Making Client-side Java Secure with Bromium vsentry
|
|
- Claire Whitehead
- 7 years ago
- Views:
Transcription
1 Making Client-side Java Secure with Bromium vsentry
2 Making Client-side Java Secure Client-side Java has become somewhat of an IT pariah, primarily as a result of the growing list of Java vulnerabilities and updates which mushroomed over the last year. Apple and Google have advised users to disable browser plugins for Java and Microsoft FixIt blocks Java from Internet Explorer, to prevent drive-by attacks. Even the US Department of Homeland Security has warned users to disable client-side Java. While these responses are rational, they are only relevant in a consumer context, and few consumer websites today rely on Java. By contrast, enterprises are heavily dependent on Java, for both client and server applications. If you re in enterprise IT, you know Java is here to stay. The good news is that Java can be made completely secure. So you can continue to use existing enterprise applications, and not fear the consequences of a mistaken click by a user or a rogue attack by a compromised website. Why Do Malware Writers Target Java? Enterprise IT Pros know that they depend on client-side Java, and sometimes on specific versions of the Java Runtime Environment. A company might be targeted using Java based attacks from the web, because it has (or depends on having) an out-of-date version of the JRE on its PCs so that users can access enterprise applications, such as the Oracle ERP suite. But companies are just as dependent on other legacy applications, including old versions of browsers and.net, and on vulnerable versions of Windows. So why the concern about Java? Perhaps it is the fact that attackers always look for the weakest point in a target s defenses. The powerful features available to attackers within the JVM have withstood the best efforts of the security industry to find a good defense. Numerous efforts have been made to find a reliable way to detect malicious Java code with little success. Obfuscation, polymorphism, code injection, the list of techniques available to attackers to hide their intentions is large and seems to grows larger every month.
3 Java, like all complex application and OS software environments, is vulnerable because it offers a large attack surface. In addition to offering all of the key functions and services that any OS needs to offer a programmer, it presents a runtime environment that is consistent across all supported OS platforms, for both clients and servers. Java is therefore a perfect target for the malware writer: complex, and with many dependencies on third party components: the OSes and their UI frameworks, libraries, browsers, web servers (to distribute the applications) and of course the complex JVM runtime itself, which has to support floating point arithmetic and other complex functions. The problem becomes exacerbated if you consider non-oracle JVMs. In other words, managing the security of Java is not only an Oracle problem. Unfortunately, Java s many benefits have also made it a target because of its ubiquity and platform independence. It meets the economic needs of malware writers: One can target a massive number of deployed systems with one piece of malware, or single out a specific high value target with confidence because the JRE is the same on all supported platforms whether Windows, Mac, or Linux. A single compromise has and will continue to succeed across platforms. But apart from its ubiquity and current popularity with hackers, Java is not particularly more insecure than other commercial applications, nor is Oracle particularly remiss in its security methodology. All software is vulnerable. And if suddenly the JRE were perfectly secure, would this end the endpoint security woes we face? No. The vulnerable code base on PCs includes everything, from the OS, to apps and their plugins. As soon as Java has been patched sufficiently for a while, attackers will find other ways in. In other words, the problem isn t Java.
4 User Training Doesn t Solve the Problem Is the problem the You in User? Every one of us makes the occasional mistake, and IT Pros are no better at avoiding missteps than the general user base. Yes, training may reduce mistakes, but won t stop all mistakes. There are many documented failed attempts to train users not to click on seemingly unsafe links or files, and so we must assume that user training will never succeed since the attacker is always a step ahead of the trainer. So, (unpatched) Java, and un-trainable users are with us to stay. Endpoint Protection and OS Vendors Can t Help OS vendors can only distribute patches when new vulnerabilities emerge. That doesn t help to protect the end point from attack, and leaves enterprises vulnerable for months at a time. And Endpoint Protection vendors find themselves in a bind when it comes to Java. A Java applet is a binary program that may or may not be signed. While it is possible to restrict the JRE to running only signed applications, it is also possible for malware writers to steal code signing certificates to forge the authenticity of their code. Beyond this, traditional legacy Host-based Intrusion Prevention Systems (HIPS) can at best recognize a particular applet as malicious, but once it is running, they are cannot block or stop it, which is among the reasons Java is so effective for the attacker. Until now, the security industry has had nothing more useful to offer than advice on how to un-install, or update the Java plugin. Apple removed Java from Safari last October, and as previously mentioned, Microsoft FixIt now blocks Java from IE. For its part, Oracle has repeatedly promised to fix Java once and for all, and has embarked on a series of modifications to how Java applications work, to try to contain the problem. Nandi Ramani, who leads the software development team building the Java platform, wrote the following in a recent blog entitled Maintaining the security-worthiness of Java is Oracle s priority : In JDK 7.2, Oracle added enhanced security warnings before executing applets with an old Java runtime... In JDK 7.10, Oracle introduced a security slider configuration option,. Further, with the release of JDK 7.21, Oracle introduced the following:
5 1. With this update users can prevent the execution of any applets if they are not signed. 2. The default plug-in security settings were changed to further discourage the execution of unsigned or self-signed applets. This change is likely to impact most Java users, and Oracle urges organizations to sign [their] Applets 3. While Java provides the ability to check the validity of signed certificates the feature is not enabled by default because of a potential negative performance impact. In the interim, we have improved our static blacklisting to a dynamic blacklisting mechanism * * (underlines added by Bromium) Oracle s approach is rational, but does not address the root problem, namely the fact that we must assume that all software will always be vulnerable. Instead, the aforementioned approach: 1. Puts the onus on the user to do the right thing 2. Makes Java harder to use, and therefore complicates the user experience 3. Attempts to leverage black-listing for known malware to try to block new attacks an approach that has consistently failed in the anti-virus industry. Bromium vsentry Makes Java Secure Bromium vsentry eliminates security challenges from Java and other vulnerable software. It protects the endpoint from all untrustworthy content and applications while ensuring that users enjoy an unchanged native user experience. vsentry allows: Today s vulnerable applications & plugins (Flash, Java, Silverlight, Chrome, Firefox, IE, Word, Powerpoint, Excel, PDF, media etc) to run as intended by the vendor, New mobile-centric, cloud based applications for consumers or enterprises, to deliver a user experience that fully empowers the user, and Offers complete, hardware based security. Bromium vsentry uses hardware isolation to protect the system from all malware known and unknown. Every untrusted application or file is processed in an independently hardware-isolated micro-vm which will defeat any attack, by design. The attacker cannot gain access to enterprise networks or data, or persist an attack on the endpoint. Moreover,
6 the attack will be automatically discarded as soon as the user closes the task window (or the browser tab). No remediation. No change to the applications or to the end user experience. And if the endpoint is attacked, Bromium LAVA will provide live attack visualization, with complete forensic analysis - delivered instantly to the SOC. Bromium micro-virtualization is the only absolutely reliable way to defeat all advanced malware, including Java based attacks. The Microvisor hardware-isolates each untrusted user task within a micro-vm, using CPU features developed for virtualization. The Microvisor hardware isolates the execution of each task using Intel VT, protecting the OS and its file system, the network infrastructure, and all valuable data from malware. How does vsentry manage both enterprise Java applications and malware delivered via the web or untrusted documents? Each browser tab is opened in a separate micro-vm, which is a hardware-isolated runtime environment with highly restricted access to networks, files and the desktop environment. In the example below, a compromised micro-vm (in this example a FAKEAV anti-virus attack crafted in Java) is independently and separately isolated from all other tabs in the browser including the Oracle ERP application.
7 As the user types into the ERP application, all user input is directed solely to that task, and not to any other tasks on the desktop, including the FAKEAV browser tab. The attacker, whose Java based attack succeeded in the highly restricted environment of a micro-vm, has no access to the enterprise network, or to any enterprise data (the file system) or to the desktop as a whole, and therefore cannot persist his attack. As soon as the user closes the browser tab, the entire task will be discarded, naturally remediating the PC from the attack. The protection afforded by a micro-vm is so substantial that it malware would need to break the CPU in order to compromise the system. The entire code base of the microvisor and all code that could be exploited by malware in an attempt to escape the micro-vm containment, is O(100KLOC). And even if this code is compromised, the system is designed to fail safe untrustworthy tasks may not execute, but the user will still have full access to their IT provisioned LOB applications (including enterprise Java applications), and will have the full protection of traditional AV. By contrast, any failure to detect, on the part of AV, or any break out from the sandbox will cause complete system compromise. The Bromium architecture is designed assuming compromise. Conclusion Micro-virtualization allows Bromium vsentry to offer protection that is tens of thousands of times more resilient than any existing protection mechanism essentially making it too expensive for an attacker to attempt to compromise the endpoint. It leverages three key innovations: Hardware isolation: drastically reduces the code base required for isolation. To break out of its isolated task environment (a micro-vm), malware would need to
8 break the CPU s hardware isolation designed for virtualization: Intel VT - in effect breaking the CPU. Granular task isolation in micro-vms: Protects kernel and application computation at a granular level. Each independent Java application runs in its own separately isolated micro-vm, independent of all others. Each has a highly restricted environment that prevents access to enterprise networks or data, while still preserving an intuitive, native user experience. Micro-VM Introspection: affords insights that are not available to in-os detection methods, by taking advantage of the hypervisor s privileged role in the system. This permits live attack visualization and analysis without false positives, and provides a full kill-chain for forensic analysis, including signature generation for malware payloads. Bromium HQ Stevens Creek Blvd, Suite 150 Cupertino, CA info@bromium.com Bromium UK Ltd Lockton House 2nd Floor, Clarendon Road Cambridge CB2 8FH For more information refer to Contact Us: sales@bromium.com
Making Windows Secure by Design
Making Windows Secure by Design Bromium and Microsoft Partner to Advance Security With Micro-Virtualization Introduction Bromium has reinvented endpoint security by using a new approach to defeating breaches
More informationTrends in Zero-Day Kernel Exploits and Protection 2015
Trends in Zero-Day Kernel Exploits and Protection 2015 Overview of Key Protection Technologies and Their Limitations in Dealing With Zero-Day Kernel Attacks Executive Summary Legacy security solutions
More informationReport. Black Hat 2015: State of Security. Endpoint Risk Overshadows All Others
Black Hat 2015: State of Security Endpoint Risk Overshadows All Others Table of Contents Summary 3 Beginning With the Endpoint, the Greatest 3 Security Risk A Flash in the Pan? Security Professionals Pan
More informationThe Psychology of (In)Security
The Psychology of (In)Security Security Myths Create Risk Adversity to Change Executive Summary The most high-profile data breaches were at organizations that failed to make the proper investments to properly
More informationPractical Threat Intelligence. with Bromium LAVA
Practical Threat Intelligence with Bromium LAVA Practical Threat Intelligence Executive Summary Threat intelligence today is costly and time consuming and does not always result in a reduction of successful
More informationBromium vsentry. Defeat the Unknown Attack
Bromium vsentry Defeat the Unknown Attack Introduction Bromium vsentry protects enterprise PCs and virtual desktops from undetectable advanced malware that attacks the enterprise by tricking users into
More informationThe evolution of virtual endpoint security. Comparing vsentry with traditional endpoint virtualization security solutions
The evolution of virtual endpoint security Comparing vsentry with traditional endpoint virtualization security solutions Executive Summary First generation endpoint virtualization based security solutions
More informationEndpoint Security Transformed. Isolation: A Revolutionary New Approach
Endpoint Security Transformed Isolation: A Revolutionary New Approach A New Standard for Protection Antivirus reign as the king of endpoint protection is nearing an end. Signature-based AV engines can
More informationReport. Bromium: Endpoint Protection Attitudes & Trends 2015. Increasing Concerns Around Securing End Users
Report Bromium: Endpoint Protection Attitudes & Trends 2015 Increasing Concerns Around Securing End Users Table of Contents AUTHOR Clinton Karr Introduction 3 End Users Remain Greatest Security Risk 3
More informationSophistication of attacks will keep improving, especially APT and zero-day exploits
FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint
More informationTech Throwdown: Invincea FreeSpace vs. Micro-Virtualization
Tech Throwdown: Invincea FreeSpace vs. Micro-Virtualization May 2014 Table of Contents Summary... 3 A Hot Market Advanced Threat Protection for the Endpoint... 3 Hype Meets Real World Let s do a Throwdown...
More informationAn Introduction to CODE SIGNING
An Introduction to CODE SIGNING CONTENTS. 1 What is Code Signing. 03 2 Code Signing Certificates 101...05 3 Why & When to Digitally Sign Code.09 4 Self Signing vs. Publicly Trusted...12 5 Code Signing
More informationThree Ways to Secure Virtual Applications
WHITE PAPER Detect, Scan, Prioritize, and Remediate Vulnerabilities Table of Contents Subtitle 1 Headline 3 Headline 3 Sub-Headline 3 ConcIusion 3 About BeyondTrust 4 2 2013. BeyondTrust Software, Inc.
More informationWindows 8: Redmond s Safest Operating System Ever?
Windows 8: Redmond s Safest Operating System Ever? By Chet Wisniewski, Senior Security Advisor, Sophos, 2012 With its Windows 8 operating system Microsoft has introduced sweeping changes to the desktop
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationWhite Paper. Java Security. What You Need to Know, and How to Protect Yourself. 800.266.7798 www.inductiveautomation.com
White Paper Java Security What You Need to Know, and How to Protect Yourself Java Security: What You Need to Know, and How to Protect Yourself Ignition HMI, SCADA and MES software by Inductive Automation
More informationAdobe Flash Player and Adobe AIR security
Adobe Flash Player and Adobe AIR security Both Adobe Flash Platform runtimes Flash Player and AIR include built-in security and privacy features to provide strong protection for your data and privacy,
More informationInvincea Advanced Endpoint Protection
SOLUTION OVERVIEW Invincea Advanced Endpoint Protection A next-generation endpoint security solution to defend against advanced threats combining breach prevention, detection, and response The battle to
More informationEndpoint Business Products Testing Report. Performed by AV-Test GmbH
Business Products Testing Report Performed by AV-Test GmbH January 2011 1 Business Products Testing Report - Performed by AV-Test GmbH Executive Summary Overview During November 2010, AV-Test performed
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationDefending Behind The Device Mobile Application Risks
Defending Behind The Device Mobile Application Risks Tyler Shields Product Manager and Strategist Veracode, Inc Session ID: MBS-301 Session Classification: Advanced Agenda The What The Problem Mobile Ecosystem
More informationCyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security
Cyber Security Presentation Cyber Security Month Curtis McNay, Director of IT Security The IT Security Office (ITSO) What We Do? Risk Assessment Network and System Security Monitoring Vulnerability Scanning
More informationThe Importance of Patching Non-Microsoft Applications
The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As
More informationmanagement Patch ControlNow TM Whitepaper Fixing vulnerabilities before they are exploited.
management Patch ControlNow TM Whitepaper Fixing vulnerabilities before they are exploited. Table of Contents Introduction 3 Importance of patch management 4 Balancing security with reliability 6 Why cloud-based
More informationRemote Access Services Apple Macintosh - Installation Guide
Remote Access Services Apple Macintosh - Installation Guide Version. February, 05 P age Contents GETTING STARTED... JAVA VERIFICATION, INSTALLATION, AND CONFIGURATION... Checking Mac OS version... Java
More informationAnti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More informationAn overwhelming majority of IaaS clouds leverage virtualization for their foundation.
1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationDRIVE-BY DOWNLOAD WHAT IS DRIVE-BY DOWNLOAD? A Typical Attack Scenario
DRIVE-BY DOWNLOAD WHAT IS DRIVE-BY DOWNLOAD? Drive-by Downloads are a common technique used by attackers to silently install malware on a victim s computer. Once a target website has been weaponized with
More informationAdvanced Endpoint Protection
Advanced Endpoint Protection CONTAIN IDENTIFY CONTROL Nick Keller Director Federal Civilian Sales Duncker Candle Problem Solution Creativity, Change the Paradigm Why listen to me? Connect these 3 Companies
More informationApplication White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off
Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off Times have Changed & A/V Executives Agree An A/V product as your sole endpoint protection solution isn t enough.
More informationThe Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director sfrei@secunia.com
The Fundamental Failures of End-Point Security Stefan Frei Research Analyst Director sfrei@secunia.com Agenda The Changing Threat Environment Malware Tools & Services Why Cybercriminals Need No 0-Days
More informationWhite Paper. What is an Identity Provider, and Why Should My Organization Become One?
White Paper What is an Identity Provider, and Why Should My Organization Become One? May 2015 Executive Overview Tame Access Control Security Risks: Become an Identity Provider (IdP) Organizations today
More informationClick Start > Control Panel > System icon to open System Properties dialog box. Click Advanced > Environment Variables.
Configure Java environment on Windows After installing Java Development Kit on Windows, you may still need to do some configuration to get Java ready for compiling and executing Java programs. The following
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationWindows XP End-of-Life Handbook for Upgrade Latecomers
s Why Windows XP End-of-Life Handbook for Upgrade Latecomers s Why Introduction Windows XP end of life is April 8, 2014. Do you have Windows XP systems but can t upgrade to Windows 7 or Windows 8, or can
More informationTaking a Proactive Approach to Patch Management. B e s t P r a c t i c e s G u i d e
B e s t P r a c t i c e s G u i d e It s a fact of business today: because of the economy, most organizations are asking everyone, including the IT staff, to do more with less. But tight budgets and the
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationComplete Patch Management
Complete Patch Management Complete - Flexible Unique In- Depth Secunia CSI 7 Corporate Software Inspector Take control of the vulnerability threat and optimize your IT security investments. The Secunia
More informationPut a Firewall in Your JVM Securing Java Applications!
Put a Firewall in Your JVM Securing Java Applications! Prateep Bandharangshi" Waratek Director of Client Security Solutions" @prateep" Hussein Badakhchani" Deutsche Bank Ag London Vice President" @husseinb"
More informationWebsite Security: What do I need to know? What do I need to do?
Website Security: What do I need to know? What do I need to do? This document describes some of the emerging security issues for and threats to websites as well as some of the options to address them.
More informationFrequently Asked Questions e-form Filler. e-form Filler
Frequently Asked Questions e-form Filler e-form Filler 1. What is e-form Filler? 2. What are the minimum hardware requirements for running the e-form Filler? 3. Do I need to connect to Internet when using
More informationAndroid Security Data from the Frontlines
SESSION ID: MBS-T07R Android Security Data from the Frontlines security@android.com aludwig@google.com Goal of this talk Provide insight into overall Android security strategy. Discuss data that is being
More informationWHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System
AirGap The Technology That Makes Isla a Powerful Web Malware Isolation System Introduction Web browsers have become a primary target for cyber attacks on the enterprise. If you think about it, it makes
More informationYOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next
YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next Your Data Under Siege: Guard the Gaps with Patch Management 1.0
More informationof firms with remote users say Web-borne attacks impacted company financials.
Introduction As the number of users working from outside of the enterprise perimeter increases, the need for more efficient methods of securing the corporate network grows exponentially. In Part 1 of this
More informationFine Tuning Desktop Security Presented by J Abernethy & Josh Quinn
Fine Tuning Desktop Security Presented by J Abernethy & Josh Quinn Presenter: J Abernethy Practice Manager of Legal Applications mindshift, a Ricoh Company Presenter: Josh Quinn Manager, Desktop & Application
More informationSmartphone Security. A Holistic view of Layered Defenses. David M. Wheeler, CISSP, CSSLP, GSLC. (C) 2012 SecureComm, Inc. All Rights Reserved
Smartphone Security A Holistic view of Layered Defenses David M. Wheeler, CISSP, CSSLP, GSLC 1 The Smartphone Market The smartphone security market is expected to grow at a rate of 44 percent annually
More informationJava version 7 update 45 (7u45)
TO DISABLE JAVA - visit this website for instructions. http://www.java.com/en/download/help/disable_browser.xml http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html If you
More information15. juli 2013. Norman Enterprise Security NESEC
Norman Enterprise Security NESEC Agenda What is NESEC Product overview Pricing Campaigns Migration Collaterals Norman Enterprise Security What is NESEC? An agile solution suite that reduces complexity
More informationCan Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?
ANALYST BRIEF Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? Author Randy Abrams Tested Products Avast Internet Security 7 AVG Internet Security 2012 Avira Internet Security
More informationAdvanced Persistent. From FUD to Facts. A Websense Brief By Patrick Murray, Senior Director of Product Management
A Websense Brief By Patrick Murray, Senior Director of Product Management Advanced Persistent Threats: From FUD to Facts With Websense, you can stay a step ahead of the threats. From our roots in web filtering,
More informationCODE SIGNING. Why Developers Need to Digitally Sign Code and Applications. +1-888-690-2424 entrust.com
CODE SIGNING Why Developers Need to Digitally Sign Code and Applications +1-888-690-2424 entrust.com Table of contents Why Code Sign? Page 3 What is Code Signing? Page 4 Verifying Code Authenticity Page
More informationZNetLive Malware Monitoring
Introduction The criminal ways of distributing malware or malicious software online have gone through a change in past years. In place of using USB drives, attachments or disks to distribute viruses, hackers
More informationMcAfee Server Security
Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or
More informationTHE IMPORTANCE OF CODE SIGNING TECHNICAL NOTE 02/2005
THE IMPORTANCE OF CODE SIGNING TECHNICAL NOTE 02/2005 13 DECEMBER 2005 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor organisation
More informationCORPORATE AV / EPP COMPARATIVE ANALYSIS
CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Protection 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos, Symantec,
More informationSAFECode Security Development Lifecycle (SDL)
SAFECode Security Development Lifecycle (SDL) Michael Howard Microsoft Matthew Coles EMC 15th Semi-annual Software Assurance Forum, September 12-16, 2011 Agenda Introduction to SAFECode Security Training
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationClosing the Vulnerability Gap of Third- Party Patching
SOLUTION BRIEF: THIRD-PARTY PATCH MANAGEMENT........................................ Closing the Vulnerability Gap of Third- Party Patching Who should read this paper IT Managers who are trying to manage
More informationOracle Java (8u31) Installation
Oracle Java (8u31) Installation As of January 2015, The Montgomery County Civil Viewer require at least product version 5.0 (developer version 1.5) of the Java Runtime Environment (JRE) 1 in order to display
More informationLASTLINE WHITEPAPER. Large-Scale Detection of Malicious Web Pages
LASTLINE WHITEPAPER Large-Scale Detection of Malicious Web Pages Abstract Malicious web pages that host drive-by-download exploits have become a popular means for compromising hosts on the Internet and,
More informationIt s Time to Think Differently About Network Security. Franklyn Jones CMO, Spikes Security
It s Time to Think Differently About Network Security Franklyn Jones CMO, Spikes Security Disturbing cyber security investment trend Global Market 2015 - $105B 2020 - $170B Proac
More informationBackground. How much does EMET cost? What is the license fee? EMET is freely available from Microsoft without material cost.
Microsoft s Enhanced Mitigation Experience Toolkit (EMET) is an enhancement to the Windows operating system that stops broad classes of malware from executing. EMET implements a set of anti-exploitation
More informationWeb Application Worms & Browser Insecurity
Web Application Worms & Browser Insecurity Mike Shema Welcome Background Hacking Exposed: Web Applications The Anti-Hacker Toolkit Hack Notes: Web Security Currently working at Qualys
More informationWhite Paper. Runtime Application Self Protection Making Apps Self Protecting, Self Diagnosing and Self Testing
White Paper Runtime Application Self Protection April 2015 White Paper: Runtime Application Self Protection Making Aps Self Protecting, Self Diagnosing and Self Testing EXECUTIVE SUMMARY THE JAVA PROBLEM
More informationVMware Server 2.0 Essentials. Virtualization Deployment and Management
VMware Server 2.0 Essentials Virtualization Deployment and Management . This PDF is provided for personal use only. Unauthorized use, reproduction and/or distribution strictly prohibited. All rights reserved.
More informationCitrix : Remediation - MAC
Citrix : Remediation - MAC Key Points: 1. 2. 3. 4. 5. 6. 7. Understanding End Point Scan Analysis Supported anti-virus and firewall products Configuring AVAST/SOPHOS and the Mac OS X Firewall Installing
More informationHost-based Intrusion Prevention System (HIPS)
Host-based Intrusion Prevention System (HIPS) White Paper Document Version ( esnhips 14.0.0.1) Creation Date: 6 th Feb, 2013 Host-based Intrusion Prevention System (HIPS) Few years back, it was relatively
More informationHope is not a strategy. Jérôme Bei
Hope is not a strategy Jérôme Bei Press Highlights Conficker hits German Government! 3000 Clients down! Datatheft at German Telekom: 17.000.000 Customer Records lost! About 1.000.000 pieces of Malware
More informationReal World and Vulnerability Protection, Performance and Remediation Report
Real World and Vulnerability Protection, Performance and Remediation Report A test commissioned by Symantec Corporation and performed by AV-Test GmbH Date of the report: September 17 th, 2014, last update:
More informationWeb Conferencing Version 8.3 Troubleshooting Guide
System Requirements General Requirements Web Conferencing Version 8.3 Troubleshooting Guide Listed below are the minimum requirements for participants accessing the web conferencing service. Systems which
More informationSystem requirements. Java SE Runtime Environment(JRE) 7 (32bit) Java SE Runtime Environment(JRE) 6 (64bit) Java SE Runtime Environment(JRE) 7 (64bit)
Hitachi Solutions Geographical Information System Client Below conditions are system requirements for Hitachi Solutions Geographical Information System Client. 1/5 Hitachi Solutions Geographical Information
More informationSystem Requirements and Technical Prerequisites for SAP SuccessFactors HCM Suite
System Requirements and Technical Prerequisites for SAP SuccessFactors HCM Suite SAP SuccessFactors HCM Suite is a fully web-based offering. You will need an Internet connection and a system that meets
More informationEXTENSIVE FEATURE DESCRIPTION SECUNIA CORPORATE SOFTWARE INSPECTOR. Non-intrusive, authenticated scanning for OT & IT environments. secunia.
Non-intrusive, authenticated scanning for OT & IT environments The situation: convenience vs. security Interconnectivity between organizations and corporate networks, the internet and the cloud and thus
More informationTackling Third-Party Application Vulnerabilities in the Enterprise
WhitePaper Tackling Third-Party Application Vulnerabilities in the Enterprise Shavlik 119 14th Street NW, Suite 200, New Brighton, MN 55112 sales@shavlik.com Introduction Recent security trends have highlighted
More informationAPPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK
APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK John T Lounsbury Vice President Professional Services, Asia Pacific INTEGRALIS Session ID: MBS-W01 Session Classification: Advanced
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
More informationOBIEE : Browser and Operating System Compatibility. Including Known Issues and Solutions
OBIEE : Browser and Operating System Compatibility Including Known Issues and Solutions Contents PREFACE... 2 SUPPORTED BROWSERS AND OPERATING SYSTEMS... 3 SUMMARY OF KNOWN BROWSER/OS ISSUES:... 4 ISSUE
More informationfarmerswife Contents Hourline Display Lists 1.1 Server Application 1.2 Client Application farmerswife.com
Contents 2 1 System requirements 2 1.1 Server Application 3 1.2 Client Application.com 1 1 Ensure that the computers on which you are going to install the Server and Client applications meet the system
More informationDOBUS And SBL Cloud Services Brochure
01347 812100 www.softbox.co.uk DOBUS And SBL Cloud Services Brochure enquiries@softbox.co.uk DOBUS Overview The traditional DOBUS service is a non-internet reliant, resilient, high availability trusted
More informationDEC. 2015. Next Generation Security with Endpoint Detection and Response WHITE PAPER
DEC. 2015 Next Generation Security with Endpoint Detection and Response WHITE PAPER Table of Contents Endpoint Compromise a Sad State of Reality... 3 Traditional Endpoint Anti-virus Isn t Getting It Done...
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More information5 Steps to Advanced Threat Protection
5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious
More informationHost-based Protection for ATM's
SOLUTION BRIEF:........................................ Host-based Protection for ATM's Who should read this paper ATM manufacturers, system integrators and operators. Content Introduction...........................................................................................................
More informationFive Tips to Reduce Risk From Modern Web Threats
Five Tips to Reduce Risk From Modern Web Threats By Chris McCormack, Senior Product Marketing Manager and Chester Wisniewski, Senior Security Advisor Modern web threats can infect your network, subvert
More informationFull System Emulation:
Full System Emulation: Achieving Successful Automated Dynamic Analysis of Evasive Malware Christopher Kruegel Lastline, Inc. chris@lastline.com 1 Introduction Automated malware analysis systems (or sandboxes)
More informationPatch management: Fixing vulnerabilities before they are exploited
GFI White Paper Patch management: Fixing vulnerabilities before they are exploited Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department
More informationBad Romance: Three Reasons Hackers <3 Your Web Apps & How to Break Them Up
Bad Romance: Three Reasons Hackers
More informationChoosing Between Whitelisting and Blacklisting Endpoint Security Software for Fixed Function Devices
Choosing Between Whitelisting and Blacklisting Endpoint Security Software for Fixed Function Devices McAfee* application whitelisting combined with Intel vpro technology can improve security, increase
More informationHow To Install the Virtual Learning App
Table of Contents Installation Instructions... 2 MAC: Using Firefox... 2 MAC: Using Chrome... 6 Disabling PepperFlash... 9 MAC: Using Safari Unsafe Mode We Can t Control So Use Firefox or Chrome... 11
More informationKaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management. www.kaseya.com
Kaseya White Paper Endpoint Security Fighting Cyber Crime with Automated, Centralized Management www.kaseya.com To win the ongoing war against hackers and cyber criminals, IT professionals must do two
More informationThis walk-through was created using Windows XP as a guide, however alternate versions of the Windows OS will be very similar in procedure as well.
Important!: If you are working from a computer within your office environment, it may be advisable to have your local IT/Helpdesk personnel validate that this software meets acceptable standards prior
More informationSandbox Roulette: Are you ready for the gamble?
Sandbox Roulette: Are you ready for the gamble? Rafal Wojtczuk rafal@bromium.com Rahul Kashyap rahul@bromium.com What is a sandbox? In computer security terminology, a sandbox is an environment designed
More informationWhite Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
More informationIBM Endpoint Manager Product Introduction and Overview
IBM Endpoint Manager Product Introduction and Overview David Harsent Technical Specialist Unified Endpoint IBM Endpoint Manager and IBM MobileFirst Protect (MaaS360) Any device. Identify and respond to
More informationSurviving and operating services despite highly skilled and well-funded organised crime groups. Romain Wartel, CERN CHEP 2015, Okinawa
Surviving and operating services despite highly skilled and well-funded organised crime groups Romain Wartel, CERN CHEP 2015, Okinawa 1 Operation Windigo (2011 - now) 30,000+ unique servers compromised
More informationS E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010
S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M Bomgar Product Penetration Test September 2010 Table of Contents Introduction... 1 Executive Summary... 1 Bomgar Application Environment Overview...
More informationBanner Frequently Asked Questions (FAQs)
Banner Frequently Asked Questions (FAQs) How do I install Java?...1 Banner prompts me to download and install Java. Is this OK?....1 What Java version should I use?...2 How do I check what version of Java
More information