CLOUD SECURITY: PROTECTING YOUR CLOUD-BASED IT INFRASTRUCTURE. Stephen Coty Chief Security Evangelist
|
|
- Clinton Hood
- 5 years ago
- Views:
Transcription
1 CLOUD SECURITY: PROTECTING YOUR CLOUD-BASED IT INFRASTRUCTURE Stephen Coty Chief Security Evangelist
2 Threats in the Cloud are Increasing With Adoption Increase in attack frequency Traditional on-premises threats are moving to the cloud Majority of cloud incidents were related to web application attacks, brute force attacks, and vulnerability scans Brute force attacks and vulnerability scans are now occurring at near-equivalent rates in both cloud and on-premises environments Malware/Botnet is increasing year over year
3 Cloud Attacks With the Biggest Change Cloud environments saw significant increases with brute force attacks climbing from 30% to 44% of customers, and vulnerability scans increasing from 27% to 44% Malware/botnet attacks, historically the most common attacks in the onpremises datacenter, are on the rise in CHP environments
4 Honeypots Designs The honeypot data cited was gathered using Low-interaction Simulates high level services Medium Interaction Delivers form pages and collects Keystrokes SCADA Simulates a (Supervisory Control And Data Acquisition) system Web application software that emulates a vulnerable OS and application Fictitious business domains have been created to redirect traffic to what would be considered a legitimate business These particular honeypots monitored connections to common ports and gathered statistics on IP, country, and malware, if submitted
5 Honeypot Findings Highest volume of attacks occurred in Europe Attacks against Microsoft DS accounted for over 51% of the overall attack vectors Database services have been a consistent target 14% of the malware loaded on the Honeypots was considered undetectable by AV Underscores the importance of a defense in depth strategy for the need to secure your enterprise and cloud infrastructure
6 Global Analysis
7 Industry Analysis - Financial
8 Industry Analysis - Healthcare
9 Emerging Groups
10 Tools of the Trade
11 HOW DO WE DEFEND AGAINST THESE ATTACKS
12 Security Architecture Firewall/ACL Intrusion Detection Deep Packet Forensics Netflow Analysis Network NAC DDOS Scanner Vulnerabilities Log Mgmt SDLC Patch Mgmt Server/App Mail/Web Filter Scanner Backup Anti-Virus Encryption GPG/PGP FIM Host Anti Malware IAM Central Storage
13 Data Correlation is the Key
14 Content is King alert tcp $EXTERNAL_NET any -> any any (msg:"heartbleed Scan Detected - Heartbeat"; flow:to_server,established; content:" 00 0f "; rawbytes; classtype:successful-recon-limited; sid: ; rev: 1;) alert tcp $EXTERNAL_NET any -> any any (msg:"heartbleed Scan Detected - Metasploit - Pattern 1"; flow:to_server,established; content:" "; rawbytes; classtype:heartbleed-information-leak; sid: ; rev:1;) alert tcp $EXTERNAL_NET any -> any any (msg:"heartbleed Scan Detected - Mal Pattern 2"; flow:to_server,established; content:" "; rawbytes; classtype:heartbleed-information-leak; sid: ; rev:1;) alert tcp $EXTERNAL_NET any -> any any (msg:"heartbleed Scan Detected - Mal Pattern 3"; flow:to_server,established; content:" "; rawbytes; classtype:heartbleed-information-leak; sid: ; rev:1;)
15 THREAT INTELLIGENCE
16 Why Honeypots? Honeypots give us a unique data set Simulates vulnerable systems without the risk of real data loss Gives the ability to collect intelligence from malicious attackers Allows for collection of various different attacks based on system Helps identify what industry specific targets are out there
17 Samples of Malware detected If an attacker were using the collected malware to launch an attack against an individual or an enterprise it would be theoretically run in this order. 1. Ping Sweep 2. Port Reconnaissance 3. Exploit a Vulnerability 4. Check for Shares or Networked Drives 5. Load Malware 6. Load Worm 7. Load Remote Access Trojan for full Control
18 Partnering with other Researchers
19 Associations
20 Monitoring the Social Media Accounts
21 Following IRC and Forums
22 Tracking and Predicting the Next Move He is a guy from a European country/ (Russia) His handle or nick is madd3 Using ICQ as a tool of communication (illegal transaction) A simple /whois command to the nick provided us with good information (Leaseweb) ircname : John Smith channels : #chatroom server : irc.private-life.biz [Life Server] Check this out user has another room. #attackroom4 We can confirm that Athena version is being use to attack other sites. 2,300 infected Users Cracked Software is available in forums As of today 1 BTC to $ or
23 Forums to Follow darkode.com & exploit.in- Russian
24 CLOUD SECURITY BEST PRACTICES
25 Cloud Environments 101
26 How the Hypervisor functions In this model the processor provides 4 levels, also known as rings, which are arranged in a hierarchical fashion from Ring 0 to Ring 3. Only 0, 1 and 3 have privilege, some kernel designs demote curtain privileged components to ring 2 The operating system runs in ring 0 with the operating system kernel controlling access to the underlying hardware To assist virtualization, VT and Pacifica insert a new privilege level beneath Ring 0. Both add nine new machine code instructions that only work at "Ring -1," intended to be used by the hypervisor
27 Cloud Server Architecture VM Servers are designed so that the hypervisor (or monitor, or Virtual Machine Manager) is the only fully privileged entity in the system, and has an extremely small footprint. It controls only the most basic resources of the system, including CPU and memory usage, privilege checks, and hardware interrupts
28 Nine Best Practices of Cloud Security 1. Secure your code 2. Create access management policies 3. Adopt a patch management approach 4. Review logs regularly 5. Build a security toolkit 6. Stay informed of the latest vulnerabilities that may affect you 7. Understand your cloud service providers security model 8. Understand the shared security responsibility 9. Know your adversaries
29 1. Secure Your Code Test inputs that are open to the Internet Add delays to your code to confuse bots Use encryption when you can Test libraries Scan plugins Scan your code after every update Limit privileges Stay informed
30 2. Create Access Management Policies Identify data infrastructure that requires access Define roles and responsibilities Simplify access controls (KISS) Continually audit access Start with a least privilege access model
31 3. Adopt a Patch Management Approach Inventory all production systems Devise a plan for standardization, if possible Compare reported vulnerabilities to production infrastructure Classify the risk based on vulnerability and likelihood Test patches before you release into production Setup a regular patching schedule Keep informed, follow bugtraqer Follow a SDLC
32 4. Importance of Log Management and Review Monitoring for malicious activity Forensic investigations Compliance needs System performance All sources of log data is collected Data types (Windows, Syslog) Review process Live monitoring Correlation logic
33 5. Build a Security Toolkit Recommended Security Solutions Antivirus IP tables/firewall Backups FIM Intrusion Detection System Malware Detection Web Application Firewalls Anomaly behavior via netflow Future Deep Packet Forensics
34 6. Stay Informed of the Latest Vulnerabilities Websites to follow
35 7. Understand Your Cloud Service Providers Security Model Review of Service Provider Responsibilities Hypervisor Example Questions to use when evaluating cloud service providers
36 8. Service Provider & Customer Responsibility Summary Apps Secure coding and best practices Software and virtual patching Configuration management Access management Application level attack monitoring Cloud Service Provider Responsibility Hosts Networks Hardened hypervisor System image library Root access for customer Logical network segmentation Perimeter security services External DDoS, spoofing, and scanning prevented Access management Patch management Configuration hardening Security monitoring Log analysis Network threat detection Security monitoring Customer Responsibility Provider Services Compute Storage DB Network
37 9. Understand your Adversaries
38 EXAMPLES OF SHARED RESPONSIBILITIES
39 Cloud Server Architecture VM Servers are designed so that the hypervisor (or monitor, or Virtual Machine Manager) is the only fully privileged entity in the system, and has an extremely small footprint. It controls only the most basic resources of the system, including CPU and memory usage, privilege checks, and hardware interrupts
40 How the Hypervisor functions In this model the processor provides 4 levels, also known as rings, which are arranged in a hierarchical fashion from Ring 0 to Ring 3. Only 0, 1 and 3 have privilege, some kernel designs demote curtain privileged components to ring 2 The operating system runs in ring 0 with the operating system kernel controlling access to the underlying hardware To assist virtualization, VT and Pacifica insert a new privilege level beneath Ring 0. Both add nine new machine code instructions that only work at "Ring -1," intended to be used by the hypervisor
41 Exploitation of the Hypervisor CVE The PHYSDEVOP_{prepare,release}_msix operations are supposed to be controlled by dom0 access as it allows access to host and other vm's controlled by the host, but the necessary privilege level check was missing Two different functions were added to Xen in physdevop to manage resources for allocation and deallocation of msi-x devices This can easily result in malicious or misbehaving unprivileged guests, causing the host or other guests to malfunction. This can result in host-wide denial of service of all the vm s and the host itself In physdev.c the attacker has a function: ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) This has a command in switch/case values which lead us to:
42 Exploitation of the Hypervisor CVE Knowing the attacker has seg, bus, and devfn, functions are now being passed to pci_prepare_msix which is Figure 1 The attacker first has to pass the pos check for pci_find_cap_offset. If there's nothing there then they have to pass the pci_get_pdev check Figure 1 Check out pci_find_cap_offset
43 Application Exploitation Without Secure Coding WordPress: 162,000 legitimate sites used for DDos attack Exploited the XML-RPC Protocol Pingback enabled sites were exploited - Trackback - Pingbacks - Remote Access via mobile devices Generated over 24 million hits at a rate of 3,000 hits per second Random query of? = bypasses cache and forces full page reloads Check logs for POST requests to the XML-RPC file
44 Application Exploitation Without Secure Coding This June 0Day allows an attacker to remotely remove and modify files stored on the server without authentication TimThumb,written by Ben Gilbanks, is a simple, flexible, PHP script that resizes images. You give it a bunch of parameters, and it spits out a thumbnail image that you can display on your site. Looking at the type of vulnerabilities that hackers were trying to exploit, we saw a clear preference for Remote File Inclusion vulnerabilities, which accounted for 96% of all vulnerability types Patch was released in Q3 Source: WhiteHat Security
45 To Follow our Research Twitter: Blog: - Newsletter: - Websites to follow Cloud Security Report - Zero Day Magazine -
46 THANK YOU
EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security
EMERGING THREATS & STRATEGIES FOR DEFENSE Paul Fletcher Cyber Security Evangelist @_PaulFletcher Threats by Customer Environment Cloud Environment On Premise Environment 1.96% 0.13% 0.02% application-attack
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationAURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo
ETHICAL HACKING (CEH) CURRICULUM Introduction to Ethical Hacking What is Hacking? Who is a Hacker? Skills of a Hacker? Types of Hackers? What are the Ethics and Legality?? Who are at the risk of Hacking
More informationEthical Hacking and Prevention
Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive
More informationETHICAL HACKING & COMPUTER FORENSIC SECURITY
ETHICAL HACKING & COMPUTER FORENSIC SECURITY Course Description From forensic computing to network security, the course covers a wide range of subjects. You will learn about web hacking, password cracking,
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationCIH
mitigating at host level, 23 25 at network level, 25 26 Morris worm, characteristics of, 18 Nimda worm, characteristics of, 20 22 replacement login, example of, 17 signatures. See signatures SQL Slammer
More informationAbout NitroSecurity. Application Data Monitor. Log Mgmt Database Monitor SIEM IDS / IPS. NitroEDB
About NitroSecurity NitroEDB IDS / IPS SIEM Log Mgmt Database Monitor Application Data Monitor Born from the INL Highly Optimized Core Architecture, Using Patented Technology - 8 unique mechanisms to improve
More informationCISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
More informationUnderstanding Perimeter Security
Understanding Perimeter Security In Amazon Web Services Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com Changing Your Perspective How do I securing my business applications in AWS? Moving
More informationDynamic Datacenter Security Solidex, November 2009
Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic
More informationChapter 4. Network Security. Part I
Chapter 4 Network Security Part I CCNA4-1 Chapter 4-1 Introducing Network Security Introduction to Network Security CCNA4-2 Chapter 4-1 Introducing Network Security Why is Network Security important? Rapid
More informationAdvanced Diploma on Information Security
Course Name: Course Duration: Prerequisites: Course Fee: Advanced Diploma on Information Security 300 Hours; 12 Months (10 Months Training + 2 Months Project Work) Candidate should be HSC Pass & Basic
More informationStrategic Infrastructure Security
Strategic Infrastructure Security Course Number: SCPSIS Length: Certification Exam There are no exams currently associated with this course. Course Overview This course picks up right where Tactical Perimeter
More informationCYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter
More informationCyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX
Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security HTML PHP Database Linux Operating System and Networking: LINUX NETWORKING Information Gathering:
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationCompTIA CSA+ Cybersecurity Analyst
CompTIA CSA+ Cybersecurity Analyst Duration: 5 Days Course Code: Target Audience: The CompTIA Cybersecurity Analyst (CSA+) examination is designed for IT security analysts, vulnerability analysts, or threat
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationSINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker
NH9000 Certified Ethical Hacker 104 Total Hours COURSE TITLE: Certified Ethical Hacker COURSE OVERVIEW: This class will immerse the student into an interactive environment where they will be shown how
More informationIntelligent and Secure Network
Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence
More informationCurso: Ethical Hacking and Countermeasures
Curso: Ethical Hacking and Countermeasures Module 1: Introduction to Ethical Hacking Who is a Hacker? Essential Terminologies Effects of Hacking Effects of Hacking on Business Elements of Information Security
More informationACS / Computer Security And Privacy. Fall 2018 Mid-Term Review
ACS-3921-001/4921-001 Computer Security And Privacy Fall 2018 Mid-Term Review ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted and/or modified
More informationChecklist for Evaluating Deception Platforms
Checklist for Evaluating Deception Platforms With over 700 reported breaches occurring annually, a modern day adaptive security defense requires a combination of prevention, detection, response, and prediction
More informationCyber Security. Our part of the journey
Cyber Security Our part of the journey The Journey Evolved Built on the past Will be continued Not always perfect Small Steps moving forward The Privileged How to make enemies quickly Ask before acting
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationEnterprise D/DoS Mitigation Solution offering
Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution
More informationABB Ability Cyber Security Services Protection against cyber threats takes ability
ABB Ability Cyber Security Services Protection against cyber threats takes ability In today s business environment, cyber security is critical for ensuring reliability of automation and control systems.
More information6 MILLION AVERAGE PAY. CYBER Security. How many cyber security professionals will be added in 2019? for popular indursty positions are
PROGRAM Objective Cyber Security is the most sought after domain, and NASSCOM projects a requirment of over 1 million trained professionals by 2025. Tevel training program is an industry & employability
More informationThe Evolving Threat of Internet Worms
The Evolving Threat of Internet Worms Jose Nazario, Arbor Networks Why Worm Based Intrusions Relative ease Write once, run everywhere promise can come true Penetration Right past firewalls
More informationCertified Ethical Hacker (CEH)
Certified Ethical Hacker (CEH) COURSE OVERVIEW: The most effective cybersecurity professionals are able to predict attacks before they happen. Training in Ethical Hacking provides professionals with the
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationADVANCED, UNKNOWN MALWARE IN THE HEART OF EUROPE
ADVANCED, UNKNOWN MALWARE IN THE HEART OF EUROPE AGENDA Network Traffic Analysis: What, Why, Results Malware in the Heart of Europe Bonus Round 2 WHAT: NETWORK TRAFFIC ANALYSIS = Statistical analysis,
More informationPROTECTING INFORMATION ASSETS NETWORK SECURITY
PROTECTING INFORMATION ASSETS NETWORK SECURITY PAUL SMITH 20 years of IT experience (desktop, servers, networks, firewalls.) 17 years of engineering in enterprise scaled networks 10+ years in Network Security
More informationIBM Proventia Network Anomaly Detection System
Providing enterprise network visibility and internal network protection IBM Proventia Network Anomaly Detection System Enhanced network intelligence and security for enterprise networks IBM Proventia Network
More informationHOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL
HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL CONTENTS EXECUTIVE SUMMARY 1 WEB APPLICATION SECURITY CHALLENGES 2 INSIST ON BEST-IN-CLASS CORE CAPABILITIES 3 HARNESSING ARTIFICIAL INTELLIGENCE
More informationLook Who s Hiring! AWS Solution Architect AWS Cloud TAM
Look Who s Hiring! AWS Solution Architect https://www.amazon.jobs/en/jobs/362237 AWS Cloud TAM https://www.amazon.jobs/en/jobs/347275 AWS Principal Cloud Architect (Professional Services) http://www.reqcloud.com/jobs/701617/?k=wxb6e7km32j+es2yp0jy3ikrsexr
More informationPass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores
Pass4suresVCE http://www.pass4suresvce.com Pass4sures exam vce dumps for guaranteed success with high scores Exam : CS0-001 Title : CompTIA Cybersecurity Analyst (CySA+) Exam Vendor : CompTIA Version :
More information2017 Annual Meeting of Members and Board of Directors Meeting
2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,
More informationPerimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN
T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN Perimeter Defenses Enterprises need to take their security strategy beyond stacking up layers of perimeter defenses to building up predictive
More informationCisco s Appliance-based Content Security: IronPort and Web Security
Cisco s Appliance-based Content Security: IronPort E-mail and Web Security Hrvoje Dogan Consulting Systems Engineer, Security, Emerging Markets East 2010 Cisco and/or its affiliates. All rights reserved.
More informationn Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic
Chapter Objectives n Understand how to use appropriate software tools to assess the security posture of an organization Chapter #7: Technologies and Tools n Given a scenario, analyze and interpret output
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationCyber Security Audit & Roadmap Business Process and
Cyber Security Audit & Roadmap Business Process and Organizations planning for a security assessment have to juggle many competing priorities. They are struggling to become compliant, and stay compliant,
More informationSecuring Your Amazon Web Services Virtual Networks
Securing Your Amazon Web Services s IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up a workload,
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationWireless and Network Security Integration Solution Overview
Wireless and Network Security Integration Solution Overview Solution Overview Introduction Enterprise businesses are being transformed to meet the evolving challenges of today's global business economy.
More informationCopyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationIntrusion Detection. Comp Sci 3600 Security. Introduction. Analysis. Host-based. Network-based. Distributed or hybrid. ID data standards.
or Detection Comp Sci 3600 Security Outline or 1 2 3 4 5 or 6 7 8 Classes of or Individuals or members of an organized crime group with a goal of financial reward Their activities may include: Identity
More informationComprehensive datacenter protection
Comprehensive datacenter protection There are several key drivers that are influencing the DDoS Protection market: DDoS attacks are increasing in frequency DDoS attacks are increasing in size DoS attack
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More information01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED
01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments
More informationChapter 10: Denial-of-Services
Chapter 10: Denial-of-Services Technology Brief This chapter, "Denial-of-Service" is focused on DoS and Distributed Denial-of-Service (DDOS) attacks. This chapter will cover understanding of different
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationCIS Controls Measures and Metrics for Version 7
Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationΟ ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος
Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος Providing clarity and consistency for the protection of personal data The General
More informationCourse 831 Certified Ethical Hacker v9
Course 831 Certified Ethical Hacker v9 Duration: 5 days What You Get: CEH v9 Certification exam voucher 5 days of high quality classroom training 18 comprehensive modules 40% of class hours dedicated to
More informationCIS Controls Measures and Metrics for Version 7
Level 1.1 Utilize an Active Discovery Tool 1.2 Use a Passive Asset Discovery Tool 1.3 Use DHCP Logging to Update Asset Inventory 1.4 Maintain Detailed Asset Inventory 1.5 Maintain Asset Inventory Information
More informationSecuring Your Microsoft Azure Virtual Networks
Securing Your Microsoft Azure Virtual Networks IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up
More informationDesigning an Adaptive Defense Security Architecture. George Chiorescu FireEye
Designing an Adaptive Defense Security Architecture George Chiorescu FireEye Designing an Adaptive Security Architecture Key Challanges Existing blocking and prevention capabilities are insufficient to
More informationWHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX
WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX 1 INTRODUCTION The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK ) Matrix provides a model
More informationSECURITY IN MICROSOFT AZURE. Marija Strazdas Sr. Solutions Engineer
SECURITY IN MICROSOFT AZURE Marija Strazdas Sr. Solutions Engineer Infrastructure Has Changed Buying Hardware EARLY 2000 s MID 2000 s NOW Infrastructure Has Changed Buying Hardware Infrastructure As Code
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationNetwork Security Platform 8.1
8.1.7.82-8.1.3.100 Manager-M-series Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More information2. INTRUDER DETECTION SYSTEMS
1. INTRODUCTION It is apparent that information technology is the backbone of many organizations, small or big. Since they depend on information technology to drive their business forward, issues regarding
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSeqrite Endpoint Security
Enterprise Security Solutions by Quick Heal Integrated enterprise security and unified endpoint management console Enterprise Suite Edition Product Highlights Innovative endpoint security that prevents
More informationVenusense UTM Introduction
Venusense UTM Introduction Featuring comprehensive security capabilities, Venusense Unified Threat Management (UTM) products adopt the industry's most advanced multi-core, multi-thread computing architecture,
More informationSIEM (Security Information Event Management)
SIEM (Security Information Event Management) Topic: SECURITY and RISK Presenter: Ron Hruby Topics Threat landscape Breaches and hacks Leadership and accountability Evolution of security technology What
More informationCyber Defense Operations Center
Cyber Defense Operations Center Providing world-class security protection, detection, and response Marek Jedrzejewicz Principal Security Engineering Manager Microsoft Corporation 1 Cybersecurity. In the
More informationIdentity & Access Management
Identity & Access Management THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? S E C U R I T Y OR P R O D U C T I V I T Y On-premises THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY
More informationSYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet
SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationProtecting Against Online Fraud. F5 EMEA Webinar August 2014
Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 3.1: OS Security Basics of secure design Endadul Hoque Slide Acknowledgment Contents are based on slides from Ninghui Li (Purdue), John Mitchell (Stanford), Dan Boneh (Stanford)
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More informationCloud Security Myths Paul Mazzucco, Chief Security Officer
Cloud Security Myths Paul Mazzucco, Chief Security Officer Discussion Points >Yesterday s standards: today s security myths >Cloud security: an ongoing mandate >Actions to take now 90% of Businesses Breached
More informationSimplify Your Network Security with All-In-One Unified Threat Management
Singtel Business Product Factsheet Brochure Managed Defense Unified Services Management Simplify Your Network Security with All-In-One Unified Management Singtel Managed Unified Management (UTM) Services,
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationResearch on the Evolving State of Cloud Security
Research on the Evolving State of Cloud Security Spring 2014 Research on the Evolving State of Cloud Security Spring 2014 EXECUTIVE SUMMARY Key Findings From Latest Data Set 2 Cloud Honeypots 3 Summary
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationCompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management
CompTIA Security+ Lecture Six Threats and Vulnerabilities Vulnerability Management Copyright 2011 - VTC Malware Malicious code refers to software threats to network and systems, including viruses, Trojan
More informationegambit Your defensive cyber-weapon system. You have the players. We have the game. TEHTRIS
egambit Your defensive cyber-weapon system. You have the players. We have the game. 2010-2017 1 NIDS egambit is the awarded product that can monitor and improve your IT Security against complex threats
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 6 Intrusion Detection First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Intruders significant issue hostile/unwanted
More informationData Communication. Chapter # 5: Networking Threats. By: William Stalling
Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016
Abstract The Mirai botnet struck the security industry in three massive attacks that shook traditional DDoS protection paradigms, proving that the Internet of Things (IoT) threat is real and the grounds
More informationChapter 11: Networks
Chapter 11: Networks Devices in a Small Network Small Network A small network can comprise a few users, one router, one switch. A Typical Small Network Topology looks like this: Device Selection Factors
More information