Microsoft Security Incident Response. Roberto Arbeláez Security Program Manager for LATAM Microsoft Corporation
|
|
- Roy Harrison
- 7 years ago
- Views:
Transcription
1 Microsoft Security Incident Response Roberto Arbeláez Security Program Manager for LATAM Microsoft Corporation
2 Agenda Microsoft Security Stakeholders Threat Landscape Security Response Security Intelligence Report Partnerships CSS Security Services Resources & Blogs
3 Microsoft Security Stakeholders Security Advisors & Leads MSRC MMPC CSS Security Security Advisors & Security Leads Lead Security and Privacy Initiatives Focused on Customers and Partners MSRC - Microsoft Security Response Center: End to End Ownership Of Protection of Microsoft Products from Vulnerabilities MMPC - Malware Protection Center: Antimalware Research and Response Capabilities Customer Service & Support Security: Customer Support, Education & Awareness, Voice of Customer
4 Evolving Threat Local Area Networks First PC virus Boot sector viruses Create notoriety or cause havoc Slow propagation 16-bit DOS 1986 Internet Era Macro viruses Script viruses Key loggers Create notoriety or cause havoc Faster propagation 32-bit Windows 1995 Broadband prevalent Spyware, Spam Phishing Botnets & Rootkits War Driving Financial motivation Internet wide impact 32-bit Windows 2000 Hyper jacking Peer to Peer Social engineering Application attacks Financial motivation Targeted attacks Network device attacks 64-bit Windows 2007+
5 Microsoft Malware Protection Global Response Focus on customers Local visibility Industry experts Microsoft partnership programs (MAPP, MSRA, VIA, MVI) Additional industry partnerships Broad Insight Microsoft Malicious Software Removal Tool Windows Defender Anti-Malware Technology Customer submissions Semi-annual Security Intelligence Report Customer Guidance MMPC portal Search/browse malware encyclopedia Top threat telemetry Submission tool Daily telemetry Alternative signature download location
6 World-Class Security Experience and dedication Monitoring and managing vulnerabilities 10 years and counting Providing guidance and education Expertise Vulnerability reporting Responding to security incidents Industry-leading Free malware support
7 Vulnerability Reporting Process nearly 150,000 s a year (411/ day) Vulnerabilities Sources secure@microsoft.com Direct Contact with MSRC Industry Security Events Honey-pots Security Community Partners Review Every Report 24-hour Service Level Agreement 7-day support All reports triaged by security specialist
8 Security Incident Response SSIRP Software Security Incident Response Plan Company-wide process to manage critical security threats Mobilizes Microsoft resources worldwide Goals: Gain quick and thorough understanding of problem Provide customers with timely, relevant, consistent information Deliver tools, security updates and other assistance to restore normal operation MSR MM PC Customer Service & Support C SSIR P Product Teams Corporate Protection Teams
9 Phases of an Incident Watch Default stage; ongoing Teams watching for possible incidents Alert & Mobiliz e Crisis leads alerted Incident triaged Global security response and support teams mobilized: Emergency Engineering Team Emergency Comms Team Assess Stabiliz e& Recove r Resolv e Assess situation and available technical information Conduct investigatio n Watch partners monitor signs of activity Plan of record established Product teams execute plan of record Internal & external comms prepared Insurance package may be released Appropriate solution is provided to customers, such as a security update, tool or fix Conduct internal process reviews and gather lessons learned
10 Releasing a Security Update Vulnerabilit y Reporting MSRC receives incoming vulnerability reports through: Secure@Microsoft.com Direct contact with MSRC Microsoft TechNet Security Site anonymous reporting Triagin g Assess the report and the possible impact on customers Understand the severity of the vulnerability Rate the vulnerability according to severity and likelihood of exploit, and assign it a priority MSRC responds to all reports: 24 hour response Service Level Agreement to finder Internal response can be immediate when required Investigatio n MSRC-Engineering Reproduce the Vulnerability Locate variants Investigate surrounding code and design Managing Finder Relationship Establish communications channel Quick response Regular updates Build the community Encourage responsible reporting Fix Validat MSRC Engineering and Product Team: ion Test against reported issue Test against variants Conten t Security bulletin: Affected Creatio software/components Technical description n FAQs Acknowledgments Techni cal MSRC Engineering: Workarounds and guidan Mitigations SVRD Blog ce MAPP Detection Guidance Releas e Security bulletins second Tuesday of every month Coordinate all content and resources Information and guidance to customers Monitor customer issues and press Update Dev Tools and Practices Update best practices Update testing tools Update development and design process
11 Major sections cover Software Vulnerability Disclosures Software Vulnerability Exploits Privacy and Security Breach Notifications Malicious Software and Potentially Unwanted Software , Spam and Phishing Threats Microsoft Security Intelligence Report
12 Malicious and Potentially Unwanted Software Global Infection The 25 locations with thecounts most computers cleaned by Microsoft anti-malware desktop products in 2H08 Country/Region United States Computers Cleaned in 2H08 13,245,712 Country/Region Computers Cleaned in 2H08 Netherlands 641,053 China 3,558,033 Russia 604,598 United Kingdom 2,225,016 Taiwan 466,929 France 1,815,639 Australia 464,707 Brazil 1,654,298 Japan 417,269 Spain 1,544,623 Poland 409,532 Korea 1,368,857 Portugal 337,313 Germany 1,209,461 Sweden 287,528 Italy 978,870 Belgium 267,401 Canada 916,263 Denmark 224,021 Mexico 915,605 Norway 203,952 Turkey 768,939 Colombia 164,986 Switzerland 163,156
13 Malicious And Potentially Unwanted Software Geographic trends by location Significant differences in threat patterns worldwide Threat categories worldwide and in the eight locations with the most infected computers, by incidence, among all computers cleaned by Microsoft desktop antimalware products, 2H
14 Malicious And Potentially Unwanted Software Infection rates by country/region in 2H08
15 Microsoft Malicious Software Removal Tool (MSRT) Helps remove specific, prevalent malicious software from computers Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, Windows XP, or Windows 2000 W2K will be out of support in July, 2010 and will no longer receive MSRT updates Updated monthly on 2nd Tuesday Currently targeting Rogue Anti-virus software families 450 million installs per month Country/Re Threat Count Machine Count gion US 8,750,628 2,183,166 China 1,085, ,378 Brazil 737, ,152 UK 1,078, ,207 Korea 601, ,539 France 412, ,566 Taiwan 236, ,283 Spain 328, ,264 Canada 433, ,885 Mexico 447, ,845
16 Enterprise and Home Computer Users Differing Patterns of Infection Patterns of infection follow patterns of usage Enterprise users encounter more worms, home users more trojans
17 Security Vulnerability Disclosures Microsoft vulnerability disclosures Microsoft vulnerability disclosures mirror the industry totals, though on a much smaller scale Vulnerability disclosures for Microsoft and non-microsoft products, 2H03-2H08 N o M n i
18 Strategic Partnerships Microsoft Security Response Alliance (MSRA) Internet Service Providers Governmen ts Security Researcher s Law Enforcement Educational Institutions Security SCP GIAI Experts & S Advocates LE Partnerships SAF Financial I Institutions M VI VI MVP Security A Vendors Build strong alliances with partners in the security response ecosystem
19 Strategic Partnerships Microsoft Security Response Alliance (MSRA) Governments Law Enforcement Internet Service Provider Share Financial Information Institutions ü Protect Educational Customers Institutions ü Security Alert on Critical Vendors & Most Issues Researchers Valuable Partners ü Build strong alliances with partners in the security response ecosystem
20 MSRA Partnerships Goals Ø Respond more efficiently and effectively to computer security incidents and to minimize the impact of attacks on users and critical IT infrastructure through cooperative communications and user education. Ø Enables global partners to share information to improve computer incident response processes and user outreach. Ø Combine resources to help improve safety by providing consistent and accurate security-critical information and actions. Ø Improve computer security incident response, better the computer threat and attack information sharing, and strengthen the outreach with critical segments Ø Ensure a secure and healthy computing ecosystem. Ø Provide security partners with information that helps best detect and remove malicious software from customer computers.
21 CSS Security Americ as EME A Indi a Japa n Kore APG a C Austral ia Ensure Microsoft Field Support and Key Partners, Internally and Externally are Prepared to Respond to any Security Event, Update, or Emergency Represent customers during security crises driving rapid and accurate information flow Assist MSRC with Bulletin Readiness / Handle Escalations / Deliver Post Release Reports on key issues and support volumes Manage Partner Programs, Provide support, Provide education and awareness 21
22 Microsoft Security Customer Support Help customers deploy security updates Help stop spread of malware Respond to Denial of Service (DoS) attacks and intrusions (hacking) Troubleshoot deployment issues on security updates Share information concerning exploits and Proof of Concept (PoC) code
23 Understanding the Severity Critic Impor Bulletin ratings assume a determined and skilled attacker al tant Mode rate Low Exploitability Index provides context {0750B9B3-6DE6-4C7F-AD42-A38824D0CF45} ctioning Exploit Code Unlikely nsistent Exploit 1- Consistent Code Likely Exploit Code Likely {10E2FDE1-FEE8-476D-A96B FD0574} {23892BC5-6E B13C-EECCBF519373}
24 Exploitability Index and Bulletin Severity ratings Provides customers with guidance on the likelihood of functional exploit code being developed Developed in response to customer requests for additional information to further evaluate risk Published as part of the monthly Microsoft security bulletin summary
25 Stay Connected / Stay Microsoft Security Slate Informed Provides a weekly review of key security articles and concerns from around the world Online Threat Information Sharing (OTIS) Free, Microsoft managed, information sharing forum uniting security professionals around the world to share security threat information Share information about new and existing security threats and vulnerabilities, along with best practices for securing environments Participate in an early warning system for new and spreading threats, malware, vulnerabilities, and exploits Requires a standard NDA with Microsoft
26 Microsoft free security support policy Free support for Security incidents Malware Security-bulletin related issues If you have a support contract with Microsoft, the support will still be free, but with the same SLAs your support contract provides! Obtain support here: support.microsoft.com/gp/contactenos/es-la
27 We Can HELP ü Determine if an attack or compromise ü ü ü ü ü occurred Determine the extent of the damage Help the customer recover from an attack Determine how the attack occurred (best effort) Determine how to prevent future attacks Determine how the customers machines can be made more secure
28 Microsoft Blogs MSRC Security Research & Defense (SRD) Team MMPC Team MSRC Ecosystem Strategy Microsoft Update Microsoft Privacy Team Windows Team Consolidated and Built in Language Translator with RSS Feed LATAM Security Blog
29 Resources Microsoft Security Web sites: and Sign up to receive notifications on security updates: Sign up for the Security Bulletin Web cast: RSS Feeds for Security Bulletins: Security Bulletins Search: Security Advisories: Security Guidance Center for Enterprises: Protect Your PC: Microsoft Security Response Center: Microsoft Malware Protection Portal:
30 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/ or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Microsoft Security Systemats
Investigate and Resolve Vulnerability Reports Staff public reporting alias Monitor security lists Single point of coordination and communications Microsoft Security Response Process Own and coordinate
More informationMicrosoft Update Management. Sam Youness Microsoft
Microsoft Update Management Sam Youness Microsoft Microsoft s Areas of Focus for ICS Risk Management Secure Development Device and Network Security Identity and Access Management Operational Response Get
More informationMicrosoft Security Intelligence Report volume 7 (January through June 2009)
Microsoft Security Intelligence Report volume 7 (January through June 2009) Key Findings Summary Volume 7 of the Microsoft Security Intelligence Report provides an in-depth perspective on malicious and
More informationAndrea Valboni National Technology Officer Public Sector Microsoft Italy
Andrea Valboni National Technology Officer Public Sector Microsoft Italy CRITIS Frascati, 15 Ottobre 2008 Evolving Security Threat Landscape Trustworthy Computing Vision Addressing Security Threats Public
More informationOperating System Security
Operating System Security Klaus Schütz Windows OS Security Microsoft Redmond Before I start My VP love(d) me A frustrated friend 1 Agenda Evolution of Threats Client vs. Server Security Operating System
More informationScott Charney Corporate Vice President, Trustworthy Computing Microsoft Corporation
Scott Charney Corporate Vice President, Trustworthy Computing Microsoft Corporation Social: Enabling a global village Economic: Easier, faster, cheaper commerce Political: Freer exchange of ideas Loss
More informationMicrosoft Security Intelligence Report
Microsoft Security Intelligence Report Volume 16 July through December, 2013 Key Findings Summary This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY,
More informationKevin Dean Technology Strategist Education Southeast Microsoft Corporation
Kevin Dean Technology Strategist Education Southeast Microsoft Corporation Security Exploits History The Threat landscape today Microsoft Security Development Lifecycle State of Security today Trends in
More informationUnderstanding Anti-Malware Research and Response at Microsoft. An introduction to the Malware Protection Center
Understanding Anti-Malware Research and Response at Microsoft An introduction to the Malware Protection Center Understanding Anti-Malware Research and Response at Microsoft An introduction to the Microsoft
More informationSymantec Advanced Threat Protection: Network
Symantec Advanced Threat Protection: Network DR150218C April 2015 Miercom www.miercom.com Contents 1.0 Executive Summary... 3 2.0 Overview... 4 2.1 Products Tested... 4 2.2. Malware Samples... 5 3.0 How
More informationProtection for Mac and Linux computers: genuine need or nice to have?
Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent
More informationTaking a Proactive Approach to Patch Management. B e s t P r a c t i c e s G u i d e
B e s t P r a c t i c e s G u i d e It s a fact of business today: because of the economy, most organizations are asking everyone, including the IT staff, to do more with less. But tight budgets and the
More informationEvaluating Microsoft s protection performance and capabilities
Evaluating Microsoft s protection performance and capabilities How the Microsoft Malware Protection Center evaluates its ability to keep customer computers secure. Evaluating Microsoft s protection performance
More informationCisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016
Cisco Advanced Malware Protection Ross Shehov Security Virtual Systems Engineer March 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious
More information2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
More informationHow we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)
How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz) Domain.Local DC Client DomainAdmin Attack Operator Advise Protect Detect Respond
More informationSpyware: Securing gateway and endpoint against data theft
Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation
More informationGlobal Support Services
Global Support Services Supporting your investment in Sophos Technical Support has the highest priority within Sophos. Our comprehensive support service delivers the full range of benefits you would expect
More informationMALWARE INFECTIONS IN PROTECTED SYSTEMS Research study of PandaLabs pandalabs.pandasecurity.com www.pandasecurity.com Pag. 2 Table of contents 1 Abstract 3 2 Introduction to the Research Study 4 3 Methodology
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationMicrosoft Security Response Center (MSRC) Microsoft Malware Protection Center (MMPC)
Security@Microsoft Trustworthy Computing (TwC) Programs supporting security outreach and engagement Microsoft Active Protections Program (MAPP), Government Security Program (GSP) (was SCP) Microsoft Security
More informationES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security
More informationGlobal Economic Briefing: Global Inflation
Global Economic Briefing: Global Inflation August 7, Dr. Edward Yardeni -97-7 eyardeni@ Debbie Johnson -- djohnson@ Mali Quintana -- aquintana@ Please visit our sites at www. blog. thinking outside the
More informationInformation & network security in the new threat landscape. Sarah Greenwood
Information & network security in the new threat landscape Sarah Greenwood Today s Discussion 6 The current threat landscape Security technology moving forward The role of policy makers 2 Symantec Global
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationIt s critical to be able to correlate threats pre-emptively and respond to them immediately.
Security has become a much deeper executive discussion because of the modern diversity of channels through which businesses can be attacked. Mobility, bring your own device, virtualisation, the cloud,
More informationWebsense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Express Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content
More informationProtecting the Infrastructure: Symantec Web Gateway
Protecting the Infrastructure: Symantec Web Gateway 1 Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options
More informationMicrosoft Security Intelligence Report Volume 13
Microsoft Security Intelligence Report Volume 13 Tim Rains Director, Trustworthy Computing, Microsoft Jeff Jones Director, Trustworthy Computing, Microsoft Session ID: DSP-R33 Session Classification: Intermediate
More informationDESIGN YOUR SECURITY. We build tailored, converged security for you. Technology. Strategy. People. The synergetic collaboration.
converged DESIGN Technology. Strategy. People. The synergetic collaboration. YOUR SECURITY agile Hackers sleep - we don t. We re ready whenever, wherever. We build tailored, converged security for you.
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationNetsweeper Whitepaper
Netsweeper Inc. Corporate Headquarters 104 Dawson Road Suite 100 Guelph, ON, Canada N1H 1A7 CANADA T: +1 (519) 826-5222 F: +1 (519) 826-5228 Netsweeper Whitepaper The Evolution of Web Security June 2010
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationInformation Security Incident Management Guidelines
Information Security Incident Management Guidelines INFORMATION TECHNOLOGY SECURITY SERVICES http://safecomputing.umich.edu Version #1.0, June 21, 2006 Copyright 2006 by The Regents of The University of
More informationORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT
2 OECD RECOMMENDATION OF THE COUNCIL ON THE PROTECTION OF CRITICAL INFORMATION INFRASTRUCTURES ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT The OECD is a unique forum where the governments of
More informationIBM Endpoint Manager for Core Protection
IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,
More informationMalware Trend Report, Q2 2014 April May June
Malware Trend Report, Q2 2014 April May June 5 August 2014 Copyright RedSocks B.V. 2014. All Rights Reserved. Table of Contents 1. Introduction... 3 2. Overview... 4 2.1. Collecting Malware... 5 2.2. Processing...
More informationMeng-Chow Kang, CISSP, CISA (ISC) 2 Asia Advisory Board. Chief Security Advisor Microsoft Greater China Region
Meng-Chow Kang, CISSP, CISA (ISC) 2 Asia Advisory Board Chief Security Advisor Microsoft Greater China Region Vulnerability Disclosure, Malware, and Potentially Unwanted Software Information challenges
More informationWebsense Messaging Security Solutions. Websense Email Security Websense Hosted Email Security Websense Hybrid Email Security
Websense Email Security Websense Hosted Email Security Websense Hybrid Email Security Websense Messaging Security Solutions The Websense Approach to Messaging Security Websense enables organizations to
More information2012 NORTON CYBERCRIME REPORT
2012 NORTON CYBERCRIME REPORT 2012 NORTON CYBERCRIME REPORT 24 COUNTRIES AUSTRALIA, BRAZIL, CANADA, CHINA, COLOMBIA, DENMARK, FRANCE, GERMANY, INDIA, ITALY, JAPAN, MEXICO, NETHERLANDS, NEW ZEALAND, POLAND,
More informationHow to easily clean an infected computer (Malware Removal Guide)
How to easily clean an infected computer (Malware Removal Guide) Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather
More informationUnited Kingdom Internet Security Threat Profile
Internet Security Threat Profile Worldwide Ranking.%.%.%.%.%.%.%.%.%.%.%.% Overall Average Spam Zombies Malicious Code Phishing Hosts Bots Network Copyright Symantec Corporation. All rights reserved. Symantec,
More informationWebsense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content even
More informationIBM Security X-Force Threat Intelligence
IBM Security X-Force Threat Intelligence Use dynamic IBM X-Force data with IBM Security QRadar to detect the latest Internet threats Highlights Automatically feed IBM X-Force data into IBM QRadar Security
More informationThomson Video Networks Contact Center Guide
Thomson Video Networks Contact Center Guide THOMSON VIDEO NETWORKS 6, rue du clos courtel, 35510 CESSON-SEVIGNE France Tel +33 299 285 000 Fax : +33 299 285 001 www.thomson-networks.com THOMSON VIDEO NETWORKS
More informationExploring the Landscape of Philippine Cybersecurity
Exploring the Landscape of Philippine Cybersecurity Understanding the Risk and Taking Appropriate Steps to Mitigate Cybersecurity Threats Freddy Tan, CISSP Chairperson, (ISC)² Board of Directors Copyright
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationPerformance 2016: Global Stock Markets
Performance 216: Global Stock Markets July 22, 216 Dr. Edward Yardeni 16-972-7683 eyardeni@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www. blog. thinking outside the box Table Of Contents
More informationCloud Based Secure Web Gateway
Cloud Based Secure Web Gateway DR160203 March 2016 Miercom www.miercom.com Contents Executive Summary... 3 Introduction... 4 Product Tested... 4 Test Focus... 4 How We Did It... 5 Test Bed Setup... 5 Test
More informationPerformance 2015: Global Stock Markets
Performance 21: Global Stock Markets November 12, 21 Dr. Edward Yardeni 16-972-7683 eyardeni@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www. blog. thinking outside the box Table Of
More informationWHITE PAPER. Understanding How File Size Affects Malware Detection
WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through
More informationData Center Security in a World Without Perimeters
www.iss.net Data Center Security in a World Without Perimeters September 19, 2006 Dave McGinnis Director of MSS Architecture Agenda Securing the Data Center What threats are we facing? What are the risks?
More informationBest Practices for a BYOD World
Face Today s Threats Head-On: Best Practices for a BYOD World Chris Vernon CISSP, VTSP Security Specialist Agenda Mobile Threats Overview 2013 State of Mobility Survey Canada BYOD Best Practices 2 Mobile
More informationMicrosoft IT Increases Security and Streamlines Antimalware Management by Using Microsoft Forefront Endpoint. Protection 2010.
Situation Microsoft IT had limited monitoring and reporting functionality with its existing antimalware system. Although the system could scan for malware, there was no reporting capability or configurable
More informationWindows Vista: Is it secure enough for business?
Windows Vista: Is it secure enough for business? Five years after the release of Windows XP, Microsoft s primary stated goal with Windows Vista has been to reduce security vulnerabilities and overall susceptibility
More informationClient Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs
1 Client Update NFA Adopts Interpretive Notice Regarding Information Systems Security Programs NEW YORK Byungkwon Lim blim@debevoise.com Gary E. Murphy gemurphy@debevoise.com Michael J. Decker mdecker@debevoise.com
More informationCA Anti-Virus r8.1. Benefits. Overview. CA Advantage
PRODUCT BRIEF: CA ANTI-VIRUS CA Anti-Virus r8.1 CA ANTI-VIRUS IS THE NEXT GENERATION IN COMPREHENSIVE ANTI-VIRUS SECURITY FOR BUSINESS PCS, SERVERS AND PDAS. IT COMBINES PROACTIVE PROTECTION AGAINST MALWARE
More informationAttack Intelligence Research Center Monthly Threat Report MalWeb Continues to Make Waves on Legitimate Sites
Attack Intelligence Research Center Monthly Threat Report MalWeb Continues to Make Waves on Legitimate Sites A l a d d i n. c o m / e S a f e Following up on some recent attacks, the AIRC team wanted to
More informationDesign Your Security
Design Your Security We build tailored, converged security for you. converged Technology. Strategy. People. The synergetic collaboration. agile Hackers sleep - we don t. We re ready whenever, wherever.
More informationCisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media
January 2012 Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 All contents are Copyright 1992 2012 Cisco Systems, Inc. All rights reserved. This document
More informationAttack Intelligence Research Center Monthly Threat Report MalWeb Evolution and Predictions
Attack Intelligence Research Center Monthly Threat Report MalWeb Evolution and Predictions A l a d d i n. c o m / e S a f e Overview Web security has been struggling for a long time with its own definition.
More informationSymantec enterprise security. Symantec Internet Security Threat Report April 2009. An important note about these statistics.
Symantec enterprise security Symantec Internet Security Threat Report April 00 Regional Data Sheet Latin America An important note about these statistics The statistics discussed in this document are based
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationEndpoint Security Management
Endpoint Security Management LANDESK SOLUTION BRIEF Protect against security threats, malicious attacks and configuration vulnerabilities through strong endpoint security control and maintenance. Protect
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationInstallation Guide. NOD32 Typical. Proactive protection against Viruses, Spyware, Worms, Trojans, Rootkits, Adware and Phishing
NOD32 Typical Installation Guide Version 2.7 Includes Windows Vista and 64-bit protection Proactive protection against Viruses, Spyware, Worms, Trojans, Rootkits, Adware and Phishing Best Detection Fastest
More informationUMHLABUYALINGANA MUNICIPALITY ANTIVIRUS MANAGEMENT POLICY
UMHLABUYALINGANA MUNICIPALITY ANTIVIRUS MANAGEMENT POLICY Antivirus Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator Recommended by Director
More informationTrends in Malware DRAFT OUTLINE. Wednesday, October 10, 12
Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,
More informationHow To Protect Your Endpoints From Attack
2012 Endpoint Security Best Practices Survey GLOBAL RESULTS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Top tier organizations fare better against attacks... 8 Finding 2: Top tier organizations
More informationDNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS
DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS December 2011 November saw DNS Poisoning, aka Pharming, making the headlines on more than one occasion: To name a few, the online threat
More informationTechnical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems
Symantec Endpoint Protection.cloud Employing cloud-based technologies to address security risks to endpoint systems White Paper: Endpoint Protection.cloud - Symantec Endpoint Protection.cloud Contents
More informationJune 2012. Palo Alto Networks 3300 Olcott Street Santa Clara, CA 94089 www.paloaltonetworks.com
The Application Usage and Risk Report An Analysis of End User Application Trends in the Enterprise Regional Findings Americas (Latin and South America, Canada, U.S.A.) Europe, Africa, Middle East Asia
More informationMicrosoft Dynamics CRM Online. Pricing & Licensing. Frequently Asked Questions
Microsoft Dynamics CRM Online Pricing & Licensing Frequently Asked Questions A frequently asked questions (FAQ) document on pricing & licensing for Microsoft Dynamics CRM Online. The document provides
More informationSupporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security
Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationSecurity Practices for Online Collaboration and Social Media
Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.
More informationEducation as a defense strategy. Jeannette Jarvis Group Program Manager PSS Security Microsoft
Education as a defense strategy Jeannette Jarvis Group Program Manager PSS Security Microsoft Introduction to End User Security Awareness End User Security Awareness Challenges Understanding End User
More informationCloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost
y Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost An Osterman Research White Paper Published January 2009 SPONSORED BY onsored by Phone: +1 877-21-TREND www.trendmicro.com/go/smartprotection
More informationUsing Windows Update for Windows XP
Using Windows Update for Windows XP Introduction This document provides instructions on updating Windows XP with the necessary patches. It is very important to update your operating system software in
More informationHow To Protect Your Network From Threats From Your Network (For A Mobile) And From Your Customers (For An Enterprise)
Plugging the Holes in Mobile Security: The Rising Threat Jennifer M. Pigg, VP of Research, Yankee Group Nick Wade, Group Product Manager, Symantec June 2011 Copyright 2011. Yankee Group Research, Inc.
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationPerformance 2013: Global Stock Markets
Performance 213: Global Stock Markets January 4, 214 Dr. Edward Yardeni 16-972-7683 eyardeni@ Mali Quintana 48-664-1333 aquintana@ Please visit our sites at www. blog. thinking outside the box Table Of
More informationData Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationESET SMART SECURITY 9
ESET SMART SECURITY 9 Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / XP Quick Start Guide Click here to download the most recent version of this document ESET Smart Security is all-in-one Internet security
More informationHope is not a strategy. Jérôme Bei
Hope is not a strategy Jérôme Bei Press Highlights Conficker hits German Government! 3000 Clients down! Datatheft at German Telekom: 17.000.000 Customer Records lost! About 1.000.000 pieces of Malware
More informationIncident Response Plan for PCI-DSS Compliance
Incident Response Plan for PCI-DSS Compliance City of Monroe, Georgia Information Technology Division Finance Department I. Policy The City of Monroe Information Technology Administrator is responsible
More informationGlobalSign Malware Monitoring
GLOBALSIGN WHITE PAPER GlobalSign Malware Monitoring Protecting your website from distributing hidden malware GLOBALSIGN WHITE PAPER www.globalsign.com CONTENTS Introduction... 2 Malware Monitoring...
More informationMcAfee Endpoint Protection for SMB. You grow your business. We keep it secure.
McAfee Endpoint Protection for SMB You grow your business. We keep it secure. Big Protection for Small to Medium-Sized Businesses With the Internet and connected devices now an integral part of your business,
More informationWindows XP Support stops on 8. April 2014
Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats 1 Windows XP Support stops on 8. April 2014 Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationManaged Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint?
Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Why? Focused on Managed Intrusion Security Superior-Architected Hardened Technology Security
More informationMaking Your Enterprise SSL Security Less of a Gamble
Making Your Enterprise SSL Security Less of a Gamble Rob Glickman Sr. Director, Product Marketing Amar Doshi Sr. Manager, Product Management Symantec Vision 2012 The VeriSign Seal is Now the Norton Secured
More informationTypes of cyber-attacks. And how to prevent them
Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual
More informationChristos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus
cdoulig at unipi dot gr Department of Informatics University of Piraeus Safety & Security in Cyber Space: Building up Trust in the EU Athens, 6-7 March 2014 Cybersecurity: where do we stand? Major Trends
More informationSybase Solutions for Healthcare Adapting to an Evolving Business and Regulatory Environment
Sybase Solutions for Healthcare Adapting to an Evolving Business and Regulatory Environment OVERVIEW Sybase Solutions for Healthcare Adapting to an Evolving Business and Regulatory Environment Rising medical
More informationSymantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses
A simple, effective and affordable solution designed for small businesses Overview Symantec Protection Suite Small Business Edition is a simple, affordable, security and backup solution. It is designed
More informationMicrosoft Security Essentials Reviewers Guide
Microsoft Security Essentials Reviewers Guide June 2009 For more information, press only: Rapid Response Team Waggener Edstrom Worldwide (503) 443-7070 rrt@waggeneredstrom.com Abstract This reviewers guide
More information