Sikkerhed i infrastrukturen. Christian Heinel Country Lead, Security Cisco Denmark
|
|
- Barbra Lester
- 7 years ago
- Views:
Transcription
1
2 Sikkerhed i infrastrukturen Christian Heinel Country Lead, Security Cisco Denmark
3 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
4 The Pervasiveness of Malicious Traffic High-Threat Malware Government and Military Hijacked Infrastructure Sites without Content Suspect FTP Suspect VPN Education via Threat(s) Pornography Connections to domains that are known malware threat sites or threat vectors. Suspicious and excessive traffic going to places not typically contacted by the public. Connections to known hijacked infrastructure or compromised sites. Connections to blank sites that may have code on them to inject malware into systems. Unexpected connections to irregular FTP sites. Connections from within an organization to suspicious VPN sites. Connections to universities in suspicious places, potentially serving as pivot points for other kinds of malware. Very high volume of attempts to connect to known pornography sites. 100% 100% 96% 92% 88% 79% 71% 50% 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
5 How well do you detect a breach? 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
6 Our Security Perspective 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
7 The Problem is Threats 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
8 If you knew that you would be compromised in 2014 would you do security differently? 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
9 The New Security Model Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Network Endpoint Mobile Virtual Cloud Point in time Continuous 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
10 Mapping Technologies to the Model Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall Patch Mgmt IPS IDS AMD App Control Vuln Mgmt Anti-Virus FPC Log Mgmt VPN IAM/NAC /Web Forensics SIEM Visibility and Context 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
11 Any Device to Any Cloud PUBLIC CLOUD HYBRID CLOUD PRIVATE CLOUD 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
12 The Internet of Everything 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
13 Threats are evolving Industry Response Antivirus (Host-Based) IDS/IPS Reputation (Global) (Network Perimeter) and Sandboxing AI and Analytics (Cloud) Worms Spyware and Rootkits APTs Cyberware Increased Attack Surface Tomorrow 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
14 Addressing the Entire Attack Continuum
15 Addressing the Entire Continuum Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall VPN NGIPS Advanced Malware Protection NGFW UTM Web Security Network Behavior Analysis NAC + Identity Services Security Visibility and Context 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
16
17 Cisco Identity Services Engine (ISE) Delivering the Visibility and Control for Secure Network Access Network Who Partner Context Data What Where When Cisco ISE Consistent Secure Access Policy How
18 ISE Integration ASA integration: CoA, TrustSec, Posture, AnyConnect CyberThreat Defense Integration MDM integration SIEM integration
19 Mobile Device Management Security Information and Event Management (SIEM) and Threat Defense ISE 1.2 BDM 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
20 30B WEB REQUESTS 100 TB DATA RECEIVED PER DAY 150M DEPLOYED ENDPOINTS 1.6M DEPLOYED DEVICES 35% WORLDWIDE TRAFFIC
21
22 Addressing the Entire Continuum Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall VPN NGIPS Advanced Malware Protection NGFW UTM Web Security Network Behavior Analysis NAC + Identity Services Security Visibility and Context 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
23 Better Together PSOSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 23
24 Leveraging A Powerful Community PSOSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 24
25 Leadership The Path Up and Right Sourcefire has been a leader in the Gartner Magic Quadrant for IPS since As of December 2013 Source: Gartner (December 2013) 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
26 Sourcefire s Security Solutions NEXT- GENERATION FIREWALL Management Center APPLIANCES VIRTUAL NEXT- GENERATION INTRUSION PREVENTION CONTEXTUAL AWARENESS ADVANCED MALWARE PROTECTION HOSTS VIRTUAL MOBILE COLLECTIVE SECURITY INTELLIGENCE APPLIANCES VIRTUAL 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
27 FireSIGHT Full Stack Visibility CATEGORIES EXAMPLES SOURCEFIRE FireSIGHT TYPICAL IPS Threats Attacks, Anomalies Users AD, LDAP, POP3 Web Applications Facebook Chat, Ebay Application Protocols HTTP, SMTP, SSH File Transfers PDF, Office, EXE, JAR Malware Conficker, Flame Command & Control Servers C&C Security Intelligence Client Applications Firefox, IE6, BitTorrent Network Servers Apache 2.3.1, IIS4 Operating Systems Windows, Linux Routers & Switches Cisco, Nortel, Wireless Mobile Devices iphone, Android, Jail Printers HP, Xerox, Canon VoIP Phones Avaya, Polycom Virtual Machines VMware, Xen, RHEV Information Superiority Contextual Awareness TYPICAL NGFW 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
28 AMP Everywhere! Advanced Malware Protection
29 Addressing the Entire Continuum Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall VPN NGIPS Advanced Malware Protection NGFW UTM Web Security Network Behavior Analysis NAC + Identity Services Security Visibility and Context 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
30 NSS report from a few weeks ago 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
31 Cisco Advanced Malware Protection Built on unmatched collective security intelligence Cisco Sourcefire SIO VRT Cisco Collective (Vulnerability Research Team) Security Intelligence WWW Endpoints Web Networks IPS Devices 180,000+ File Samples per Day FireAMP Community 1.6 million global sensors 100 TB of data received per day 150 million+ deployed endpoints 600+ engineers, technicians, and researchers 35% worldwide traffic 13 billion web requests 24x7x365 operations 40+ languages Advanced Microsoft and Industry Disclosures Snort and ClamAV Open Source Communities Honeypots Sourcefire AEGIS Program Private and Public Threat Feeds Dynamic Analysis 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
32 Beyond the Event Horizon Analysis Stops Addresses limitations of point-in-time detection Point- in-?me Detec?on An?virus Sandboxing Ini?al Disposi?on = Clean Not 100% Sleep Techniques Unknown Protocols Encryption Polymorphism Actual Disposi?on = Bad = Too Late!! Blind to scope of compromise Retrospec?ve Detec?on, Analysis Con?nues Con?nuous Turns back 5me Visibility and Control are Key Ini?al Disposi?on = Clean Actual Disposi?on = Bad = Blocked 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
33 Cisco Advanced Malware Protection delivers Point in Time Protection Retrospective Security File Reputation & Sandboxing Continuous Analysis 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
34 Delivers the first line of detection All detection is less than 100% One-to-One Signature Fuzzy Finger-printing Machine Learning Advanced Analytics Dynamic Analysis Reputation Filtering and File Sandboxing 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
35 That continues to analyze what happens along the attack continuum Breadth and Control points: WWW Endpoints Web Network IPS Devices Advanced levels of detection, tracking and response Telemetry Stream File Fingerprint and Metadata File and Network I/O Retrospection Process Information Continuous feed Retrospective Detection Behavioral Indications of Compromise Trajectory Threat Hunting Continuous analysis 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
36 Giving you the assurance and visibility to know exactly where to start Who What Where When How Focus on these users first These applications are affected The breach impacted these areas This is the scope of exposure over time Here is the origin and progression of the threat 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
37 There are several ways you can deploy AMP Cisco Advanced Malware Protection Deployment Options and Web Network Appliance Endpoint Method License with ESA or WSA Snap into your network Install on endpoints Ideal for New or existing Cisco or Web Security customers IPS/NGFW customers Windows, Mac, Android, VMs 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
38 Addressing the Entire Continuum Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall VPN NGIPS Advanced Malware Protection NGFW UTM Web Security Network Behavior Analysis NAC + Identity Services Security Visibility and Context 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
39 Cognitive Threat Analytics
40 Cisco Cloud Web Security Security Across all of the Attach Continuum BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Web Reputation Malware Signature File Retrospection AMP Usage Controls Outbreak Intel. Threat Analytics CTA Application Controls File Rep / Sandbox AMP Active Reporting CTA 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
41 CWS Premium Threats Tab CWS C Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
42 Flexible Deployment Options On and Off Premise On-premises Cloud Deployment Options Cloud Connectors/ Redirects Router Firewall Appliance Roaming Client Options Implicit Explicit C Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
43 Cisco Cloud Web Security Advanced Threat Defense Additional Point-in-time Protection Retrospective Security & Continuous Analysis Advanced Malware Protection (AMP) File Reputation & Sandboxing AMP File Rep. Retrospection Cognitive Threat Analytics (CTA) 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
44 Cognitive Threat Analytics Analyzing Network Traffic Behaviors Behavioral Analysis Reduced time to discovery Active, continuous monitoring to stop the spread of an attack Normal or not? Spots symptoms of infection using behavioral anomaly detection algorithms and trust modeling THREAT Security that evolves Uses machine learning to learn from what it sees and adapt over time Anomaly Detection Machine Learning No more rule sets Discovers threats on its own just turn it on CTA is a cloud-based solution that reduces time to discover threats operating inside the network 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
45 Cognitive Threat Analytics Example Detection Categories Generated Domains Files with Multiple Extensions Data Transfer via URL MALWARE BEHAVIOR Data Transfer via URL params WPAD misuse Nonbrowser Traffic 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
46 Cognitive Threat Analytics Layered Detection Engine Detection Filtering Classification / Layer 1 Classification / Layer 2 Data Agent 1 Agent 2 Agent 3. Agent N Trust Modeling Layer WPAD Generated Domain. Data Exfiltration Malware 1 Malware 2. Malware N Incidents Individual Detectors Correlation & Memory Unsupervised Learning Supervised Learning Anomalous Malicious Malware 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
47 CTA / Active Threats Report Unique detections Discovering new threats & Customized C&C channels Using AI, ML, big data, we are discovering New Frontiers of Security Intelligence 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
48 CALL TO ACTION visit the booths and demos 1. Cyber Threat Defense 2. SourceFire 3. Next Gen Firewall 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
49 CWS Premium Threats Tab Incident Overview CWS Incidents in time List of incidents with details C Cisco and/or its affiliates. All rights reserved. Priority Probability Incident type Identity IP reputation Malware activity Time Stamp Feedback Cisco Confidential 49
50 CWS Premium Threats Tab Attacker s behavior CWS Incident information summary Attackers behavior representation C Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
51 CWS Premium Threats Tab Attacker s technique CWS Details of the malicious requests of Data Transfer Through URL To Raw IP activity C Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
52 CWS Premium Threats Tab File Retrospective Incident generated by File Retrospective CWS Incident generated Feb 10th - 2 Days File Retrospection File downloaded by the user on Feb 8th C Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
53
Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016
Cisco Advanced Malware Protection Ross Shehov Security Virtual Systems Engineer March 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious
More informationSourceFireNext-Generation IPS
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture
More informationCisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi 13-10-2015
#TIGcyberSec Cisco Security: Moving to Security Everywhere Stefano Volpi 13-10-2015 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco is All In with Security I expect security
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationCisco and Sourcefire. AGILE SECURITY : Security for the Real World. Stefano Volpi
Cisco and Sourcefire AGILE SECURITY : Security for the Real World Stefano Volpi SOURCEfire Worldwide John Chambers statement Security is the TOP issue for Cisco and many of the CIO s in the industry. We
More informationThreat-Centric Security Solutions. György Ács Security Consulting Systems Engineer 3 rd November 2015
Threat-Centric Security Solutions György Ács Security Consulting Systems Engineer 3 rd November 2015 The Problem is Threats About Angler Exploit Kit http://www.networkworld.com/article/2989827/security/cisco-disrupts-60m-ransomware-biz.html
More informationProtection Against Advanced Persistent Threats
Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationBEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR
BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR The IndustrializaBon of Hacking SophisEcated AFacks, Complex Landscape Hacking Becomes an Industry Phishing, Low
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationDeploying Next Generation Firewall with ASA and Firepower services
Deploying Next Generation Firewall with ASA and Firepower services Dragan Novaković Security Consulting Systems Engineer March 2015. Threat Landscape Demands more than Application Control 60% of data is
More informationCyb T er h Threat D f e ense S l o uti tion Moritz Wenz, Lancope 1
C b Th Cyber Threatt Defense D f S Solution l ti Moritz Wenz, Lancope 1 The Threat Landscape is evolving Enterprise Response Antivirus (Host-Based) IDS/IPS (Network Perimeter) Reputation (Global) and Sandboxing
More informationCisco Cybersecurity Pocket Guide 2015
Cisco Cybersecurity Pocket Guide 2015 Why Security Security investment: A top priority Security: A critical boardroom topic Why Security? Security Investment: A Top Priority Figure 1 How Enterprises View
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationCisco Security Strategy Update Integrated Threat Defense. Oct 28, 2015
Cisco Security Strategy Update Integrated Threat Defense Oct 28, 2015 Breaches are the New Normal FDA Wards of Security Flaw in Infusion Pump Cisco Confidential Cisco s Covers the Threat-Centric Entire
More informationBelgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve
Belgacom Security Convention Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve Belgacom Security Convention The new, continuous security model Hans De Raeve Product Manager Belgacom Sean Newman Product
More informationWhy Use Big Data for a Security Service?
Using Big Data for Good Advanced Malware Protection as a Cloud Service Gary Spiteri Security Engineer 17 July 2012 Why Use Big Data for a Security Service? Because the traditional way is broken Industry
More informationNetwork as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats
Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats Dragan Novaković Consulting Systems Engineer Security November 2015. New Networks Mean New Security Challenges
More informationCisco Web Security: Protection, Control, and Value
Cisco Web Security: Protection, Control, and Value Benefits Strong protection: Protects every device through a sophisticated global threat-intelligence infrastructure, which includes Cisco Talos Security
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More information聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問
聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 主 講 人 : 廖 國 宏 Jerry Liao 職 稱 : 技 術 顧 問 Each attack instance can be slightly different 攻 擊 模 式 有 些 微 的 不 同 Domains are rotated in days, even hours 攻 擊 主 機 位 置
More informationCisco Cloud Web Security
Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that
More informationCisco Email Security: Layered Protection from Blended Threats
Cisco Email Security: Layered Protection from Blended Threats Benefits Faster, more comprehensive email protection, often hours or days ahead of the competition The largest network of threat intelligence
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationCisco Cloud Web Security Datasheet
Cisco Cloud Web Security Datasheet October 2014 Table of Contents Table of Contents... 1 Overview... 2 Features and Benefits by License... 3 CWS Essentials License... 3 CWS Premium... 4 Advanced Threat
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More informationCisco ASA und FirePOWER Services
Cisco ASA und FirePOWER Services 1 Die Abwehr von Bedrohungen ist ein Prozess Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall/VPN Applikations-Kontrolle
More informationIntelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real World Ali Fuat TÜRKAY aturkay@cisco.com 0 532 677 4080 Ali Fuat Türkay: Security Sales Fuat Kılıç: Consulting System Engineer Hakan Tağmaç: Emerging Markets SE Manager
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationFive Steps For Securing The Data Center: Why Traditional Security May Not Work
White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center
More informationAddressing Advanced Web Threats. Addressing Advanced Web Threats: Protect Your Data and Brand
Addressing Advanced Web Threats: Protect Your Data and Brand What You Will Learn From collaboration to communication to data access, the web is a mission-critical business tool. Enterprises rely on the
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationCisco ASA with FirePOWER Services. October 2014
Cisco ASA with FirePOWER Services October 2014 What We Are Announcing September 16, 2014 Industry s First Threat-Focused NGFW Proven Cisco ASA firewalling + Industry leading NGIPS and AMP Cisco ASA with
More informationCisco RSA Announcement Update
Cisco RSA Announcement Update May 7, 2009 Presented by: WWT and Cisco Agenda Cisco RSA Conference Announcements Collaborate with Confidence Overview Cisco s Security Technology Differentiation Review of
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationComstor Security Initiative. Comstor Security Initiative
Comstor Comstor Work in partnership with Comstor and Cisco to unlock the potential of Cyber security Cyber security is projected to be a $170 billion market by 2020. There are 10 billion connected sensors
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More informationAnalyzing HTTP/HTTPS Traffic Logs
Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationSophos Ltd. All rights reserved.
Sophos Ltd. All rights reserved. 1 Sophos Approach to Unified Security Integrated Security for Be9er Protec;on James Burchell & Greg Iddon, Sales Engineers UK&I, Technology Services What we re going to
More informationDelivering Control with Context Across the Extended Network
Delivering Control with Context Across the Extended Network Agenda Current Challenges Cisco ISE Overview Introducing Cisco pxgrid Customer Success Stories Only Cisco ISE Delivers 2013-2014 Cisco and/or
More informationSourcefire Next-Generation IPS
Sourcefire Next-Generation IPS Key NGIPS Capabilities Snort IPS detection engine Network intelligence Impact assessment User identification Automated policy tuning Network behavior analysis Packet-level
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More informationFROM PRODUCT TO PLATFORM
FROM PRODUCT TO PLATFORM DATA EQUIPMENT 2016 Mikkel Bossen Agenda Today s Challenges Data Growth, SSL encryption, Application Growth & SaaS What s hiding in under the surface? Legacy Security is that really
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationIntelligent Cybersecurity for the Real World. Cisco Cybersecurity Pocket Guide
Intelligent Cybersecurity for the Real World Cisco Cybersecurity Pocket Guide EMEA 2015 Content What an Opportunity! Security Investment is a Top Priority Why Cisco? Cisco is the Leading Security Company
More informationThe Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud
The Advanced Attack Challenge Creating a Government Private Threat Intelligence Cloud The Advanced Attack Challenge One of the most prominent and advanced threats to government networks is advanced delivery
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationHow Attackers are Targeting Your Mobile Devices. Wade Williamson
How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best
More informationProtecting the Infrastructure: Symantec Web Gateway
Protecting the Infrastructure: Symantec Web Gateway 1 Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationJUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM
JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM May 2015 Nguyễn Tiến Đức ASEAN Security Specialist Agenda Modern Malware: State of the Industry Dynamic Threat Intelligence on the Firewall
More informationUser Documentation Web Traffic Security. University of Stavanger
User Documentation Web Traffic Security University of Stavanger Table of content User Documentation... 1 Web Traffic Security... 1 University of Stavanger... 1 UiS Web Traffic Security... 3 Background...
More informationCybersecurity Before - During - After An Integrated Security Strategy
Cybersecurity Before - During - After An Integrated Security Strategy Peter Romness Business Development Manager Public SectorCybersecurity Cisco Systems Inc. 1 Mobility Cloud Threat IOT Consumercentric
More informationHow Lastline Has Better Breach Detection Capabilities. By David Strom December 2014 david@strom.com
How Lastline Has Better Breach Detection Capabilities By David Strom December 2014 david@strom.com The Internet is a nasty place, and getting nastier. Current breach detection products using traditional
More informationNGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age
NGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age Dynamic Threat Protection for Enterprise Edge and Data Center Rasmus Andersen Lead Security Sales Specialist
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationSECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION
SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION How ThreatBLADES add real-time threat scanning and alerting to the Analytics Platform INTRODUCTION: analytics solutions have become an essential weapon
More informationAdaptive IPS Security in a changing world. Dave Venman Security Engineer, UK & Ireland
Adaptive IPS Security in a changing world Dave Venman Security Engineer, UK & Ireland 2 Who Is Sourcefire? Mission: To help customers manage increasing risks and regulations by providing the most effective,
More informationAchieving SOX Compliance with Masergy Security Professional Services
Achieving SOX Compliance with Masergy Security Professional Services The Sarbanes-Oxley (SOX) Act, also known as the Public Company Accounting Reform and Investor Protection Act of 2002 (and commonly called
More informationENABLING FAST RESPONSES THREAT MONITORING
ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,
More informationSymantec Endpoint Protection 12.1.5 Datasheet
Symantec Endpoint Protection 12.1.5 Datasheet Data Sheet: Endpoint Security Overview Malware has evolved from large-scale massive attacks to include Targeted Attacks and Advanced Persistent Threats that
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationSonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity
SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationProduct Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd
Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd Symantec Endpoint Protection Product Roadmap 1 Safe Harbor Disclaimer Any information regarding pre-release Symantec offerings,
More informationThe Need for Intelligent Network Security: Adapting IPS for today s Threats
The Need for Intelligent Network Security: Adapting IPS for today s Threats James Tucker Security Engineer Sourcefire Nordics A Bit of History It started with passive IDS. Burglar alarm for the network
More informationCisco Cyber Threat Defense - Visibility and Network Prevention
White Paper Advanced Threat Detection: Gain Network Visibility and Stop Malware What You Will Learn The Cisco Cyber Threat Defense (CTD) solution brings visibility to all the points of your extended network,
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationSymantec Endpoint Protection 12.1.6
Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly
More informationNetDefend Firewall UTM Services
Product Highlights Intrusion Prevention System Dectects and prevents known and unknown attacks/ exploits/vulnerabilities, preventing outbreaks and keeping your network safe. Gateway Anti Virus Protection
More informationEndpoint Threat Detection without the Pain
WHITEPAPER Endpoint Threat Detection without the Pain Contents Motivated Adversaries, Too Many Alerts, Not Enough Actionable Information: Incident Response is Getting Harder... 1 A New Solution, with a
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More informationHunting for the Undefined Threat: Advanced Analytics & Visualization
SESSION ID: ANF-W04 Hunting for the Undefined Threat: Advanced Analytics & Visualization Joshua Stevens Enterprise Security Architect Hewlett-Packard Cyber Security Technology Office Defining the Hunt
More informationOVERVIEW. Enterprise Security Solutions
Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s
More informationStop advanced targeted attacks, identify high risk users and control Insider Threats
TRITON AP-EMAIL Stop advanced targeted attacks, identify high risk users and control Insider Threats From socially engineered lures to targeted phishing, most large cyberattacks begin with email. As these
More informationPalo Alto Networks. October 6
Palo Alto Networks October 6 Agenda Malware Trends by the numbers Protect Locally Share Globally Delivery methods 21.5% ~14% OF MALWARE HAS BEEN DELIVERED OVER APPS OTHER THAN WEB AND EMAIL IN 2015 8.2%
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationCisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats
Solution Overview Cisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats What You Will Learn The network security threat landscape is ever-evolving. But always
More informationSecurity Without Compromise: Context-Aware and Adaptive Next-Generation Firewalls
Fast Facts In 2012, 9 billion devices were connected to the Internet, and 50 billion are projected to be connected by 2020. Global data center traffic is expected to quadruple over the next five years,
More informationРешения HP по информационной безопасности
Решения HP по информационной безопасности Евгений Нечитайло ynechyta@hp.com Mobile: +380 67 464 0218 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationSourcefire Next-Generation IPS
Sourcefire Next-Generation IPS Sourcefire Next-Generation IPS sets a new standard for advanced threat protection, integrating real-time contextual awareness, intelligent security automation, and unprecedented
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationMitigating Web Threats with Comprehensive, Cloud-Delivered Web Security
White Paper Mitigating Web Threats with Comprehensive, Cloud-Delivered Web Security Overview For collaboration, communication, and data access, the web has become a mission-critical business tool. But
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationSimple security is better security Or: How complexity became the biggest security threat
Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components
More informationCONTINUOUS MONITORING THE MISSING PIECE TO SECURITY OPERATION (SOC) TODAY
CONTINUOUS MONITORING THE MISSING PIECE TO SECURITY OPERATION (SOC) TODAY MATTHIAS YEO Chief Technology Officer - APAC CISSP, CISA, CISM, PMP 1 OVER REACTING VS UNDER REACTING Reason for the world today
More informationCybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com
Cybercrime: evoluzione del malware e degli attacchi Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com About Palo Alto Networks We are the network security company World-class
More information