Gaining Security Insight Through DNS Analytics
|
|
- Jody Flowers
- 5 years ago
- Views:
Transcription
1 Gaining Security Insight Through DNS Analytics v Scott Penney Director of Cyber Security Solutions, BlueCat Networks
2 Agenda Welcome to the Jungle Why DNS Matters Deal with the Facts The Power of DNS Q&A
3 Welcome to the Jungle
4 IT Sprawl is out of Control 4.9 Billion Things Connected in Million Smart Phones Delivered in % of Mobile Professionals Work on Personal Devices 2 Billion Mobile Devices Shipped in % of Smart Phones used in BYoD Environments Only 1 in 3 Companies Know How Many Vendors Use their Infrastructure Source: Gartner (
5 IT Moving from CENTER to the EDGE Business drivers demand DISTRIBUTED RESOURCES to meet local needs, which brings additional CHALLENGES Added Risk More attack surface is exposed Untrusted/managed devices Loss of visibility Reduced Control Costly infrastructure to deploy Absence of standards & practices Lack of policy enforcement
6 Millions of Records And What is the Result? $ $60 $50 Security spending has increased by 49% from 2010 to $37 $40 $30 $20 Billions Spent The number of records stolen and exposed through security breaches has increased 200x over same period 200 Increasing spending on more $10 $0 solutions isn t working; we need a new paradigm Sources: Verizon, Information is Beautiful, RBS, Gartner, Forrester
7 Where to Focus? Prevention is a failed strategy. Amit Yoran, President, RSA RSA Conference 2016
8 Prevention or Detection? Organizations are focused on PREVENTION of breaches 93% use Anti-virus/Anti-malware tools 82% use Perimeter Firewalls 65% use Intrusion Prevention Systems 52% use Unified Threat Management (UTM) Systems But when breached, attackers have days before they are DETECTED Organizations need to leverage the power of what they already have to address this detection gap
9 Why DNS Matters
10 DNS is Foundational Perimeter Security: Firewalls, Content Filters, Honeypots, etc. Network Security: IDS/IPS, NAC, DLP, Messaging, etc. Endpoint Security: AV, DLP, Patch Mgmt., Client Firewalls, IDS/IPS, etc. Application Security: WAF, DB Security, Code Scanners, etc. Data Security: Encryption, IDAM, DLP, Integrity, DRM
11 DNS is Foundational Perimeter Security: Firewalls, Content Filters, Honeypots, etc. Network Security: IDS/IPS, NAC, DLP, Messaging, etc. Endpoint Security: AV, DLP, Patch Mgmt., Client Firewalls, IDS/IPS, etc. Data Security: Encryption, IDAM, DLP, Integrity, DRM Application Security: WAF, DB Security, Code Scanners, etc. DNS Security: Foundation/Visibility/Enfor cement
12 DNS is a PERVASIVE SENSOR DNS signals INTENT DNS shows BEHAVIOR All device types All protocols All locations Managed AND Unmanaged Corporate AND Guest Center AND Edge DNS is REAL TIME
13 DNS is an IDEAL ENFORCER Enforce at every level Client Network Enterprise Configurable Policies White & Black Lists Geographic Time-based Risk-based
14 DNS is Untapped Potential 56% of Large Orgs Don t Capture DNS Data 63% of Small Orgs Don t Capture DNS Data Of Those Paying Attention only 75% actually look at it Source: BlueCat Networks/UBM Survey
15 Insight Through DNS Analytics The Power of DNS Lets You: 1. See threats emerge before they become known 2. Gain equal visibility into internal and external activity 3. Understand who (and what) is accessing your infrastructure 4. Monitor the activity of all users and devices in real time 5. Protect and control across all device types
16 Deal with the FACTS Gain insights to improve security
17 Data Versus Facts Data is of course important in manufacturing, but I place the greatest emphasis on facts. Taiichi Ohno, Toyota Motor Corporation Father of Lean Manufacturing
18 The Big Data Challenge A Cautionary Tale 3.8 Trillion Queries Per Week Actual query volume from a very large financial institution All of which is logged in a very expensive database And all they have is a really big log file, but no FACTS
19 Deriving FACTS from DNS Data awertkin bash x Oct :27: queries: info: client #65503 ( view default: query: IN A + 07-Oct :27: rpz: info: client #65503 ( view default: rpz QNAME PASSTHRU rewrite via 07-Oct :27: queries: info: client #64055 ( view default: query: IN A + 07-Oct :27: queries: info: client #60475 ( view default: query: IN A + 07-Oct :27: queries: info: client #50627 (vortex-win.data.microsoft.com): view default: query: vortexwin.data.microsoft.com IN A + 07-Oct :27: queries: info: client #64418 (www6vdc.memberdirect.net): view default: query: www6vdc.memberdirect.net IN A + 07-Oct :27: queries: info: client #55013 (configuration.apple.com): view default: query: configuration.apple.com IN A + 07-Oct :27: queries: info: client #51806 (safebrowsing.google.com): view default: query: safebrowsing.google.com IN A + 07-Oct :27: queries: info: client #40353 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #45134 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #49610 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #49610 (mex06. srvr.com): view default: query: mex06. srvr.com IN AAAA + 07-Oct :27: queries: info: client #50659 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #64745 ( IN-ADDR.ARPA): view default: query: IN- ADDR.ARPA IN PTR + 07-Oct :27: queries: info: client #28671 (logger.instagram.com): view default: query: logger.instagram.com IN A + 07-Oct :27: queries: info: client #56385 (changelogs.ubuntu.com): view default: query: changelogs.ubuntu.com IN A + 07-Oct :27: queries: info: client #56385 (changelogs.ubuntu.com): view default: query: changelogs.ubuntu.com IN AAAA + 07-Oct :27: queries: info: client #39537 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #39537 (mex06. srvr.com): view default: query: mex06. srvr.com IN AAAA + 07-Oct :27: queries: info: client #59225 (c.na2.content.force.com): view default: query: c.na2.content.force.com IN A + 07-Oct :27: queries: info: client #61701 (pixel.quantserve.com): view default: query: pixel.quantserve.com IN A + 07-Oct :27: queries: info: client #52411 (_ldap._tcp.bcntoronto._sites.tordc02.bluecatnetworks.corp): view default: query: _ldap._tcp.bcntoronto._sites.tordc02.bluecatnetworks.corp IN SRV + 07-Oct :27: queries: info: client #7248 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #23910 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #28671 (logger.instagram.com): view default: query: logger.instagram.com IN A + 07-Oct :27: queries: info: client #15578 (wifi-test.mobidia.com): view default: query: wifi-test.mobidia.com IN A + 07-Oct :27: queries: info: client #32801 (settings.crashlytics.com): view default: query: settings.crashlytics.com IN A + 07-Oct :27: queries: info: client #52184 (engine.adzerk.net): view default: query: engine.adzerk.net IN A + 07-Oct :27: queries: info: client #22675 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #38248 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #38248 (mex06. srvr.com): view default: query: mex06. srvr.com IN AAAA + 07-Oct :27: queries: info: client #47975 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #47975 (mex06. srvr.com): view default: query: mex06. srvr.com IN AAAA + 07-Oct :27: queries: info: client #42115 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #42115 (mex06. srvr.com): view default: query: mex06. srvr.com IN AAAA + 07-Oct :27: queries: info: client #34946 ( in-addr.arpa): view default: query: inaddr.arpa IN PTR + 07-Oct :27: queries: info: client #54119 (4.umps2c2.salesforce.com): view default: query: 4.umps2c2.salesforce.com IN A + 07-Oct :27: queries: info: client #59652 (umps2c2.salesforce.com): view default: query: umps2c2.salesforce.com IN A + 07-Oct :27: queries: info: client #35414 (mex06. srvr.com): view default: query: mex06. srvr.com IN A + 07-Oct :27: queries: info: client #35414 (mex06. srvr.com): view default: query: mex06. srvr.com IN AAAA + 07-Oct :27: queries: info: client #64208 (3.umps2c2.salesforce.com): view default: query: 3.umps2c2.salesforce.com IN A +
20 DNS SECURITY Deriving FACTS from DNS Data awertkin bash x Oct :27: queries: info: client #7248 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #23910 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #28671 (logger.instagram.com): view default: query: logger.instagram.com IN A + 07-Oct :27: queries: info: client #15578 (wifi-test.mobidia.com): view default: query: wifi-test.mobidia.com IN A + 07-Oct :27: queries: info: client #32801 (settings.crashlytics.com): view default: query: settings.crashlytics.com IN A + A C T I V I T Y S I G N A T U R E I D E N T I F I E D : S t a r t - u p s e q u e n c e f o r a p p l i c a t i o n
21 Deriving FACTS from DNS Data awertkin bash x Oct :27: queries: info: client #7248 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #23910 (i.instagram.com): view default: query: i.instagram.com IN A + 07-Oct :27: queries: info: client #28671 (logger.instagram.com): view default: query: logger.instagram.com IN A + 07-Oct :27: queries: info: client #15578 (wifi-test.mobidia.com): view default: query: wifi-test.mobidia.com IN A + 07-Oct :27: queries: info: client #32801 (settings.crashlytics.com): view default: query: settings.crashlytics.com IN A + A C T I V I T Y S I G N A T U R E I D E N T I F I E D : S t a r t - u p s e q u e n c e f o r a p p l i c a t i o n F A C T C A T A L O G E D 07-Oct-2015 C l i e n t A p p l i c a t i o n I d e n t i f i e d : I n s t a g r a m CATALOG LOGGED FACT ACTIVITY SIGNATURE 07-Oct-2015 APP: Dropbox Communication Fre 07-Oct-2015 APP: WhatsApp Startup Sequence 07-Oct-2015 APP: Instagram Startup Sequence
22 Deriving FACTS from DNS Data awertkin bash x Oct :27: queries: info: client #32801 (whatsmyip.net): view default: query: whatsmyip.net IN A + 07-Oct :28: queries: info: client #7248 (whatsmyip.net): view default: query: whatsmyip.net IN A + 07-Oct :29: queries: info: client #23910 (whatsmyip.net): view default: query: whatsmyip.net IN A + 07-Oct :30: queries: info: client #28671 (whatsmyip.net): view default: query: whatsmyip.net IN A + A C T I V I T Y S I G N A T U R E I D E N T I F I E D : R e p e a t e d q u e r y i n t e r v a l s 07-Oct :31: queries: info: client #15578 (whatsmyip.net): view default: query: whatsmyip.net IN A + CATALOG LOGGED FACT ACTIVITY SIGNATURE 07-Oct-2015 APP: Dropbox Communication Fre 07-Oct-2015 APP: WhatsApp Startup Sequence 07-Oct-2015 APP: Instagram Startup Sequence
23 Deriving FACTS from DNS Data awertkin bash x Oct :27: queries: info: client #32801 (whatsmyip.net): view default: query: whatsmyip.net IN A + 07-Oct :28: queries: info: client #7248 (whatsmyip.net): view default: query: whatsmyip.net IN A + 07-Oct :29: queries: info: client #23910 (whatsmyip.net): view default: query: whatsmyip.net IN A + 07-Oct :30: queries: info: client #28671 (whatsmyip.net): view default: query: whatsmyip.net IN A + 07-Oct :31: queries: info: client #15578 (whatsmyip.net): view default: query: whatsmyip.net IN A + A C T I V I T Y S I G N A T U R E I D E N T I F I E D : R e p e a t e d q u e r y i n t e r v a l s B e a c o n i n g F A C T C A T A L O G E D 07- O c t S e c u r i t y T h r e a t I d e n t i f i e d : M A L W A R E [ w h a t s m y i p. n e t ] CATALOG LOGGED FACT ACTIVITY SIGNATURE 07-Oct-2015 APP: Dropbox Communication Fre 07-Oct-2015 APP: WhatsApp Startup Sequence 07-Oct-2015 APP: Instagram Startup Sequence 07-Oct-2015 MALWARE: whats Query Intervals
24 Deriving FACTS from DNS Data awertkin bash x Oct :27: queries: info: client #60830 (c504.leet.cc): view default: query: c504.leet.cc IN A + A C T I V I T Y S I G N A T U R E I D E N T I F I E D : N e w l y O b s e r v e d D o m a i n CATALOG LOGGED FACT ACTIVITY SIGNATURE 07-Oct-2015 APP: Dropbox Communication Fre 07-Oct-2015 APP: WhatsApp Startup Sequence 07-Oct-2015 APP: Instagram Startup Sequence 07-Oct-2015 MALWARE: whats Query Intervals
25 Deriving FACTS from DNS Data awertkin bash x Oct :27: queries: info: client #60830 (c504.leet.cc): view default: query: c504.leet.cc IN A + A C T I V I T Y S I G N A T U R E I D E N T I F I E D : N e w l y O b s e r v e d D o m a i n F A C T C A T A L O G E D 07- O c t S e c u r i t y T h r e a t I d e n t i f i e d : S u s p e c t A c t i v i t y [ l e e t. c c ] CATALOG LOGGED FACT ACTIVITY SIGNATURE 07-Oct-2015 APP: Dropbox Communication Fre 07-Oct-2015 APP: WhatsApp Startup Sequence 07-Oct-2015 APP: Instagram Startup Sequence 07-Oct-2015 MALWARE: whats Query Intervals 07-Oct-2015 Suspect: leet.cc Newly Observed Domain
26 The Power of DNS Analytics to drive better security
27 DNS as a Sensor and Enforcer What can DNS do for you? Provide instant VISIBILITY into what s on your infrastructure Identify BEHAVIOR that is suspicious, regardless of the cause CONTROL access to resources or data BLOCK known threats before they manifest
28 DNS Gives the Facts You Need to Secure Your Network #1 Leverage What You Have Avoid complexity & cost No more layers Mine the data you already have #2 Increase Your Visibility Use a pervasive technology to gain insight Detect events faster to save time, money, and reputation Utilize the adaptive nature of DNS Stop playing catch-up to new threats #3 Get More Control Enforce policies across any device or user type Use DNS to assess risk and decide on action Secure remote locations without costly infrastructure Use dependence on DNS against the bad guys
29 Questions?
30
The Evolution of : Continuous Advanced Threat Protection
The Evolution of : Continuous Advanced Threat Protection Craig Bird Senior Solutions Engineer Security is a combination of protection, detection and response You need Prevention to defend against low-focus
More informationEndpoint Protection : Last line of defense?
Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationSoftware-Defined Secure Networks. Sergei Gotchev April 2016
Software-Defined Secure Networks Sergei Gotchev April 2016 Security Trends Today Network security landscape has changed. CISOs Treading Water Pouring money into security, yet not any more secure - Average
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationHOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS
HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS Danielle M. Zeedick, Ed.D., CISM, CBCP Juniper Networks August 2016 Today s Objectives Goal Objectives To understand how holistic network
More informationSensitive Data Loss is NOT Inevitable
Sensitive Data Loss is NOT Inevitable Dan Geer, CISO In-Q-Tel Featured Speaker Heidi Shey, Security Analyst, Forrester Research Agenda Introduction Time for a Change Dan Geer, In-Q-Tel How to Overcome
More information3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017
3 Ways to Prevent and Protect Your Clients from a Cyber-Attack George Anderson Product Marketing Director Business October 31 st 2017 Agenda One ounce of prevention is worth a pound of protection 01 Aiming
More informationBusiness Strategy Theatre
Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:
More informationBuild a Software-Defined Network to Defend your Business
Build a Software-Defined Network to Defend your Business Filip Vanierschot Systems Engineer fvanierschot@juniper.net Kappa Data 2020 Software Defined Secure Networks Juniper s Innovation in Secure Networks
More informationRethinking Security: The Need For A Security Delivery Platform
Rethinking Security: The Need For A Security Delivery Platform Cybercrime In Asia: A Changing Environment & Shifting Focus Asia, more vulnerable to cybercrime because of diversity and breadth of countries
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationEXPOSING THE ENEMY WITHIN
EXPOSING THE ENEMY WITHIN Why your overlooked DNS data is key to cyber attack detection, prevention and response bluecatnetworks.com Another week, another dangerous cyber attack unleashed on the world.
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationCYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager
CYBER ATTACKS DON T DISCRIMINATE Michael Purcell, Systems Engineer Manager THREAT LANDSCAPE IS HUGE AND ORGANIZED $8 TRILLION Will be cost of fighting cybercrime in 2022 (JuniperResearch) 14.5 BILLION
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationApplication Whitelisting and Active Analysis Nick Levay, Chief Security Officer, Bit9
Application Whitelisting and Active Analysis Nick Levay, Chief Security Officer, Bit9 About Me Chief Security Officer @ Bit9 Former Director of Technical Operations and Information Security @ Center for
More informationConverged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products
Converged security Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products Increased risk and wasted resources Gartner estimates more than $1B in
More informationSpotlight Report. Information Security. Presented by. Group Partner
Cloud SecuriTY Spotlight Report Group Partner Information Security Presented by OVERVIEW Key FINDINGS Public cloud apps like Office 365 and Salesforce have become a dominant, driving force for change in
More informationIT Security: Managing a New Reality
IT Security: Managing a New Reality Kevin Lonergan #IDCDirections IDC You re Only as Strong as Your Weakest Link Locks Only Work if you Know How to Use Them IDC 2 Millions Canadian Security Market Forecast:
More informationCYBER SECURITY EFFECTIVENESS FOR THE RESOURCE-CONSTRAINED ORGANIZATION
SELF-AUDIT GUIDE CYBER SECURITY EFFECTIVENESS FOR THE RESOURCE-CONSTRAINED ORGANIZATION A Primer for Moving Beyond AV and Firewalls 1 The Problem As software systems become more distributed and interactive
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationMOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner
MOBILE SECURITY 2017 SPOTLIGHT REPORT Group Partner Information Security PRESENTED BY OVERVIEW Security and privacy risks are on the rise with the proliferation of mobile devices and their increasing use
More informationWatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.
WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution. Total Security. A stateful packet firewall, while essential, simply isn t enough anymore. The reality is that
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationWHITE PAPER. Applying Software-Defined Security to the Branch Office
Applying Software-Defined Security to the Branch Office Branch Security Overview Increasingly, the branch or remote office is becoming a common entry point for cyber-attacks into the enterprise. Industry
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationTop 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)
ESG Lab Review Sophos Security Heartbeat Date: January 2016 Author: Tony Palmer, Sr. ESG Lab Analyst; and Jack Poller, ESG Lab Analyst Abstract: This report examines the key attributes of Sophos synchronized
More informationBest Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security
Best Practices in Healthcare Risk Management Balancing Frameworks/Compliance and Practical Security Our industry is full of jargon terms that make it difficult to understand what we are buying To accelerate
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationQualys Cloud Platform
Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc. Digital Transformation More than just adopting new
More informationNetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.
NetWitness Overview 1 The Current Scenario APT Network Security Today Network-layer / perimeter-based Dependent on signatures, statistical methods, foreknowledge of adversary attacks High failure rate
More informationWHITEPAPER THE EVOLUTION OF APPSEC: FROM WAFS TO AUTONOMOUS APPLICATION PROTECTION
WHITEPAPER THE EVOLUTION OF APPSEC: FROM WAFS TO AUTONOMOUS APPLICATION PROTECTION 2 Web application firewalls (WAFs) entered the security market at the turn of the century as web apps became increasingly
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationThreat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ
Threat Containment and Operations Yong Kwang Kek, Director of Presales SE, APJ 2018-07-19 1 1 2017 Infoblox Inc. All Rights 2013 Infoblox Inc. All Reserved. Rights Reserved. Three Aspects of Security #1
More informationCYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationSecuring Your Virtual World Harri Kaikkonen Channel Manager
Securing Your Virtual World Harri Kaikkonen Channel Manager Copyright 2009 Trend Micro Inc. Virtualisation On The Rise 16,000,000 Virtualized x86 shipments 14,000,000 12,000,000 10,000,000 8,000,000 6,000,000
More informationClick to edit Master title style. DIY vs. Managed SIEM
DIY vs. Managed SIEM Meet Paul Paul Caiazzo Principal, Chief Security Architect CISSP, CISA, CEH M.S. Information Security and Assurance 15+ years of experience in Information Security Connect with me:
More informationPassit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers
Passit4Sure.500-265 (50Q) Number: 500-265 Passing Score: 800 Time Limit: 120 min File Version: 5.8 Cisco 500-265 Advanced Security Architecture for System Engineers Today is big day for me as I passed
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationPart 2: How to Detect Insider Threats
Part 2: How to Detect Insider Threats Amichai Shulman Chief Technology Officer Imperva Amichai Shulman CTO, Imperva Speaker at Industry Events RSA, Appsec, Info Security UK, Black Hat Lecturer on information
More informationPerimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN
T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN Perimeter Defenses Enterprises need to take their security strategy beyond stacking up layers of perimeter defenses to building up predictive
More informationVirtual Patching in Mixed Environments: How It Works to Protect You
Virtual Patching in Mixed Environments: How It Works to Protect You Vulnerabilities in Web applications, servers, and endpoints can pose significant threats to organizations if hackers use them to gain
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationEverything visible. Everything secure.
Everything visible. Everything secure. Unparalleled visibility, end-to-end security and compliance for all your global IT assets Qualys Cloud Platform 2-second visibility across all your assets Continuous
More informationEU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux
EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider
More informationAutomated Threat Management - in Real Time. Vectra Networks
Automated Threat Management - in Real Time Security investment has traditionally been in two areas Prevention Phase Active Phase Clean-up Phase Initial Infection Key assets found in the wild $$$$ $$$ $$
More informationAgile Security Solutions
Agile Security Solutions Piotr Linke Security Engineer CISSP CISA CRISC CISM Open Source SNORT 2 Consider these guys All were smart. All had security. All were seriously compromised. 3 The Industrialization
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including
More informationTable of Content Security Trend
Table of Content Security Trend New Business, New Challenges Difficulties of O&M for Network Security New Security Model SANGFOR Security Concept NGAF Your Security Guard to the Future Cyber Risks: The
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationDefense in Depth Security in the Enterprise
Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection
More informationIntelligent and Secure Network
Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence
More informationSecurity Challenges and
Security Challenges and Opportunities for IoE Becoming an IoE Ready Organization Steve Martino, Chief Information Security Officer, Cisco Lokesh Sisodiya, President, ISC2, East Bay Chapter Cisco Public
More informationConsumerization. Copyright 2014 Trend Micro Inc. IT Work Load
Complete User Protection Consumerization IT Work Load 2 Then... File/Folder & Removable Media Email & Messaging Web Access Employees IT Admin 3 Now! File/Folder & Removable Media Email & Messaging Web
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security
EMERGING THREATS & STRATEGIES FOR DEFENSE Paul Fletcher Cyber Security Evangelist @_PaulFletcher Threats by Customer Environment Cloud Environment On Premise Environment 1.96% 0.13% 0.02% application-attack
More informationRoadmap to the Efficient Cloud: 3 Checkpoints for the Modern Enterprise
Roadmap to the Efficient Cloud: 3 Checkpoints for the Modern Enterprise Roadmap for the Modern Enterprise As your AWS environment grows, the importance of instilling governance and following best practice
More informationTREND MICRO SMART PROTECTION SUITES
SOLUTION BROCHURE TREND MICRO SMART ROTECTION SUITES Maximum endpoint security from your proven security partner Get smarter security that goes where your users go The threat landscape is constantly changing,
More informationFOR FINANCIAL SERVICES ORGANIZATIONS
RSA BUSINESS-DRIVEN SECURITYTM FOR FINANCIAL SERVICES ORGANIZATIONS MANAGING THE NEXUS OF RISK & SECURITY A CHANGING LANDSCAPE AND A NEW APPROACH Today s financial services technology landscape is increasingly
More informationMachine Learning and Advanced Analytics to Address Today s Security Challenges
Machine Learning and Advanced Analytics to Address Today s Security Challenges Depending on your outlook, this is either an exciting time or a terrible time to be part of an enterprise cybersecurity team.
More informationThe Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks
The Gartner Security Information and Event Management Magic Quadrant 2010: Dealing with Targeted Attacks Mark Nicolett Notes accompany this presentation. Please select Notes Page view. These materials
More informationBeyond Your Device. Control, Connect, Experience. BT GS Analyst and consultant call 2 July 2013
Beyond Your Device Control, Connect, Experience BT GS Analyst and consultant call 2 July 2013 Agenda Welcome & situation in the market Neil Sutton, Vice President Portfolio Our solution Connect Jayne Smith,
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationAdvanced Endpoint Protection
Advanced Endpoint Protection Protecting Endpoints and Servers Nick Levay, Chief Security Officer, Bit9 @rattle1337 2014 Bit9. All Rights Reserved About Me Chief Security Officer, Bit9
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More information7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager
7 Steps to Complete Privileged Account Management September 5, 2017 Fabricio Simao Country Manager AGENDA Implications of less mature privileged account management What does a more mature approach look
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationCloudy with a chance of hack. OWASP November, The OWASP Foundation Lars Ewe CTO / VP of Eng. Cenzic
Cloudy with a chance of hack November, 2010 Lars Ewe CTO / VP of Eng. Cenzic lars@cenzic.com Copyright The Foundation Permission is granted to copy, distribute and/or modify this document under the terms
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationStrategies for a Successful Security and Digital Transformation
#RSAC SESSION ID: GPS-F02A Strategies for a Successful Security and Digital Transformation Jonathan Nguyen-Duy Vice President, Strategic Programs jnguyenduy@fortinet.com AGENDA 2017 Digital transformation
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationSecurity and Compliance for Office 365
Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world, you may be
More informationIt s About the Data, Stupid.
Next Presentation Begins at 16:40 It s About the Data, Stupid. Salo Fajer, Chief Technology Officer It s About the Data, Stupid. Salo Fajer, Chief Technology Officer First, allow me to explain my session
More informationTRIPWIRE VIA PLATFORM PROTECTING YOUR DATA WITH INTEGRATED SECURITY CONTROLS
SOLUTION BRIEF TRIPWIRE VIA PLATFORM PROTECTING YOUR DATA WITH INTEGRATED CONTROLS..: Tripwire security controls capture activity data from monitored assets no matter if you rely on physical, virtual,
More informationDetecting breach. There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017
Feeling lucky? Detecting breach There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017 Industry average is 100 days to detect a breach,
More informationWHITEPAPER. How to secure your Post-perimeter world
How to secure your Post-perimeter world WHAT IS THE POST-PERIMETER WORLD? In an increasingly cloud and mobile focused world, there are three key realities enterprises must consider in order to move forward
More informationSecurity industry overview December 2016
Security industry overview December 2016 Agenda Security overview Current technologies Startup landscape Industry regulation 2 Data breaches are here, and they re not going away anytime soon We believe
More informationPresenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe
Presenting the ware NSX ECO System May 2015 Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe Agenda 10:15-11:00 ware NSX, the Network Virtualization Platform 11.15-12.00 Palo Alto
More informationService Provider View of Cyber Security. July 2017
Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through
More informationTransforming Security Part 2: From the Device to the Data Center
SESSION ID: SP01-R11 Transforming Security Part 2: From the Device to the Data Center John Britton Director, EUC Security VMware @RandomDevice The datacenter as a hospital 3 4 5 Digital transformation
More informationTransforming IT: From Silos To Services
Transforming IT: From Silos To Services Chuck Hollis Global Marketing CTO EMC Corporation http://chucksblog.emc.com @chuckhollis IT is being transformed. Our world is changing fast New Technologies New
More informationInternet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi
Internet of Things The Digital Oilfield: Security in SCADA and Process Control Mahyar Khosravi makhosra@cisco.com Critical infrastructures worldwide not ready to battle cyber attacks, claims new study.
More informationVerizon Software Defined Perimeter (SDP).
Verizon Software Defined Perimeter (). 1 Introduction. For the past decade, perimeter security was built on a foundation of Firewall, network access control (NAC) and virtual private network (VPN) appliances.
More informationEM L01 Introduction to Mobile
EM L01 Introduction to Scott Jareo Principal Field Enablement Mgr. 1 Agenda 1 Welcome and Introduction 2 Overview 3 Lab Exercises 4 Resources and Conclusion 2 Leading Concerns In Enterprise Mobility Discussions
More informationData Protection in Practice
ANNUAL CPD BOARD CONFERENCE Data Protection in Practice 6 & 13 DECEMBER 2016 There are only two types of companies: those that have been hacked, and those that will be. Robert Mueller, FBI Director There
More informationCIO Forum Maximize the value of IT in today s economy
CIO Forum Maximize the value of IT in today s economy Laura Scott, Vice President Service Product Line Sales Global Technology Services IT infrastructure is reaching a breaking point. 85% idle In distributed
More informationAutomated Response in Cyber Security SOC with Actionable Threat Intelligence
Automated Response in Cyber Security SOC with Actionable Threat Intelligence while its biggest weakness is lack of visibility: SOCs still can t detect previously unknown threats, which is a consistent
More informationNew World, New IT, New Security
SESSION ID: GPS1-R08 New World, New IT, New Security Jackie Chen Chief Product & Marketing Officer Sangfor Technologies (HQ) #RSAC New World, New IT, New Security Internet of Things BYOD Cloud Estimated
More informationCheck Point softwareblades Secure. Flexible. Simple
Check Point softwareblades Secure. Flexible. Simple Ari Tarvainen Country Manager Baltic & Finland Agenda Who are we? The security challenge Introducing Software Blades Software Blades Offering Summary
More informationCloud for Government: A Transformative Digital Tool to Better Serve Communities
Cloud for Government: A Transformative Digital Tool to Better Serve Communities 1 005181004 From state to local agencies, government organizations crave access to the same cloud-based tools enabling digital
More informationOutnumbered, but not outsmarted A 2-step solution to protect IoT and mobile devices
Outnumbered, but not outsmarted A 2-step solution to protect IoT and mobile devices How do you really know what s on your network? How do you really know what s on your network? For most organisations,
More information2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along
2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management Today s Speakers Olivia Munro Senior Marketing Specialist Eze Castle Integration Bob Shaw Director, Technical Architecture Eze Castle
More informationSobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.
Sobering statistics The frequency and sophistication of cybersecurity attacks are getting worse. 146 >63% $500B $3.8M The median # of days that attackers reside within a victim s network before detection
More information