ENTERPRISE SECURITY GETS ADAPTIVE



Similar documents
KASPERSKY PRIVATE SECURITY NETWORK: REAL-TIME THREAT INTELLIGENCE INSIDE THE CORPORATE INFRASTRUCTURE

KASPERSKY LAB: EMPOWERING INDUSTRIAL CYBER SECURITY

KASPERSKY ENDPOINT SECURITY FOR BUSINESS: TECHNOLOGY IN ACTION

Security Intelligence Services.

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

KASPERSKY SECURITY INTELLIGENCE SERVICES 2015

Security Intelligence Services. Cybersecurity training.

Protecting against cyber threats and security breaches

KASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks

BEST PRACTICES. Systems Management.

KASPERSKY LAB TECHNOLOGY LEADERSHIP

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Captaining datacenter security: putting you at the helm

Microsoft s cybersecurity commitment

BEST PRACTICES. Security Controls.

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

Cisco Advanced Malware Protection for Endpoints

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

Cyber Security Challenges in the Energy Context Guido Gluschke

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

CYBER SECURITY SERVICES PWNED

White Paper. Advantage FireEye. Debunking the Myth of Sandbox Security

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

CYBER SECURITY INFORMATION SHARING & COLLABORATION

BEST PRACTICE GUIDE TO CONTROl TOOLS

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research

DESIGN YOUR SECURITY. We build tailored, converged security for you. Technology. Strategy. People. The synergetic collaboration.

Stop advanced targeted attacks, identify high risk users and control Insider Threats

KASPERSKY SECURITY INTELLIGENCE SERVICES

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

How To Create An Insight Analysis For Cyber Security

Fighting Advanced Threats

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Kaspersky Security for Mobile

Advanced Threat Protection with Dell SecureWorks Security Services

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Cisco Advanced Malware Protection for Endpoints

Nine Cyber Security Trends for 2016

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

ONLINE AND MOBILE BANKING, YOUR RISKS COVERED

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

End-user Security Analytics Strengthens Protection with ArcSight

STATISTICS ON BOTNET-ASSISTED DDOS ATTACKS IN Q1 2015

A New Approach to Assessing Advanced Threat Solutions

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

24/7 Visibility into Advanced Malware on Networks and Endpoints

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

INDUSTRIAL CONTROL SYSTEMS AND NETWORK PROTECTION USING KASPERSKY ENDPOINT SECURITY FOR BUSINESS INDUSTRIAL MODE

L evoluzione del Security Operation Center tra Threat Detection e Incident Response & Management

Are you prepared to be next? Invensys Cyber Security

Cisco Advanced Malware Protection

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

HP ENTERPRISE SECURITY. Protecting the Instant-On Enterprise

Ahead of the threat with Security Intelligence

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

Networking for Caribbean Development

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

REVOLUTIONIZING ADVANCED THREAT PROTECTION

IBM Security re-defines enterprise endpoint protection against advanced malware

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice

Symantec Advanced Threat Protection: Network

ADVANCED THREATS IN THE ENTERPRISE. Finding an Evil in the Haystack with RSA ECAT. White Paper

White Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES. By James Christiansen, VP, Information Risk Management

IBM Security QRadar Vulnerability Manager

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

Threat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Cybersecurity Delivering Confidence in the Cyber Domain

WildFire. Preparing for Modern Network Attacks

High End Information Security Services

A Case for Managed Security

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

Beyond the Hype: Advanced Persistent Threats

White Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks

Content Security: Protect Your Network with Five Must-Haves

Design Your Security

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

Malware isn t The only Threat on Your Endpoints

Hope is not a strategy. Jérôme Bei

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Time Is Not On Our Side!

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst

Defending Against Cyber Attacks with SessionLevel Network Security

Big Data Analytics in Network Security: Computational Automation of Security Professionals

A BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper

Cisco Security Intelligence Operations

Transcription:

ENTERPRISE SECURITY GETS ADAPTIVE Today s threat landscape was unimaginable a decade ago. Cybercriminals have adapted their techniques to sidestep traditional defenses and lurk undetected on systems for months or even years. It s time for enterprise security to adapt with an intelligence-driven, multi-layered approach to IT security. Intelligence is the ability to adapt to change. Stephen Hawking.

ENTERPRISE SECURITY GETS ADAPTIVE Advanced Persistent Threats (APTs), sophisticated malware and targeted attacks are just some of the new, constantly evolving threats the enterprise faces. Cybercriminals are only too aware of the limitations of traditional, perimeter-based security it s their first port of call when they re looking for chinks in the enterprise armor. If the attackers are constantly shape-shifting, it s fair to say that multiple enterprise technologies provide a convenient support network of attack vectors: mobile devices, web applications, portable storage, virtualization, cloud-based technologies all present a window of opportunity to cybercriminals that traditional prevent and block security alone cannot answer. A new, more adaptive, integrated approach built on the pillars of prediction, prevention, detection and response is needed. THE FOUR PILLARS OF ADAPTIVE ENTERPRISE SECURITY Prediction: No one has a crystal ball, but enterprises with access to the latest threat intelligence and trends are better placed to anticipate and avoid incidents. Training employees to recognize the tactics used in attacks augments predictive analysis, as does the ability to learn from mistakes by forensically analyzing breaches; penetration testing, meanwhile, can help expose the weak spots. Prevention: A key goal here is to reduce attack surface be it traditional, signature-based anti-malware, device controls or patching application vulnerabilities hardening systems and placing as many obstacles in the way of attackers as possible are just two components of an over-arching approach that includes limiting the ability of attacks to spread and reduce their impact. Detection: As Lab research into high-profile APTs shows, sophisticated attacks can go undetected for years. It s estimated that the average enterprise attack goes undetected for over 200 days 1 ; the sooner any incident is discovered, the better. Detection technologies underscored by the best threat analysis augments discovery: as threats evolve at pace, the best detection strategy is often built on the ability to spot behaviors and sequences of events that suggest a breach has taken place. Response: Effective enterprise security has the capacity to respond to and mitigate the effects of a breach. At one level, this can involve If/then policy for procedures that can be automated, such as patching. At another level, this could include post-breach analysis or the use of specialized incident-response teams to stop, mitigate and investigate attacks, breaches and other security incidents. To be truly effective, each of these capabilities must work together as a multi-layered system. Intelligence-driven, threat focused, integrated, holistic and strategy-driven: these are the key characteristics of a comprehensive, adaptive enterprise security architecture. Lab is uniquely placed to deliver an adaptive enterprise security platform, let s take a look at some of the elements. ENTERPRISE SECURITY. POWERED BY INTELLIGENCE. Lab has a long track record in making some of the highest profile, most relevant threat discoveries, including: Carbanak: the world s biggest cyber bank heist Dark Hotel: which specifically targets senior-level business travelers The Mask/Careto: which targeted enterprises, governments and private equity firms, among others Wild Neutron: targeting global enterprises and other businesses Icefog: attacked the supply chain for businesses Red October: exploited enterprise systems to conduct mass surveillance operations More than a third of our employees work in research and development, focusing solely on developing technologies to counteract and anticipate the constantly evolving threats Lab s dedicated teams of Intelligence and Analysis Researchers investigate every day. Lab s understanding of the inner workings of some of the world s most sophisticated threats has enabled us to develop a multi-layered, strategic portfolio of security technologies and services capable of delivering a fully integrated, adaptive security approach. Our expertise has seen Lab achieve more first place rankings in independent threat detection and mitigation tests than any other IT security company. PREDICTION Prediction capabilities and the mitigation strategies that are built around them are central to everything Lab does, from our dedicated Global Research and Analysis Team (GReAT) to Security Network (KSN) and our Security Intelligence Services (SIS) portfolio: Security Network: One of the most important components of Lab s multi-layered platform, Security Network is a cloud-based, complex distributed architecture dedicated to gathering and analyzing security threat intelligence from millions of systems worldwide. Effectively a global, cloud-based threat laboratory, KSN detects, analyzes and manages unknown or advanced threats and online attack sources in seconds and delivers that intelligence straight to customer systems. For enterprises with very specific data privacy concerns, Lab has developed a Private Security Network option. Security Intelligence Services: Few organizations have the resources to develop the high levels of strategic security intelligence required to keep pace with constantly evolving, sophisticated threats. That s why Lab has developed an extensive portfolio of Intelligence Services: Education and training: From more generalized cybersecurity fundamentals to advanced digital forensics, malware analysis and reverse engineering training, Lab provides comprehensive training and awareness programs to enterprises both on-site and online. In addition to interactive games, skills assessments and general cyber safety promotion, courses of 2-5 days duration are also available, including some of the following topics: 1 https://www.siliconrepublic.com/enterprise/2014/04/11/advanced-cyberattacks-can-go-undetected-for-typically-229-days

Cybersecurity Fundamentals: Understanding the threats, using technology safely. General Digital Forensics: Building a digital forensics lab, incident reconstruction, tools. General Malware Analysis & Reverse Engineering: Build a secure malware analysis environment, conduct express analysis. Advanced Digital Forensics: Deep file system analysis, recover deleted files, incident timeline reconstruction. Advanced Malware Analysis & Reverse Engineering: Analyze exploit shellcode, non-windows malware, use global best practices. KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION* Security Assessment: Penetration testing: Understanding infrastructure security from an attacker s perspective, while achieving compliance with security standards such as PCI DSS. Application security testing: Analysis of web applications (including online banking and ones with WAF enabled), mobile applications, fat clients Threat Intelligence: An early warning system, driven by GReAT s expertise and supported by KSN, this includes threat data feeds, botnet tracking and intelligence reporting. Early access to APT-related configuration files and malware samples, along with integration with SIEM (HP Arcsight) help enterprises develop comprehensive intelligence insight. PREVENTION Lab detects 325 000 new pieces of malware every single day. Even a single additional percentage point in detection rate can translate into hundreds of thousands of pieces of malware being caught. Independent test results consistently demonstrate that Lab provides the best protection in the industry. In 2014 alone, we participated in 93 independent tests and reviews, ranking first 51 times and finishing in the top three a record 71% of the time. 2 That s just one of the reasons why OEMs including Microsoft, Cisco Meraki, Juniper Networks and Alcatel Lucent -trust Lab to provide the security they ship within their own products. Our Enterprise Security portfolio combines industry-leading anti-malware with multiple technologies to reduce attack surfaces in a unique combination of intelligence-led technologies. Known, unknown and advanced threats are prevented using multiple protection layers, including: Network Attack Blocker: Scans all network traffic using known signatures to detect and block networkbased attacks, including port scanning and Denial of Service (DoS) attacks. For a further layer of protection, DDoS Protection (KDP) is available as a solution to protect against Distributed Denial of Service (DDoS) attacks. It s a comprehensive, integrated DDoS prevention and mitigation solution, that includes 24/7 analysis and post-attack reports. Heuristic anti-phishing: Capable of preventing some of the very latest phishing attack techniques by looking for additional evidence of suspicious activity, over and above traditional phishing database-led approaches. Application control and Dynamic Whitelisting: Application control blocks or allows administrator-specified applications. It s built on dynamic whitelisting, Lab s continuously updated lists of trusted applications and software categories. Host Intrusion Prevention System (HIPS): Helps control how applications behave and restricts the execution of potentially dangerous programs without affecting the performance of authorized, safe applications. 2 For more detail on the tests and the metrics, visit: http://media.kaspersky.com/en/business-security/top3_2013.pdf New link for updated report is: http://media.kaspersky.com/en/business-security/top3_2014.pdf.

DETECTION Lab s unparalleled expertise in detecting some of the world s most sophisticated threats feeds directly into our enterprise threat detection capabilities. Since 2008, our researchers have uncovered some of the most sophisticated, multi-component attacks the world has ever seen. This insight and intelligence directly informs our product development; in addition to our capacity to detect sophisticated enterprisefocused attacks, Lab has used the insights gained from discovering significant financial threat actors such as Carbanak to develop solutions geared entirely towards detecting financial fraud. APT ANNOUNCEMENTS KASPERSKY LAB Stuxnet 2010 Duqu 2011 Flame 2012 Teamspy MiniDuke RedOctober 2013 CosmicDuke Cloud Atlas Regin El Machete Careto/ The Mask 2014 Helsing Duqu2 Animal Farm Carbanak H1 2015 RESPONSE In an adaptive security architecture, the ability to respond to threats is as important as the capacity to predict and prevent them saving the enterprise both time and money. It s also worth acknowledging the reality that a direct consequence of enhanced detection will be enhanced response capability. Lab addresses this at both the technology and services levels: System Watcher: Lab s unique and proactive monitor is capable of reacting to complex system events, such as installation of drivers and detecting suspicious behaviour. Investigation Services: Resolve live security incidents with Lab s help. From malware analysis to digital forensics, reporting and incident response, customers are empowered to learn from incidents while mitigating the impact of an attack and restoring damaged systems. PROACTIVE, REACTIVE, INTELLIGENCE-DRIVEN ENTERPRISE SECURITY To say malware has metastasized is something of an understatement: advanced threats evade traditional blocking techniques, ready-made malware kits can be bought for spare change online and tools capable of automatically creating multiple, tailored variants of a single piece of malware are just the tip of a massive malware iceberg. An increasingly sophisticated and complex threat landscape calls for a multi-layered, adaptive security approach, in which a combination of integrated technologies provides comprehensive detection and protection against known, unknown and advanced malware and other enterprise-focused threats. Lab s unparalleled track record in discovering the most sophisticated, relevant threats, combined with its industry-leading technologies and services mean it s uniquely placed to deliver the comprehensive, adaptive security enterprises need. While Security Network builds on the real-time intelligence generated by over 60 million nodes worldwide, our elite Global Research and Analysis Team contributes a unique set of skills and expertise to our threat research, developing solutions capable of combating increasingly complex and sophisticated threats. Gauss Miniflame Winnti NetTraveler Icefog SyrianEA Epic Turla Dark Hotel Equation Desert Falcons Naikon TRUSTED PARTNER OF ENTERPRISES, GOVERNMENTS AND REGULATORS Because it s privately owned, Lab is free to invest heavily in Research and Development outside short-term market constraints. Almost half of our 3000 employees globally work in our research and development labs, focusing on developing innovative technologies, investigating cyber-warfare, cyberespionage and all types of threats and techniques. 2012-3 announcements 2013-7 announcements 2014-11 announcements H1 2015-8 announcements Kimsuki BlackEnergy2 Animal Farm Crouching Yeti Wild Neutron This focus on high-quality, internal R&D has led to Lab being recognized as an industry leader in IT security technologies. That s just one of the reasons why over 100 leading OEMs including Microsoft, Cisco Meraki, IBM, Juniper Networks and Alcatel Lucent trust Lab to provide the security they ship within their own products. It s also why we re a trusted partner of governments, law-enforcement agencies and large businesses all over the world. Respected international organizations, including INTERPOL, Europol and numerous CERTS have all invited Lab to collaborate and consult with them on an ongoing basis; in addition to holding regular training courses for INTERPOL and police officers of many countries, we supported the launch of INTERPOL s Digital Forensics Laboratory.

Twitter.com/ Facebook.com/ Youtube.com/ Lab, Moscow, Russia www.kaspersky.com All about Internet security: www.securelist.com Find a partner near you: www.kaspersky.com/buyoffline 2015 AO Lab. All rights reserved. Registered trademarks and service marks are the property of their respective owners. Lotus and Domino are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Linuxis the registered trademark of Linus Torvalds in the U.S. and other countries. Google is a registered trademark of Google, Inc.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information