Component Protection Metrics for Security Product Development: CheckVir Endpoint Test Battery
|
|
- Lester French
- 5 years ago
- Views:
Transcription
1 Component Protection Metrics for Security Product Development: CheckVir Endpoint Test Battery Ferenc Leitold Veszprog Ltd. Kai Yu Trend Micro, China Anthony Arrott Trend Micro, USA Abstract The CheckVir Endpoint Test Battery was used to perform iterative private tests on pre-release builds of version 6 of the Trend Micro Titanium Maximum Security Windows endpoint product. The test battery includes separate measurements of the protection provided by the consumer endpoint security product including measurements of: blocking malicious URLs; blocking transfers of malware files; detecting and removing rootkits; blocking phishing URLs; blocking browser exploits; cleaning malware infections; blocking malware execution; and detecting and removing stored malware files. All tests were conducted as a private piggyback on regularly scheduled public tests of the new version s predecessor and currently released versions of competitor peer products. 1. Introduction The CheckVir Endpoint Test Battery was used by the Trend Micro Titanium version 6 (Ti6) development team to test pre-release versions of the consumer Windows endpoint internet security product. The tests were conducted as private piggyback tests on the regular public CheckVir Endpoint Test Battery that Veszprog conducts each month benchmarking most of the major internet security products for Windows endpoints. The public tests include the current release of Trend Micro s Titanium version 5 (Ti5), sold under the product name, Titanium Maximum Security The piggyback tests subjected pre-release versions of Ti6 to the same set of external independent benchmarking tests against competitor products using the same testing conditions and attack vectors that Ti6 would be tested in upon its public release. Individual constituent tests of the CheckVir Endpoint Test Battery were used to isolate the protection measurement of specific security engines and services that make up the multi-dimensional security solutions contained in an internet security product like Ti6. The separate component tests also provided direct quantitative comparison with the similar engines and services in competitor products. The primary goal of component testing is to eliminate difficulties encountered in using end-to-end or whole product testing with pre-release builds of a new product version. Without individual component tests, product developers and company threat researchers must undertake difficult analyses to determine which service or engine in the integrated product is responsible for instances of missed attacks in end-to-end and whole product tests. With component tests, missed attack samples can go directly to the engine or service team responsible for the protection component measured in the test. 2. Methods Testing procedures are executed automatically, semi-automatically or manually using a special frame system. This automatic system provides a database accessible on the Internet including the scanning results related to each version. This system includes the following parts and they works as follows in the case of testing under Windows (Figure 1). 1
2 computer is to distinguish between the network traffic of the virus protection and the malware. The traffic of the malware is forwarded to the "malware proxy" server however the network traffic of the virus protection is forwarded to the internet. Thus solutions may use internet connection, so the usage of "cloud technology" is not limited. Figure 1. Technical background Clients: These computers are able to execute different tasks related to different testing methods of the particular protection. Client computers have exactly the same hardware and software. (Even the cards are inserted into same slots.) Clients can execute testing procedures in virtual and in native environment as well. A debian Linux system and perl scripts are dealing with changing the image of the Windows operating system (including the protection) and execute them periodically. The Windows system includes installed scripts thus they can execute the steps of the corresponding testing procedure. For security reasons computer executing testing tasks are connected to the internet via a special firewall. Once the testing procedure executed all of information from the used image are saved and after the analysis of information the results are transferred directly to the Webserver computer. Webserver: It collects test results in its database and provides it accessible via its web page. Archiver: All of information about executed tests is archived by this computer. It includes test results, log files and images as well as data required for testing. Controller: This computer manages the whole process on different parts of the system. Firewall: There is a firewall between the inner (red) and outer (blue) networks. It is used for managing the system only, it is not required by the automatic working mechanism of the system. Firewall & router: There is a special firewall and router among the client computers, the "malware proxy" server and the internet. The main task of this "Malware proxy" server: This server can store the content of malicious sites related to the certain time. So it can simulate the tested part of the internet for clients. It is used in the case of dynamic testing (when the malware code is executed, or a malicious site is opened). This frame system can enable that the set of tested procedures can be increased by producing some new scripts with the related data. 3. Endpoint Test battery Testing procedures of Checkvir Endpoint Test Battery includes nine different testing procedures. Five of them are related to malicious files and four of them are related to malicious URLs: 1. a. In the case of Static on-demand testing the threat detection and removing capabilities of the protection are tested against malicious codes stored in local files. b. The Static on-access testing method tests the threat detection and removing capabilities of the protection during the copying procedure of malicious files. 2. The Dynamic execution testing method tests the threat detection and blocking capabilities of the protection during the execution procedure of a malicious file. 3. The 0hour testing method tests the threat detection and blocking capabilities of the protection during the opening of the recently received malicious URL site. This test is repeated several times to check protection changes. 4. The Remediation testing method tests the threat detection and restoring capabilities of the protection against an installed malware on a machine. 5. The Rootkit testing method tests the threat detection and restoring capabilities of the protection against an installed rootkit on a machine. 2
3 6. The Exploit testing method tests the threat detection and blocking capabilities of the protection against an exploit attack from another computer. A special Linux server with the metasploit software is built to provide exploit attacks to clients. 7. The Dynamic URL method tests the threat detection and blocking capabilities of the protection during the opening of a malicious URL site. 8. The Phishing testing method tests the threat detection and blocking capabilities of the protection during the opening of a phishing URL site. 4. Results Measures of protection by web reputation V-3 Blocking Zero-Hour Web Threats 8 Blocking Zero Hour Web Threats All of these nine testing procedures are evaluated using the corresponding user situation. In the case of malicious files user can - execute on-demand scan (1a), - copy the malicious file (1b), - execute the malicious file (2), - try to restore the infected system (4 and 5). In the case of malicious URLs the user can open the malicious site depending on its type (malicious executable: 3 and 7, exploit: 6, phishing: 8) and in the case of executables the user can try to execute that. The Trend Micro Ti6 development team made use of the following tests as part of their program of Ti6 pre-release testing and product modification cycle: Measures of protection by web reputation V-3 Blocking Zero-Hour Web Threats V-7a Blocking Malicious URLs V-8 Blocking Phishing URLs Measures of protection by malware file detection V-1a V-1b Detecting Stored Malware Files Blocking Malware File Transfers Measures of protection by behavioral monitoring V-2 Blocking Executed Malware Measures of protection from browser exploits V-6 Blocking Exploit Attacks Measures of protection by disinfection after detection V-4 Cleaning Malware Infections Measures of protection by detecting & removing rootkits V-5 Detecting & Removing Rootkits V-7a layer % 53% 64% 1 st 1 st Test V-3 Apr-Aug attack samples Blocking Malicious URLs by the exposure Blocking Malicious URLs 23% 69% 74% 1 st 1 st Test V-7a Apr-Aug attack samples ( ) 3
4 V-7b Blocking Malicious URLs by all layers Blocking Web Threats (any layer) 65% 7 84% 4 th 3 rd Test V-7b Apr-Aug attack samples ( ) V-8 Blocking Phishing URLs Measures of protection by malware file detection V-1a Detecting Stored Malware Files Detecting Stored Malware Files 89% 89% 96% 3 rd 1 st Test V-1a-D Apr-Aug ,634 attack samples 8 Blocking Phishing URLs Cleaning Stored Malware Files % 74% 2 nd 1 st % 88% 72% 2 nd 5 th Test V-8 Apr-Aug attack samples ( ) Test V-1a-C Apr-Aug ,634 attack samples 4
5 V-1b Blocking Malware File Transfers Blocking Malware File Transfers 8 Measures of protection from browser exploits V-6 Blocking Exploit Attacks Blocking Browser Exploit Attacks % 94% 84% 2 nd 4 th Test V-1b Apr-Aug ,303 attack samples Measures of protection by behavioral monitoring % 89% 4 th 1 st (tie) Test V-6 Jul-Aug attack samples V-2 Blocking Executed Malware Measures of protection by disinfection Blocking Executed Malware 2 nd 2 nd 11% 12% 14% V-4 Cleaning Malware Infections 8 4 Cleaning Malware Infections 81% 81% 8 Test V-2a Apr-Aug attack samples 2 4 th 4 th Test V-4 Apr-Aug attack samples ( ) 5
6 Measures of protection from rootkits V-5 Detecting & Removing Rootkits Detecting & Removing Rootkits % 8 83% 3 rd 3 rd Test V-5 Apr-Aug attack samples ( ) 5. Analysis Testing procedures were executed using Trend Micro Titanium 5 and the new beta 6 versions from April June testing results can be seen on Table 2. In the case of malicious file related tests, differences between the two tested Titanium versions were related to mainly the dynamic execution test only (2b: 28% and 4). In the case of malicious URL related tests Titanium 6 was better in 3 (0hour), 7 (dynamic URL) and 8 (phishing) tests, however Titanium 5 was better in the case of 6 (exploit) test, which was related to a bug in Titanium 6 already fixed in the next version. Test results of Checkvir Endpoint Test Battery include statistical information of all testing procedures and about summary as well. On the other hand all of test cases described in details. For example the 7 Dynamic URL testing cases can include details about the flow of the testing procedure. Figure 2. Detection and blocking by the infection layer In Figure 2 the testing flow can be seen when the url was not blocked, the browser offered the saving of the malicious file (first screenshot) and later the malicious file may not be saved (second screenshot). In Figure 3 the exposure layer blocked the opening procedure in browser it displayed a warning as well. 6
7 - That they would have had enough time to develop a patch in time for the final release; - That the Titanium product managers would have allowed a patch to the release candidate so late in the version development cycle. Blocking Browser Exploit Attacks successive Ti6 beta tests % 8 78% 7 65% th 5 th 3 rd 4 th 6 th 1 st 1 st (tie) (tie) avg* Ti 5 β1 β2 β3 β4 β5 GM Test V-6 Apr-Aug attack samples (May-Aug) McAfee, Symantec, & Webroot Figure 3. Detection and blocking by the exposure layer 6. Conclusion The CheckVir Endpoint Test Battery provided the Trend Micro Ti6 development team with valuable information on the protection ability of the interim alpha and beta builds. By using repeated component tests, the developers were able to pinpoint problems as they arose and respond during the product development cycle. An example of this is the Browser Engine at Trend Micro. They were able to use the Test V-6 (Blocking Browser Exploit Attacks) tests to see results from multiple iterations of their engine integrated into the Titanium product. As the final release approached, they noticed a drop off in Ti6 protection for Test V-6. A late patch to a release candidate build solved the problem, as can be seen in Figure 4. In the absence of iterations of the browser exploit test revealing the nature and seriousness of the problem, it is unlikely that: - The Browser Engine Team would have been aware of the problem; Figure 4. Iterations of test V-6 revealed a hidden problem with the Browser Engine that was fixed by a late patch as seen in the performance of Ti6 β 5 build. 7. References [1] Leitold, F. (1995). Automatic Virus Analyser System, Proceedings of the 5th International Virus Bulletin Conference, Boston USA, 1995, pp [2] Leitold, F. (2002). Independent AV testing, Proceedings of the 11th International EICAR Conference, Berlin, Germany, [3] Leitold, F.: Experience of AV testing, Proceedings of the 12th International EICAR Conference, Copenhagen, Denmark, 2003 [4] Kárpáti, N.; Leitold, F.: CheckVir anti-virus testing and certification, Proceedings of the 13th International EICAR Conference, Luxemburg, 2004 [5] Leitold, F.: The solution in the naming chaos, Proceedings of the 14th International EICAR Conference, Malta, 2005 [6] Leitold, F.: CheckVir Realtime Antimalware Testing and Certification, Proceedings of the 18th International EICAR Conference, Berlin, Germany,
8 [7] EICAR Cyber Attack Methods Detection & Information Exploitation Research Project, [8] Order To Come To Virus Naming Chaos, November 24, 2004 [9] S. Gordon; R. Ford: REAL WORLD ANTI-VIRUS PRODUCT REVIEWS AND EVALUATIONS THE CURRENT STATE OF AFFAIRS, nal.pdf [10] A. Marx: A Guideline to Anti-Malware-Software testing Proceedings of the 12th International EICAR Conference, Copenhagen, Denmark, 2003 [11] M. Morgenstern; A. Marx: Testing of "Dynamic Detection", AVAR Conference, 2007, &lang=0 [12] AMTSO documents, 8
CheckVir anti-virus testing and certification
CheckVir anti-virus testing and certification : Best Paper Proceedings Nikoletta Kárpáti, Veszprog Ltd., Hungary Ph.D. Ferenc Leitold, Veszprem University - Veszprog Ltd., Hungary About Authors Nikoletta
More informationMeasuring cloud-based anti-malware protection for Office 365 user accounts
Measuring cloud-based anti-malware protection for Office 365 user accounts Ferenc Leitold Veszprog fleitold@veszprog.hu Anthony Arrott CheckVir aarrott@checkvir.com William Kam Trend Micro william_kam@trendmicro.com
More informationWeb Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates
Web Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates A test commissioned by McAfee, Inc. and performed by AV-Test GmbH Date of the report: December 7 th, 2010 (last
More informationMRG Effitas Trapmine Exploit Test
MRG Effitas Trapmine Exploit Test 1 Contents Introduction... 3 Certifications... 3 Tests Applied... 3 Sample sets... 3 Participants... 4 Methodology... 4 Results... 6 Known metasploit samples... 6 In-the-wild
More informationTesting Exploit-Prevention Mechanisms in Anti-Malware Products
Testing Exploit-Prevention Mechanisms in Anti-Malware Products Andreas Marx & Maik Morgenstern AV-Test GmbH, Magdeburg, Germany http://www.av-test.org Presented at the CARO Workshop 2009 in Budapest, Hungary
More informationInvincea Endpoint Protection Test
Invincea Endpoint Protection Test A test commissioned by Invincea and performed by AV-TEST GmbH. Date of the report: May 2 nd, 2016 Executive Summary In April 2016, AV-TEST performed a review of the Invincea
More informationSecurity Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management
Seven Habits of Cyber Security for SMEs Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management Security Policy is an important
More informationMRG Effitas 360 Degree Assessment & Certification Q1 2018
MRG Effitas 360 Degree Assessment & Certification Q1 2018 1 Contents Introduction... 3 Executive Summary... 3 Certification... 4 The Purpose of this Report... 5 Tests Employed... 6 Security Applications
More informationMRG Effitas 360 Assessment & Certification Programme Q4 2015
MRG Effitas 360 Assessment & Certification Programme Q4 2015 1 Contents Introduction... 3 Executive Summary... 3 Certification... 4 The Purpose of this Report... 5 Tests Employed... 6 Security Applications
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationTrend Micro SMB Endpoint Comparative Report Performed by AV-Test.org
Trend Micro SMB Endpoint Comparative Report Performed by AV-Test.org Results from October 2010 Executive Summary In October of 2010, AV-Test.org performed endpoint security benchmark testing on five marketleading
More informationSecuring the SMB Cloud Generation
Securing the SMB Cloud Generation Intelligent Protection Against the New Generation of Threats Colin Brackman, National Distribution Manager, Consumer Sales, Symantec Christopher Covert Principal Product
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationTrend Micro SMB Endpoint Comparative Report Performed by AV-Test.org
Trend Micro SMB Endpoint Comparative Report Performed by AV-Test.org A test commissioned by Trend Micro and performed by AV-Test GmbH Executive Summary In May of 2011, AV-Test.org performed endpoint security
More informationMRG Effitas 360 Degree Assessment & Certification Q4 2017
MRG Effitas 360 Degree Assessment & Certification Q4 2017 1 Contents Introduction... 3 Executive Summary... 3 Certification... 4 The Purpose of this Report... 5 Tests Employed... 6 Security Applications
More informationTechnical Brochure F-SECURE THREAT SHIELD
Technical Brochure F-SECURE THREAT SHIELD F-SECURE THREATSHIELD F-Secure ThreatShield is a gateway-level security solution for protecting email and web traffic, with built-in network sandboxing technology.
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationReview BitDefender Business Security 2 Years 1000 PCs free pc software downloading sites ]
Review BitDefender Business Security 2 Years 1000 PCs free pc software downloading sites ] Description: BitDefender Business Security is a robust and easy to use business security and management solution
More informationOUR CUSTOMER TERMS CLOUD SERVICES MCAFEE ENDPOINT PROTECTION ESSENTIAL FOR SMB
CONTENTS Click on the section that you are interested in. 1 About the Mcafee endpoint protection Essential for SMB 2 2 Mcafee Endpoint Protection Essential for SMB applications 2 Eligibility 2 3 Charges
More informationPROTECTION SERVICE FOR BUSINESS. Datasheet
PROTECTION SERVICE FOR BUSINESS Datasheet Protection Service For Business is one of the world s leading multi-endpoint security solutions. It is the only endpoint security solution on the market that combines
More informationAnti-Virus Comparative. Factsheet Business Test (August-September 2018) Last revision: 11 th October
Anti-Virus Comparative Factsheet Business Test Language: English August-September 2018 Last revision: 11 th October 2018 https:// - 1 - Introduction This is a short fact sheet for our Business Main-Test
More informationPrevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,
Prevx 3.0 v3.0.1.65 Product Overview - Core Functionality April, 2009 includes overviews of MyPrevx, Prevx 3.0 Enterprise, and Prevx 3.0 Banking and Ecommerce editions Copyright Prevx Limited 2007,2008,2009
More informationCOMPARATIVE MALWARE PROTECTION ASSESSMENT
February 2018 COMPARATIVE MALWARE PROTECTION ASSESSMENT 2018.02.28 1 Table of Contents 1 Introduction... 3 1.1 Executive summary... 3 1.1 Test details... 5 1.1.1 Malware protection test... 5 1.1.2 Real-world
More informationMRG Effitas Online Banking Browser Security Assessment Project Q Q1 2014
MRG Effitas Online Banking Browser Security Assessment Project Q3 2013 - Q1 2014 1 Contents Introduction... 3 The Purpose of this Report... 3 Tests Employed... 3 Security Applications Tested... 4 Methodology
More informationNext Generation Enduser Protection
Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017 What is the the real threat? Encrypted! Give me all your Bitcoin$ Let s check if there Is something of value The Evolution
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationA MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE
SESSION ID: SPO2-W12 A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE Frank Bunton VP, CISO MedImpact Healthcare Systems, Security @frankbunton Larry Biggs Security Engineer III - Threat
More informationCisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017
Cisco Security Advanced Malware Protection Guillermo González Security Systems Engineer Octubre 2017 The New Security Model Attack Continuum Before During After Before Discover During Detect After Scope
More informationMRG Effitas 360 Degree Assessment & Certification Q MRG Effitas 360 Assessment & Certification Programme Q2 2017
MRG Effitas 360 Degree Assessment & Certification Q2 2017 1 Contents Introduction... 3 Executive Summary... 3 Certification... 4 The Purpose of this Report... 5 Tests Employed... 6 Security Applications
More information1 Page Compass Investors, LLC P.O. Box 94 Kenilworth, IL
Updating a Local Firewall for Proper Site Access These steps are needed to allow proper functioning of and access to the subscriber areas of the Compass Investors website. These instructions include several
More informationHow To Remove Xp Internet Security 2011 Virus Manually
How To Remove Xp Internet Security 2011 Virus Manually Contact your anti-malware vendor for assistance with identifying or removing virus or worm infections. If you need more help with malware removal
More informationZillya Internet Security User Guide
Zillya Internet Security User Guide Content Download Zillya Internet Security... 4 Installation Zillya Internet Security... 4 System Status... 7 System Scanning... 9 When Zillya Internet Security finds
More informationPassMark S O F T W A R E
PassMark S O F T W A R E Antivirus, Internet Security and Total Security Products Performance Benchmarking (2009) Vista/Dual Core Hardware March 2009 Document: Antivirus, Internet Security and Total Security
More informationKaspersky Security Network
The Kaspersky Security Network (KSN) is a complex distributed infrastructure dedicated to intelligently processing cybersecurity-related data streams from millions of voluntary participants around the
More informationTrend Micro Enterprise Endpoint Comparative Report Performed by AV-Test.org
Trend Micro Enterprise Comparative Report Performed by AV-Test.org Results from October 2010 Executive Summary In October of 2010, AV-Test.org performed endpoint security benchmark testing on five marketleading
More informationUP L13: Leveraging the full protection of SEP 12.1.x
UP L13: Leveraging the full protection of SEP 12.1.x Hands on lab Description In this hands on lab you will learn about the different protection technologies bundled in SEP 12.1.x and see how they complement
More informationEnterprise Anti-Virus Protection
Enterprise Anti-Virus Protection JANUARY - MARCH 2014 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationSingle Product Review. escan Internet Security 11. Language: English September 2010 Last revision: 13 nd October
Single Product Review escan Internet Security 11 Language: English September 2010 Last revision: 13 nd October 2010-1 - Content Downloading and installing the trial version... 3 Post-installation... 4
More informationA Simple Guide to Understanding EDR
2018. 08. 22 A Simple Guide to Understanding EDR Proposition for Adopting Next-generation Endpoint Security Technology 220, Pangyoyeok-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, South Korea Tel: +82-31-722-8000
More informationRTTL Certification Test - March Language: English. March Last Revision: 8 th April
RTTL Certification Test March 2016 Language: English March 2016 Last Revision: 8 th April 2016-1 - Introduction 1 st AMTSO Real Time Threat List (RTTL) based certification test What is the RTTL? The Real-Time
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationHow to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis
White paper How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis AhnLab, Inc. Table of Contents Introduction... 1 Multidimensional Analysis... 1 Cloud-based Analysis...
More informationSynchronized Security
Synchronized Security 2 Endpoint Firewall Synchronized Security Platform and Strategy Admin Manage All Sophos Products Self Service User Customizable Alerts Partner Management of Customer Installations
More informationLindström Tomas Cyber security from ABB System 800xA PA-SE-XA
Lindström Tomas 2013-09-02 Cyber security from ABB System 800xA PA-SE-XA-015963 Cyber Security solutions from ABB Agenda Cyber Security in ABB: general view, activities, organization How we work with Cyber
More informationFILELESSMALW ARE PROTECTION TEST OCTOBER2017
FILELESSMALW ARE PROTECTION TEST OCTOBER2017 1 / 12 INTRODUCTION In times of digitalization of each aspect of public and private life new and interesting techniques of bypassing protections are abundant.
More informationHome Anti-Virus Protection
Home Anti-Virus Protection APR - JUN 2015 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware products
More informationEndpoint Security and Virtualization. Darren Niller Product Management Director May 2012
Endpoint Security and Virtualization Darren Niller Product Management Director May 2012 Table of contents Introduction... 3 Traditional Security Approach: Counteracts Virtual Performance Gains... 3 Agent-less
More informationMRG Effitas Android AV review
MRG Effitas Android AV review 1 Contents Introduction... 3 Tests Applied... 3 Test samples... 4 Security Applications Tested... 5 Test Results... 5 Conclusions... 10 2 Introduction MRG Effitas is an independent
More informationJune 2 nd, 2016 Security Awareness
June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal
More informationATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS
PARTNER BRIEF ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS INTRODUCTION Attivo Networks has partnered with McAfee to detect real-time in-network threats and to automate incident response
More informationKaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia
Kaspersky Cloud Security for Hybrid Cloud Diego Magni Presales Manager Kaspersky Lab Italia EXPERTISE 1/3 of our employees are R&D specialists 323,000 new malicious files are detected by Kaspersky Lab
More informationAutomating Security Response based on Internet Reputation
Add Your Logo here Do not use master Automating Security Response based on Internet Reputation IP and DNS Reputation for the IPS Platform Anthony Supinski Senior Systems Engineer www.h3cnetworks.com www.3com.com
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationCONSUMER EPP COMPARATIVE ANALYSIS
CONSUMER EPP COMPARATIVE ANALYSIS Socially Engineered Malware Randy Abrams, Jayendra Pathak, Mohamed Saher, Ahmed Garhy Tested Vendors AVG, F- Secure, Kaspersky, McAfee, Microsoft, Symantec, Trend Micro
More informationTrend Micro Deep Discovery Training for Certified Professionals
Trend Micro Deep Discovery Training for Certified Professionals Length Courseware 3 days Hard or soft copy provided. Course Description Trend Micro Deep Discovery Training for Certified Professionals is
More informationWebroot SecureAnywhere Business Endpoint Protection
Single Product Test Head-to-Head Comparison VIPRE Endpoint Security - Cloud Edition Webroot SecureAnywhere Business Endpoint Protection Language: English October 2017 Last revision: 3 rd November 2017-1
More informationKASPERSKY ENDPOINT SECURITY FOR BUSINESS
KASPERSKY ENDPOINT SECURITY FOR BUSINESS 1 WHAT WE SEE TODAY 325,000 New Endpoint Threats per day Targeted attacks and malware campaigns Threat reports Continued Exploitation of Vulnerabilities in 3rd
More informationRemove Manually Norton Internet Security 2012 Will Not Start
Remove Manually Norton Internet Security 2012 Will Not Start Restart your computer to check if you can start your Norton product. I cannot connect to the Internet My Norton product does not work or displays
More informationReal protection against real threats
Real protection against real threats Protection for any device For home and office For new purchases and renewals * PCs, Macs and mobile devices running OS supported by Dr.Web. www.drweb.com OOO Doctor
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More information100% Endpoint Protection dank Machine Learning, EDR & Deception?
100% Endpoint Protection dank Machine Learning, EDR & Deception? 13. Februar 2018 Evolving Threat Landscape Hard to keep up with significant growth and sophistication in cyber threats
More informationPut an end to cyberthreats
Put an end to cyberthreats Automated and centralized Advanced Security CORPORATE CYBERSECURITY Who is behind cyberthreats?1 73% 28% 12% 50% What is the cost to companies? Global cost: $600,000 M3 Cost
More informationHome Anti-Virus Protection
Home Anti-Virus Protection APRIL - JUNE 2014 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware products
More information3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017
3 Ways to Prevent and Protect Your Clients from a Cyber-Attack George Anderson Product Marketing Director Business October 31 st 2017 Agenda One ounce of prevention is worth a pound of protection 01 Aiming
More informationBeyond Testing: What Really Matters. Andreas Marx CEO, AV-TEST GmbH
Beyond Testing: What Really Matters Andreas Marx CEO, AV-TEST GmbH Microsoft Security Response Alliance Summit 2013 - July 10th, 2013 1 AGENDA About AV-TEST GmbH Innovations and Presentations The AV-TEST
More informationNUIT Tech Talk: Data and Information Security at Northwestern January 24, 2007
NUIT Tech Talk: Data and Information Security at Northwestern January 24, 2007 Roger Safian, Senior Data Security Analyst, NUIT Agenda Introduction and brief bio Security statistics Protecting yourself
More informationSymantec & Blue Coat Technical Update Webinar 29. Juni 2017
Avantec Blue Coat/Symantec Webinar Jean Marc Edder Senior Systems Engineer The Global Leader in Cyber Network + + Cloud Global market leader in Endpoint, Email, Data Loss Prevention and Website, User Authentication
More informationHow To Manually Uninstall Symantec Antivirus Corporate Edition 10.x Client
How To Manually Uninstall Symantec Antivirus Corporate Edition 10.x Client Download Symantec Norton AntiVirus Definition Update (Upgrade/Patch). proactively block attacks and detect and remove threats
More informationEU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux
EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider
More informationIT Security Cost Reduction
Quantifying the Impact of Greater Endpoint Security Effectiveness, Higher Performance, and Smaller Footprint In the constant drive for increased productivity and cost-effectiveness, enterprises are continuously
More informationFAQ. Safe Anywhere PC 12. Disclaimer:
FAQ Safe Anywhere PC 12 Disclaimer: You can freely use (copy and edit) the information in this document for your own purposes. You may want to replace all references to F-Secure, F-Secure launch pad, F-Secure
More informationKASPERSKY FRAUD PREVENTION FOR ENDPOINTS
KASPERSKY FRAUD PREVENTION FOR ENDPOINTS www.kaspersky.com KASPERSKY FRAUD PREVENTION 1. Ways of Attacking Online Banking The prime motive behind cybercrime is making money and today s sophisticated criminal
More informationMeltdown and Spectre Mitigation. By Sathish Damodaran
Meltdown and Spectre Mitigation By Sathish Damodaran Introduction Meltdown allows attackers to read arbitrary physical memory (including kernel memory) for an unprivileged user process. Meltdown uses out
More informationDiscount BitDefender SBS Security pc computer software ]
Discount BitDefender SBS Security pc computer software ] Description: BitDefender SBS Security is a robust and easy to use business security and management solution which delivers superior proactive protection
More informationprotectiontestagainst ransomwarethreats
protectiontestagainst ransomwarethreats softwareforhomeuser andsmbcompany October2016 RANSOMWARE AND CRYPTO-RANSOMWARE Date of the test: October 2016 An objective of the test conducted by AVLab in October
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More information360 Degree Assessment & Certification
360 Degree Assessment & Certification Q3 2018 Copyright 2018 MRG Effitas Ltd. Copyright 2018 MRG Effitas Ltd. MRG Effitas Ltd. Efficacy Assessment & Assurance Contents Introduction... 3 Executive Summary...
More informationTHREAT PROTECTION FOR VIRTUAL SYSTEMS #ILTACON #ILTA156
THREAT PROTECTION FOR VIRTUAL SYSTEMS #ILTACON #ILTA156 JIM P. NIXON Application Support Manager Seyfarth Shaw LLP jnixon@seyfarth.com IN THE PAST, TRADITIONAL SOLUTIONS DIDN T THINK ABOUT VIRTUAL WORKLOADS
More informationSecurity Gap Analysis: Aggregrated Results
Email Security Gap Analysis: Aggregrated Results Average rates at which enterprise email security systems miss spam, phishing and malware attachments November 2017 www.cyren.com 1 Email Security Gap Analysis:
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationSymantec Antivirus Manual Removal Tool Corporate Edition 10.x
Symantec Antivirus Manual Removal Tool Corporate Edition 10.x Learn how to download and run the Norton Removal Tool to uninstall the Norton products from your Looking for a free Virus and Spyware removal
More informationSOLUTION MANAGEMENT GROUP
InterScan Messaging Security Virtual Appliance 8.0 Reviewer s Guide February 2011 Trend Micro, Inc. 10101 N. De Anza Blvd. Cupertino, CA 95014 T 800.228.5651 / 408.257.1500 F 408.257.2003 www.trendmicro.com
More informationKaspersky Internet Security - Top 10 Internet Security Software in With Best Antivirus, Firewall,
Among the several Internet Security Suites available for the Windows operating system, is Kaspersky Internet Security (KIS). The latest version Kaspersky Internet Security is pretty impressive in terms
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationGet BitDefender Business Security 3 Years 15 PCs pc software site download ]
Get BitDefender Business Security 3 Years 15 PCs pc software site download ] Description: BitDefender Business Security is a robust and easy to use business security and management solution which delivers
More informationAdvanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe
Advanced Malware Protection Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe How would you do security differently if you knew you were going to be hacked? Security Challenges Changing
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationSmall Business Anti-Virus Protection
Small Business Anti-Virus Protection APR - JUN 2015 Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to compare the effectiveness of anti-malware
More informationSE Labs Test Plan for Q Endpoint Protection : Enterprise, Small Business, and Consumer
Keywords: anti-malware; compliance; assessment; testing; test plan; template; endpoint; security; SE Labs SE Labs and AMTSO Preparation Date : December 18, 2017 Version 1.2 SE Labs Test Plan for Q1 2018
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationIntrusion Prevention Signature Failures Symantec Endpoint Protection
Intrusion Prevention Signature Failures Symantec Endpoint Protection I tried changing the communication policies in SEPM from push to pull mode but I do No updates found for Symantec Endpoint Protection
More informationMalwarebytes free edition for windows 10
Malwarebytes free edition for windows 10 Malwarebytes for Windows detects and removes malware and viruses your antivirus will miss.. Malwarebytes free downloads. Every cybersecurity product you can the
More informationThe New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments
The New Normal Unique Challenges When Monitoring Hybrid Cloud Environments The Evolving Cybersecurity Landscape Every day, the cybersecurity landscape is expanding around us. Each new device connected
More informationRemove Trend Micro Titanium Internet Security Without Password
Remove Trend Micro Titanium Internet Security Without Password Uninstall Titanium Internet Security for Mac using the installer. Open the Trend Click Uninstall. Type the administrator name and password,
More informationRemediation Testing Report
Remediation Testing Report A test commissioned by Symantec Corporation and performed by AV-Test GmbH Date of the report: January 27 th, 2011, last update: February 10 th, 2011 Executive Summary In January
More informationSE Labs Test Plan for Q Endpoint Protection : Enterprise, Small Business, and Consumer
Keywords: anti-malware; compliance; assessment; testing; test plan; template; endpoint; security; SE Labs SE Labs and AMTSO Preparation Date : July 20, 2017 Documentation Source Dates : June 2017 Version
More informationein wichtiger Baustein im Security Ökosystem Dr. Christian Gayda (T-SEC) und Ingo Kruckewitt (Symantec)
Next Gen Endpoint Protection ein wichtiger Baustein im Security Ökosystem Dr. Christian Gayda (T-SEC) und Ingo Kruckewitt (Symantec) What is Next Gen Endpoint Protection? 2 DT Next Gen Endpoint Protection
More informationTHE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson
THE RSA NETWITNESS SUITE REINVENT YOUR SIEM Presented by: Walter Abeson 1 Reality Goals GOALS VERSUS REALITY OF SIEM 1.0 Single compliance & security interface Analyze & prioritize alerts across various
More informationCyber Security. Our part of the journey
Cyber Security Our part of the journey The Journey Evolved Built on the past Will be continued Not always perfect Small Steps moving forward The Privileged How to make enemies quickly Ask before acting
More informationA Measurement Companion to the CIS Critical Security Controls (Version 6) October
A Measurement Companion to the CIS Critical Security Controls (Version 6) October 2015 1 A Measurement Companion to the CIS Critical Security Controls (Version 6) Introduction... 3 Description... 4 CIS
More information