typically acts as a substitute for traditional document creation rather than an exponential multiplier. An AI-authored summary simply takes the place of a manual brief; it does not double the baseline environment footprint. While generative workflows favor creation over modification, the shift is minor and easily accommodated by modern incremental engines.

Architectural Trendline: Over a longer horizon, generative tools may lean toward a higher ratio of *new asset generation* versus iterative file modifications. Because Keepit’s architecture is built specifically to track object-level deltas cleanly, this shifting topology presents zero performance overhead to the backup pipeline.
 

4. Pragmatic Implications for Business Resiliency Strategy

A stable 2% change rate does not imply that data protection should be treated casually. Rather, it allows security teams to swap anxiety for architectural discipline:

Minimized Backup Windows
By avoiding the re-ingestion of un-modified assets, backup windows remain exceptionally short, preventing network congestion and API throttling.
Granular Restore Precision
Because the underlying database maps small, iterative modifications cleanly, administrators gain fine-grained recovery control—allowing single-file restores to handle daily operational needs natively.
Accurate Financial Forecasting
Understanding real data deltas eliminates fear-driven over-provisioning and complex pricing structures, keeping infrastructure spend completely predictable.

Ultimately, a highly resilient security posture values predictable telemetry over speculative chaos. In backup infrastructure, predictable numbers are the true benchmark of an elegant, reliable architecture.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

The Browser is the Perimeter: 8 Critical Web Threats for 2026

Executive Summary: The enterprise network perimeter has officially collapsed into the browser tab. As work relies entirely on SaaS web applications, browsers have become the primary corporate attack surface. This briefing analyzes the top 8 web threats targeting enterprises today and outlines a 7-step defensive framework.

Most organizations still treat web browsers as simple productivity utilities. In reality, the browser session is now your primary security boundary. Comprehensive application analysis confirms this shift: an evaluation of 504 enterprise workplace tools across 18 business categories revealed that 100% are fully operational inside a browser interface, requiring zero local desktop installations.

When a single browser session is compromised, the blast radius is absolute—granting threat actors simultaneous access to corporate email, payroll infrastructure, CRM platforms, and cloud storage repositories. Web security in 2026 is no longer about defending the network; it is about defending the active session.

The Readiness Reality Gap

NordLayer’s recent 2026 threat research exposes a dangerous disconnect between perceived organizational readiness and operational reality:

Security MetricStatistical RealityStrategic Implication
Perceived ReadinessMajority of IT teams express high confidence.False sense of security based on legacy controls.
Active Web Incidents82% of organizations suffered web/browser breaches in the last 12 months.Traditional firewalls and antivirus are failing to intercept web-layer attacks.
Baseline Control DeploymentOnly 53% have deployed advanced web filtering or active data loss prevention (DLP).Nearly half of all enterprises leave their browser traffic completely unmonitored.

The 8 Most Pervasive Web Security Threats

1. Surgical Phishing & Social Engineering

Phishing remains the primary vector for initial access, weaponizing cloned authentication portals that perfectly mirror legitimate enterprise platforms like Microsoft 365 or Google Workspace. Smaller organizations face a disproportionate threat landscape: employees at mid-market and small businesses experience 350% more social engineering attempts than enterprise peers. A single compromised inbox allows attackers to bypass baseline email verification, intercept B2B invoices, and execute high-impact financial fraud.

2. Next-Gen Infostealer Malware

Delivered via malicious extensions, fake software updates, or drive-by exploit kits, modern infostealers execute their payloads in seconds. Rather than locking systems like traditional ransomware, infostealers silently scrape local data caches, focusing explicitly on saved credentials, autofill profiles, and active session states.

Real-World Case Study: The far-reaching Snowflake breach campaigns highlighted how stolen credentials acquired via infostealer malware could bypass perimeter defenses, exposing massive cloud repositories and compromising data for hundreds of millions of downstream global users.

3. Session Hijacking & Cookie Theft

When an employee authenticates successfully, the web server drops a session cookie into the browser. If a threat actor exfiltrates this token, they can clone the active session on a separate machine. Because the browser has already completed the authentication handshake, session hijacking completely bypasses standard passwords and Multi-Factor Authentication (MFA) protections, rendering the malicious traffic indistinguishable from legitimate user behavior.

4. Advanced Cross-Site Scripting (XSS)

XSS vulnerabilities target the application layer rather than the endpoint. By injecting malicious scripts directly into trusted web applications, attackers force the user’s browser to execute rogue code. Historically exemplified by groups like Magecart, a single unpatched XSS vulnerability can scrape payment cards or session tokens from hundreds of thousands of transactions before detection.

5. Input Manipulation & Injection Exploits

Injection attacks manipulate how a web application processes untrusted user input. SQL Injection (SQLi) allows adversaries to issue direct commands to backend databases, leading to complete data exfiltration or deletion. As demonstrated by the historic CL0p ransomware exploitation of the MOVEit Transfer vulnerability, a single injection flaw in widespread software can compromise thousands of downstream corporations simultaneously.

6. Volumetric & Distributed Denial-of-Service (DDoS)

DDoS attacks coordinate botnets to flood public-facing web applications, making them entirely inaccessible to legitimate traffic. Driven by advanced botnet automation, DDoS attack volumes more than doubled year-over-year, drastically increasing in scale and intensity. For businesses reliant on constant e-commerce uptime, even brief operational windows of unavailability trigger severe revenue decay.

7. Malicious Browser Extensions

Browser extensions operate with expansive runtime permissions by default. Threat actors exploit this by publishing benign extensions that later pull malicious updates via obfuscated code, or by purchasing trusted extensions from developers and swapping the code. Once installed, these extensions act as a localized man-in-the-middle attack, reading keystrokes, capturing plain-text credentials, and manipulating web traffic internally.

8. Unmonitored Web-Channel Exfiltration

Data exfiltration no longer requires complex custom command-and-control infrastructure. Threat actors—and malicious insiders—routinely move sensitive proprietary data using the exact same channels employees use legally every day: uploading corporate assets to personal cloud storage accounts, sending unauthorized email attachments, or pasting proprietary source code into external web tools.

7 Steps to Harden Your Web Infrastructure

Mitigating web-layer risk requires moving away from implicit trust and implementing strict session controls. Implement these 7 defensive measures to raise the cost of execution for attackers:

  • Enforce Phishing-Resistant MFA: Mandate hardware security keys (e.g., YubiKeys) or passkeys for core identity providers, payroll systems, and admin consoles. Eliminate SMS-based verification wherever possible.
  • Implement Secure Web Gateways (SWG): Filter outbound web traffic at the network level, blocking access to known malicious domains and restricting file downloads to verified, non-executable extensions.
  • Whitelist Browser Extensions: Block the installation of unapproved browser add-ons across the corporate fleet. Regularly audit the permissions of active extensions.
  • Decouple Passwords from the Browser: Transition all corporate credentials away from local browser storage profiles and into a dedicated, enterprise-grade business password manager.
  • Enforce Least Privilege on Endpoints: Ensure Endpoint Detection and Response (EDR) software is active across all corporate hardware, and strictly remove local administrative rights from standard user accounts.
  • Develop a Dedicated Session-Revocation Playbook: In the event of a suspected endpoint infection, your incident response team must immediately isolate the hardware, reset all associated passwords, and *forcefully revoke all active cloud application sessions*.
  • Establish BYOD Baselines: If staff access enterprise applications via personal hardware, enforce strict device posture checks requiring updated operating systems and active endpoint validation.

 

Unified Defense via NordLayer Browser

Deploying five separate point solutions to manage web filtering, data loss prevention, and extension controls introduces immense operational complexity. NordLayer Browser solves this by consolidating comprehensive web security controls directly into a single, centrally managed secure browser ecosystem.

  • Real-Time Phishing & Malware Interception: Continuously validates target URLs against global threat intelligence feeds before the page renders on the endpoint.
  • Centralized Extension Governance: Administrators dictate exactly which extensions can execute, preventing rogue or compromised add-ons from nesting inside the browser.
  • Native Data Loss Prevention (DLP): Enforces strict data handling boundaries, allowing IT teams to restrict copy-paste actions and block unauthorized data uploads across unmanaged SaaS environments.
  • Shadow IT Eradication: Delivers deep visibility into organizational browsing patterns, flagging unapproved, risky web applications in real time.

Protect your primary workplace interface directly at the source. Contact our enterprise architecture team today to schedule a strategic NordLayer Browser implementation consultation.

About Nord Security
The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

ESET doubles down on tailored solutions with ESET PRIVATE on a global scale

  • Building on years of serving organizations with complex security needs, ESET today elevates its bespoke offering globally as ESET PRIVATE.
  • ESET PRIVATE empowers large enterprise and public-sector environments with custom solutions and tailored cyber-resilience at scale.
  • The solution lineup includes high-speed threat scanning, security for fully air-gapped environments, protection for IT and OT infrastructure, tailored threat intelligence, and complex managed security.
  • At ESET World 2026 held in Berlin, Germany, interested parties can get an in-depth look at what this line of custom solutions brings to the table.

BRATISLAVA, BERLINMay 18 , 2026ESET, Europe’s largest cybersecurity vendor*, today announced that its ESET PRIVATE portfolio will be presented at ESET World 2026.

Large organizations have increasingly complex infrastructures, and face compliance demands and rising threats. For them, standard offerings simply don’t suffice. To ensure uninterrupted operations, tailor-made security that is seamlessly integrated around their infrastructure is required.

As a solution, ESET PRIVATE was developed to offer tailored and advisory-led cybersecurity for complex enterprise and public-sector environments, including the world’s largest companies, defense organizations, critical infrastructure operators, and public institutions, among others, adapting to a wide range of requirements and operational environments—even for environments with strict data-residency and digital sovereignty needs.

“Extending our standard B2B and Enterprise portfolio, ESET PRIVATE solutions are designed to accommodate the specific requirements and context of large corporations and government organizations,” commented David Března, Vice President of CS Operations and Scale Up at ESET. “Differing from industry to industry, our customers are shifting from buying technology to managing cyber risk, while navigating rapidly changing geopolitics, digital architectures, and an overload of tools and data. ESET’s role is evolving from a commodity vendor to a strategic partner, where we deliver purpose built security solutions that fit the business, operational, and regulatory context of each organization.
So whether you’re a bank seeking to protect clients against phishing scams, a long running manufacturer needing to secure critical legacy OT technology, an energy company requiring threat intelligence to safeguard its distribution network, or a government pursuing sovereignty beyond just where data is stored, ESET can do far more than what we are known for.”

Previously known as Corporate Solutions, ESET PRIVATE delivers:

  • Custom design and builds: Dedicated ESET engineers and architects work closely with customers to adapt, implement, and extend these solutions to address their advanced security and operational needs.
  • Modular Solution Portfolio: Customers are able to mix and match any combination of ESET PRIVATE solutions.
  • Cloud or on-premises solutions: Seamless integration around customers’ complex infrastructures and business operations with flexible deployment options.
  • Consultative approach: ESET provides expert advice based on in-depth industry knowledge.
  • End-to-end solutions: ESET supports long-term partnerships and ongoing solution life-cycle management.

Leveraging over 30 years of cybersecurity experience and global threat intelligence, ESET PRIVATE provides robust digital security solutions and bespoke solutions—bringing together ESET’s award-winning products with proprietary core technologies and expert personnel. Enabling companies to move past compliance requirements, ESET’s multilayered security solutions combine the power of AI and human expertise—and are available for cloud and on-premises environments.

Find out more at ESET World 2026

ESET will be showcasing ESET PRIVATE to the public at its annual ESET World conference, bringing together cybersecurity experts from around the world to witness, experience, network, and discuss ESET PRIVATE and its other solutions and services, providing a firsthand perspective.

Among the number of presentations will be those specifically tackling high-pressure, high-risk environments, hosted by ESET’s best and attended by renowned experts:

Beyond One-Size-Fits-All Security: Meeting the Needs of High-Risk Organizations
Juraj Malcho – Chief Technology Officer, ESET
Martin Talian – Chief Corporate Solutions Officer, ESET

As threats grow in complexity and impact, not all organizations can rely on standard, one-size-fits-all protection. Some operate in environments where trust, resilience, and control are critical and require a different level of security approach.

How can we secure systems operating in restricted and autonomous environments?
Patrik Pliesovsky: Director of Delivery and Deployment, ESET

Securing systems that operate in restricted environments presents unprecedented challenges, especially as autonomous AI-driven agents improve their ability to make independent decisions without human intervention. The session explores critical considerations for designing cybersecurity architectures that work in restricted and autonomous systems. It will focus on balancing operational autonomy with robust security controls—ensuring system integrity, continuous behavioral monitoring, and resilience in isolated, resource-constrained, or air-gapped environments.

Cyber Defense at the Digital Front lines
Andrew Lee, Vice President of Government Affairs, ESET
Colonel Mietta Groeneveld, Director of NATO Command and Control Centre of Excellence
Hans De Vries, Chief Cybersecurity and Operations Officer, ENISA

This panel convenes high-level cyber experts to address escalating cyber aggression from nation-states that increasingly disregard international cyber norms in order to conduct espionage and attack critical infrastructure. As hostile regimes exploit digital technologies, carry out damaging cyber-attacks, and now, leverage AI, defenders face the complex challenge of countering asymmetric warfare while upholding civil liberties and defending their citizens.

The panel will explore strategies for resilience, examining how to protect essential services in an era of persistent conflict. Ultimately, the session seeks to answer how defenders can secure their digital front lines without compromising the very values they are seeking to protect.

Strategic Cyber Resilience: The New Front Line Against Nation-State Warfare (fireside chat)
Thomas Hemker – Security CTO, Cyber Risk Advisor, Guter Hafen Cyber-Sicherheit
Colonel Mietta Groeneveld, Director of NATO Command and Control Centre of Excellence

As state actors blur the lines between cyber warfare and cybercrime, adopting sophisticated AI-driven tactics targeting supply chains and critical infrastructure, traditional defense-focused security models prove insufficient. The demand for advanced, resilient security architectures has never been greater. This panel will discuss cyber resilience as the cornerstone of modern defense strategy, transforming cybersecurity from cost center to competitive advantage.

Register and watch the conference taking place in Berlin, Germany, at the JW Marriott Hotel between May 19̶20, online.

*Based on Frost Radar™: Endpoint Security, 2025 (Frost & Sullivan), ESET is Europe’s largest cybersecurity vendor.

Learn more about ESET PRIVATE.

Read more about how ESET PRIVATE Industrial Security solves legacy OT security woes in the manufacturing sector.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

GREYCORTEX Mendel 4.6

Clearer Context, Faster Investigations, and Smoother Workflows

Mendel 4.6 focuses on making investigations more efficient and network context easier to understand. The new version improves how analysts work with packet data, host identity, and application-layer information, while extending support for enterprise identity standards. Together, these updates help teams confirm findings faster, reduce manual steps, and operate Mendel more effectively in large and complex environments.

GREYCORTEX Mendel 4.6 Features List

Track Host Identity Changes with Hostname History

Devices in a network rarely keep a single identity. Laptops move between networks, systems are reimaged, and different protocols may report different hostnames. As a result, analysts often struggle to confirm whether multiple events belong to the same device. Hostname History and Identity Tracking provides a unified view of how a host’s name changes over time. Mendel 4.6 continuously collects and correlates hostname information from multiple network sources and presents it as a single, time-based identity record per host.
With this capability, analysts can: 
  • Recognize the same device even when its hostname or IP address changes.
  • Follow suspicious activity across different network contexts.
  • Quickly determine whether multiple alerts relate to one host or several.

The result is clearer investigations and better visibility into devices that move, are renamed, or rebuilt.

Identify Devices With Application-Layer Data

Many devices in modern networks communicate in similar ways at the network layer. Without structured application-layer context, analysts lack the information needed to accurately identify device roles and expected behavior — especially in mixed IT and OT environments.

Mendel 4.6 addresses this by extracting and structuring protocol-level metadata and linking it directly to hosts. This turns raw traffic into clear indicators of device role, service usage, and communication behavior.

With this capability, analysts can:
  • Spot unusual or unexpected protocol usage across IT and OT environments.
  • Search and filter hosts by application attributes and service characteristics.
  • Use application-layer details to add context to detections during investigations.

The new version improves asset classification, accelerates investigations, and provides clearer context for detections and alerts.

Investigate Faster with a Unified PCAP Workspace

Mendel 4.6 introduces a unified PCAP workspace that brings capture and replay into one place, with access to PCAPs from all connected sensors. This allows analysts to move directly from alerts to packet-level evidence, speeding up validation and investigation.

With this capability, analysts can:
  • Replay captured traffic to confirm detection details and understand activity in context.
  • Search and filter packets by time, IP address, or session.
  • Correlate traffic flows across IT and OT environments.

The result is faster, more confident investigations with direct access to packet-level evidence, streamlining the retrospective investigation workflow.

Extend Identity Integration with SAML Support

Mendel 4.6 extends identity integration with SAML support, complementing existing LDAP, Kerberos, and OAuth options. This allows security teams to connect Mendel to enterprise SSO platforms and align access control with established identity and authentication policies.

With this capability, administrators can:
  • Enable web-based Single Sign-On using corporate identity providers.
  • Manage authenticators through a clearer, more flexible configuration interface.
  • Secure API access using OAuth2 client credentials and scopes.

The result is simpler user onboarding, consistent access control across environments, and better alignment with enterprise identity standards.

Additional Updates

Flow-Preserving Hardware Bypass for Napatech
High-performance sensors using Napatech adapters now support a flow-preserving hardware bypass mode that reduces CPU load while keeping flow size, timing, endpoints, and metadata.

Zabbix Integration Update for Asset Information
The Zabbix integration now aligns asset data with Mendel’s standardized Asset Information tags. Vendor, model, firmware, and device type details are displayed consistently for each host.

OpenAppID Framework
Upgrade
Mendel has been updated to support the latest OpenAppID framework and signatures, improving application and protocol identification

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

GREYCORTEX: A Decade of Network Resilience

Ten years is a decisive threshold in cybersecurity. It is an interval long enough for the market to test your claims, for the threat landscape to outpace naive assumptions, and for engineering merit to speak for itself.

In 2016, GREYCORTEX was founded in Brno by eight individuals driven by a singular conviction: world-class technical excellence could be engineered locally to protect critical enterprises anywhere in the world. A decade later, that conviction has been validated on the global stage.Today, GREYCORTEX operates across 27 international markets, earns recognition from premier analyst firms like Gartner and Forrester, and acts as a trusted partner for organizations where information security is not optional. This position was earned through one deployment, one customer, and one complex challenge at a time.

The Core Philosophy: Engineering with Consequence

Our trajectory has never been defined by single breakthroughs, but by a cultural alignment toward systemic excellence. The feedback loop between real-world deployments and core R&D is immediate. The engineers building GREYCORTEX Mendel stay directly aligned with the threat hunters monitoring live, hostile environments.

“When our platform runs inside a critical environment, our commitment is absolute—it is a matter of operational integrity, not an SLA threshold negotiated in a sales room.”
— Radek, Chief Experience Officer (CXO)

Because Mendel is deployed within hospitals, government networks, and critical industrial automation zones, every member of our team understands that security failures carry human and societal consequences. We show up because we recognize the impact of our solution.

Crucibles of Growth: Turning Points

The Geopolitical Pivot

During the onset of COVID-19, our deep market expansion in Japan paused overnight due to global travel restrictions. Despite immense financial pressure, management refused headcount or salary reductions, preserving the structural integrity of our team to execute when the world reopened.

The Architectural Leap

An early, large-scale deployment across nearly twenty remote state nodes pushed our engine beyond its original design limits. In less than thirty days, our R&D team reengineered the core processing module—creating the scalable foundation that underpins our largest enterprise models today.

The Next Epoch: IT/OT Convergence

We did not build GREYCORTEX to be a localized champion. Cybersecurity is a borderless crisis, and our mission has always been global network defense. As traditional enterprise IT rapidly converges with Operational Technology (OT) environments, the threat vector targeting critical infrastructure grows exponentially. This intersection is where we continue to deepen our analytical capabilities.

Our next chapter centers on establishing GREYCORTEX as the definitive standard for network detection and response across Europe, and subsequently, the global enterprise market.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

runZero 4.9: IT/OT Topology & Attack Path Mapping

In the world of security marketing, “visibility” has become an overused buzzword. But for defenders managing converged IT/OT environments, true visibility isn’t just a list of IPs—it is about decoding the functional DNA of your infrastructure.

For years, the industry has relied on the “segmentation illusion”—the comfortable but dangerous assumption that critical industrial assets remain safely air-gapped behind firewall layers. Today, geopolitical dynamics and AI-driven attacks target these exact operational boundaries, turning minor IT compromises into total factory shutdowns.

The release of runZero 4.9 shatters this illusion, delivering the high-fidelity security intelligence required to find lateral traversal vectors, harden critical choke points, and secure converged infrastructure before exposures are exploited.

1. Map the Unmappable: Sub-Asset Discovery

Most industrial security tools stop at the protocol gateway. runZero goes further, utilizing safe, protocol-native queries to peer behind gateways (including Modbus, BACnet, KNXnet, and EtherNet/IP) to unmask downstream PLCs and field-level devices sitting on serial or fieldbus networks.

  • Granular Field Topology: If a gateway masks 20 downstream PLCs, runZero enumerates the entire downstream infrastructure safely, without requiring endpoint agents or credentials.
  • Purpose-Built Safety: Validated by the U.S. Department of Energy’s National Renewable Energy Laboratory, our scan engine uses protocol-specific throttling to safely extract firmware versions, screenshots, and secondary interfaces.

2. Interactive Attack Path Mapping & Scalable Topology

Defenders can now visualize trajectories from initial corporate breach to core physical impact using dynamic 2D and 3D maps that comfortably scale to hundreds of thousands of active nodes.

Trace the Trajectory

Set explicit sources and targets to visualize the precise pivot points and bridging devices an adversary would use to traverse segmented zones.

Multi-Homed Detection

Automatically isolate and flag dual-nic systems, rogue laptops, or unmanaged assets bridging IT and production networks simultaneously.

Spot the Anomalies

Instantly flag out-of-place assets—like a standard corporate Windows machine sitting inside a highly segmented industrial production zone.

3. Deep Protocol Fingerprinting & Asset Classification

This release introduces an expanded library analyzing over 220 distinct protocols, providing comprehensive analysis across “insecure by design” industrial networks such as Siemens S7comm, Modbus, BACnet, and EtherNet/IP.

  • Geolocate Assets Instantly: Pinpoint hardware locations using public and egress IP data, adding adjacent environment context to remote facilities.
  • Real-World Prioritization: Focus engineering resources on true architectural exposures rather than non-critical vulnerabilities.
  • Sleek UI/UX Enhancements: Features a fully overhauled interface optimized for massive environments, complete with native dark and light modes to reduce strain during late-night SOC operations.

Technical Case Study: IT-Origin with OT Blast Radius

The greatest threat to industrial operations is rarely a highly customized exploit; it is a forgotten, multi-homed asset that shatters the segmentation illusion.

  1. Initial Foothold: An attacker exploits an internet-facing security camera running out-of-the-box port forwarding rules.
  2. The Pivot: The attacker discovers a technician’s laptop on that same wireless segment. The laptop is physically connected to the factory LAN for maintenance but leaves Wi-Fi and RDP enabled for external internet access.
  3. Lateral Traversal: Bypassing the core firewall completely through this active bridge, the attacker reaches the production subnet and enumerates a Rockwell Automation controller via EtherNet/IP (CIP).
  4. Operational Impact: The attacker sends an unauthorized “Stop” command through the gateway, halting a $100M production line.

The runZero Defensive Edge: runZero 4.9 maps this entire trajectory before it happens—flagging the multi-homed laptop as a critical choke point, identifying the active RDP vulnerability, and peering behind the protocol gateway to reveal the downstream field devices at risk.

The Statistical Reality: In recent representative assessments of large-scale manufacturing environments, runZero discovered that 30% of all OT assets reside only one hop away from an internet-exposed device, and 90% are within two hops.

Unified Truth for Converged Operations

Whether you manage a utility grid, a global manufacturing footprint, or a telecom network, runZero bridges the visibility gap between IT and OT security operations. We don’t just log nodes; we map reachability and clarify risk.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Portnox AgentP: Real-Time Endpoint Enforcement

Mobile Device Management (MDM) provides an essential baseline for configuration, but it lacks the real-time capabilities required to secure network boundaries. Portnox AgentP bridges this operational gap, delivering immediate posture assessment and automated remediation on every network transmission.
Architectural Insight: AgentP does not replace Microsoft Intune or Jamf. It transforms their passive compliance snapshots into instantaneous, network-level access control.
 

Operational Architecture Pillars

Transmission-Triggered NAC
Evaluates system posture—including open listening ports, active registry keys, and running processes—the moment a device attempts network access.
Auditable Playbooks
Executes granular, admin-defined controls to automatically terminate forbidden processes, isolate ports, or disable unauthorized USB peripherals.
Abstracted 802.1X
Eliminates SCEP and complex MDM profile infrastructure by unifying certificate distribution and automatic renewal into a single engine.
 

Capability Matrix

Security VectorsStandard MDM CapabilityPortnox AgentP Capability
Enforcement CadenceScheduled intervals (Hours)Instantaneous / Per transmission
Automated RemediationAlerting / Software blockingActive script execution / Device isolation
Network IsolationApplication-level containerizationHardware and layer-2/3 network containment

 

Securing the BYOD Boundary

By bypassing the heavy management profiles required by traditional MDM deployments, AgentP ensures a clean cryptographic separation between corporate assets and personally owned devices, maximizing edge security without infringing on user privacy.