You ll learn about our roadmap across the Symantec and gateway security offerings.
|
|
- Lucinda Long
- 8 years ago
- Views:
Transcription
1 #SymVisionEmea
2 In this session you will hear how Symantec continues to focus our comprehensive security expertise, global intelligence and portfolio on giving organizations proactive, targeted attack protection today and in the future. You ll learn about our roadmap across the Symantec and gateway security offerings. We ll reveal our expanded vision of Targeted Attack Protection spanning , gateway and cloud platforms to provide far greater protection, a 100% detection rate and rapid remediation of both common and advanced threats. 2
3 #SymVisionEmea Gateway, cloud and targeted attacks Our vision, strategy and roadmap Patrick Gardner VP, Engineering Jane Wong Director, Product Management 3
4 The rise of targeted attacks 91% increase in targeted attack campaigns in 2013 vs 2012 ISTR 19 (Symantec, 2014) 4
5 Targeted attacks against organizations by size 5
6 Organizations are not stopping Targeted attacks 66% Breaches went undetected for 30 days or more 243 days before detection 4 months to remediate 6
7 The shift in mindset 7
8 The shift in mindset Threat Intelligence Data Loss Prevention - Discover Endpoint Protection Security Web Security Data Center Security Advanced Threat Protection Solution , Gateway, Endpoint Managed Security Services Advanced Threat Protection Solution , Gateway, Endpoint Managed Security Services Incident Response Services 8
9 Symantec Advanced Threat Protection Solution Products Advanced Threat Protection Solution Technologies Endpoint Security: Advanced Threat Protection Gateway Security: Threat Defense Security: Advanced Threat Protection New advanced threat detection and response capabilities unifying security across the endpoint, and gateway helping organizations achieve better protection and drive down security operations costs Detection: Better ability to identify targeted attack scope Visibility: Improved insight into events and trends Response: Increased logging of forensic information Context: Global context from the Symantec GIN Symantec Cynic New cloud based sandbox analysis Combines global threat analysis and behavioral analysis Symantec Synapse New correlation across endpoint, , & gateway Provides prioritization for incident responders 9
10 Protect, detect & respond Protect - identify new threat at any control point, real-time local block across all Detect discover new malware via Cynic, search all endpoints for similar behaviors (IOC s) Respond discover new spear-phish URL, immediately see who else got the , who clicked link, and infection status of their endpoint 10
11 Symantec Advanced Threat Technology 11
12 Rapid detection of malware - cynic Reports Portable Executables, PDF, Office docs, Acrobat, Java files, containers Draws out VM aware malware Mimics human interaction Cloud based service enables rapid scale, and fast updates to analysis Bare metal execution 12
13 Accurate prioritization of events - synapse Threat correlation across gateway, endpoint and enables effective prioritization High prioritization of assets to be remediated due to active infection Lower prioritization of threats already remediated at other control points 0-day threats identified over the network, but blocked at the endpoint, will be assigned a lower priority 13
14 Symantec Gateway Security: Threat defense 14
15 Threats to gateway security 2 ND Watering hole attacks are 2 nd only to Spear phishing 77% Websites have vulnerabilities 16% Of these are critical 23 Zero day exploits discovered in 2013 Unprotected % of Unmanaged Endpoints increases the complexity of the problem faced by Sec Ops today Source: Symantec Internet Security Threat Report volume 19 15
16 Symantec Gateway Security: Threat defense Network Traffic Internet Endpoints BLAC KLIST Real-time Inspection Blacklist Vantage Insight AV Mobile Insight SGSTD 1 On-box inspection with proven technologies. In-line = block; TAP-mode = inspect only 2 Asynchronous inspection of suspicious files sent to Cynic for analysis Symantec big data intelligence Symantec Cloud 3 Cynic assesses file behavior in multiple sandboxing VMs, up to and including bare metal execution for VM-aware malware and utilizes Skeptic and SONAR heuristics & Endpoint (ESS, SEPM) Synapse Correlation Cynic 4 Behaviors are put in global context against Symantec Intelligence Data and correlated to , endpoint events via Synapse Conviction, Actionable intelligence 5 Verdict and an actionable, richly detailed report on what Cynic observed is provided, prioritized contextually 16
17 Symantec Gateway Security: Threat defense futures Jack in Finance Enhanced visibility into all inspection events across control points to aid in forensic investigation, includes encrypted traffic view Enhanced ability to pinpoint the user under attack and create a profile of normal activity ; i.e. the CEO s administrative assistant versus a new hire to the finance department Additional options for malware analysis (i.e. on-site as a black box appliance, uploading of custom o/s images, etc.) Enhanced integration to the web gateway products to extend ATP capabilities 17
18 Symantec Security: Advanced Threat Protection 18
19 Threats to security 1 in 392 s are a phishing attack 1 in 196 s are a malware attack 25% of malware in is delivered via a link 66% of all worldwide is spam 91% Increase in targeted attacks in 2013 vs is top incursion vector for attacks Source: Symantec Internet Security Threat Report volume 19 Advanced Threat Protection by Symantec SYMANTEC VISION SYMPOSIUM
20 Symantec Security: Advanced Threat Protection Vision Detailed reporting on advanced malware blocked by Symantec, including targeted attacks Accurate prioritization of threat activity across control points via Synapse data correlation Detect new malware via Cynic sandboxing including virtual and physical execution Detailed behavioural reporting what was the malware trying to do? Gain campaign insights via Symantec threat actor intelligence 20
21 Symantec Security: Advanced Threat Protection V1: Enhanced visibility of advanced malware More detailed data, targeted attack visibility, threat categories and severity levels Details Date, time, timezone Domain of recipient Rcpt To Envelope Recipient RFC5321 To Header RFC5322 Source IP - sender IP address Geo-location of source Mail From Envelope Sender RFC5321 From Header RFC5322 Subject Line Malware Details Malware name Malicious URL or attachment file hash Detection method e.g. Skeptic, Link Following Targeted Attack Yes/No Why Symantec deems attack to be targeted (summary) Threat Category - Trojan, InfoStealer etc. Severity Level indicating threat sophistication Severity Levels HIGH Targeted Attack MEDIUM Zero-day or new malware LOW Blocked malware Advanced Threat Protection by Symantec SYMANTEC VISION SYMPOSIUM
22 Symantec Security: Advanced Threat Protection V1: Enhanced visibility of advanced malware Reduce response time and effort with data correlation SIEM integration API to pull down detailed data on malicious s that have been blocked by Security.cloud Mechanism Data Feeds are streamed on request through a URL HTTPS secures and encrypts the data, CSV format More detail 23 data points (vs. 9 in current Anti-Virus Detailed report) New data includes Targeted Attack analysis, Severity Level, Geolocation of attacker and SHA256 hashes Synapse integration Event correlation drives prioritization and supports response today, sets stage for automated protection in future releases Advanced Threat Protection by Symantec SYMANTEC VISION SYMPOSIUM
23 V2 FOCUS Symantec Security: Advanced Threat Protection Futures Better detection of new malware, via integration with Symantec Cynic sandboxing technology Detailed behavioral reporting what did Symantec observe the malware trying to do? Submit blocked samples for analysis Enhanced Synapse correlation data feed with additional data to further strengthen accuracy of event prioritization across control points Gain intelligence on adversaries and their modus operandi, via Symantec threat actor intelligence Advanced Threat Protection by Symantec SYMANTEC VISION SYMPOSIUM
24 Symantec Endpoint Security: Advanced Threat Protection 24
25 Symantec Endpoint Security: Advanced Threat Protection Automatic, continuous suspicious event prioritization Detect Accurately Analyze Quickly Respond with Confidence Automatically generates prioritized list of suspicious events Analyzes global and local context data to determine scope and severity. Optionally sends to Cynic for behavior reporting Convicts file and locally blacklists to immediately contain the attack. Endpoints send suspicious activity in real-time Machine-learning based algorithm (SEAA) applied to data Global intelligence benchmarking Cynic results Comprehensive body of evidence for SIEM integration Immediately prevents additional downloads Instructs SEPM to blacklist locally via policy Advanced Threat Protection by Symantec SYMANTEC VISION SYMPOSIUM
26 Suspicious event analytics algorithm Goal Provide high fidelity and automatically generated prioritized list of suspicious events Automates the job of finding suspicious events across your endpoints Informs you of attacks quicker and requires less effort How Machine learning based algorithm Developed in collaboration with STAR Validated against specific enterprise data sets as opposed to broad, global data from enterprises Requires Full visibility into all PE files created on the endpoint Full visibility into all AV and IP Ping data Full visibility into all SONAR submissions (1,400 behaviors) Deep integration with the SEP client 26
27 Symantec Advanced Threat Protection Solution 27
28 How we solve the problem. Protect, Detect, Respond Advanced Threat Solution Tell me about advanced threats faster and better than anyone else Elastic cloud technologies detect 0-day evasive threats through many techniques of code execution and analysis Visibility into threats targeting both managed and unmanaged clients Highlight the most important events so I can prioritize my time Give me actionable intelligence so that I can defend my organization Synapse-driven event prioritization across all Symantec control points Greater Symantec context gives you additional intelligence: URL sources, origin, files downloaded by that file, processes created, etc. Deep file analysis provides a full behavioral report which can be used for incident response 28
29 #SymVisionEmea Thank you! Copyright 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Advanced Threat Protection by Symantec 29
30 Enhance visibility of advanced malware ATP Add-on: Detailed Malware Report Threat Categories Worm Viruses (File Infector) Backdoor The ability to self-replicate from across a network. Threats that do not require host files or sectors and selfreplicate across disks (e.g., copying oneself to the floppy drive and from the floppy to the hard drive). The ability to self-replicate on the same host. Program or feature in a program that allows unauthorized remote control and access to the system on which it is installed without notice and consent. The program that controls (and often connects to) the backdoor can be considered a component of the backdoor even if it installs with notice and consent. InfoStealer Downloader Trojan Hacktool Contains functionality that is intended to collect confidential data from the target system without adequate notice and without receiving appropriate consent. Confidential data includes information that most people would not be willing to share with someone and includes bank details, credit card numbers, and passwords. Installs or causes other malware to be installed on the system. Program whose sole purpose is to download programs without adequate notice or consent. Without user consent, purposely modifies or deletes system components in such a way that the program effectively disrupts the host computer's functionality so that activities that would have been possible before it was installed would not be possible after install. This includes changes made to a system to prevent it from accessing other resources on a network or Internet. Programs whose primary purpose is to provide the means to exploit or subvert an operating system or third-party application with the purpose of gaining unauthorized access to or rendering a system unusable by an owner without his authorization. 30
31 Endpoint Enterprise Global Symantec Endpoint Security: Advanced Threat Protection Detect Accurately Cynic On-Demand GIN Analyze Quickly Delivered as an on-prem. VA. SES: ATP SEP Manager Respond with Confidence Why SES: ATP? SEP Client SEP Client SEP Client Deep endpoint integration leverages proprietary suspicious event data Automatic, continuous and high fidelity suspicious event prioritization using machine-learning based algorithm Quickly builds a comprehensive body of evidence so you can take action with confidence 31
Unified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationThe Symantec Approach to Defeating Advanced Threats
WHITE PAPER: THE SYMANTEC APPROACH TO DEFEATING ADVANCED........... THREATS............................. The Symantec Approach to Defeating Advanced Threats Who should read this paper For security practioners
More informationBetter Together: Microsoft Office 365 & Symantec Office 365
#SymVisionEmea #SymVisionEmea Better Together: Microsoft Office 365 & Symantec Office 365 & Symantec Mike Smart Product Marketing Information SECURITY David Moseley Product Marketing Information MANAGEMENT
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationCyber intelligence in an online world
Cyber intelligence in an online world James Hanlon CISM, CISSP, CMI Cyber Strategy & GTM, EMEA Cyber intelligence in an online world SYMANTEC VISION SYMPOSIUM 2014 2 Software and data powers the world
More informationBig Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data
Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Patrick Gardner VP Engineering Sourabh Satish Distinguished Engineer Symantec Vision 2014 - Big Data
More informationSecuring the endpoint and your data
#SymVisionEmea #SymVisionEmea Securing the endpoint and your data Piero DePaoli Sr. Director, Product Marketing Marcus Brownell Sr. Regional Product Manager Securing the Endpoint and Your Data 2 Safe harbor
More informationSPEAR PHISHING AN ENTRY POINT FOR APTS
SPEAR PHISHING AN ENTRY POINT FOR APTS threattracksecurity.com 2015 ThreatTrack, Inc. All rights reserved worldwide. INTRODUCTION A number of industry and vendor studies support the fact that spear phishing
More informationUnified Security. Stephen Trilling Senior Vice President of Product Management, Symantec
Unified Security Stephen Trilling Senior Vice President of Product Management, Symantec ENDPOINT SECURITY LOG Malware infection detected Network attack blocked Vulnerable software found Suspicious behavior
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationSymantec Enterprise Security: Strategy and Roadmap Galin Grozev
Symantec Enterprise Security: Strategy and Roadmap Galin Grozev Senior Technology Consultant Symantec Bulgaria Enterprise Threat Landscape Attackers Moving Faster Digital extortion on the rise Malware
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationSymantec Advanced Threat Protection: Network
Symantec Advanced Threat Protection: Network Data Sheet: Advanced Threat Protection The Problem Today s advanced attacks hide themselves on legitimate websites, leverage new and unknown vulnerabilities,
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationEnd to End Security do Endpoint ao Datacenter
do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:
More informationThreat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products
Threat Intelligence: The More You Know the Less Damage They Can Do Charles Kolodgy Research VP, Security Products IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 Agenda Evolving Threat Environment
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationAnalyzing HTTP/HTTPS Traffic Logs
Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that
More informationCheck Point: Sandblast Zero-Day protection
Check Point: Sandblast Zero-Day protection Federico Orlandi Itway Support Engineer 2015 Check Point Software Technologies Ltd. 1 Check Point Threat Prevention SandBlast IPS Antivirus SandBlast stops zero-day
More informationWildFire. Preparing for Modern Network Attacks
WildFire WildFire automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends
More informationSECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION
SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION How ThreatBLADES add real-time threat scanning and alerting to the Analytics Platform INTRODUCTION: analytics solutions have become an essential weapon
More informationCountering Insider Threats Jeremy Ho
Countering Insider Threats Jeremy Ho Strategic Sales Group (ASEAN) 1 CONFIDENTIAL Key Challenges Impacting Organization Today REGULATORY COMPLIANCE Rising Data Volumes Changing Requirements Prioritization
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationSecuring Office 365 with Symantec
January, 2016 Solution Overview: Enterprise Security Adoption of Microsoft Office 365, Google Apps, and other cloud-based productivity solutions is growing. Microsoft in its Ignite 2015 session claimed
More informationOn and off premises technologies Which is best for you?
On and off premises technologies Which is best for you? We don t mind what you buy, as long as it is YELLOW! Warren Sealey and Paul-Christian Garpe On Premises or in the cloud? 1 Agenda Why Symantec? Email
More informationHow Shared Security Intelligence Can Better Stop Targeted Attacks
How Shared Security Intelligence Can Better Stop Targeted Attacks SESSION ID: SPO3-T07 Piero DePaoli Senior Director Global Product Marketing Symantec Corporation Targeted Attacks are an Increasing Issue
More informationENABLING FAST RESPONSES THREAT MONITORING
ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,
More information#ITtrends #ITTRENDS SYMANTEC VISION 2012 1
#ITtrends 1 Strategies for Security and Management in a Mobile and Virtual World Anil Chakravarthy Senior Vice President, Enterprise Security Group 2 MASSIVE INCREASE IN SOPHISTICATED ATTACKS 403 million
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones
ISB13 Web security deployment options - which is really best for you? Duncan Mills, Piero DePaoli, Stuart Jones Web Security Deployment Options 1 1 The threat landscape 2 Why Symantec web security 3 Generic
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationContent-ID. Content-ID URLS THREATS DATA
Content-ID DATA CC # SSN Files THREATS Vulnerability Exploits Viruses Spyware Content-ID URLS Web Filtering Content-ID combines a real-time threat prevention engine with a comprehensive URL database and
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationGOING BEYOND BLOCKING AN ATTACK
Websense Executive Summary GOING BEYOND BLOCKING AN ATTACK WEBSENSE TRITON VERSION 7.7 Introduction We recently announced several new advanced malware and data theft protection capabilities in version
More informationINFORMATION PROTECTION
INFORMATION PROTECTION Johan Celis Principal Security Consultant Symantec Benelux SYMANTEC ENTERPRISE SECURITY STRATEGY Users Data Cyber Security Services Monitoring, Incident Response, Simulation, Adversary
More informationUnder the Hood of the IBM Threat Protection System
Under the Hood of the System The Nuts and Bolts of the Dynamic Attack Chain 1 Balazs Csendes IBM Security Intelligence Leader, CEE balazs.csendes@cz.ibm.com 1 You are an... IT Security Manager at a retailer
More informationSymantec Advanced Threat Protection: Network
Symantec Advanced Threat Protection: Network DR150218C April 2015 Miercom www.miercom.com Contents 1.0 Executive Summary... 3 2.0 Overview... 4 2.1 Products Tested... 4 2.2. Malware Samples... 5 3.0 How
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationSymantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape
WHITE PAPER: SYMANTEC GLOBAL INTELLIGENCE NETWORK 2.0.... ARCHITECTURE.................................... Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Who
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationSymantec Endpoint Protection 12.1.4
Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec
More informationSymantec Endpoint Protection 12.1.6
Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly
More informationFind the needle in the security haystack
Find the needle in the security haystack Gunnar Kristian Kopperud Principal Presales Consultant Security & Endpoint Management Technology Day Oslo 1 Find the needle in the security haystack Manually deep
More informationContent-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.
Content-ID Content-ID enables customers to apply policies to inspect and control content traversing the network. Malware & Vulnerability Research 0-day Malware and Exploits from WildFire Industry Collaboration
More informationAPPLICATION PROGRAMMING INTERFACE
DATA SHEET Advanced Threat Protection INTRODUCTION Customers can use Seculert s Application Programming Interface (API) to integrate their existing security devices and applications with Seculert. With
More informationThe webinar will begin shortly
The webinar will begin shortly An Introduction to Security Intelligence Presented by IBM Security Chris Ross Senior Security Specialist, IBM Security Agenda The Security Landscape An Introduction to Security
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationProduct Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd
Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd Symantec Endpoint Protection Product Roadmap 1 Safe Harbor Disclaimer Any information regarding pre-release Symantec offerings,
More informationSR B17. The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner
SR B17 The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner Director - Engineering, Global Intelligence Network Symantec Intelligence Group Agenda 1 2 3 5 Symantec Intelligence
More informationIBM Security X-Force Threat Intelligence
IBM Security X-Force Threat Intelligence Use dynamic IBM X-Force data with IBM Security QRadar to detect the latest Internet threats Highlights Automatically feed IBM X-Force data into IBM QRadar Security
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationSymantec Cyber Security Services: DeepSight Intelligence
Symantec Cyber Security Services: DeepSight Intelligence Actionable intelligence to get ahead of emerging threats Overview: Security Intelligence Companies face a rapidly evolving threat environment with
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More informationWildFire Overview. WildFire Administrator s Guide 1. Copyright 2007-2015 Palo Alto Networks
WildFire Overview WildFire provides detection and prevention of zero-day malware using a combination of malware sandboxing and signature-based detection and blocking of malware. WildFire extends the capabilities
More informationNiara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning
Niara Security Analytics Automatically detect attacks on the inside using machine learning Automatically detect attacks on the inside Supercharge analysts capabilities Enhance existing security investments
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationUP L13: Leveraging the full protection of SEP 12.1.x
UP L13: Leveraging the full protection of SEP 12.1.x Martial RICHARD Principal Field Enablement Manager Endpoint Security UP L13 1 Threat landscape (ISTR Vol.18 April 2013) http://www.symantec.com/threatreport/
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationSR B10: Improving Antispam Effectiveness and Protecting Against Threats with Submissions 2.0
SR B10: Improving Antispam Effectiveness and Protecting Against Threats with Submissions 2.0 Angelos Kottas, Sr. Manager, Product Management Amanda Grady, Sr. Product Manager SR B10: Submissions 2.0 1
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationSecurity Intelligence
IBM Security Security Intelligence Security for a New Era of Computing Erno Doorenspleet Consulting Security Executive 1 PARADIGM SHIFT in crime Sophistication is INCREASING Attacks are More Targeted Attackers
More informationFuture Threat Landscape - How will technology evolve and what does it mean for cyber security?
James Hanlon CISSP, CISM Security Strategist Office of the CTO EMEA Future Threat Landscape - How will technology evolve and what does it mean for cyber security? Think > What does the future of technology
More informationINCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationAll about Threat Central
All about Threat Central Ted Ross & Nadav Cohen #HPProtect Forward-looking statements This is a rolling (up to three year) Roadmap and is subject to change without notice. This document contains forward
More informationStreamlining Web and Email Security
How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationIncrease insight. Reduce risk. Feel confident.
Increase insight. Reduce risk. Feel confident. Define critical goals with enhanced visibility then enable security and compliance across your complex IT infrastructure. VIRTUALIZATION + CLOUD NETWORKING
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationIBM Security re-defines enterprise endpoint protection against advanced malware
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
More informationEndpoint Security More secure. Less complex. Less costs... More control.
Endpoint Security More secure. Less complex. Less costs... More control. Symantec Endpoint Security Today s complex threat landscape constantly shifts and changes to accomplish its ultimate goal to reap
More informationWhen less is more (Spear-Phishing and Other Methods to Steal Data) Alexander Raczyński
When less is more (Spear-Phishing and Other Methods to Steal Data) Alexander Raczyński 1 Agenda Spear-Fishing the new CEO Fear How to Fight Spear-Fishing It s All About the Data Evolution of the bad guys
More informationMcAfee Security Architectures for the Public Sector
White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationBreach Found. Did It Hurt?
ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many
More informationSymantec Endpoint Protection 12.1.2
Data Sheet: Endpoint Security Overview offers comprehensive defense against complex attacks for both physical and virtual environments. It integrates ten essential security technologies in a single, high
More informationFROM PRODUCT TO PLATFORM
FROM PRODUCT TO PLATFORM DATA EQUIPMENT 2016 Mikkel Bossen Agenda Today s Challenges Data Growth, SSL encryption, Application Growth & SaaS What s hiding in under the surface? Legacy Security is that really
More informationPublic, Private, Hybrid:
Public, Private, Hybrid: How to Use the Cloud for More Effective Security Symantec and Cloud Computing Ron Poserina, Director of Systems Engineering Agenda Our Perspective on Cloud Computing Why Cloud
More informationSymantec Protection Suite Add-On for Hosted Email and Web Security
Symantec Protection Suite Add-On for Hosted Email and Web Security Overview Your employees are exchanging information over email and the Web nearly every minute of every business day. These essential communication
More informationNiara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined
Niara Security Intelligence Threat Discovery and Incident Investigation Reimagined Niara enables Compromised user discovery Malicious insider discovery Threat hunting Incident investigation Overview In
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationOverview. Introduction. Conclusions WINE TRIAGE. Zero day analysis. Symantec Research Labs (SRL)
1 Overview Introduction WINE TRIAGE Zero day analysis Conclusions 2 5 locations: USA: Mountain View (CA), Culver City (CA), Herndon (VA) Europe: Dublin (IE), Sophia Antipolis(FR).. 4 thematic domains:
More informationFinding Email Security in the Cloud
WHITE PAPER: FINDING EMAIL SECURITY IN THE CLOUD Finding Email Security in the Cloud CONTENTS Introduction 3 I. Why Good Enough Security is Never Good Enough 3 Mind your security gaps 4 II. Symantec Email
More informationComprehensive Advanced Threat Defense
1 Comprehensive Advanced Threat Defense June 2014 PAGE 1 PAGE 1 1 INTRODUCTION The hot topic in the information security industry these days is Advanced Threat Defense (ATD). There are many definitions,
More informationSecuring OS Legacy Systems Alexander Rau
Securing OS Legacy Systems Alexander Rau National Information Security Strategist Sample Agenda 1 Today s IT Challenges 2 Popular OS End of Support & Challenges for IT 3 How to protect Legacy OS systems
More information