HP Security Research Tour 2014 If you want better security, think like a bad guy.
|
|
- Louisa Davis
- 8 years ago
- Views:
Transcription
1 HP Security Research Tour 2014 If you want better security, think like a bad guy. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
2 Welcome at the HP Security Research Tour 2014 Raymond Hüner Country Director, HP Software BeNeLux Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
3 Today s agenda - morning 08:15-09:00 Welcome & registration with coffee 09:00-09:15 Welcome remarks Raymond Hüner Country Director HP Software BeNeLux 09:15-10:45 Stop Looking for the silver bullet: start thinking like a bad guy Miguel Carrero Head of ArcSight Products & Solutions 11:00-11:15 Coffee break Guarding against a data breach: addressing the 2014 vulnerability landscape Matias Madou Research Lead, HP Security Research 11:15-13:00 Stop infiltration using robust architecture Henk Janssen Security Consultant Network Security, HP Enterprise Security Products North Find the intruders using correlation and context Ofer Shezaf Regional Product Management Director, EMEA, HP ArcSight Protect your weakest link - your software Tracy Varnum Strategic Sales Manager EMEA, HP Enterprise Security 13:00-14:00 Lunch and extended registration for NDA User Conference sessions 3 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
4 Today s agenda afternoon HP Security User Conference 14:00-15:30 HP Security User Conference (under NDA only) User conference ArcSight roadmap and use case updates Ofer Shezaf Regional Product Management Director, EMEA, HP ArcSight Matias Madou Research Lead, HP Security Research 15:30-16:25 Refreshment break Guided tour on the Forteiland 16:25-17:30 Closing networking drink User conference TippingPoint roadmap and use case updates Stuart Hatto EMEA Product Manager TippingPoint Tracy Varnum Strategic Sales Manager EMEA, HP Enterprise Security 4 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
5 Today s Special Guided tour on the Forteiland 5 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
6 Your opinion matters to us Please give us your feedback And we will make it worthwhile 6 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
7 HP Security Research Tour 2014 Thank you Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
8 Stop looking for the silver bullet, start thinking like a bad guy Miguel Carrero Head of ArcSight Products & Solutions Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
9 9 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
10 10 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
11 11 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
12 12 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
13 13 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
14 14 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
15 15 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
16 16 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
17 17 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
18 18 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
19 19 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
20 20 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
21 21 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
22 22 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
23 23 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
24 24 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
25 25 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
26 26 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
27 27 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
28 28 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
29 86% of budget spent on blocking 31% greater ROI $4,000,000 saved 29 Copyright Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
30 30 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 93 assessments 69 discrete SOCs 13 countries
31 31 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
32 2/5 on maturity continuum 24% fail to meet security requirements 30% fail to meet compliance 32 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
33 33 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
34 34 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
35 35 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
36 36 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
37 37 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
38 Title (46 pt. HP Simplified bold) Subtitle (18 pt. HP Simplified) Speaker s name / Month day, Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
39 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
40 40 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
41 41 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
42 Questions? Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
43 Thank you. Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
44 Guarding against a data breach: addressing the 2014 vulnerability landscape Guarding against the Breach Matias Madou, Ph.D. Research Lead, HP Security Research Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
45 The attack lifecycle Research Infiltration Their ecosystem Discovery Capture Our enterprise Exfiltration 45 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
46 How we can disrupt the market Educating users Counter Research intel Infiltration Discovery Their ecosystem Capture Our enterprise Planning damage Exfiltration mitigation 46 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
47 Agenda 2013 Cyber Risk Report key findings Understanding Exactly how the Attacker Ecosystem Works HP Security Research Building Security in Maturity Model 47 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
48 2013 Cyber Risk Report Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
49 Vulnerability disclosure is on the decline While incidents are on the rise vulnerability disclosures stabilize and decrease in severity 49 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
50 Application are exposed by mis-configuration More than 80% of applications contain vulnerabilities exposed by incorrect configuration 50 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
51 Mobile brings a change in the vulnerability landscape 46% of mobile ios and Android applications use encryption improperly 51 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
52 Old suspects die hard Internet Explorer was the software most targeted by Zero Day Initiative (ZDI) researchers 52 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
53 The internet of things is on the radar SCADA systems are increasingly targeted 53 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
54 What should we do about this? Vulnerability disclosure is on the decline Don t rely solely on traditional defensive perimeter security Application are exposed by misconfiguration Remember that people are part of your organization s perimeter too Mobile brings a change in the vulnerability landscape Seek out credible and reliable security intelligence The internet of things is on the radar Understand that not all information and network assets are equal 54 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
55 Understanding exactly how the Attacker Ecosystem Works Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
56 A recent event 56 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
57 Repeat attacks Zero Day Company A NEW EVENT Malware Variant Company B NEW EVENT Malicious IP Address Company C NEW EVENT 57 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
58 Recruiting 58 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
59 Job offers 59 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
60 Escrow services 60 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
61 Training 61 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
62 HP Security Research Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
63 HP Enterprise Security Products 63 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
64 HP Security Research Innovative research Ecosystem partner SANS, CERT, NIST, ReversingLabs, software, and reputation vendors ~3000 researchers customers sharing data managed networks globally Actionable security intelligence HP Security Research ESS Automatically integrated into HP products HP finds more vulnerabilities than the rest of the market combined Top security vulnerability research organization for the past three years Frost & Sullivan Thought leadership 64 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
65 Heartbleed 67 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
66 HP Fortify and Heartbleed Timely support added to HP WebInspect and Fortify on Demand April 11 th, 2014 Features: HP Security Research releases urgent security content update WebInspect Available directly from HP WebInspect through SmartUpdate Dedicated policy for quick detection Adaptable detection based on server configuration Safely verifies vulnerability without disclosing contents of memory Detailed remediation information 68 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
67 HP Fortify and Heartbleed Timely support added to HP WebInspect and Fortify on Demand Customer-focused response Updated test methodology within hours of release Tested hundreds of thousands of customer IPs within 48 hours Direct notification to affected customers with targeted remediation Ahead of the wave Always looking for the next security liability in order to protect customers 69 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
68 Building Security In: HP SSR Consistent delivery of quarterly content updates ( , , ) Original Research Malware analysis, access control validation, Secure Coding Rulepacks (SCA) 563 unique categories of vulnerabilities across 21 languages and over 720,000 individual APIs Runtime Rulepack Kits HP Fortify SecurityScope HP Fortify Runtime Application Logging HP Fortify Runtime Application Protection (RTAP) WebInspect SecureBase (WebInspect) Next-generation security testing capabilities Q1 05 Q3 06 Q1 06 Q3 07 Q1 07 Q3 08 Q1 08 Q3 09 Q1 09 Q3 10 Q1 10 Q3 11 Q1 11 Q3 12 Q1 HP 12 Q3 13 Q1 70 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
69 Building Security in Maturity Model (BSIMM) Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
70 Building BSIMM (2009) Big idea: Build a maturity model from actual data gathered from 9 well known large-scale software security initiatives Created a software security framework Interviewed nine firms in-person Discovered 110 activities through observation Organized the activities in 3 levels Built a scorecard The model has been validated with data from 67 firms There are no special snowflakes 72 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
71 Prescriptive versus Descriptive Models Prescriptive models describe what Descriptive models describe you should do (circa 2006) what is actually happening SAFECode BSIMM is a descriptive model SAMM used to measure multiple MS SDL prescriptive SSDLs Touchpoints Every firm has a methodology they follow (often a hybrid) You need an SSDL! 73 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
72 67 Firms in the BSIMM-V Community 74 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Plus 22 firms that remain anonymous
73 Compare yourself with Your peers Other business units Track your performance over time 75 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
74 BSIMM by the Numbers 76 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
75 Conclusion Don t rely solely on traditional defensive perimeter security. Know thy enemy. Expect to be compromised. Security Research can provide proactive insight into global, vertical-specific, and geographic threats. BSIMM: Measure how well you re doing 77 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
76 Questions? Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
77 Join Our Conversation We are on your side. Visit our blogs. HP Security Research: HP Security Products: HP Threat Briefings: hp.com/go/hpsrblog hp.com/go/securityproductsblog hp.com/go/threatbriefings BSIMM Information: bsimm.com 79 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
78 If you want better security, think like a bad guy. Why attend? Collaborate with ~1,500 security professionals to jointly identify primary targets, predict vulnerabilities, trade threat secrets, and determine how to attack adversaries relentlessly. Nearly 150 breakout sessions and turbo talks Dozens of roundtables and birds-of-a-feather lunches Networking activities Demos, new product previews, mock SOC, onsite service/support 2013 attendee feedback High-quality participants I really enjoyed this conference. Very valuable I appreciate the depth of content. hp.com/go/protect 80
79 Thank You Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
80 Coffee Break Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
81 Coffee Break Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
82 Stop infiltration with robust architecture Henk Janssen Security Consultant Network Security Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
83 The attack life cycle Research Infiltration Their ecosystem Discovery Capture Our enterprise Exfiltration 85 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
84 How we can disrupt the market Educating users Counter Research intel Blocking Infiltration access Finding Discovery them Their ecosystem Planning damage Exfiltration mitigation Protecting Capture the target access Our enterprise 86 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
85 Seeing is half the battle 1. Monitor 2. Detect 3. Report Detect the bad guys 87 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
86 Blocking is the other half 88 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
87 HP TippingPoint Helps Customers Stay Out of the News with Proactive, Next-Generation Protection Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
88 Heartbleed Vulnerability Protection on Day 1 Every second matters! OpenSSL Vulnerability affecting 2/3 of the world s web servers HP TippingPoint customers are protected on Day 1 via Digital Vaccine Virtual patch stops attack and theft of critical customer information 90 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
89 Malware Threat from Anonymous Proxies Chewbacca malware example Bad guys targeting POS/financial systems Launched from TOR network Operates by installing TOR client on infected devices for exfiltration purposes Set policy on your network for unpublished, unknown anonymous proxy exit nodes 91 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
90 Customer Attack Leads to Unexpected Intel Neverquest trojan Targeted attack against large retailer Traffic capture analysis uncovers previously unknown exfiltration sites Take action before the bad guys know they are exposed! 92 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
91 HP Network Security TippingPoint Product Family Protects the data and applications that matter 93 Next-Generation IPS Inspects network traffic and blocks against known vulnerabilities % of network uptime track record Next-Generation Firewall Next Marries Gen FW NGIPS with enterprise firewall Granular application visibility and control Integrated Policy Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Digital Vaccine Labs Industry-leading security research Delivers zero-day coverage Security Management System Centralized management console across NGIPS and NGFW Single console to deploy devices and policies
92 Kuoni Travel Implementing HP TippingPoint was fast and painless. The solution was up and running in just a couple of hours, and attacks were already being blocked.. Lorenzo De Lucia, Head of Network Kuoni Travel 94 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Image Kuoni Travel Holding, Ltd
93 The Value HP TippingPoint Provides Simple Easy-to-use, configure and install with centralized management Effective Industry leading security intelligence with weekly DVLabs updates Reliable NGIPS with % network uptime track record 95 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
94 HP TippingPoint has the numbers to back you up Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
95 Data Driving Security Intelligence Leadership HP TippingPoint DVLabs Keeps Organizations Up-to-Date 8,700 filters right out of the box 30% of filters are turned on in recommended settings 20 filters release each week 1 in 12 is a Zero Day filter 10% are application filters 3,000 whitehat hackers behind HP Security Research Zero Day Initiative 245 Microsoft Vulnerability Acknowledgements (2006 thru Today) 70% of total vulnerabilities discovered by HP TippingPoint 116 Adobe Vulnerability Advisories (2007 thru Today) 51% of total vulnerabilities discovered by HP TippingPoint Industry Leading Security Intelligence 97 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
96 But, it s our Security Effectiveness that keeps you ahead of the bad guys Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
97 The Value HP TippingPoint DVLabs Provides Vulnerability Research Malware Research Crowd-sourced 0-day and vulnerability research through the Zero Day Initiative (ZDI) Original vulnerability research on widely-used software Targeted research on emerging threat technologies and trends Reputation feed of malicious hosts and IP addresses In-depth threat research 99 Weekly updates for to stay ahead of the threats Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
98 Digital Vaccine Filters A Virtual Software Patch Exploit A Fingerprint Exploit B Fingerprint (Missed by Coarse Exploit A signature) Virtual Software Patch Vulnerability Fingerprint Simple Exploit A Filter False Positive (coarse signature) Vulnerability > A security flaw in a software program Exploit > A program that takes advantage of a vulnerability to gain unauthorized access or block access to a network element, compute element, O/S, or application Exploit Filter > Written only to a specific exploit > Filter developers often forced to basic filter design due to engine performance limitations > Impact - Missed attacks, false positives and continued vulnerability risk Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice
99 Huge Filter Numbers Don t Prove Anything Digital Vaccine Filters are Based on the Vulnerability, Not Exploits Digital Vaccine addresses the root cause of the vulnerability, in order to cover variations in exploit cases Variations are guaranteed Addressing just one exploit is like plugging one of the holes in a sieve Reduces the number of false positives to a minimum DVLabs Filters Improve Security Efficacy 101 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
100 Security Effectiveness depends on Security Intelligence Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
101 Effectiveness is Only as Good as the Security Intelligence 4 years in a row! ~3,000+ independent researchers DVLabs Research & QA Leading security research and filter development with 30+ dedicated researchers 2,000+ customers participating Partners SANS, CERT, NIST, etc. Software & reputation vendors DVLabs Services: Digital Vaccine ReputationDV CustomDV ThreatLinQ Lighthouse Program Analysis of Vulnerabilities by Severity Note: All figures are rounded. The base year is CY Source: Frost & Sullivan analysis 103 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
102 Every Second Matters for Security Effectiveness Over 8,700 filters published to date Over 3,000 security researchers Focused on vulnerabilities rather than exploits Frost & Sullivan Market Share Leadership Award for Vulnerability Research Microsoft Vulnerability Acknowledgements x MSFT competitor over last 8 years At any time, 200 to 300 zero day vulnerabilities only HP knows about TP customers enjoy Zero Day peace of mind Compiled from public data available at and Adobe Advisories 104 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
103 Effective: World Class Security Research MICROSOFT PUBLIC VULNERABILITY ACKNOWLDGEMENTS Cisco/ Juniper Checkpoint SourceFire 0% 1% ~3,000+ 1% independent researchers Radware DVLabs Research & QA Palo McAfee 0% Alto Stonesoft Corero Networks 3% 0% 8% IBM 8% ADOBE PUBLIC VULNERABILITY ACKNOWLDGEMENTS Cisco/ Juniper Checkpoint SourceFire 0% 1% 1% Radware Palo McAfee 0% Alto Stonesoft Corero Networks 3% 0% 7% IBM 8% Fortinet 9% 2,000+ customers participating TippingP oint 70% TippingP oint 51% Fortinet 29% Compiled from public data available at Compiled from Adobe Advisories 105 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
104 Questions? Henk Janssen PreSales Technical Consultant HP Enterprise Security Products M: Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
105 Thank You! Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
106 Find the intruders using correlation and context Ofer Shezaf/ May 15, 2014 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
107 Agenda The changing threat landscape What can you do to find intruders? Best practices for timely detection and mitigation HP ArcSight 109 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
108 Find the intruder at each and every step of the process Research Infiltration Discovery Their ecosystem Capture Our enterprise Exfiltration 110 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
109 Threat landscape Riskier Enterprises + Advanced Attackers = More Attacks New Technologies Cloud SDN Mobile/BYOD Attacks 24 Million 40 Million 95 Million 101 Million 130 Million Hacktivists Anonymous State funded LulzSec 111 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
110 243days average time to detect breach 2013 January February March April May June July August September October November December 2014 January February March April 112 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
111 Since 2009, time to resolve an attack has grown 130% 113 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
112 Current solutions are not enough Big data Silo d products Limited context No effective way hundreds of apps Apps and devices are in need a domain expert to Too many products, emitting large volumes of silos that don t learn or understand and make vendors, solutions raw machine data share information sense of raw logs 114 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
113 What can you do to find intruders? Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
114 What can you do to find them? Put the clues together Detect anomalous patterns Profile user behavior Monitor your applications 69% of breaches discovered by an external party 116 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
115 What can you do to find them? Put the clues together Detect anomalous patterns Profile user behavior Monitor your applications 56% of malware evades sandboxing technologies 117 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
116 What can you do to find them? Put the clues together Detect anomalous patterns Profile user behavior Monitor your applications 42% of breaches involved social engineering or malicious insiders 118 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
117 What can you do to find them? Put the clues together Detect anomalous patterns Profile user behavior 84% of breaches occur at the application layer Monitor your applications 119 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
118 Best practices for timely detection and mitigation Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
119 Transform Big Data into actionable intelligence Collect/correlate up to 100,000 events/ second from 350+ connectors Search 2 million+ events per second Analyze a breach in 4 hours with quick forensic investigation 121 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
120 Transformation in Detail Capability Collect Enrich Search Store Correlate? Benefit Collect logs from any device, any source, and in any format at high speed Machine data is unified into a single format through normalization and categorization Simple text-based search tool for logs and events without the need of domain experts Archive years worth of unified machine data through high compression ratios Automate the analysis, reporting, and alerting of machine data for IT security, IT operations, and IT GRC 122 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
121 Adding context to security intelligence Event correlation Users & Roles User monitoring Fraud monitoring Data capture Controls monitoring App Context App monitoring Threat Intelligence Business Asset model Log management Applications 123 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
122 Assets: Business relevant risk management 124 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
123 Shared threat intelligence Partners InQuest Open Source Threat Central Private Community Threat DB Privacy Enhanced TC Forum Feeds Sector Community HP Security Research TC Portal 125 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Global Community
124 Adding identity and role context The multiple login example Action: login Application: Windows User: johnd Login time: 1/1/14, 10:00pm Place: Sunnyvale, CA, USA Action: login Application: Sales Force User: Login time: 1/1/14, 10:05pm Place: London, UK 126 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
125 Application Layer Intelligence Example: add user context to database logging SQL User name User name Only by logging through the application database logs can include user information. Events 127 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
126 HP ArcSight Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
127 Security is complex, ArcSight helps you. Get Control Get Efficient Get Compliant Transform Big Data into actionable security intelligence Faster resolution with fewer resources Automate your compliance out-ofthe box 129 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
128 HP ArcSight delivers 4 hours to respond to a breach ArcSight enables forensic investigation and a quick response to a data breach that otherwise would take 24 days 10 minutes to fix an IT incident Full-text searching of any data enables incident resolution that otherwise would take 8 hours 5 minutes to generate IT GRC report ArcSight content generates IT GRC reports that otherwise would take 4 weeks 3 days to run an IT audit Search results yield audit-quality logs that otherwise would take 6 weeks 2 days to fix a threat vulnerability Seamless integration allows faster remediation, that otherwise would take 3 weeks 130 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
129 ArcSight takes the complexity out of Big Data Volume Cross-device, real-time correlation of data across IT Long term archival at 10:1 compression ratio with ArcSight Send it to Hadoop at over 100,000 EPS Velocity SmartConnectors collect logs, events, flows at over 100,000 EPS from almost any log generating source Search data at over 2,000,000 EPS Variety Collects machine generated data from 350+ distinct sources Autonomy collects human generated data from 400+ distinct sources Collect from Hybrid network such as physical, virtual, and cloud VELOCITY 131 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
130 HP ArcSight named leader in Gartner SIEM MQ 2013 HP ArcSight named A LEADER in the Gartner Magic Quadrant for Security Information and Event Management (SIEM), 10 YEARS IN A ROW. The MOST VISIONARY PRODUCT in the Gartner SIEM MQ 132 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
131 BMW HP ArcSight ESM has enabled our IT department to be an enabler of the business. We can act very fast on security incidents and can reduce the loss of contracts and financial services due to the improved integrity of our network. Marc Seiffert, Senior IT Specialist BMW Group 133 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
132 HP ArcSight Information Security Product Family A comprehensive solution for big data security and compliance Universal Log Management Collect, store, analyze machine data from anywhere Cost-effective compliance solution Security Information and Event Next Management Gen FW (SIEM) Leaders in Gartner MQ for 10 years in a row Real-time threat intelligence for big data Big Data Security SOC Appliance for mid-market One box solution for security use cases Delivers value out-of-thebox Security Intelligence and Operations Center Largest number of SOCs built through HP ArcSight Integrated solution with TippingPoint, Fortify, Hadoop, & Autonomy 134 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
133 Questions? Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
134 Join Our Conversation We are on your side. Visit our blogs. HP Security Research HP Security Products HP Threat Briefings hp.com/go/hpsrblog hp.com/go/securityproductsblog hp.com/go/threatbriefings 136 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
135 Thank you Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
136 Protect your weakest link: your software Tracey Varnum Strategic Sales Manager EMEA, HP Enterprise Security Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
137 The weakest link software security challenges Does software security pay? How to Fortify your apps 139 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
138 Disrupting the adversary Research Stopping Infiltration access Their ecosystem Discovery Protecting Capture the target access Our enterprise Exfiltration 140 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
139 84% of breaches occur at the application layer 141 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
140 The business challenge Applications are being driven by the brands not by IT Commissioned by the brands Focus on wow factor and marketing-related functionality Frequently developed by small boutique consultancies Intense pressure on timescales with little thought given to non-functional requirements Capturing personal data is the norm Key to building the direct customer relationship (brand trust) Applications are proliferating Websites, Facebook applications, Mobile applications Marketing Campaigns run outside normal process, no governance Do you even know how many applications you have? 142 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
141 Business impact of successful attack Example 1 Hackers exploited security flaw in the website. Customer credit card numbers, addresses, mailing addresses, telephone numbers, full names accessed. Example 2 A customer using a mobile app to check a prescription noticed that he was able to access the names, addresses, and prescription records of other customers. Example 3 After an application security incident HP FOD was used to assist in detection, containment, and eradication. FOD discovered the root cause, a vulnerability that allowed access to 250k user s records by executing a SQL Injection attack against the website. The records included names, addresses, and passwords. Example 4 Website allowed attackers to bypass username/password requirements and impersonate an admin on the system. This allowed for disclosure of sensitive customer details and pricing. 143 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
142 Security Challenge Key Requirements Identify and fix application security issues before application goes into production Systematic Support all types of applications Support all development approaches No impact on time to market Implement solution rapidly No complex hardware/software to install No need to hire, train and retain a team of application security experts Scale rapidly to test all applications Cost Effective Cheaper than existing approach Predictable 144 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
143 Application security challenges Monitoring/protecting production software Existing software Securing legacy applications Demonstrating compliance Procuring secure software Certifying new releases In-house development Outsourced Commercial Open source 145 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
144 Does software security pay? 2013 ROI Study Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
145 Research background 147 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Mainstay Study
146 2013 Key Findings 148 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Mainstay Study
147 Software Taken Together security with does pay! 2010 Findings, the Total Economic Impact has Increased Significantly in 2013 Productivity & Remediation Savings $9.7 M Revenue Protection $23.5M Risk Avoidance $15.5 Total Impact $49M 149 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Mainstay Study
148 Impact by delivery model 150 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
149 Cost 30x more costly to secure in production 30X 10X 15X 5X 2X Requirements Coding Integration/component testing System testing Production After an application is released into production, it costs 30x more than during design. Source: NIST 151 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
150 Assess, assure, protect Enact an application security gate Embed security into SDLC Monitor and protect software running in production In-house Outsourced Commercial Open source Improve SDLC policies 152 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
151 HP Fortify is one of the first commercially available static analysis tools. is a leader in coverage of languages, platforms and frameworks. can be integrated into your SDLC to find vulnerabilities in your code. Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
152 Application Security Gate Secure ALL your applications before deployment Web, Facebook, Mobile In-house, out-sourced, third-party on Demand Security Testing Service Code Test Deploy Contract/Outsource Procure Security Gate 154 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
153 Embed Security into Software Development Lifecycle 155 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
154 Fortify Solutions on premise and on demand Static Analysis Dynamic Analysis Runtime Analysis Actual attacks Source code mgt system Static analysis via build integration Dynamic testing in QA or production Real-time protection of running application Hackers Vulnerability management Remediation Normalization (Scoring, guidance) Application Lifecycle IDE Plug-ins (Eclipse, Visual Studio, etc.) Correlate target vulnerabilities with common guidance and scoring Vulnerability database Correlation (Static, Dynamic, Runtime) Defects, metrics and KPIs used to measure risk Developers (onshore or offshore) Threat intelligence Rules management Development, project and management stakeholders 156 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
155 HP Fortify on Demand Simple Launch your application security initiative in < 1 day No hardware or software investments or maintenance No experts to hire, train and retain Fast Scale to test all applications in your organization 1 day turn-around on application security results Support 1000s of applications Flexible Tests all types of applications Web, Facebook, Mobile, desktop In-house, open source and third party, commercial applications 157 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
156 Application security in three easy steps Upload Test Review Software author provides URL and/or uploads software to the HP Fortify on Demand cloud HP Fortify on Demand conducts appropriate application security test(s) based on the risk category of the application Customer reviews and analyzes the results of the application test and provides information to development to fix 158 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
157 Full Mobile Application Security Support Mobile support for: Objective-C (Apple ipad/ iphone) Client Network Server Android Windows Blackberry Test all three tiers Utilize Hybrid Analysis Source Code Running Application Credentials in memory Credentials on filesystem Data stored on filesystem Poor cert management Etc. Cleartext credentials Cleartext data Backdoor data Data leakage Etc. SQLi XSS LFI Authentication Session Management Logic Flaws Etc. 159 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
158 Comprehensive and accurate testing Multiple levels of testing based on risk Static Analysis Powered by HP Fortify SCA Dynamic Analysis Powered by HP WebInspect Manual Review Enterprise proven technology 100% code coverage Support for 21 development languages Production safe Three testing levels QA or production environments Security expert review Reduce false positives 160 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
159 Vendor Work-flow Management FOD is the trusted third-party Vendor FOD account Procurer FOD account Automated Testing Expert Review Detailed results Static Analysis Dynamic Analysis Vendor publishes report to Procurer s account Vendor Uploads Application Remediate 161 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
160 Powerful remediation and guidance Insightful Dashboard Executive Summary Most prevalent vulnerabilities Top 5 applications Heat Map Detailed Test Reports Star Rating Remediation roadmap Detailed vulnerability data Recommendations Developer support Vulnerabilities in Line of code context - Web based IDE - IDE Plug-in Assign issues to developers 162 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
161 HP Fortify on Premise 163 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
162 HP Fortify - Software Security Assurance HP Fortify Software Security Center 164 Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Find the intruders using correlation and context Ofer Shezaf
Find the intruders using correlation and context Ofer Shezaf Agenda The changing threat landscape What can you do to find intruders? Best practices for timely detection and mitigation HP ArcSight 2 Find
More informationРешения HP по информационной безопасности
Решения HP по информационной безопасности Евгений Нечитайло ynechyta@hp.com Mobile: +380 67 464 0218 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationCaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security
CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security 1 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
More informationSecurity Operation Centre 5th generation
Security Operation Centre 5th generation transition Cezary Prokopowicz Regional Manager SEE HP Enterprise Security Products 2 3 4 5 Challenges you are facing 1 Nature and motivation of attacks (Fame to
More informationHP Fortify Application Security Lucas v. Stockhausen PreSales Manager HP Fortify EMEA lvonstockhausen@hp.com +49 1520 1898430 Enterprise Security
HP Fortify Application Security Lucas v. Stockhausen PreSales Manager HP Fortify EMEA lvonstockhausen@hp.com +49 1520 1898430 Enterprise Security The problem Cyber attackers are targeting applications
More information(S2.3) Security Spotlight: How cyber criminals can steal millions in seconds and how to fight back. Johannesburg
(S2.3) Security Spotlight: How cyber criminals can steal millions in seconds and how to fight back Johannesburg Bharat Mistry Security Chief Technologist HP Enterprise Security Tweet using #HPWorldZA Johannesburg
More informationHP Fortify application security
HP Fortify application security Erik Costlow Enterprise Security The problem Cyber attackers are targeting applications Networks Hardware Applications Intellectual Property Security Measures Switch/Router
More informationAll about Threat Central
All about Threat Central Ted Ross & Nadav Cohen #HPProtect Forward-looking statements This is a rolling (up to three year) Roadmap and is subject to change without notice. This document contains forward
More informationHP Fortify Software Security Center
HP Fortify Software Security Center Proactively Eliminate Risk in Software Trust Your Software 92% of exploitable vulnerabilities are in software National Institute for Standards and Technology (NIST)
More informationThe 2014 Next Generation Firewall Challenge
Network World and Robin Layland present The 2014 Next Generation Firewall Challenge Guide to Understanding and Choosing a Next Generation Firewall to Combat Today's Threats 2014 The 2014 Next Generation
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationIBM Security Intelligence Strategy
IBM Security Intelligence Strategy Delivering Insight with Agility October 17, 2014 Victor Margina Security Solutions Accent Electronic 12013 IBM Corporation We are in an era of continuous breaches Operational
More informationInformation Security: Enabling the Business Developing an Effective Application Security Program
Information Security: Enabling the Business Developing an Effective Application Security Program Bruce C Jenkins (bcj@hp.com) AppSec Program Strategist 04 April 2014 About me Commonwealth IT Security Conference
More informationHP Next-Generation Network Security Solutions Radoslav Georgiev Technical Consultant HP Networking rgeorgiev@hp.com
HP Next-Generation Network Security Solutions Radoslav Georgiev Technical Consultant HP Networking rgeorgiev@hp.com The Network Infrastructure Has Revolutionized Mainframe Client/Server Web Computing Mobile
More informationHP ENTERPRISE SECURITY. Protecting the Instant-On Enterprise
HP ENTERPRISE SECURITY Protecting the Instant-On Enterprise HP SECURITY INTELLIGENCE AND RISK MANAGEMENT PLATFORM Advanced Protection Against Advanced Threats 360 Security Monitoring to Detect Incidents
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationBusiness white paper. Missioncritical. defense. Creating a coordinated response to application security attacks
Business white paper Missioncritical defense Creating a coordinated response to application security attacks Table of contents 3 Your business is under persistent attack 4 Respond to those attacks seamlessly
More informationThe Evolution of Application Monitoring
The Evolution of Application Monitoring Narayan Makaram, CISSP, Director, Solutions Marketing, HP Enterprise Security Business Unit, May 18 th, 2012 Rise of the cyber threat Enterprises and Governments
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationChanging the Enterprise Security Landscape
Changing the Enterprise Security Landscape Petr Hněvkovský Presales Consultant, ArcSight EMEA HP Enterprise Security Products 2012 Hewlett-Packard Development Company, L.P. The information contained herein
More informationContinuous???? Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
???? 1 Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Application Delivery is Accelerating Surge in # of releases per app
More informationBe Fast, but be Secure a New Approach to Application Security July 23, 2015
Be Fast, but be Secure a New Approach to Application Security July 23, 2015 Copyright 2015 Vivit Worldwide Copyright 2015 Vivit Worldwide Brought to you by Copyright 2015 Vivit Worldwide Hosted by Paul
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationFrom the Bottom to the Top: The Evolution of Application Monitoring
From the Bottom to the Top: The Evolution of Application Monitoring Narayan Makaram, CISSP Director, Security Solutions HP/Enterprise Security Business Unit Session ID: SP01-202 Session 2012 Classification:
More information應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊
應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationThe webinar will begin shortly
The webinar will begin shortly An Introduction to Security Intelligence Presented by IBM Security Chris Ross Senior Security Specialist, IBM Security Agenda The Security Landscape An Introduction to Security
More informationSecuring your IT infrastructure with SOC/NOC collaboration
Technical white paper Securing your IT infrastructure with SOC/NOC collaboration Universal log management for IT operations Table of contents Executive summary 2 IT operations: Handle IT incidents and
More informationKnow your security in mission critical environments Petr Hněvkovský, Senior Security Consultant, HP Enterprise Security Products
Know your security in mission critical environments Petr Hněvkovský, Senior Security Consultant, HP Enterprise Security Products Threat landscape Riskier Enterprises + Advanced Attackers = More Attacks
More information(S2.1) The importance of security intelligence in choosing a network protection system. Johannesburg
(S2.1) The importance of security intelligence in choosing a network protection system Johannesburg Simon Leech CISSP-ISSAP CISM CRISC Agenda Framing the Problem Working with Security Intelligence HP Network
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationHP ESP 2013 Solution Roadmap
HP ESP 2013 Solution Roadmap C. K. Lin ( 林 傳 凱 ) Senior Channel Solution Manager, North Asia ck.lin@hp.com March 8, 2013 資 安 要 聞 議 程 HP ESP 簡 介 HP ESP 解 決 方 案 HP ESP 2013 Solution Roadmap Q&A HP ESP 簡
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationHP Application Security Center
HP Application Security Center Web application security across the application lifecycle Solution brief HP Application Security Center helps security professionals, quality assurance (QA) specialists and
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationAchieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR
Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO
More informationLOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE The Tripwire VIA platform delivers system state intelligence, a continuous approach to security that provides leading indicators of breach
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationHigh End Information Security Services
High End Information Security Services Welcome Trion Logics Security Solutions was established after understanding the market's need for a high end - End to end security integration and consulting company.
More informationSecurity Services. 30 years of experience in IT business
Security Services 30 years of experience in IT business Table of Contents 1 Security Audit services!...!3 1.1 Audit of processes!...!3 1.1.1 Information security audit...3 1.1.2 Internal audit support...3
More informationIs your software secure?
Is your software secure? HP Fortify Application Security VII konferencja Secure 2013 Warsaw - October 9, 2013 Gunner Winkenwerder Sales Manager Fortify CEE, Russia & CIS HP Enterprise Security +49 (172)
More informationLeading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA
Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture
More informationAccelerating Software Security With HP. Rob Roy Federal CTO HP Software
Accelerating Software Security With HP Rob Roy Federal CTO HP Software If we were in a cyberwar today, the United States would lose. Mike McConnell Former DNI, NSA. Head of Booz Allen Hamilton National
More informationEnterprise Security and Risk Management
Enterprise Security and Risk Management Growth, innovation, efficiency depend on security HP protects what matters Banking Manufacturing Public Sector $9 trillion USD per day 1000+ Business processes 13
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationSikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking
Sikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking Agenda BYOD challenges A solution for BYOD Network Protector SDN matched with industry leading service How it works In summary BYOD challenges
More informationSecurity strategies to stay off the Børsen front page
Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the
More informationHow to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP
How to start a software security initiative within your organization: a maturity based and metrics driven approach Marco Morana OWASP Lead/ TISO Citigroup OWASP Application Security For E-Government Copyright
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationHP TIPPINGPOINT ADAPTIVE REAL-WORLD SECURITY. Stefan Schmid Sales Manager Central & Eastern Europe & Middle East s.schmid@hp.com
HP TIPPINGPOINT ADAPTIVE REAL-WORLD SECURITY Stefan Schmid Sales Manager Central & Eastern Europe & Middle East s.schmid@hp.com 2010 2011 Hewlett-Packard Development Company, L.P. The information contained
More informationLOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE As part of the Tripwire VIA platform, Tripwire Log Center offers out-of-the-box integration with Tripwire Enterprise to offer visibility
More informationTesting the Security of your Applications
Home Safeguarding Business Critical Testing the of your Applications Safeguarding business critical systems and applications 2 Safeguarding business critical systems and applications Organizations are
More informationALERT LOGIC FOR HIPAA COMPLIANCE
SOLUTION OVERVIEW: ALERT LOGIC FOR HIPAA COMPLIANCE AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE Alert Logic provides organizations with the most advanced and cost-effective means to secure their healthcare
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationInformation & Asset Protection with SIEM and DLP
Information & Asset Protection with SIEM and DLP Keeping the Good Stuff in and the Bad Stuff Out Professional Services: Doug Crich Practice Leader Infrastructure Protection Solutions What s driving the
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationLOG INTELLIGENCE FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF uugiven today s environment of sophisticated security threats, big data security intelligence solutions and regulatory compliance demands, the need for a log intelligence solution has become
More informationIT Security & Compliance. On Time. On Budget. On Demand.
IT Security & Compliance On Time. On Budget. On Demand. IT Security & Compliance Delivered as a Service For businesses today, managing IT security risk and meeting compliance requirements is paramount
More informationSplunk Company Overview
Copyright 2015 Splunk Inc. Splunk Company Overview Name Title Safe Harbor Statement During the course of this presentation, we may make forward looking statements regarding future events or the expected
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationBy John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION
THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationUnified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice Introduction There are numerous statistics published by security vendors, Government
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationSourceFireNext-Generation IPS
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture
More informationThe Benefits of an Integrated Approach to Security in the Cloud
The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More information10 Things Every Web Application Firewall Should Provide Share this ebook
The Future of Web Security 10 Things Every Web Application Firewall Should Provide Contents THE FUTURE OF WEB SECURITY EBOOK SECTION 1: The Future of Web Security SECTION 2: Why Traditional Network Security
More informationFortify. Securing Your Entire Software Portfolio
Fortify 360 Securing Your Entire Software Portfolio Fortify Fortify s holistic approach to application security truly safeguards our enterprise against today s ever-changing security threats. Craig Schumard,
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationCenzic Product Guide. Cloud, Mobile and Web Application Security
Cloud, Mobile and Web Application Security Table of Contents Cenzic Enterprise...3 Cenzic Desktop...3 Cenzic Managed Cloud...3 Cenzic Cloud...3 Cenzic Hybrid...3 Cenzic Mobile...4 Technology...4 Continuous
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationDEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER
DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target
More informationQRadar SIEM and FireEye MPS Integration
QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationIMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY MONITORING
IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY How runtime application security monitoring helps enterprises make smarter decisions on remediation 2 ABSTRACT Enterprises today
More informationEnd-to-End Application Security from the Cloud
Datasheet Website Security End-to-End Application Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationSymantec Cyber Security Services: DeepSight Intelligence
Symantec Cyber Security Services: DeepSight Intelligence Actionable intelligence to get ahead of emerging threats Overview: Security Intelligence Companies face a rapidly evolving threat environment with
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationTrend Micro. Advanced Security Built for the Cloud
datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers
More informationManaging Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform
Managing Privileged Identities in the Cloud How Privileged Identity Management Evolved to a Service Platform Managing Privileged Identities in the Cloud Contents Overview...3 Management Issues...3 Real-World
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationDEMONSTRATING THE ROI FOR SIEM
DEMONSTRATING THE ROI FOR SIEM Tales from the Trenches HP Enterprise Security Business Whitepaper Introduction Security professionals sometimes struggle to demonstrate the return on investment for new
More informationWildFire. Preparing for Modern Network Attacks
WildFire WildFire automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends
More informationClose the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle
Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not
More informationRational AppScan & Ounce Products
IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168
More informationProtect the data that drives our customers business. Data Security. Imperva s mission is simple:
The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent
More informationSecuring Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group
Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability
More informationZak Khan Director, Advanced Cyber Defence
Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts
More information