ONE STEP AHEAD of hackers, cybersecurity, threats and the competition



Similar documents
Check Point: Sandblast Zero-Day protection

Cloud Services Prevent Zero-day and Targeted Attacks

CHECK POINT NEXT GENERATION ZERO-DAY PROTECTION

CHECK POINT Mobile Security Revolutionized. [Restricted] ONLY for designated groups and individuals

The Onslaught of Cyber Security Threats and What that Means to You

Symantec Advanced Threat Protection: Network

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

Zscaler Cloud Web Gateway Test

Analyzing HTTP/HTTPS Traffic Logs

Cloud App Security. Tiberio Molino Sales Engineer

Cloud Based Secure Web Gateway

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

SECURING YOUR MODERN DATA CENTER WITH CHECK POINT

Advanced Persistent Threats

A New Approach to Assessing Advanced Threat Solutions

FROM PRODUCT TO PLATFORM

Integrating MSS, SEP and NGFW to catch targeted APTs

Anti-exploit tools: The next wave of enterprise security

Deep Discovery. Technical details

AppGuard. Defeats Malware

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

End to End Security do Endpoint ao Datacenter

Redefining Endpoint Security: Symantec Endpoint Protection Russ Jensen

Protecting the Infrastructure: Symantec Web Gateway

Sophistication of attacks will keep improving, especially APT and zero-day exploits

First Look Trend Micro Deep Discovery Inspector

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform

Protection Against Advanced Persistent Threats

How Lastline Has Better Breach Detection Capabilities. By David Strom December 2014

Unified Security, ATP and more

White Paper. No Signature Required: The Power of Emulation in Preventing Malware

Threat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products

應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊

Symantec Endpoint Protection Analyzer Report

You ll learn about our roadmap across the Symantec and gateway security offerings.

Securing the endpoint and your data

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Symantec Endpoint Protection

User Documentation Web Traffic Security. University of Stavanger

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

Agenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Active Threat Control

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

Uncover security risks on your enterprise network

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Building a Web Security Ecosystem to Combat Emerging Internet Threats

Modular Network Security. Tyler Carter, McAfee Network Security

STANDARD ON CONTROLS AGAINST MALICIOUS CODE

Security Intelligenece: tracking obfuscated and unrecognized attacks Check Point Software Technologies Ltd.

THE SCRIPTING THREAT GAINING POPULARITY

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

End-user Security Analytics Strengthens Protection with ArcSight

Combating the Next Generation of Advanced Malware

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

A Case for Managed Security

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

Data Sheet: Messaging Security Symantec Brightmail Gateway Award-winning messaging security for inbound protection and outbound control

Defending Behind The Device Mobile Application Risks

IBM Endpoint Manager Product Introduction and Overview

ABOUT LAVASOFT. Contact. Lavasoft Product Sheet: Ad-Aware Free Antivirus+

Advanced Persistent Threats

Cybersecurity and internal audit. August 15, 2014

One Minute in Cyber Security

Symantec DLP Overview. Jonathan Jesse ITS Partners

Cisco IPS Tuning Overview

Types of cyber-attacks. And how to prevent them

A progressive and integrated approach to protecting corporate networks

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond

Malware, Zero Day and Advanced Attack Protection Analysis Zscaler Internet Security and FireEye Web MPS

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Unknown threats in Sweden. Study publication August 27, 2014

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

IT Security Strategy and Priorities. Stefan Lager CTO Services

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Content-ID. Content-ID URLS THREATS DATA

Endpoint Security Management

Transcription:

ONE STEP AHEAD of hackers, cybersecurity, threats and the competition Thomas Werner Threat Prevention Security Engineer CER & Nordics 2015 Check 2015 Point Check Software Point Software Technologies Ltd. Ltd. 1

01 TODAY 2015 Check Point Software Technologies Ltd. 2

An Ever-Changing Threat Landscape Every year threats are becoming MORE SOPHISTICATED and MORE FREQUENT The signature gap grows 100,000+ malware variants daily 2014 1,300 known viruses 1997 50,000 known viruses VIRUSES AND WORMS 2004 ADWARE AND SPYWARE 2007 DDOS APTS 2010 RANSOMWARE HACTIVISM STATE SPONSORED INDUSTRIAL ESPIONAGE NEXT GEN APTS (MASS APT TOOLS) UTILIZING WEB INFRASTRUCTURES (DWS) 2015 Check Point Software Technologies Ltd. 3

How dangerous is it? Source: http://www.rp-online.de/nrw/staedte/neuss/neuss-computer-virus-legt-das-lukaskrankenhaus-lahm-aid-1.5760705 Source: http://www.heise.de/security/meldung/krypto-trojaner-locky-wuetet-in-deutschland-ueber-5000-infektionen-pro-stunde-3111774.html 2015 Check Point Software Technologies Ltd. 4 [Restricted] ONLY for designated groups and individuals

Why? 62 Prozent der Exploits sind Ransomware, also Erpressungs-Trojaner die Dateien auf dem Zielsystem verschlüsseln. Wer seine Daten zurück haben möchte, muss zahlen, in der Regel über Krypto-Währungen. Laut Symantec zahlen knapp 3 Prozent der Ransomware- Opfer tatsächlich und sind dann im Schnitt 300 US-Dollar ärmer. Bei den in den 13 Stunden geschätzten 3.600 Opfern, hochgerechnet auf die 147 Proxys bei Limestone, ergäbe das mehr als 31.000 US-Dollar (rund 28.000 Euro) an einem einzigen Tag. Quelle: http://www.heise.de/newsticker/meldung/exploit-kit-angler-macht-millionen-mit-erpressungs-trojanern-2839287.html 2015 Check Point Software Technologies Ltd. 5 [Restricted] ONLY for designated groups and individuals

02 MULTI-LAYERED THREAT PREVENTION 2015 Check Point Software Technologies Ltd. 6

Check Point Closes the Gaps with Sandblast IPS, ANTI-VIRUS & ANTI-BOT CATCHES KNOWN OR OLD MALWARE Of known malware, 71 in 1000 are not caught OS- AND CPU-LEVEL ZERO-DAY PROTECTION THREAT EXTRACTION DETECTS NEW OR UNKNOWN MALWARE With both OS- and CPU-level prevention COMPLETE THREAT REMOVAL Reconstructs and delivers malware-free documents 2015 Check Point Software Technologies Ltd. 7

03 SANDBLAST OS- and CPU Level Sandboxing 2015 Check Point Software Technologies Ltd. 8

Check Point Threat Emulation PREVENTS Undiscovered Attacks INSPECT FILE EMULATE TURN TO KNOWN PREVENT 2015 Check Point Software Technologies Ltd. 9

Identifying Zero-Days At The Exploit Phase with CPU LEVEL DETECTION Thousands VULNERABILITY Only a Handful EXPLOIT CPU Level Sandboxing SHELLCODE EVASION CODE Millions MALWARE OS Level Sandboxing 2015 Check Point Software Technologies Ltd. 10

Internet Security Gateway Network Emulation Service Local Emulation Appliance Emulation of Mail (SMTP/TLS), Web (HTTP/S) and File Shares (CIFS) on one appliance MTA for true mail prevention (not just detection) 2015 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 11

SANDBLAST MEETS LOCKY 2015 Check Point Software Technologies Ltd.

Ransomware sample Locky 2015 Check Point Software Technologies Ltd. [Confidential] For designated groups and individuals 13

04 THREAT EXTRACTION Being PROACTIVE 2015 Check Point Software Technologies Ltd. 14

2015 Check Point Software Technologies Ltd. 15

05 SANDBLAST AGENT 2015 Check Point Software Technologies Ltd. 16

SANDBLAST AGENT Z e r o - D a y P r o t e c t i o n f o r E n d p o i n t s Prevent Zero-Day Attacks Identify & Contain Infections Effective Response & Remediation THREAT EXTRACTION & EMULATION FOR ENDPOINTS Deliver sanitized content Emulation of original files Protects web downloads and file copy ANTI-BOT FOR ENDPOINTS & ENDPOINT QUARANTINE Detect & Block C&C communications Pinpoint infections Quarantine infected host AUTOMATIC FORENSIC ANALYSIS & ATTACK REMEDIATION Incident Analysis - saves time & cost Make network detections actionable Understand endpoint AV detections Clean & remediate the full attack 2015 Check Point Software Technologies Ltd. 17

06 CONCLUSION 2015 Check Point Software Technologies Ltd. 18

STAYING ONE STEP AHEAD On the Network and At the Endpoint Catches More Malware. Proactive Prevention. Complete Integrated Protection. 2015 Check Point Software Technologies Ltd. 19

THANK YOU 2015 Check 2015 Point Check Software Point Software Technologies Ltd. Ltd. 20

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information