Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


ForeScout Technologies, Inc. has announced that Kredi Kayit Burosu (KKB), the first and only credit bureau in Turkey, has deployed ForeScout CounterACT™ to ensure that all notebooks, laptops and workstations connected to its network are used by the legitimate corporate user; as well as to automate security controls, mitigate risks and react faster to security incidents.

John Hagerty, EMEA Director for Channels & Strategic Alliances, ForeScout
John Hagerty, EMEA Director for Channels & Strategic Alliances, ForeScout

KKB was founded by nine major Turkish banks in 1995. Reducing financial risks for numerous sectors – including banks, car rentals, house rentals and households – the credit bureau has one million members regularly using its internet portal; it dealt with 500 million enquiries during 2014.

Compliance and cybersecurity of sensitive financial and personal information are fundamental to KKB’s reputation as a trusted service provider. In line with this ethos, KKB required a solution to gain more comprehensive network visibility and network access control (NAC) for its 300 employees and 400 endpoints.

Ali Kutluhan Aktaş, Head of Information Security/Risk Management at KKB (Credit Bureau of Turkey), said, “We needed a NAC solution that was fast to deploy, without any risk of business interruption. In addition, it needed to support our mixed Aruba and Cisco IT infrastructure. ForeScout CounterACT offered us all of this and much more – including impressive integration capabilities with our existing FireEye and ArcSight security tools.”

Why ForeScout? 

When it began the search for a solution to increase network visibility and security controls, KKB approached Symturk, its information security consulting partner. Symturk recommended ForeScout CounterACT™ and offered an on-site Proof of Concept (PoC).

Aktaş commented, “We chose ForeScout partly because we have a mixed IT infrastructure but also because we needed a fast and easy-to-install solution: ForeScout delivered on this. In addition, CounterACT is a unique platform with strong integration properties. The fact we could easily integrate it with other security products, such as FireEye, ArcSight and CyberArk, has enabled better visibility and cyber security protection within KKB, as we are able to access – and benefit from – the products’ combined security intelligence.”

How ForeScout Helped

Real-time Visibility of Devices and Vulnerabilities

Since deploying ForeScout CounterACT, KKB has gained much greater visibility of the endpoints on its network, and is able to continuously check the security posture of each device. Aktaş said, “Previously, if a port scan was taking place on the network – with the possibility of malicious activity – we could only identify that after the fact. With ForeScout, we can detect, look and block at the same time. In addition, CounterACT alerts us to security vulnerabilities as they happen, while also enabling automated endpoint remediation. This reduces the chance of human error.”

Policy Creation and Enforcement

Aktaş explained some of the custom security policies his organisation has created using CounterACT:

  • “We have integrated ForeScout-ArcSight-CyberArk so that whenever a computer or laptop connects to our network, ForeScout checks its local admin age and, if it’s older than 45 days, ForeScout sends a CEF message containing the device’s name to ArcSight. ArcSight correlates this message within our custom rule and runs a script on an agent installed in the CyberArk server. With this script, CyberArk starts the password change process and, as a result, the password is successfully changed. This is an essential security measure, especially for those employees who regularly work off-site, away from the company premises.”
  • “Using ForeScout CounterACT, we check domain admin credential hashes on client machines and if we find a domain admin login/credential hash on a workstation, we isolate the machine from the network. This ensures preventative control of pass-to-hash attacks. We also check local admin privileges on workstations: If the helpdesk gives unapproved local admin privilege to a staff member, we detect and isolate that endpoint.”
  • “Via CounterACT we check data loss prevention services and, if they are not running, send a command to run them three times. If they still don’t run, or are totally uninstalled, we isolate the device. We also check items including disk encryption, p2p programs, suspicious behaviour and antivirus scan frequencies.”

Reduced Manual Overhead 

One of KKB’s selection criteria was a NAC solution that optimised automated security controls, in order to reduce manual overhead, as well as risk. Aktaş commented, “Before ForeScout, we had to change passwords on notebooks and workstations manually for instance if an employee left the company, which took a lot of time. Via CounterACT we have created a custom policy linking ForeScout-ArcSight-CyberArk, meaning that the process is now automated. This allows us to save money, as well as ensuring better information security. By being proactive and automating this process, I estimate that we save multiple employee-weeks per year.”

Security Product Integration

ForeScout’s ControlFabric™ technology enables CounterACT and other IT systems to exchange information and mitigate a wide variety of issues. KKB capitalises on these opportunities by integrating CounterACT with its FireEye and ArcSight solutions.

The ForeScout-FireEye integration enables real-time monitoring and mitigation of enterprise risk associated with non-compliant and/or compromised endpoints. Advanced Persistent Threats, botnets and propagating malware in distributed and BYOD environments can be rapidly identified, verified and quarantined.

ForeScout’s interoperability with ArcSight SIEM (Security Information and Event Management) provides detailed information about endpoint security posture, allowing it to make better, faster and more informed decisions around endpoint-related security risks and compliance violations.

The ForeScout Difference

Key differentiators that contributed to KKB’s overall success:

  • Security product integrations via ControlFabric architecture
  • Ease of deployment/interoperability in multi-vendor environments
  • Continuous monitoring and mitigation of security exposures and cyberattacks
  • Real-time visibility of devices on the network
  • Automated security and compliance controls; reducing manual overhead

Aktaş concluded, “We call ForeScout CounterACT the “Swiss Army knife” of our information security department, as it facilitates multiple, automated security checks and compliance controls in the most efficient way.”

John Hagerty, EMEA Director for Channels and Strategic Alliances at ForeScout Technologies, said, “From a recent survey we learned that companies, on average, use 13 different security appliances to secure their network and assets. Most of these appliances work in silos, collecting a lot a valuable data but not being able to share that with other appliances – nor being able to take action automatically. As a result the security operations team is overwhelmed with data, which they need to correlate manually before they can take action, losing valuable time and being very resource intensive. KKB is a great example of a customer that leveraged ForeScout’s ControlFabric technology to share information between different appliances and to take immediate action automatically.”