Learn Here, Protect There
|
|
- Marybeth Bradley
- 5 years ago
- Views:
Transcription
1 Predictive protection through global threat intelligence
2 Table of Contents Introduction 3 The Cyberthreat Landscape 4 The Research and Response Landscape 4 Inside Predictive Protection: Global Threat Intelligence 5 One: Millions of sensors throughout the internet 5 Two: Content analysis across all threat vectors 6 Three: Integrated reputation-based intelligence 6 Four: Real-time threat collection and distribution 7 Five: Complete suite of endpoint and network protections 7 Six: Global threat research team dedicated to global threat intelligence 8 An Operational Payoff 8 Conclusion 8 Predictive protection from McAfee 9 About McAfee, Inc. 9
3 Introduction According to IDC, improved IT security ranked as the number two IT priority for One justification is the drastically altered threat landscape: threat volumes increased by 500% in Within this barrage, cybercriminals now layer techniques and use multiple entry points to increase their chances of success. This sophistication has made cybercrime a significant risk for enterprises and consumers. In the Unsecured Economies survey, interviewed companies estimated that they had lost an average of $4.6 million worth of intellectual property in In June 2009, Consumer Reports estimated cybercrime accounted for $8 billion in consumer losses. 4 Cybercrime has evolved and matured very quickly, typically much more quickly than enterprise security architectures. With the incredible profit opportunity they see, criminals have also outpaced the research and response capacities of some security vendors. Too many organizations still react to new threats after they have done damage, rather than using modern technology and global reach to predict the risk and preempt it. It is the difference between planning for the entire day by gauging the weather through the front window, or by looking at a weather forecast based on satellite data correlated with a global, predictive view. The former, reactive approach is easy, but risky. It is predicated on what you already see, short term, and not what could be. The weather may start out fair, but you may find you are soaked by mid-day. The predictive approach takes a bit more effort, but dramatically lowers risk. It is a true forecast: what the threat is now and what it will be shortly. In this paper, we define six principles that characterize a rigorous, predictive approach to mitigating cyberthreats. These principles define a new standard called global threat intelligence that will allow IT teams to benchmark the research and protection offered by security vendors. As cyberthreats escalate, global threat intelligence should become the minimum standard for effective research and response and the centerpiece of an optimized security architecture. It should be a core requirement of any security product. 3,000, M (projected) Over 1,500,000 malware detections identified in 2008, up from 272,000 in ,400, percent of malware is obfuscated with packers and compression technologies 375 percent growth in password stealers and 20 percent growth in vulnerabilities Number of Threats 1,800,000 1,200, M 600, , , Figure 1: Cybercrime techniques like one-time use and encryption require security vendors to implement predictive protection. 1. Top 10 IT Spending Priorities, IDC, McAfee Labs htm?loginmethod=auto. 3
4 The Cyberthreat Landscape Cybercrime is rampant. Every website and networked computer is vulnerable, nine out of ten messages should be blocked, and any type of content that a user may want to access including videos, blogs, datasheets, or annual reports presents an opportunity for malware distributors. Each new day brings new, more ingenious malware. Developers combine web, host, and network vulnerabilities with spam, rootkits, spyware, and worms, wrapped with current events to keep content interesting. Micro-variations and one-time usage (polymorphism) keep malware ahead of many security defenses and most researchers. Why do cybercriminals now make threats so complex? In order to circumvent defenses that react to known threats and simple patterns. By combining multiple threat vectors and types of malicious content, malware has a better ability to stay unknown for a longer period, hiding off mainstream research radar. Cross-fertilization of rich data and real-time analysis allow predictive solutions to go beyond observed behavior to determine likely intent. Consider Conficker. This worm propagated over the network in multiple ways at the same time: through a Microsoft vulnerability, through , by accessing unique web domains, by using a peer-to-peer protocol, and by entering the endpoint through USB devices. It used multiple software languages, open source code, 250 subroutines, and time delays to create a multi-dimensional attack. Its January 2009 success nine million infections in four days demonstrates that the more threat vectors and techniques a threat can incorporate, the more likely it is to succeed. These complex threats are why McAfee reminds customers that signature-based anti-virus remains critical, but is no longer sufficient. Systems that avoided infection by Conficker used both host intrusion prevention and behavioral anti-virus. The Research and Response Landscape To implement effective protection against these threats, it helps to understand security research and response options today. The industry is evolving, moving from reactive protection through proactive protection to predictive protection. We can look at signature-based protections as an example. A variety of security products anti-virus, anti-malware, intrusion prevention systems, and outbound web use signatures to identify threats and trigger appropriate responses, such as block, quarantine, or allow. A reactive signature-based product waits until the vendor receives a sample of malicious content, evaluates that sample, and then publishes a signature to its users. Until the users receive the updated signature, known as threat intelligence, these users remain vulnerable. A proactive solution goes beyond content analysis to consider reputation. It can infer the potential risk of a piece of content based on experience with an associated IP address, a domain, or a spam score. Proactive solutions can act against malicious code without the delay of waiting for a formal sample and signature. In many ways, they determine guilt by association. These users have protection against unknown threats, reducing vulnerability. Predictive anti-virus solutions build on these techniques, but step them up an order of magnitude, moving from traditional threat intelligence to global threat intelligence. Predictive protections use millions of deployed products and sensors around the world to capture more types of data, more quickly, in real-time, with a wider view. For instance, through global sensors they can note the prevalence of a new behavior and its propagation pattern and pace as it progresses through different countries, types of users, or delivery mechanisms. In addition to considering more data inputs, predictive protection performs more analysis. It analyzes content and reputation within threat vectors and also correlates data points across threat vectors. For example, instead of stopping with separate analysis in separate areas such as , web, and host intrusion prevention, predictive solutions can learn from events and behaviors in each of these areas, aggregating reference points for a more complete, global perspective. 4
5 This cross-fertilization of rich data and analysis allows predictive solutions to go beyond observed behavior to determine likely intent. It helps them catch or predict new activities earlier and more successfully, further shrinking the risk burden each user carries. Signature-based protections are one example of the move from reactive to predictive, but not the only one. We see similar evolutions in the fields of outbound web security, spam detection, and the ability to determine the intent of an IP connection. We expect the need for predictive security to accelerate. Multi-vector threats like Conficker demonstrate that predictive protection is the new minimum standard for effective protection. Inside Predictive Protection: Global Threat Intelligence Since every responsible security vendor will be attempting to move to predictive protection, how can you recognize when your vendor is good enough? We have outlined six principles that provide a benchmark. Rather than qualitative concepts, they focus on something quantifiable: the global threat intelligence that enables multi-vector, real-time, predictive protection. Global threat intelligence can be evaluated against these six attributes: Does its data collection footprint span the entire Internet, including millions of sensors already in place gathering real-time threat information? Does its data collection and content analysis cross all key threat vectors, including malware, outbound web, , network security, and website vulnerabilities? Does it integrate and deliver reputation-based analysis? Does it include real-time in-the-cloud threat collection and real-time distribution of threat data to its security products? Does it deliver its threat intelligence across multiple endpoint and network security products? Is its threat intelligence produced by a team dedicated to global threat intelligence? Global threat intelligence relies on all six of these attributes, since they enable one another by providing sufficient scale and scope. Their importance and inter-dependence become clear as we look at detailed examples. One: Millions of sensors throughout the internet A global footprint means a provider can see what is happening across the entire Internet: not just in pockets, a single geography, or a limited set of languages. Global threat intelligence at McAfee correlates millions of data points across threat vectors: 200,000 zombies identified per day Billions of spam messages processed 100 sources monitored for vulnerability information 50,000 samples of malware processed daily 10 million IPS alerts monitored or analyzed Ratings of over 30 million sites in 96 categories Content enters the Internet from transit points around the world. Early detection makes it critical to be as close to all of these entry points as possible. Successful coverage translates to a truly global perspective that can stand up to global systems like spam and website compromises. Spam command-and-control operations use an international infrastructure. By taking control of systems in rapidly developing countries, criminals have replaced centralized spam centers with distributed producers and zombies. Zombie networks, or botnets, are exploding. In the first quarter of 2009, McAfee detected more than 12 million new zombies, with high growth in areas such as South Korea, Brazil, and Romania McAfee Threats Report: First Quarter 2009, p. 5. 5
6 Web 2.0 vulnerabilities provide rich soil for exploits. In February of 2009, McAfee detected a Gumblar/ Obfuscated Script.f worm, which, over the course of several months, had compromised tens of thousands of websites, inserting web page links to polymorphic (one-time use) malware. The links were constantly changing, with new domains registered on a daily basis for the purposes of hosting malware. McAfee Global Threat Intelligence used advanced data mining algorithms to predict and block access to over 80 percent of the most common domain registrations associated with the Gumblar cybercrime network before criminals could put those domains to use. Two: Content analysis across all threat vectors The second attribute of global threat intelligence requires extensive content analysis across the primary threat vectors, to mirror the multi-dimensional nature of today s threats. For example, an inbound phishing with an embedded malicious file could provide valuable knowledge to outbound web and anti-malware detection. Going farther, think about patching delays on Patch Tuesdays. What if your host intrusion prevention could protect you against a new Microsoft vulnerability? It does if it is educated by an anti-virus system that detects malware exploiting the vulnerability in question. McAfee Customers Malware Research Vulnerability Research Web Security Research GLOBAL THREAT INTELLIGENCE Security Research Regulatory Compliance Research Global Threat Intelligence Network Security Research Figure 2: Through collaboration, McAfee researchers cover the full landscape of threats. Three: Integrated reputation-based intelligence In addition to rich content analysis, reputation-based analysis and response should be mandatory today. Reactive threat intelligence often relies on a blacklist or white list approach, where samples are known good or known bad. Reputation adds a probabilistic score that precisely, numerically, and in real time specifies the ever-changing risk posed by an Internet identity, for example, a website, an IP address, or a file. With this reputation score, products can enforce policy decisions instantly, based on subtleties more refined than known good and known bad. Since reputation is perpetually changing, it helps content assessments keep pace with threats. Figure 3 shows how integrated content and reputation analysis worked in the field on March 16, 2009, during the bomb storm mass spam. A McAfee user received an that included a URL. The came from an IP address with no reputation for spam. The gateway cleared the unknown, seemingly innocent . However, when the user clicked the URL and went to a video feed with malicious content, the web gateway blocked that content. Intermingled and web content is common today; that is why you need both and web protections. What is new is the next step, where global threat intelligence activates. After the web gateway blocked the content, the event s data URL, IP address, and payload was transmitted to 6
7 McAfee. Then, almost instantly, new threat intelligence went out to McAfee customer sites to update the relevant and web protections. The reputation of the IP address went up to higher risk. In this example, web content analysis protected the customer initially. The captured data then benefitted both content and reputation-based defenses at other customer sites, an example of learn here and protect there. 1 User receives with a short message and a URL, from an IP address with no reputation for SPAM Internet McAfee Gateway TrustedSource Artemis 2 User clicks on link and goes to a fake Reuters video feed web page with malicious content Internet 5 Real-time feeds update and web gateways; Artemis protects the endpoint in real-time GLOBAL THREAT 3 The content coming back is malware, and is blocked at the gateway 4 The URL, IP, and the payload all captured from an event is sent to McAfee Labs INTELLIGENCE TrustedSource McAfee Web Gateway Figure 3: Applying both content and reputation analysis allows McAfee to detect faster and protect better. Four: Real-time threat collection and distribution Figure 3 also demonstrates the importance of the fourth characteristic of global threat intelligence: constant in-the-cloud collection of threat data and non-stop distribution of threat intelligence. Very quickly, the unknown spam message and unknown URL became known malicious entities. McAfee customers received protection before most knew there was a problem. Time-based propagation data where, how many, how quickly is an important tool for analysis, since it provides context for determining intent and inferring the level of risk. Real-time distribution in-the-cloud provides important protection for mobile and remote users. These users access corporate resources from laptops, kiosks, and smartphones and operate outside the secure cocoon of enterprise networks. In-the-cloud updates ensure the same global threat intelligence that goes out to other endpoint and network products can reach and protect them while they are traveling or at home. Five: Complete suite of endpoint and network protections Just as reactive signature-based approaches are not enough protection anymore, a single layer of protection does not suffice, either. Because multi-dimensional threats target several vectors at the same time, global threat intelligence needs to be able to parry attacks at multiple vectors at the same time. Best practice dictates these should include both endpoint and network protections. Even if your vendor achieves global threat intelligence, if this insight only benefits a single product, you remain overly exposed. Multiple touch points must update simultaneously to counter multi-pronged threats. As evidence, we can return to Conficker. The Conficker worm propagated across networks and at endpoints through multiple protocols and devices. When the threat of a new Conficker infection loomed April 1, 2009, McAfee was ready to protect customers with global threat intelligence that could act on the endpoint and the network in ten different products: network-based web, , and intrusion prevention systems; endpoint-based anti-malware, intrusion prevention, McAfee SiteAdvisor, and antispam; and agent-based and agentless vulnerability management solutions. Because of these multiple 7
8 touch points, McAfee customers with multiple products could feel more confident that they had a low risk of exposure, despite the many infection paths. In addition, if a Conficker event had occurred on April 1, one of the products above would have sensed it and immediately alerted the defenses of the other products through global threat intelligence. Six: Global threat research team dedicated to global threat intelligence So far, we have emphasized the technologies inside global threat intelligence. The final requirement covers the people: their physical distribution and focus. Global distribution enables non-stop analysis with researchers in the same time zones as the distributed entry points used by threats. It enables real-time, 24x7 coverage, as well as the cultural understanding that is pivotal to success with social engineering, phishing, and other threats that take advantage of language and cultural diversity. The other consideration is research focus. Global threat intelligence is a full-time job. Global threat intelligence is often as important, or more important, than the product that it enables. It requires persistence and dedication to stay on top of the rapid advances in technologies and techniques. Ask your vendor how many of their researchers focus exclusively on delivering global threat intelligence separate from those developing products or supporting them. McAfee, for example, has over 350 researchers across 30 countries, collectively working every minute of every day and dedicated to the delivery of global threat intelligence. That resource investment is completely separate from our product development engineers, sales engineers, or field consultants. An Operational Payoff Together, these six principles enable predictive protection. They apply the most complete data sources and allow correlated analysis to help you minimize your risk. Each time a threat is blocked without manual intervention, you save money, too. Incident avoidance may offer the greatest cost savings. If global threat intelligence protects your infrastructure, you can safely allow access to advanced web applications and social networking sites without fear of expensive cleanup, downtime, and data theft. Real-time protection also reduces the need for emergency updates and unscheduled patches. Global threat intelligence will fend off malware between scheduled signature updates and block exploits that target specific vulnerabilities. This dynamic intervention lets you calmly test and roll out patches on your schedule. As your users become more mobile and distributed, this sort of hands-free inspection and protection will only increase in value. Home users and those in small offices seldom adhere to maintenance policies and often lack the extra protection of gateway defenses. Global threat intelligence will help you protect these users without their action or yours. Finally, global threat intelligence will enable your business to adopt new technologies and ideas with more confidence. For example, despite the risks in Web 2.0, business units and users want it. It is exciting, interactive, and constantly changing, and agile businesses are employing its applications and content to create market-changing products and services. If you have global threat intelligence about the reputation, malicious content, and intent of Web 2.0 sites, you can let your users access this material and pursue new opportunities without unacceptable risk. Conclusion Following the sun around the globe, cybercriminals deliver complex, constantly morphing threats that outpace the limited resources of reactive protections. Global threat intelligence will help you keep pace. Instead of waiting for confirmed samples, it infers risk by correlating multiple factors, real-time, from millions of sensors and multiple threat vectors. Through the aggregation of these many inputs, it can predict the intent and likely risk of a potential threat or code sample, as well as see trends that foreshadow the future. 8
9 As you consider your security needs and the incident response and management costs you face, consider the impact of global threat intelligence. Global threat intelligence lets each product learn from other installations at other sites around the world. Learn here, protect there offers the most accurate, timely protection and the lowest levels of risk. When you assess your defenses, apply our six principles to see if your vendors measure up to the new standard of global threat intelligence. Predictive protection from McAfee McAfee has invested heavily in each of the six requirements of global threat intelligence. Well over 100 million sensors send multiple inputs each day to our research infrastructure in 30 countries around the world. Our threat research infrastructure covers all the major threat vectors, analyzing both content and reputation based on real-time threat collection. In milliseconds, we can assess changes, assign risk levels, and distribute protection recommendations to products covering every threat at every tier. And we keep pushing our understanding and tools through a relentless, exclusive focus on security. Multi-dimensional threats count on the coverage gaps of point solutions. McAfee is closing these gaps by connecting all of our products and cloud-based services to McAfee Global Threat Intelligence. We are protecting customers with global threat intelligence today, and building it into every product and service we create. Every product serves as a data collector to inform our analysis. Every product becomes a beneficiary through our real-time response technologies. Since our portfolio interlocks endpoint, network, and cloud-based solutions, we can protect you where the threats are striking, before they strike. As you protect more threat vectors and infrastructure tiers with McAfee products, you move to an optimized security architecture. In addition to the security benefits and cost savings of global threat intelligence, you benefit from the efficiency and agility of a unified security and compliance management platform. Learn more about global threat intelligence and McAfee at About McAfee, Inc. McAfee, Inc., headquartered in Santa Clara, California, is the world s largest dedicated security technology company. McAfee is relentlessly committed to tackling the world s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee, Inc Freedom Circle Santa Clara, CA McAfee and/or other noted McAfee related products contained herein are registered trademarks or trademarks of McAfee, Inc., and/or its affiliates in the U.S. and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. Any other non-mcafee related products, registered and/or unregistered trademarks contained herein is only by reference and are the sole property of their respective owners McAfee, Inc. All rights reserved. 6581wp_global-threat-intelligence_0709_ETMG
Building Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationData Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview creates a protected endpoint and messaging environment that is secure against today s complex data loss, malware, and spam threats controlling
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationSymantec Endpoint Protection 14
Symantec Endpoint Protection Cloud Security Made Simple Symantec Endpoint Protection 14 Data Data Sheet: Sheet: Endpoint Endpoint Security Security Overview Last year, we saw 431 million new malware variants,
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More informationServices solutions for Managed Service Providers (MSPs)
McAfee Advanced Threat Defense Services solutions for Managed Service Providers (MSPs) Differentiate your services and protect customers against zero-day attacks with the industry s most comprehensive
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationSustainable Security Operations
Sustainable Security Operations Optimize processes and tools to make the most of your team s time and talent The number and types of security incidents organizations face daily are steadily increasing,
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationWhite Paper. New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection
White Paper New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection The latest version of the flagship McAfee Gateway Anti-Malware technology adapts to new threats and plans for future
More informationMcAfee Firewall Enterprise: The only Firewall with the Intelligence to Continuously, Automatically Reduce the Risk and Threat Exposure of Your Network
: The only Firewall with the Intelligence to Continuously, Automatically Reduce the Risk and Threat Exposure of Your Network Reputation filtering with TrustedSource and Geo-Location costeffectively minimizes
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationIT & DATA SECURITY BREACH PREVENTION
IT & DATA SECURITY BREACH PREVENTION A PRACTICAL GUIDE Part 1: Reducing Employee and Application Risks CONTENTS EMPLOYEES: IT security hygiene best practice APPLICATIONS: Make patching a priority AS CORPORATE
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationSecuring Your Microsoft Azure Virtual Networks
Securing Your Microsoft Azure Virtual Networks IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up
More informationTHALES DATA THREAT REPORT
2018 THALES DATA THREAT REPORT Trends in Encryption and Data Security INDIA EDITION EXECUTIVE SUMMARY #2018DataThreat THE TOPLINE Rising risks for sensitive data in India In India, as in the rest of the
More informationIBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation
IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:
More informationBarracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper
Barracuda Advanced Threat Protection Bringing a New Layer of Security for Email White Paper Evolving Needs for Protection Against Advanced Threats IT security threats are constantly evolving and improving,
More informationPALANTIR CYBERMESH INTRODUCTION
100 Hamilton Avenue Palo Alto, California 94301 PALANTIR CYBERMESH INTRODUCTION Cyber attacks expose organizations to significant security, regulatory, and reputational risks, including the potential for
More informationMcAfee Endpoint Threat Defense and Response Family
Defense and Family Detect zero-day malware, secure patient-zero, and combat advanced attacks The escalating sophistication of cyberthreats requires a new generation of protection for endpoints. Advancing
More informationDefend Against the Unknown
Defend Against the Unknown Stay ahead of new threats with McAfee Endpoint Threat Defense solutions Targeted exploits. Ransomware. Explosive growth in zero-day malware. Organizations are locked in an ongoing
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationHOSTED SECURITY SERVICES
HOSTED SECURITY SERVICES A PROVEN STRATEGY FOR PROTECTING CRITICAL IT INFRASTRUCTURE AND DEVICES Being always-on, always-connected might be good for business, but it creates an ideal climate for cybercriminal
More informationSOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM
RSA NETWITNESS EVOLVED SIEM OVERVIEW A SIEM is technology originally intended for compliance and log management. Later, as SIEMs became the aggregation points for security alerts, they began to be more
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationKaspersky Security. The Power to Protect Your Organization
Kaspersky Security SOLUTIONS The Power to Protect Your Organization We believe that every organization from the smallest business to the largest corporation or government body should feel empowered to
More informationCA Security Management
CA Security CA Security CA Security In today s business environment, security remains one of the most pressing IT concerns. Most organizations are struggling to protect an increasing amount of disparate
More information5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief
5 Trends That Will Impact Your IT Planning in 2012 Layered Security Executive Brief a QuinStreet Excutive Brief. 2011 Layered Security Many of the IT trends that your organization will tackle in 2012 aren
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationEliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat
WHITE PAPER Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat Executive Summary Unfortunately, it s a foregone conclusion that no organisation is 100 percent safe
More informationPrevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,
Prevx 3.0 v3.0.1.65 Product Overview - Core Functionality April, 2009 includes overviews of MyPrevx, Prevx 3.0 Enterprise, and Prevx 3.0 Banking and Ecommerce editions Copyright Prevx Limited 2007,2008,2009
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationSymantec Endpoint Protection
Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec Insight and by SONAR, a single,
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationSecurity for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape
White Paper Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape Financial services organizations have a unique relationship with technology: electronic data and transactions
More informationENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE
ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE TABLE OF CONTENTS Overview...3 A Multi-Layer Approach to Endpoint Security...4 Known Attack Detection...5 Machine Learning...6 Behavioral Analysis...7 Exploit
More informationSecuring Your Amazon Web Services Virtual Networks
Securing Your Amazon Web Services s IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up a workload,
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationCisco Security: Advanced Threat Defense for Microsoft Office 365
Cisco Email Security: Advanced Threat Defense for Microsoft Office 365 Microsoft Office 365 has become the standard productivity platform in organizations large and small around the world. It is a cost-effective
More informationWhite Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.
White Paper April 2005 McAfee Protection-in-Depth The Risk Management Lifecycle Protecting Critical Business Assets Protecting Critical Business Assets 2 Table of Contents Overview 3 Diagram (10 Step Lifecycle)
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationAND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING
PROTECTING BANKING AND FINANCIAL INSTITUTIONS FROM CYBER FRAUD Enabling the financial industry to become proactively secure and compliant Overview In order to keep up with the changing digital payment
More informationSecurity Gap Analysis: Aggregrated Results
Email Security Gap Analysis: Aggregrated Results Average rates at which enterprise email security systems miss spam, phishing and malware attachments November 2017 www.cyren.com 1 Email Security Gap Analysis:
More informationThe McAfee MOVE Platform and Virtual Desktop Infrastructure
The McAfee MOVE Platform and Virtual Desktop Infrastructure Simplifying and accelerating security management for virtualized environments Table of Contents Wish List of Security Elements for Virtualized
More informationSymantec Client Security. Integrated protection for network and remote clients.
Symantec Client Security Integrated protection for network and remote clients. Complex Internet threats require comprehensive security. Today's complex threats require comprehensive security solutions
More informationCROWDSTRIKE FALCON FOR THE PUBLIC SECTOR
C R O W D S T R I K E P U B L I C S E C T O R S O L U T I O N S CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR SECURE YOUR ENTERPRISE WITH A THAT PROVIDES UNRIVALED PROTECTION, SECURITY EXPERTISE, AND OPTIMAL
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationTHE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE
THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE International Maritime Organization Regulations IMO has given shipowners and managers until 2021 to incorporate cyber risk management into
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationReduce Your Network's Attack Surface
WHITE PAPER Reduce Your Network's Attack Surface Ixia's ThreatARMOR Frees Up Security Resources and Personnel The Threat Landscape When you re dealing with network security, one of the primary measurements
More informationeguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments
eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments Today s PCI compliance landscape is one of continuing change and scrutiny. Given the number
More informationTrend Micro Endpoint Comparative Report Performed by AV-Test.org
Trend Micro Endpoint Comparative Report Performed by AV-Test.org Results from May 2010 Executive Summary In May of 2010, AV-Test.org performed endpoint security benchmark testing on five marketleading
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationTHE RISE OF GLOBAL THREAT INTELLIGENCE
THE RISE OF GLOBAL THREAT INTELLIGENCE 1 THE RISE OF GLOBAL THREAT INTELLIGENCE IN THE DIGITAL BUSINESS WORLD In developing the Global Threat Intelligence Report (GTIR), the NTT Group security team used
More informationPreparing your network for the next wave of innovation
Preparing your network for the next wave of innovation The future is exciting. Ready? 2 Executive brief For modern businesses, every day brings fresh challenges and opportunities. You must be able to adapt
More informationMcAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks
McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks Key Advantages Stay ahead of zero-day threats, ransomware, and greyware with machine learning and dynamic
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationAutomated, Real-Time Risk Analysis & Remediation
Automated, Real-Time Risk Analysis & Remediation TABLE OF CONTENTS 03 EXECUTIVE SUMMARY 04 VULNERABILITY SCANNERS ARE NOT ENOUGH 06 REAL-TIME CHANGE CONFIGURATION NOTIFICATIONS ARE KEY 07 FIREMON RISK
More informationExpand Virtualization. Maintain Security.
Expand Virtualization. Maintain Security. Key security decisions for virtualized infrastructures As enterprises make virtualization mission-critical for servers for servers and desktops, and desktops,
More informationProtecting Your Digital World
Protecting Your Digital World C O R P O R A T E O V E R V I E W With revenues of more than $105 Billion, cybercrime generates more revenue than the illegal drug trade. Source: U.S. Treasury, reported by
More informationIPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions
IPS Effectiveness IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions An Intrusion Prevention System (IPS) is a critical layer of defense that helps you protect
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationCloud Security & Advance Threat Protection. Cloud Security & Advance Threat Protection
Cloud Email Security & Advance Threat Protection Cloud Email Security & Advance Threat Protection Overview Over the years Cyber criminals have become more inventive in their attack methods to infiltrate
More informationFighting Spam, Phishing and Malware With Recurrent Pattern Detection
Fighting Spam, Phishing and Malware With Recurrent Pattern Detection White Paper September 2017 www.cyren.com 1 White Paper September 2017 Fighting Spam, Phishing and Malware With Recurrent Pattern Detection
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationA new approach to Cyber Security
A new approach to Cyber Security Feel Free kpmg.ch We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward.
More informationRiskSense Attack Surface Validation for IoT Systems
RiskSense Attack Surface Validation for IoT Systems 2018 RiskSense, Inc. Surfacing Double Exposure Risks Changing Times and Assessment Focus Our view of security assessments has changed. There is diminishing
More informationMcAfee Embedded Control
McAfee Embedded Control System integrity, change control, and policy compliance in one solution McAfee Embedded Control maintains the integrity of your system by only allowing authorized code to run and
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationPaper. Delivering Strong Security in a Hyperconverged Data Center Environment
Paper Delivering Strong Security in a Hyperconverged Data Center Environment Introduction A new trend is emerging in data center technology that could dramatically change the way enterprises manage and
More informationPower of the Threat Detection Trinity
White Paper Security Power of the Threat Detection Trinity How to Best Combine Real-time Correlation, Insider Threat Analysis and Hunting to protect against cyber threats. Combine real-time correlation,
More informationIBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.
IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats
More informationTop 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)
ESG Lab Review Sophos Security Heartbeat Date: January 2016 Author: Tony Palmer, Sr. ESG Lab Analyst; and Jack Poller, ESG Lab Analyst Abstract: This report examines the key attributes of Sophos synchronized
More informationTraditional Security Solutions Have Reached Their Limit
Traditional Security Solutions Have Reached Their Limit CHALLENGE #1 They are reactive They force you to deal only with symptoms, rather than root causes. CHALLENGE #2 256 DAYS TO IDENTIFY A BREACH TRADITIONAL
More informationEU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux
EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationMcAfee Total Protection for Data Loss Prevention
McAfee Total Protection for Data Loss Prevention Protect data leaks. Stay ahead of threats. Manage with ease. Key Advantages As regulations and corporate standards place increasing demands on IT to ensure
More informationHow to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis
White paper How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis AhnLab, Inc. Table of Contents Introduction... 1 Multidimensional Analysis... 1 Cloud-based Analysis...
More informationMcAfee S DO s AnD DOn ts Of Online Shopping
McAfee s Do s and don ts OF Online Shopping Table of Contents Foreword by Parry Aftab, 3 Online Safety Expert Online Shopping: The Real Deal 4 The DO s and DON Ts 5 Summary 17 Resources 18 Happy Online
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationMcAfee epolicy Orchestrator
McAfee epolicy Orchestrator Centrally get, visualize, share, and act on security insights Security management requires cumbersome juggling between tools and data. This puts the adversary at an advantage
More informationSymantec Enterprise Solution Product Guide
SOLUTION BRIEF: SYMANTEC ENTERPRISE SOLUTION PRODUCT GUIDE........................................ Symantec Enterprise Solution Product Guide Who should read this paper Businesses participating in the
More informationPetroleum Refiner Overhauls Security Infrastructure
Petroleum Refiner Overhauls Security Infrastructure Small team strengthens security posture and responds faster to threats HollyFrontier Customer Profile Fortune 500 independent petroleum refiner and distributor
More informationService. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution
Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More information6 Ways Office 365 Keeps Your and Business Secure
6 Ways Office 365 Keeps Your Email and Business Secure Acora House, Albert Drive, Burgess Hill, West Sussex, RH15 9TN T: +44 (0) 844 264 2222 W: acora.com E: sales@acora.com Introduction Microsoft have
More informationIntegrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries
Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries First united and open ecosystem to support enterprise-wide visibility and rapid response The cybersecurity industry needs a more efficient
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationCombating Today s Cyber Threats Inside Look at McAfee s Security
Combating Today s Cyber Threats Inside Look at McAfee s Security Charles Ross, Director Sales Engineering Public Sector 2008 McAfee, Inc. Agenda Today s Threat Landscape McAfee s Security Challenges McAfee
More informationMcAfee Embedded Control
McAfee Embedded Control System integrity, change control, and policy compliance in one solution for integrated control systems McAfee Embedded Control for integrated control systems (ICSs) maintains the
More informationBUFFERZONE Advanced Endpoint Security
BUFFERZONE Advanced Endpoint Security Enterprise-grade Containment, Bridging and Intelligence BUFFERZONE defends endpoints against a wide range of advanced and targeted threats with patented containment,
More informationStreaming Prevention in Cb Defense. Stop malware and non-malware attacks that bypass machine-learning AV and traditional AV
Streaming Prevention in Cb Defense Stop malware and non-malware attacks that bypass machine-learning AV and traditional AV 2 STREAMING PREVENTION IN Cb DEFENSE OVERVIEW Over the past three years, cyberattackers
More informationMaximum Security with Minimum Impact : Going Beyond Next Gen
SESSION ID: SP03-W10 Maximum Security with Minimum Impact : Going Beyond Next Gen Wendy Moore Director, User Protection Trend Micro @WMBOTT Hyper-competitive Cloud Rapid adoption Social Global Mobile IoT
More informationMapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective
Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better
More informationAutomated Context and Incident Response
Technical Brief Automated Context and Incident Response www.proofpoint.com Incident response requires situational awareness of the target, his or her environment, and the attacker. However, security alerts
More informationAdvanced Malware Protection: A Buyer s Guide
Advanced Malware Protection: A Buyer s Guide What You Will Learn This document will identify the essential capabilities you need in an advanced malware protection solution, the key questions you should
More information