The Anatomy of IM Threats
|
|
- Olivia Anthony
- 5 years ago
- Views:
Transcription
1 The Anatomy of IM Threats INTRODUCTION: INSTANT MESSAGING THREATS AT RECORD LEVELS While instant messaging (IM) has grown steadily in popularity over the past few years, the threats associated with IM communications are showing a massive surge in According to the IMlogic threat center, the volume of IM threats is more than 3,000 percent higher in the third quarter of 2005 compared to a year ago. The Threat Center, launched with the support of Internet security leaders such as Symantec, Sybari, and McAfee, and global instant messaging leaders America Online, Microsoft and Yahoo!, is one of the most comprehensive knowledge bases for known and newly discovered IM and P2P vulnerabilities. Most attacks occur against public IM networks such as those provided by Microsoft MSN Messenger, Yahoo! Messenger, and AOL s AIM client. With analyst research firms such as Radicati Group, META Group, Gartner and Osterman Research showing IM usage in the workplace exceeding 70 percent or more and growing at an accelerated pace IT operations and security managers need to educate themselves as to the risks involved in IM for their particular organization. THE UNUSUAL SUSPECTS According to a recent report from IMlogic, IM worms now represent the most threats to enterprise systems. MSN Messenger was the most frequently attacked public network, accounting for 62 percent of reported incidents, while AOL was hit 31 percent of the time, and the remaining seven percent aimed at Yahoo Messenger users. See Figure 1. TYPES OF IM THREATES CLIENT VULNERABLITIES 2% VIRUSES & TROJANS 12% WORMS 86% Figure 1: IM worms represent by far the greatest threats to enterprise networks according to the IMlogic threat center. 1
2 Some of the most reported IM worms and viruses in 2005 include: Kelvir: Worm sent via URL in message (MSN & Windows Messenger): hey its you! gallery/pictures.php? = Clicking on the hyperlink in the IM may result in the worm file being downloaded and subsequently executed by the user. Note: The actual address has been blocked here to prevent infection. Serflog: Attachment carries worm. (MSN Messenger) IM based file transfers are particularly dangerous as they do not typically go through the corporate A/V filters. would have to open the attachment in order to infect their computer. The IM chat window appears to be from a trusted sender making it seem safe to open. Bropia: Worm in picture (MSN & Windows Messenger) If targeted recipient clicks on the picture, spyware software is copied to the hard-drive, additional.pif files are copied to the hard drive and ed to other recipients on the user s contact list. SIMILAR TO PEER-TO-PEER COMMUNICATION Most communications in IM systems are clientserver based, where each user shares a typically weak password with the IM server. Technically, IM operates in a fashion similar to peer-to-peer exchanges, utilizing non-standard protocols that mount on top of HTTP or HTTPS protocols. IM conversations occur in real-time once the user has authenticated to the IM servers belonging to the public IM network such as AOL. Communications can traverse various paths including client-to-server, server-to-client, client-to-client and intra-server within the same network. Once logged in the user is basically open to receiving any message from any other IM client. See Figure 2. One of the more disturbing aspects of IM communications is the relative ease with which the IM client can be installed on any enterprise NORMAL IM CONVERSATIONS Company A Company B AIM Network Figure 2: This example represents AOL IM users using the AIM protocol. This allows communications directly between clients through the AOL/AIM network via company-to-company, intra-company or with others outside of either company. 2
3 computer without the knowledge or supervision of IT staff. In addition, public IM clients utilize multiple access methods and ports to communicate with the IM network servers, without standard protocols, allowing IM to bypass typical enterprise anti-virus and other defenses. See Figure 3. Once installed, IM connections are capable of transferring not only active technologies such as scripts and macros, but also data attachments such as Word files, zip archives, and others, including viruses and worms. HOW AN IM ATTACK WORKS The vast majority of IM threats occur in the form of worms, and in many cases rely on social engineering, not necessarily a flaw in the client software, to exploit the medium s users. These worms are hidden in messages that appear to be sent by a known IM contact. The targeted person is encouraged to click on a web link or open an attachment or image file enclosed in the IM. Once opened or downloaded the infected message forwards itself instantly to all names on the victim s IM buddy list. In nearly all cases, the victim is not even aware that he or she has propagated the malicious code. Because of the instant connection nature of IM, worms and viruses propagated through IM networks spread very rapidly. In one example using Time to infect 500,000 hosts as a comparison, IMlogic maintains that Code Red, a virus targeting IIS Servers discovered in 2001, required 14 hours to infect the 500,000 hosts; Slammer, a SQL Server Exploit attack discovered in 2003, took 20 minutes; and IM worms can spread to 500,000 hosts in a matter of seconds. KELVIR THE MUTATING MONSTER IM WORM The IM worm known as Kelvir provides a perfect IM GENERAL DEPLOYED THROUGH GRASS-ROOTS ADOPTION Easy to install / Difficult to Block Designed for easy install by nontechnical users Finds IM networks in a variety of network configurations Instant Messaging Clients AOL Corporate Uses multiple access methods & ports Most clients can also communicate via port 80 (http) No standard protocols (protocols change frequently) MSN Yahoo! IM Network Default Ports Used: and 80 Figure 3: IM clients can be easily installed and operated by any user in an enterprise environment even those companies that may have their own Enterprise IM network. 3
4 example of how these mutating monsters can infect enterprise networks and quickly spread havoc. The first variation of Kelvir was reported in December 2004, utilizing the MSN Messenger public IM network. MSN users received an IM similar to that shown in Figure 4 from what appeared to be a legitimate sender. Once the victim clicked on the URL, the worm deployed a variant of a backdoor Trojan called SpyBot that allowed hackers to disable a computer s security software Figure 4: The IM infected with the Kelvir worm was displayed to the unsuspecting user as a suggested URL link from a buddy list. and take over an infected machine. Initially, one user gets infected from the seemingly innocuous message. Through hyperlinks to his buddy list, the worm self-propagates to other trusted connections within the enterprise. These other users, in turn, also become a launching pad to infect the connections in their buddy lists as the infection quickly cascades throughout and beyond the enterprise. As the process continues, messages bounce back to the original senders since they are also on subsequent buddy lists and the process starts all over again. Once the initial host is infected, the real-time instantaneous nature of IM virtually assures the rapid proliferation of malicious messages across multiple user communities and IM networks. Because the cascading cycle of propagation occurs so quickly, it s nearly impossible to detect in time to quarantine or stop the infection by conventional IT security methods that rely on anti-virus software. See Figure 5. Over time, the IM worm actually mutates as it IM WORM Company A Company B Process Starts Over! Figure 5: Postini Perimeter Manager for IM sits between you and the public IM carriers to protect your network and users from IM threats such as IM worms, as well as enabling you to block attachments and prohibit file transfers. 4
5 distributes itself through hundreds of thousands of users. More than 20 mutations of the Kelvir worm were reported over a three-month period as the worm spread through countless buddy lists. Variations of Kelvir are still being reported and it ranks among the top five most reported threats of IM worms are capable of propagating via more than one IM protocol and since many of them have roots to borne worms, they are also capable of crossing into the corporate network. See Figure 6. In April of 2005, an outbreak of the Kelvir worm caused the Reuters Group to shut down its IM system. The London news and information provider detected the external worm on its network coming though a customer Internet portal. The variant that hit Reuters, W32/Kelvir-Re, was not unique to their Reuter s proprietary IM system, which has more than 60,000 users and is interoperable with MSN Messenger and AOL public IM networks. Corporations that have Microsoft Live Communications Server, IBM s Sametime or another proprietary IM application also need to perform a risk assessment. Kelvir is an ideal illustration of the malicious potential in the IM communications medium. It uses a simple social engineering technique that takes full advantage of the trusted nature of buddy links and the personalization in the message, displaying the user s name. IM THREATS POSE SIGNIFICANT CHALLENGES FOR ENTERPRISES At the time of this writing, entering the fourth quarter of 2005, the risks associated with IM continue to show hyper growth as the attacks become more sophisticated by the week. As IM usage by business also continues to increase, IT managers must recognize that the challenge of IM threats must be managed more effectively to protect their enterprise information assets in light of current trends: IM worms are growing exponentially every quarter, at a pace that is not likely to subside anytime soon. IM WORM Worm Mutates Company A Company B MSN Network Yahoo! Network AIM Network Figure 6: An infected IM is not locked into a single IM protocol. that have more than one IM client installed could be unknowingly propagating an IM worm across more than one IM network. 5
6 IM worms mutate frequently and are increasing in sophistication such that the infected message is injected into a current conversation between the infected user and a target on their contact list. IM worms spread rapidly and in many cases can compromise and enterprise network in less than 20 minutes. IM worms capitalize on social engineering techniques to turn even technology savvy end users into victims. POSTINI PROVIDES A MANAGED SERVICE SOLUTION TO COMBAT IM THREATS As the first enterprise class IM managed service, Postini enables enterprises to manage the challenge of IM threats by outsourcing IM security and management using the same type of managed service that Postini customers rely on to secure their systems and ensure that usage is consistent with corporate guidelines. Postini Perimeter Manager for IM acts to stop the threats such as IM worms before they can ever enter the enterprise network via the major public IM networks. The service blocks infected or spoofed IM messages so targeted users never see them so can not unknowingly activate a worm by clicking on a malicious URL. It also provides the tools to control and manage content policies to block any attachments to IM s, block any unacceptable topics from being discussed and prevent the loss of valued files and intellectual property. Postini Perimeter Manager for IM gives you the confidence to enable IM as a business productivity tool for your organization by giving you the ability to manage and control: Threat Prevention Postini ensures that IM worms and other threats are effectively blocked from the recipient. Content Management Enterprises gain the capability to block file transfers, as well as inappropriate content, from being transmitted via IM in order to mitigate the loss of intellectual property and legal liabilities. POSTINI PERIMETER MANAGER FOR IM Public IM Networks (Yahoo, AOL, MSN, Google) Perimeter Manager for IM Inbound Customer IM User (Protected) Outbound Block Archive/Log Local DNS Figure 7: Postini Perimeter Manager for IM sits between the enterprise DNS server and public IM carriers to protect the network and users from IM threats such as IM worms. 6
7 User Management Through Postini s exclusive Active Policy Management IT managers can apply IM policies to the entire organization, sub-organizations and individual users. Anonymous screen names are linked to the corporate mail profiles to provide identity management services. Compliance Enterprise IT managers can configure policies for archiving IM transactions according to organization, group or individual users for better record keeping and to demonstrate compliance with corporate and industry regulations. References: (1) IM Threats Adding Up, Tim Gray, October 5, (2) Does IM Stand for Insecure Messaging?, Matt Hines, March 23, (3) Reuters Shuts Down System to Fight Kelvir IM Worm, Laura Rohe, IDG News Service, April 15, 2005 (4) IMlogic Threat Center Q Security Threat Report, To find out more about how you can benefit from Postini Perimeter Manager for IM and other Integrated Message Management services, visit our website at call toll-free , or sales@postini.com. ABOUT POSTINI As the leader in Integrated Message Management, Postini managed services protect businesses from a wide range of IM and threats, provide message archiving and encryption, and enable the management and enforcement of enterprise policies to meet regulatory compliance requirements. Corporate Headquarters San Carlos, CA USA Toll-free: info@postini.com EMEA Headquarters London, UK Tel: +44 (0) info_emea@postini.com Asia Pacific Headquarters Tokyo, Japan Tel: info_apac@postini.com Copyright 2006 Postini, Inc. All rights reserved. WP Postini, the Postini logo and Postini Perimeter Manager are registered trademarks or service marks of Postini, Inc. PREEMPT is a trademark of Postini, Inc. All other trademarks listed in this document are the property of their respective owners. 7
Anti-Spam Product Not Working? What more companies are switching to and why
Anti-Spam Product Not Working? What more companies are switching to and why What more companies are switching to and why MORE CUSTOMERS SWITCHING FROM APPLIANCES, SOFTWARE AND LIMITED SERVICES As spam
More informationCould Your Systems be Hindering Your Most Productive Employees?
MAIMIZING BUSINESS VALUE WITH OPERATIONAL ARCHIVING Could Your Email Systems be Hindering Your Most Productive Employees? An Executive Guide to Maximizing Business Value with Operational Archiving EECUTIVE
More informationSymantec Client Security. Integrated protection for network and remote clients.
Symantec Client Security Integrated protection for network and remote clients. Complex Internet threats require comprehensive security. Today's complex threats require comprehensive security solutions
More informationINSIDE. Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server. Enhanced virus protection for Web and SMTP traffic
Virus Protection & Content Filtering TECHNOLOGY BRIEF Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server Enhanced virus protection for Web and SMTP traffic INSIDE The need
More informationSYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet
SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationProtecting from Attack in Office 365
A hacker only needs one person to click on their fraudulent link to access credit card, debit card and Social Security numbers, names, addresses, proprietary information and other sensitive data. Protecting
More informationEvolution of Spear Phishing. White Paper
Evolution of Spear Phishing White Paper Executive Summary Phishing is a well-known security threat, but few people understand the difference between phishing and spear phishing. Spear phishing is the latest
More informationLayer by Layer: Protecting from Attack in Office 365
Layer by Layer: Protecting Email from Attack in Office 365 Office 365 is the world s most popular office productivity suite, with user numbers expected to surpass 100 million in 2017. With the vast amount
More informationNetDefend Firewall UTM Services
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860/1660/2560/2560G) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content
More informationIronPort C100 for Small and Medium Businesses
I R O N P O R T E M A I L S E C U R I T Y A P P L I A N C E S S I M P L E I N S TA L L AT I O N, E A S Y M A N A G E M E N T, A N D P O W E R F U L P R O T E C T I O N F O R Y O U R E M A I L I N F R A
More informationSymantec Protection Suite Add-On for Hosted Security
Symantec Protection Suite Add-On for Hosted Email Security Overview Malware and spam pose enormous risk to the health and viability of IT networks. Cyber criminal attacks are focused on stealing money
More informationINSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security
Symantec Enterprise Security WHITE PAPER Integrated Security: Creating the Secure Enterprise INSIDE Evolving IT and business environments The impact of network attacks on business The logical solution
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationReal Security. In Real Time. White Paper. Preemptive Malware Protection through Outbreak Detection
Real Security. In Real Time. White Paper Preemptive Malware Protection through Detection Table of Contents Executive Summary...2 Response Time to New s The Achilles Heel of the Anti-Virus Industry...3
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationCoordinated Threat Control
Application Note Coordinated Threat Control Juniper Networks Intrusion Detection and Protection (IDP) and Secure Access SSL VPN Interoperability Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale,
More informationIronPort X1000 Security System
I r o n P o r t E M A I L S E C U R I T Y A P P L I A N C E S T H E U LT I M AT E E M A I L S E C U R I T Y S Y S T E M F O R T H E W O R L D S M O S T D E M A N D I N G N E T W O R K S. IronPort X1000
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define
More informationPhishing: When is the Enemy
Phishing: When E-mail is the Enemy Phishing, once only a consumer worry, is creating headaches for e-mail administrators as businesses become the next target. CONTENTS Understanding the Enemy 2 Three Things
More informationSecuring Your Enterprise in the Cloud. IT executives must be ready to move to the cloud safely
Securing Your Enterprise in the Cloud IT executives must be ready to move to the cloud safely The technology pendulum is always swinging. And chief information security officers must be prepared to swing
More informationIMlogic IM Manager. A Technical Overview. IM makes it possible IMlogic makes it work
IMlogic makes it work Table of Contents 1.0 Introduction............................................... 3 1.1 Instant Messaging in the Enterprise......................... 3 1.2 Instant Messaging and Security............................
More informationSymantec Endpoint Protection 14
Symantec Endpoint Protection Cloud Security Made Simple Symantec Endpoint Protection 14 Data Data Sheet: Sheet: Endpoint Endpoint Security Security Overview Last year, we saw 431 million new malware variants,
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationSonicWALL UTM Overview. Jon Piro NA Channel SE
SonicWALL UTM Overview Jon Piro NA Channel SE SonicWALL Strengths SonicWALL is in a leadership position across our key markets and gaining share. SonicWALL has a growing, global install base of over 1
More informationNETWORK THREATS DEMAN
SELF-DEFENDING NETWORK NETWORK THREATS DEMAN NEW SECURITY: STRATEGIES TECHNOLOGIES Self-Propagating Threats A combination of: self propagating threats Collaborative applications Interconnected environments
More informationBUFFERZONE Advanced Endpoint Security
BUFFERZONE Advanced Endpoint Security Enterprise-grade Containment, Bridging and Intelligence BUFFERZONE defends endpoints against a wide range of advanced and targeted threats with patented containment,
More informationSteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)
Internet Communications Made Safe SteelGate Overview SteelGate Overview SteelGate is a high-performance VPN firewall appliance that Prevent Eliminate threats & attacks at the perimeter Stop unauthorized
More informationFIREWALL BEST PRACTICES TO BLOCK
Brought to you by Enterprie Control Systems FIREWALL BEST PRACTICES TO BLOCK Recent ransomware attacks like Wanna and Petya have spread largely unchecked through corporate networks in recent months, extorting
More informationSymantec Security.cloud
Data Sheet: Messaging Security filters unwanted messages and protects mailboxes from targeted attacks. The service has selflearning capabilities and Symantec intelligence to deliver highly effective and
More informationBEST PRACTICES FOR PERSONAL Security
BEST PRACTICES FOR PERSONAL Email Security Sometimes it feels that the world of email and internet communication is fraught with dangers: malware, viruses, cyber attacks and so on. There are some simple
More informationSYMANTEC SECURITY UPDATE JUNE 2005
SYMANTEC SECURITY UPDATE JUNE 2005 Symantec Security Update - June 2005 Worldwide and Japan Monthly report examining recent high severity vulnerabilities, cyber attacks, malicious code and spam activity.
More informationSecuring Instant Messaging
Securing Instant Messaging Tom Olzak January 2006 Instant Messaging (IM) is becoming an attack vector of choice. Bypassing perimeter and email security, it provides a direct path to end-user devices. This
More informationData Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview creates a protected endpoint and messaging environment that is secure against today s complex data loss, malware, and spam threats controlling
More informationIBM Proventia Management SiteProtector Sample Reports
IBM Proventia Management SiteProtector Page Contents IBM Proventia Management SiteProtector Reporting Functionality Sample Report Index 2-25 Reports 26 Available SiteProtector Reports IBM Proventia Management
More informationSecuring Your Business Against the Diversifying Targeted Attacks Leonard Sim
Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim Manager, Client & Partner Services, Asia 1 Agenda 2010 Threats Targeted Attacks Defense Against Targeted Attacks Questions 2
More informationOutbound and Data Loss Prevention in Today s Enterprise
Outbound Email and Data Loss Prevention in Today s Enterprise Results from Proofpoint s seventh annual survey on outbound messaging and content security issues, fielded by Osterman Research during June
More informationCisco ASA 5500 Series IPS Edition for the Enterprise
Cisco ASA 5500 Series IPS Edition for the Enterprise Attacks on critical information assets and infrastructure can seriously degrade an organization s ability to do business. The most effective risk mitigation
More informationENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing
WHITE PAPER Endpoint Security and the Case For Automated Sandboxing A World of Constant Threat We live in a world of constant threat. Every hour of every day in every country around the globe hackers are
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationQ WEB APPLICATION ATTACK STATISTICS
WEB APPLICATION ATTACK STATISTICS CONTENTS Introduction...3 Results at a glance...4 Web application attacks: statistics...5 Attack types...5 Attack trends...8 Conclusions... 11 2 INTRODUCTION This report
More informationTake Back Control: Increase Security, Empower Employees, Protect the Business
Take Back Control: Increase Security, Empower Employees, Protect the Business Application Control White Paper Introduction: Balancing Productivity with Security As workers find new and creative ways to
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationNetwork Security Fundamentals
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 5 Viruses & Worms, Botnets, Today s Threats Viruses
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationData Sheet: Endpoint Security Symantec Network Access Control Starter Edition Simplified endpoint enforcement
Simplified endpoint enforcement Overview makes it easy to begin implementing a network access control solution. It offers a subset of Symantec Network Access Control functionality that can be completely
More informationCA Security Management
CA Security CA Security CA Security In today s business environment, security remains one of the most pressing IT concerns. Most organizations are struggling to protect an increasing amount of disparate
More informationHardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012
Hardening the Education IT Environment with NGFW Narongveth Yutithammanurak Business Development Manager 23 Feb 2012 Technology Trends Security Performance Bandwidth Efficiency Manageability Page 2 What
More informationBe certain. MessageLabs Intelligence: May 2006
Be certain MessageLabs Intelligence: May 2006 Introduction Welcome to the May edition of the MessageLabs Intelligence monthly report. This report provides the latest threat trends for May 2006 to keep
More informationProtecting Against Application DDoS A acks with BIG-IP ASM: A Three- Step Solution
Protecting Against Application DDoS A acks with BIG-IP ASM: A Three- Step Solution Today's security threats increasingly involve application-layer DDoS attacks mounted by organized groups of attackers
More informationSymantec Endpoint Protection
Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec Insight and by SONAR, a single,
More informationSymantec Endpoint Protection Integration Component User's Guide. Version 7.0
Symantec Endpoint Protection Integration Component User's Guide Version 7.0 The software described in this book is furnished under a license agreement and may be used only in accordance with the terms
More information# ROLE DESCRIPTION / BENEFIT ISSUES / RISKS
As SharePoint has proliferated across the landscape there has been a phase shift in how organizational information is kept secure. In one aspect, business assets are more secure employing a formally built
More informationAssessing Global Security Threat Levels Bryan Lu, Project Manager / Researcher
I AM NOT A NUMERO! Assessing Global Security Threat Levels Bryan Lu, Project Manager / Researcher 21-23 September 2009 Geneva, Switzerland Numero English: numero or number or No No. or # Spanish: número
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More informationSECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS
SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS PROTECT YOUR DAILY OPERATIONS FROM BEING COMPROMISED In today s data-driven society, connectivity comes with a cost.
More informationSYMANTEC SECURITY UPDATE JUNE 2005
SYMANTEC SECURITY UPDATE JUNE 005 Symantec Security Update - June 005 Worldwide and APAC Monthly report examining recent high severity vulnerabilities, cyber attacks, malicious code and spam activity.
More informationCombatting advanced threats with endpoint security intelligence
IBM Software Thought Leadership White Paper January 2014 Combatting advanced threats with endpoint security intelligence IBM Endpoint Manager and IBM Security QRadar solutions enable real-time, closed-loop
More informationPrivileged Account Security: A Balanced Approach to Securing Unix Environments
Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged
More informationSecurity Solutions. Overview. Business Needs
Security Solutions Overview Information security is not a one time event. The dynamic nature of computer networks mandates that examining and ensuring information security be a constant and vigilant effort.
More informationMcAfee Embedded Control
McAfee Embedded Control System integrity, change control, and policy compliance in one solution McAfee Embedded Control maintains the integrity of your system by only allowing authorized code to run and
More informationSales Training
Sales Training Extensible Content Security 16.03.2010 2009 WatchGuard Technologies Market Opportunity Total Addressable Market, ($M) Total Addressable Market by Segment, ($M) 16,000 14,000 11.2% CAGR 16,000
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More information1110 Cool Things Your Firewall Should Do. Extend beyond blocking network threats to protect, manage and control application traffic
1110 Cool Things Your Firewall Should Do Extend beyond blocking network threats to protect, manage and control application traffic Table of Contents The Firewall Grows Up 1 What does SonicWALL Application
More informationSymantec Advanced Threat Protection: Endpoint
Symantec Advanced Threat Protection: Endpoint Data Sheet: Advanced Threat Protection The Problem Virtually all of today's advanced persistent threats leverage endpoint systems in order to infiltrate their
More information2 ZyWALL UTM Application Note
2 Application Note Threat Management Using ZyWALL 35 UTM Forward This support note describes how an SMB can minimize the impact of Internet threats using the ZyWALL 35 UTM as an example. The following
More informationFOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES
FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES TABLE OF CONTENTS 1 INTRODUCTION NETWORK AND ENDPOINT SECURITY INTEGRATION 2 SECTION 1 RISK-BASED VISIBILITY 3 SECTION 2 CONTROL
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationManaging IM and P2P Threats in the Enterprise an Osterman Research white paper sponsored by
Managing IM and P2P Threats in the Enterprise an Osterman Research white paper sponsored by Osterman Research, Inc. P.O. Box 1058 Black Diamond, Washington 98010-1058 Phone: +1 253 630 5839 Fax: +1 253
More informationFighting Spam, Phishing and Malware With Recurrent Pattern Detection
Fighting Spam, Phishing and Malware With Recurrent Pattern Detection White Paper September 2017 www.cyren.com 1 White Paper September 2017 Fighting Spam, Phishing and Malware With Recurrent Pattern Detection
More informationSymantec Network Access Control Starter Edition
Simplified endpoint compliance Overview makes it easy to begin implementing a network access control solution. It offers a subset of Symantec Network Access Control functionality that can be completely
More informationOPEN SOURCE SECURITY ANALYSIS The State of Open Source Security in Commercial Applications
OPEN SOURCE SECURITY ANALYSIS The State of Open Source Security in Commercial Applications By Mike Pittenger, Vice President, Security Strategy Black Duck s On-Demand business conducts audits of customers
More informationMaximizing IT Security with Configuration Management WHITE PAPER
Maximizing IT Security with Configuration Management WHITE PAPER Contents 3 Overview 4 Configuration, security, and compliance policies 5 Establishing a Standard Operating Environment (SOE) and meeting
More informationPrevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,
Prevx 3.0 v3.0.1.65 Product Overview - Core Functionality April, 2009 includes overviews of MyPrevx, Prevx 3.0 Enterprise, and Prevx 3.0 Banking and Ecommerce editions Copyright Prevx Limited 2007,2008,2009
More informationMIS5206-Section Protecting Information Assets-Exam 1
Your Name Date 1. Which of the following contains general approaches that also provide the necessary flexibility in the event of unforeseen circumstances? a. Policies b. Standards c. Procedures d. Guidelines
More information2018 Edition. Security and Compliance for Office 365
2018 Edition Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world,
More informationIBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.
IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats. Enhancing cost to serve and pricing maturity Keeping up with quickly evolving ` Internet threats
More informationBlock Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable protection
SecureSMART Block Email Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable email protection SecureSMART protects your network from viruses, spam, advanced
More informationIntegrated Management and Security for IM in the Enterprise:
Integrated Management and Security for IM in the Enterprise: A Defense-In-Depth Approach White Paper Abstract Instant Messaging ( IM ) is experiencing tremendous growth, becoming the fastest-growing communications
More informationPhishing Activity Trends Report January, 2005
Phishing Activity Trends Report January, 2005 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent web sites which attempt to trick them into divulging
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationDONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY
DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY Published By: Fusion Factor Corporation 2647 Gateway Road Ste 105-303 Carlsbad, CA 92009 USA 1.0 Overview Fusion Factor s intentions for publishing an
More informationIBM Internet Security Systems October Market Intelligence Brief
IBM Internet Security Systems October 2007 Market Intelligence Brief Page 1 Contents 1 All About AIX : Security for IBM AIX 1 AIX Adoption Rates 2 Security Benefits within AIX 3 Benefits of RealSecure
More informationThe 2017 State of Endpoint Security Risk
The 2017 State of Endpoint Security Risk Attacks are evolving. As a result, today s organizations are struggling to secure their endpoints, and paying a steep cost for each successful attack. To discover
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationTrustwave SEG Cloud BEC Fraud Detection Basics
.trust Trustwave SEG Cloud BEC Fraud Detection Basics Table of Contents About This Document 1 1 Background 2 2 Configuring Trustwave SEG Cloud for BEC Fraud Detection 5 2.1 Enable the Block Business Email
More informationBUFFERZONE Advanced Endpoint Security
BUFFERZONE Advanced Endpoint Security Enterprise-grade Containment, Bridging and Intelligence BUFFERZONE defends endpoints against a wide range of advanced and targeted threats with patented containment,
More informationXerox FreeFlow Print Server. Security White Paper. Secure solutions. for you and your customers
Xerox FreeFlow Print Server Security White Paper Secure solutions for you and your customers Executive Summary Why is security more important than ever? New government regulations have been implemented
More informationBuild Your Zero Trust Security Strategy With Microsegmentation
Why Digital Businesses Need A Granular Network Segmentation Approach GET STARTED Overview The idea of a secure network perimeter is dead. As companies rapidly scale their digital capabilities to deliver
More informationEasy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.
Security Solutions Our security suite protects against email spam, viruses, web-based threats and spyware while delivering disaster recovery, giving you peace of mind so you can focus on what matters most:
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationRF Code Delivers Millions of Dollars in Annual Power & Cooling Savings for CenturyLink
INDUSTRIAL INTERNET IN ACTION CASE STUDY RF Code Delivers Millions of Dollars in Annual Power & Cooling Savings for CenturyLink CLIENT PROFILE CenturyLink Technology Solutions is the second largest telecommunications
More informationBlock Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable protection
SecureSMART Block Email Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable email protection SecureSMART protects your network from viruses, spam, advanced
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationPanda Security 2010 Page 1
Panda Security 2010 Page 1 Executive Summary The malware economy is flourishing and affecting both consumers and businesses of all sizes. The reality is that cybercrime is growing exponentially in frequency
More informationAnti-Virus. Anti-Virus Scanning Overview. This chapter contains the following sections:
This chapter contains the following sections: Scanning Overview, page 1 Sophos Filtering, page 2 McAfee Filtering, page 4 How to Configure the Appliance to Scan for Viruses, page 6 Sending an Email to
More informationManagement Information Systems (MMBA 6110-SP) Research Paper: Internet Security. Michael S. Pallos April 3, 2002
Management Information Systems (MMBA 6110-SP) Research Paper: Internet Security Michael S. Pallos April 3, 2002 Walden University Dr. Pamela Luckett-Wilson ii TABLE OF CONTENTS Internet Security... 1 Executive
More informationSecurity and Compliance for Office 365
Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world, you may be
More informationIPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions
IPS Effectiveness IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions An Intrusion Prevention System (IPS) is a critical layer of defense that helps you protect
More information