Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond



Similar documents
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

Cloud App Security. Tiberio Molino Sales Engineer

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

The Hillstone and Trend Micro Joint Solution

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Unified Security, ATP and more

Fighting Advanced Threats

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

Cisco Advanced Malware Protection for Endpoints

WEBSENSE SECURITY SOLUTIONS OVERVIEW

Integrating MSS, SEP and NGFW to catch targeted APTs

Check Point: Sandblast Zero-Day protection

overview Enterprise Security Solutions

Connected Threat Defense Strategy. Eva Chen, Co-Founder and CEO

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Cloud Services Prevent Zero-day and Targeted Attacks

Comprehensive real-time protection against Advanced Threats and data theft

ENABLING FAST RESPONSES THREAT MONITORING

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

OVERVIEW. Enterprise Security Solutions

24/7 Visibility into Advanced Malware on Networks and Endpoints

Cisco Advanced Malware Protection for Endpoints

Simple security is better security Or: How complexity became the biggest security threat

WildFire. Preparing for Modern Network Attacks

You ll learn about our roadmap across the Symantec and gateway security offerings.

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Vulnerability Management

Move over, TMG! Replacing TMG with Sophos UTM

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

How Lastline Has Better Breach Detection Capabilities. By David Strom December 2014

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

REVOLUTIONIZING ADVANCED THREAT PROTECTION

V1.4. Spambrella Continuity SaaS. August 2

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security

Cisco Web Security: Protection, Control, and Value

Modular Network Security. Tyler Carter, McAfee Network Security

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

Trend Micro InterScan Web Security and Citrix NetScaler SDX Platform Overview

Palo Alto Networks. October 6

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

Networking for Caribbean Development

BitDefender Client Security Workstation Security and Management

Trend Micro Incorporated Research Paper Adding Android and Mac OS X Malware to the APT Toolbox

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows

Analyzing HTTP/HTTPS Traffic Logs

Endpoint protection for physical and virtual desktops

DUBEX CUSTOMER MEETING

CryptoLocker la punta dell iceberg, impariamo a difenderci dagli attacchi mirati. Patrick Gada 18 March 2015 Senior Sales Engineer

Technology Blueprint. Protect Your . Get strong security despite increasing volumes, threats, and green requirements

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Protecting the Infrastructure: Symantec Web Gateway

Content-ID. Content-ID URLS THREATS DATA

Concierge SIEM Reporting Overview

Exchange Online Protection In-Depth

Deep Discovery. Technical details

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

The SIEM Evaluator s Guide

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

Threat Containment for Facebook

Finding Security in the Cloud

When attackers have reached this stage, it is not a big issue for them to transfer data out. Spencer Hsieh Trend Micro threat researcher

Cisco Advanced Malware Protection

AppGuard. Defeats Malware

Attacks from the Inside

Websense Data Security Solutions

Windows Server 2003 End of Support. What does it mean? What are my options?

Intelligent, Scalable Web Security

FROM PRODUCT TO PLATFORM

One Minute in Cyber Security

Superior protection from Internet threats and control over unsafe web usage

Veranderende bedreigingen Security in het virtuele datacenter

Content Security: Protect Your Network with Five Must-Haves

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

WildFire Overview. WildFire Administrator s Guide 1. Copyright Palo Alto Networks

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform

Protect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect

I D C M a r k e t S c a p e : W o r l d w i d e M e s s a g i n g S e c u r i t y V e n d o r A s s e s s m e n t

Security Services. 30 years of experience in IT business

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

Securing Microsoft Office 365

Strengthen Microsoft Office 365 with Sophos Cloud and Reflexion

Transcription:

Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond

Too many malware incidents

>90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research targets to craft convincing emails >90% used attachments vs. URLs 80% of malware is used only once Copyright 2014 Trend Micro Inc. 3

Ransomware Invades Business 100% YoY increase Copyright 2015 Trend Micro Inc. 4

Email Attachments Cloud Sharing Copyright 2015 Trend Micro Inc. 5

Before Cloud Apps Network boundary Most components are inside network boundary Can add layered protection including endpoint, SharePoint, DLP, gateways, sandboxing

Endpoints are frequently outside the corporate network Email and documents move to the cloud, gateways can t see them

An attacker sends a zero-day infected PDF to a remote employee s personal email

The employee uploads to Office 365 Another employee sees the PDF and downloads it

And this employee sends the PDF to a customer Customer

Copyright 2015 Trend Micro Inc. 11 Introducing Trend Micro Cloud App Security FOR OFFICE 365

Trend Micro Cloud App Security Trend Micro Cloud App Security Direct cloud-to-cloud integration Advanced Threat Detection Finds zero-day and hidden threats Sandbox file analysis in the cloud True filetype blocking Web reputation for URL s w/in emails and files DLP Discovery and visibility into confidential data usage 240 customizable templates Copyright 2015 Trend Micro Inc. 12

2 Minute Demo Video Now let s look at how Cloud App Security protects against this scenario: Copyright 2015 Trend Micro Inc. 13

Better Protection, Easier setup, and Higher Availability than a SaaS Email Gateway Redirect email with MX-Record SaaS Email Gateway Security Products Single point of failure API Trend Micro Cloud App Security (inbound) (inbound+internal) Copyright 2015 Trend Micro Inc. 14

Challenges of Scanning Files and Email while in Transit for Malware Typical AV scanning Scan engines look for executable code 1 Malware engines update hourly 1 Challenge Criminals hide malware inside PDF, Word, and other office documents 2 12,500 new unique threats discovered every hour 2 Sources: 1. Exchange Online Antimalware FAQ, 4/28/2015 2. Trend Micro Targeted Attack Trends, 2014 Annual Report, 4/14/2015 Copyright 2015 Trend Micro Inc. 15

Office file types: frequent attack vectors 60% Source: TrendLabs 2014 Targeted Attack Campaign Report Copyright 2015 Trend Micro Inc. 16

Find Hidden and Zero Day Threats Document Exploit Detection Parses documents to look for attempts to exploit an application Known exploits identified for deletion/quarantine Files with suspect exploits sent to sandbox for behavioral analysis Key technology in helping Trend Micro discover more vulnerabilities in 1H 2015 than all other security vendors combined Copyright 2015 Trend Micro Inc. 17

2 Challenges with Scanning Files and Email while in Transit for Malware Typical AV scanning Scan engines look for executable code 1 Malware engines update hourly 1 Challenge In 60% attacks, criminals hid malware inside PDF, Word, and other office documents 2 12,500 new unique threats discovered every hour 2 Sources: 1. Exchange Online Antimalware FAQ, 4/28/2015 2. Trend Micro Targeted Attack Trends, 2014 Annual Report, 4/14/2015 Copyright 2015 Trend Micro Inc. 18

Find Hidden and Zero Day Malware Dynamic Sandbox Malware Analysis versus Static technique: Checking fingerprints for known bad criminals (similar to antimalware scanning) Dynamic technique: Observing criminal behavior with a surveillance camera (similar to virtual sandbox analysis) Copyright 2015 Trend Micro Inc. 19

Find Hidden and Zero Day Malware Dynamic Sandbox Analysis Leverages technology from Trend Micro Deep Discovery: Copyright 2015 Trend Micro Inc. 20

Cloud App Security Threat Detection API antispam antimalware https URL scan Doc exploit scan / File risk assessment Suspicious Files (~2%) https Sandbox Analysis Microsoft Office 365 Microsoft Azure DC Trend Micro DC Trend Micro Cloud App Security No email/files stored Quarantines located in Office 365 All communications encrypted Copyright 2015 Trend Micro Inc. 21

Complimenting Office 365 s Built in Security for Better Overall Protection Antispam Office 365 includes Trend Micro Cloud App Security Adds Antimalware Document exploit detection to find malware hidden in office files Risk-based sandbox behavioral analysis of suspicious files/attachments to detect zero day malware URL scanning within email attachments/shared files DLP for Email, OneDrive for Business, SharePoint Online E3 plan only Copyright 2015 Trend Micro Inc. 22

Complementing Office 365 s Built in Security for Better Overall Protection Office 365 built in security blocks known threats Trend Micro Cloud App Security finds hidden and unknown threats Copyright 2015 Trend Micro Inc. 23

Why Trend Micro for Office 365 Security? Control & Protection Advanced protection for Office 365 email, SharePoint, OneDrive Leverages top rated Deep Discovery detection technology Trusted Security Vendor 26 years focused on security, now largest pure-play Trusted by 48 of top 50 global corporations Microsoft Gold Partner for 20 years Cloud Scale 10 years offering cloud services Direct cloud-to-cloud integration offers high performance and usability Copyright 2015 Trend Micro Inc. 24

GLOBAL SENSOR NETWORK Collects more threat information in more places 100s of millions of sensors 16B threat queries daily Files, IPs, URLs, mobile apps, vulnerabilities, and more Global Threat Intelligence Copyright 2015 Trend Micro Inc.

GLOBAL SENSOR NETWORK Collects more threat information in more places 100s of millions of sensors 16B threat queries daily Files, IPs, URLs, mobile apps, vulnerabilities, and more Copyright 2015 Trend Micro Inc.

GLOBAL SENSOR NETWORK Collects more threat information in more places GLOBAL THREAT INTELLIGENCE Accurately analyzes and identifies threats faster 100TB analyzed daily 500K new threats identified daily 50x faster time-to-protect than average* 100s of millions of sensors 16B threat queries daily Files, IPs, URLs, mobile apps, vulnerabilities, and more Copyright 2015 Trend Micro Inc. *NSS Labs Consumer EPP 2014 Test

GLOBAL SENSOR NETWORK Collects more threat information in more places 100s of millions of sensors 16B threat queries daily Files, IPs, URLs, mobile apps, vulnerabilities, and more GLOBAL THREAT INTELLIGENCE Accurately analyzes and identifies threats faster 100TB analyzed daily 500K new threats identified daily 50x faster time-to-protect than average* PROACTIVE PROTECTION Blocks new threats sooner 250M threats blocked daily 500,000+ business Millions of individuals and families Copyright 2015 Trend Micro Inc. *NSS Labs Consumer EPP 2014 Test

Global CLOSER TO THE SOURCE OF THREATS Real-time IDENTIFIES NEW THREATS FASTER Correlated IDENTIFIES ALL COMPONENTS OF AN ATTACK Proactive BLOCKS THREATS AT THEIR SOURCE Copyright 2015 Trend Micro Inc.

Cloud App Security for Office 365 Advanced Threat Protection and Data Loss Prevention Cloud-based sandbox malware analysis Anti-Malware, Web Reputation, File/Attachment Blocking Data Loss Prevention User/Group-Based Policy and Visibility Trend Customer License Portal (CLP) integration Trend License Management Portal (LMP) integration Hosted on both US and EU data center Copyright 2014 Trend Micro Inc.

Trend Micro Cloud App Security June 2015 Q4 2015 Copyright 2015 Trend Micro Inc. 31

How is it different from Microsoft s new Advanced Threat Protection for Email? Cloud App Security Email sandboxing since 2012 Protects Exchange Online plus SharePoint Online and OneDrive for Business Avoids unnecessary delays Risk assessment before sandboxing Efficient sandbox technology Copyright 2015 Trend Micro Inc. 32

Cloud App Security s DLP Functionality 240 built in templates which can be customized Import, create your own templates Q4 15 DLP policy and visibility integration with Trend Micro Control Manager Exchange Online SharePoint Online OneDrive for Business Discovery (manual scan of database) Visibility / Reporting Control blocking/quarantine Not available* * in-line blocking of outbound email DLP violations is not available due to a limit of the API Copyright 2015 Trend Micro Inc. 33

Cloud App Security Service Delivery SLA Commitment: 99.9% Datacenter locations: Cloud App Security US: Microsoft Azure California EMEA: Microsoft Azure Netherlands (does not fail over to US) Sandboxing service (<3% of files): US: Trend Micro US (San Jose) EMEA: Trend Micro Germany (Munich) US and EMEA sites are not interconnected No email/files stored by Trend Micro Quarantines are located within Office 365 All communications encrypted https Copyright 2015 Trend Micro Inc. 34

Product Screenshots Copyright 2015 Trend Micro Inc. 35

Advanced Threat Protection Policy Overview Copyright 2015 Trend Micro Inc. 36

Threat Policy: Malware Scan Copyright 2015 Trend Micro Inc. 37

Threat Policy: File blocking Copyright 2015 Trend Micro Inc. 38

Threat Policy: Web Reputation Checks URLs inside email body + attachments Copyright 2015 Trend Micro Inc. 39

Threat Policy: Virtual Analyzer (sandbox) Copyright 2015 Trend Micro Inc. 40

Threat: Share C&C Block List Virtual analyzer will capture information on malware attempts to phone home to an attacker s Command & Control (C&C) server. Download the block list to share with network security Copyright 2015 Trend Micro Inc. 41

Threat Policy: Manual Scan Copyright 2015 Trend Micro Inc. 42

DLP Policy: Overview Copyright 2015 Trend Micro Inc. 43

DLP Policy: Select Targets Copyright 2015 Trend Micro Inc. 44

DLP Policy: Select Compliance Template Copyright 2015 Trend Micro Inc. 45

DLP Policy: Import Custom Templates Copyright 2015 Trend Micro Inc. 46

DLP Policy: Admin / User Notification Copyright 2015 Trend Micro Inc. 47

Deploying Cloud App Security Copyright 2015 Trend Micro Inc. 48

Deploying Cloud App Security Automatically creates delegated admin accounts Copyright 2015 Trend Micro Inc. 49

Deploying Cloud App Security Automatically creates delegated admin accounts Copyright 2015 Trend Micro Inc. 50

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information