Security Experts Webinar
|
|
- Matilda Stephens
- 6 years ago
- Views:
Transcription
1 Security Experts Webinar Content Security and Web Fabio Panada Consulting Systems Engineer Security Mauro Pellicioli Systems Engineer May 2016
2 Content Security - Agenda Threat Landscape Cisco Approach to modern threats Web Security Security Q&A
3 Threat Landscape
4 Attack surface - Attackers: A growing appetite to leverage targeted phishing campaigns SPAM up 250% Example: Snowshoe SPAM attack morphing
5 Attack surface web browsers More than 85% of the companies studied were affected each month by malicious browser extensions
6 Attack surface user error on web Users becoming complicit enablers of attacks Untrustworthy sources Clickfraud and Adware Outdated browsers 10% 64% vs IE requests running latest version Chrome requests running latest version
7 Exploit Kits, e.g. Cryptowall version 4 CRYPTOWALL 4.0 Notorious ransomware Version 1 first seen in 2014 Distributed via Exploitkits and Phishing s Fast Evolution
8 Web and are portable Mobile Coffee shop Corporate Home Airport
9 Sample attacking: Joe CFO Joe is now infected Joe opens the link and the resort video plays. Although he doesn t know it, Joe s machine has been compromised by a Silverlight based video exploit. The malware now starts to harvest Joe s confidential information: Passwords Credentials Company access authorizations
10 The Attack Continuum BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate Network Endpoint Mobile Virtual Cloud X Threat IntelligencePoint in Time Continuous
11 Cloud to Core Coverage 18.5 BILLION AMP queries a day END POINT: Software ClamAV, Razorback, Moflow 16 BILLION web requests a day WEB: Reputation, URL Filtering, AVC CLOUD: FireAMP & ClamAV detection content 300 BILLION messages a day Reputation, AntiSpam, Outbreak Filters
12 Cisco Security Integration with Threat Intelligence Built on Outstanding Collective Security Analytics I00I III0I III00II 0II00II I0I I000 0II0 00 0III000 II Cisco III000III0 I00I II0I III Cisco SIO Endpoints Web Networks IPS Devices 1.6 million global sensors WWW 100 TB of data received per day 150 million+ deployed endpoints 600+ engineers, technicians, and researchers 35% worldwide traffic 13 billion web requests 24x7x365 operations 40+ languages Cisco Sourcefire III0 I00I II0I III00II 0II00II II0 00 0III000 III0I00II II II0000I II0 100I II0I III00II 0II00II I0I000 0II0 00 Talos Cisco ESA AMP Advanced Malware Protection VRT (Vulnerability Research Team) 180,000+ File Samples per Day Cisco AMP Community Advanced Microsoft and Industry Disclosures Snort and ClamAV Open Source Communities Honeypots Sourcefire AEGIS Program Private and Public Threat Feeds Dynamic Analysis
13 Security
14 Cisco Security Threat Defense Complete Inbound Protection Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Cisco Talos SenderBase Reputation Filtering Drop Antispam Drop/Quarantine Antivirus Drop/Quarantine Advanced Malware Protection (AMP) Drop/Quarantine Graymail Detection Rewrite Outbreak Filters Quarantine/Rewrite Real-Time URL Analysis Deliver Quarantine Rewrite URLs Drop
15 Cisco Reputation Database Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Threat Intelligence Over 1.6 million global devices Historical library of 40,000 threats Spam Traps Complaint Reports IP Blacklists and Whitelists 35% of global traffic seen per day 13 billion+ worldwide web requests seen per day 200+ parameters tracked Message Composition Data Compromised Host Lists Website Composition Data Multivector visibility Benefits 360-degree dynamic threat visibility Understanding of vulnerabilities and exploit technologies Global Volume Data Domain Blacklist and Safelists Other Data Visibility into highest threat vehicles Latest attack trends and techniques IP Reputation Score
16 Antispam Processing Defense in Depth Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Intelligent multiscan (IMS) Cisco Antispam Engine What Cisco Antispam Engine Antispam Engine B Incoming mail good, bad, and unknown SBRS Powered by Cisco SIO Mail Policies Normal mail is spam filtered Suspicious s are rate limited and spam filtered Who Where Cisco Anti-Spam When How Antispam Engine (Future) Whitelist is spam filtered Known bad is blocked before entering the network URL reputation and context used in scoring > 99% catch rate < 1 in 1 million false positives
17 Antispam Architecture Marketing Message Detection Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Privacy Policy At Buy.com, your privacy is a top priority. Please read our privacy policy details. All information collected from you will be shared with Buy.com and its affiliate companies.
18 URL Defense Integrated and Web Security Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Contains URL Cisco Talos Rewrite Send to Cloud Defang/ BLOCKEDwww.playb oy.comblocked BLOCKEDwww.prox y.orgblocked Replace This URL is blocked by policy URL Reputation and Categorization
19 Antivirus Defense in Depth Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Antispam Engines Antivirus Engines Cisco Anti-Spam Choice of Antivirus Engines Sophos McAfee Or both Sophos and McAfee
20 Cisco Zero-Hour Malware Protection Advanced Malware Protection Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Cisco AMP integration Reputation update File Reputation File Sandboxing Known file reputation Advanced Malware Protection Unknown files are uploaded for sandboxing (archived, Windows PE, PDF, MS Office) Outbreak Filters
21 Cisco Zero-Hour Malware Protection Cisco AMP Retrospective Alerts Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Retrospective alerts and reports Give updates on files that have passed through the system Alert administrators to files that have changed disposition Inform you of files that had delayed payloads or other techniques designed to bypass sandboxing Collective Security Intelligence Event History Retrospection = Continuous Advanced Threat Protection
22 DLP and Compliance Standalone or Part of a Comprehensive DLP Solution Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Accurate, Easy, and Extensible On-Box RSA DLP Engine Data-Loss Prevention Integrated with RSA Enterprise DLP Uptime Risk-Policy Definition Threat Prevention Scanning Policy Enforcement Incidents Policies Advanced Incident Workflow Fingerprinting
23 Rate Limiting Outbound Rate Limit per Mail from Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Receive alerts identifying high-volume possibly infected senders Rate limit can be set higher for senders such as marketing or customer help desk Users can send up to 100 mails per hour s s Malicious Sender Known High- Volume Sender Typical User! Policy! Administrator can set rate limit for individual senders Admin Alert admin when limit is hit
24 Cisco Envelope Encryption Easy for the Sender Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Cisco Security Appliance Message Key Sender Controls Recipient Automated key management No desktop software requirements Send transparently to any address Encryption triggered by + keywords policies senders recipients etc.
25 And Easy for the Recipient Before Discover Enforce Harden During Detect Defend After Scope Contain Remediate Cisco Registered Envelope Service Corporate Credentials (opt) Open attachment Confirm identity View message
26 Flexible Deployment Options Industry-Leading, Best-in-Class Protection at the Gateway On Premises Cloud Deployment Options Appliance Virtual Hybrid Hybrid Cloud Managed Multidevice Support Desktop Mobile Laptop Cloud Tablet
27 Web Security
28 Web Pages Contain Hidden Threats Flash Java JPG PDF Script.exe Etc. Potential Threats
29 Loss of Productivity Is Also a Threat How Much Bandwidth and Time Is Being Wasted on Web 2.0 Every Day? Facebook YouTube Pandora Option Facebook time: 2,110,516 minutes or 35,175 hours, 1465 days, 4.1 years Number of Facebook likes: 3,925,407 at 1 second a like; that s almost 1100 hours per day or 45 days just liking things Bytes on YouTube video playback: 11,344,463,363,245 or 10 TB Pandora: 713,884,303,727 or.6 TB Total browse time for the day: 2,270,690,423 or 4320 years Total bytes for the day: 70,702,617,989,737 or 64 TB or 15% from YouTube Source: Cloud Web Security Report
30 Talos Cisco Web Security Appliance (WSA) Before During Appliance After Virtual Web Reputation Web Filtering Application Visibility and Control Cloud Access Security Parallel AV Scanning File Reputation Data-Loss Prevention File Sandboxing Cognitive Threat Analytics* www Client Authentication Technique File Retrospection Cisco ISE X X X X X X X Traffic Redirections WCCP Load Balancer Explicit/PAC PBR AnyConnect Client www www www HQ Admin Management Reporting Log Extraction Campus Office Branch Office Roaming User Allow Warn Partial * Roadmap feature: Projected release 2H CY15
31 Reputation Analysis The Power of Real-Time Context BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate IP Reputation Score Who Where How When Suspicious Server in High example.com Example.org San London Beijing Kiev Jose Domain Owner Risk Location Dynamic IP HTTPS SSL Address Web Domain Server Registered Less Than < > < 1 2 Month 1 Year Min
32 Cisco Web Usage Controls URL Filtering and Dynamic Content Analysis BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate WWW WWW Allow WWW Warn If Unknown, the Page Is Analyzed URL Database If Known WWW 1. Scans text 2. Scores relevancy 3. Calculates model document proximity 4. Returns closest category match Finance Adult Health Finance Adult Health 5. Enforces policy WWW Allow WWW WWW Partial Warn WWW
33 Acceptable Use Controls for Today s Web Reduce Disruptions from Distracted Users URL Filtering Application Visibility and Control (AVC) Apps Control over collaborative and Web 2.0 applications URL database covers over 50 million sites worldwide Real-time dynamic categorization for unknown URLs + 150,000+ Micro-Apps Application Behavior Policy control over which apps can be used by which users and devices Granular enforcement of behaviors within applications Visibility of activity across the network
34 Time and Volume Quotas Intelligent Controls of Bandwidth Usage Time and volume quotas allow WSA administrators to configure polices to restrict access based on amount of data (in bytes) and time Quotas are applicable to HTTP, HTTPS, and FTP traffic Can be configured under access policies and decryption policies Can be configured with time ranges to apply them for specific periods of time Quotas are reset daily; the reset time is configurable When more than one quota is applicable the most restrictive quota applies Quotas are applied per user; when user identity is not available they are applied per IP address
35 Cisco AMP Delivers a Better Approach BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate Point-in-Time Protection Retrospective Security File Reputation, Sandboxing, and Behavioral Detection Continuous Analysis Unique to Cisco AMP
36 Improve the Accuracy of Threat Identification with File Reputation BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate File Reputation One-to-One Identifies specific instances of malware with a signature-based approach Fuzzy Fingerprinting Automatically detects polymorphic variants of known malware Machine Learning Identifies new malware using statistical modeling and analytics engines AMP Collective User Base File Reputation AMP Dynamic Malware Analysis CTA Layer 1 Collective User Base Anomaly detection Trust modeling CWS PREMIUM CTA Layer 2 Event classification Machine Learning Decision Tree Possible Malware Possible clean file Entity modeling Confirmed Malware Confirmed Clean File Confirmed Clean File Confirmed Clean File CTA Layer 3 Relations File Retrospection
37 Get Insight on What a File Has Done and Where It Has Been with File Retrospection File Retrospection BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate Analyze Monitor Identify AMP File Reputation AMP Dynamic Malware Analysis CTA Layer 1 Anomaly detection Trust modeling CWS PREMIUM CTA Layer 2 Event classification Entity modeling CTA Layer 3 Relations File Retrospection 1 Performs analysis the first time a file is seen 2 Analyzes the file persistently over time to see if the disposition is changed 3 Gives unmatched visibility into the path, actions, or communications associated with a particular software
38 Incoming Traffic AMP Threat Grid Feeds Dynamic Malware Analysis and Threat Intelligence to the Cisco AMP Solution BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate Public Cloud Web Security Cisco AMP Client AMP Cloud Advanced malware analysis combined with deep threat analytics content in a single solution Web Proxy AMP Connector Threat Grid API File Reputation update In-depth malware analysis and data pivoting capabilities Local AV Scanners Optional Threat Grid Appliance Threat Grid Cloud Robust API to integrate and automate sample submissions Automated threat intelligence feeds
39 Easily Identify and Prioritize threats Easy-to-understand Threat Scores guide decision making 450+ behavioral indicators (and growing) Malware families, malicious behaviors, and more Detailed description and actionable information Prioritize threats with confidence Enhance SOC analyst and IR knowledge and effectiveness (and security product)
40 How CTA Analyzes a Threat BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate Attacker Techniques: Domain Generation Algorithm (DGA) 0 Domain Age: 2 Weeks - Active Channels Data Tunneling via URL (C&C) DGA DGA Domain Age: 3 Hours - WSA Proxy Webrep DGA Domain Age: 1 Day DGA C&C 0 Domain Age: 2 Weeks AV C&C +
41 Data Loss Prevention Reduce Risk of Sensitive Information Leaks Basic DLP CWS Cloud Basic DLP WSA On-Premises Advanced DLP Enterprise DLP Integration through ICAP protocol WSA + DLP Vendor Box
42 Redirect Roaming Users to Premises and Cloud Cisco AnyConnect Secure Mobility Client Web Users Cisco AnyConnect Client Web Traffic Redirection Web Security Location BEFORE Discover Enforce Harden DURING AFTER Detect Scope Contain Defend Remediate Delivers Verdict Roaming Laptop Users Client Installed on Machine VPN ACWS Routes Traffic Through SSL Tunnel Directly to Closest Cisco Cloud Proxy CWS Applies Web Security Features WWW Allow WWW Roaming Laptop, Mobile, or Tablet User VPN Backhauls Traffic Through VPN Tunnel to HQ Warn WWW Router or Firewall Router or firewall Reroutes re-route traffic Traffic to to WSA WSA or or CWS CWS WSA Applies Web Security Features
43 Extend User Identity and Context Who: Doctor What: Laptop Where: Office Identity Services Engine Integration Acquires important context and identity from the network Who: Doctor What: ipad Where: Office Who: Guest What: ipad Where: Office Cisco Identity Services Engine Consistent Secure Access Policy WSA Confidential Patient Records Internal Employee Intranet Monitors and provides visibility into unauthorized access Provides differentiated access to the network Cisco TrustSec provides segmentation throughout the network Cisco Web Security Appliance provides web security and policy enforcement Internet Available only on WSA
44 Centralized Management and Reporting Complete Solution for On-Premises or Cloud Deployment Centralized Management Centralized Reporting Centralized Policy Management Delegated Administration In-Depth Threat Visibility Extensive Forensic Capabilities Insight Across Threats, Data, and Applications Control Consistent Policy Across Offices and for Remote Users Analyze, Troubleshoot, and Refine Security Policies Visibility Visibility Across Different Devices, Services, and Network Layers
45 With unified reporting and policy management Unified Reporting Unified Policies Roaming user HQ Roaming user HQ WSA WSA Web Security Reporting Application Cloud Web Security Graphical User Interface
46 Flexible Deployment Options On- and Off-Premises On-Premises Cloud Deployment Options Appliance Virtual Next-Generation Firewall Cloud Connectors and Redirects Router Firewall Roaming Router Firewall Appliance Roaming Client Options Implicit Explicit Implicit Explicit
47 Call to Action Trial version WSA/CWS/CTA ESA/CES 45 days try and buy Ask your Cisco Sales Rep
48
Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017
Cisco Security Advanced Malware Protection Guillermo González Security Systems Engineer Octubre 2017 The New Security Model Attack Continuum Before During After Before Discover During Detect After Scope
More informationModern attacks and malware
Modern attacks and malware Everything starts with an email and web Dragan Novakovic Cisco Systems New Cyber Threat Reality Your environment will get breached You ll most likely be infected via email Hackers
More informationWe re ready. Are you?
We re ready. Are you? Defense against Multi-Vector Threats with Cisco Email and Web Security Usman Din Consulting Systems Engineer Agenda Threat Landscape Email and Web Solutions: Reputation Filtering
More informationCisco s Appliance-based Content Security: IronPort and Web Security
Cisco s Appliance-based Content Security: IronPort E-mail and Web Security Hrvoje Dogan Consulting Systems Engineer, Security, Emerging Markets East 2010 Cisco and/or its affiliates. All rights reserved.
More informationCisco Security Exposed Through the Cyber Kill Chain
Cisco Forschung & Lehre Forum für Mecklenburg Vorpommern Cisco Security Exposed Through the Cyber Kill Chain Rene Straube CSE, Cisco Advanced Threat Solutions January, 2017 The Cisco Security Model BEFORE
More informationCisco and Web Security News
Cisco Email and Web Security News Threat-centric email and web security Dragan Novakovic Security Consulting Systems Engineer dnovakov@cisco.com Email is still the #1 threat vector Phishing leaves businesses
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationCisco Advanced Malware Protection. May 2016
Cisco Advanced Malware Protection May 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious traffic 100% Cybercrime is lucrative, barrier
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationPassit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers
Passit4Sure.500-265 (50Q) Number: 500-265 Passing Score: 800 Time Limit: 120 min File Version: 5.8 Cisco 500-265 Advanced Security Architecture for System Engineers Today is big day for me as I passed
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years
More informationAgile Security Solutions
Agile Security Solutions Piotr Linke Security Engineer CISSP CISA CRISC CISM Open Source SNORT 2 Consider these guys All were smart. All had security. All were seriously compromised. 3 The Industrialization
More informationSecure solutions for advanced threats
Secure solutions for advanced email threats Threat-centric email security Cosmina Calin Virtual System Engineer November 2016 Get ahead of attackers with threat-centric security solutions In our live Security
More informationInnovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security
Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security Sven Kutzer Consulting Systems Engineer GSSO - CYBERSECURITY SALES Mittwoch, 7. März 2018 Challenges 2017
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationHow to build a multi-layer Security Architecture to detect and remediate threats in real time
How to build a multi-layer Security Architecture to detect and remediate threats in real time Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist March 2018 Agenda Cisco Strategy Umbrella
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationChapter 1: Content Security
Chapter 1: Content Security Cisco Cloud Web Security (CWS) Cisco offers Cisco Cloud Web Security (CWS) to protect End Stations and Users devices from infection. Cisco Cloud Web Security (CWS) depends upon
More informationCisco Advanced Malware Protection against WannaCry
Cisco Advanced Malware Protection against WannaCry "A false sense of security is worse than a true sense of insecurity" Senad Aruc Consulting Systems Engineer Advanced Threats Group Nils Roald Advanced
More informationConsumerization. Copyright 2014 Trend Micro Inc. IT Work Load
Complete User Protection Consumerization IT Work Load 2 Then... File/Folder & Removable Media Email & Messaging Web Access Employees IT Admin 3 Now! File/Folder & Removable Media Email & Messaging Web
More informationSilverBlight. Craig Williams Sr. Technical Leader / Security Outreach Manager Cisco and/or its affiliates. All rights reserved.
SilverBlight Craig Williams Sr. Technical Leader / Security Outreach Manager 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 2014 Cisco and/or its affiliates. All rights reserved.
More informationSymantec & Blue Coat Technical Update Webinar 29. Juni 2017
Avantec Blue Coat/Symantec Webinar Jean Marc Edder Senior Systems Engineer The Global Leader in Cyber Network + + Cloud Global market leader in Endpoint, Email, Data Loss Prevention and Website, User Authentication
More informationA New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization
A New Security Model for the IoE World Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization Internet of Everything The Internet of Everything brings together people, process, data and
More informationCisco Security: Advanced Threat Defense for Microsoft Office 365
Cisco Email Security: Advanced Threat Defense for Microsoft Office 365 Microsoft Office 365 has become the standard productivity platform in organizations large and small around the world. It is a cost-effective
More informationCognitive Threat Analytics Tech update
Cognitive Threat Analytics Tech update Mikael Grotrian, CISSP, CISM, CCSK, GISF, ITIL, PRINCE2, TOGAF Certified Consulting Systems Engineer, Cyber Security, Denmark CTA CTA CTA Cognitive Threat Analytics
More informationSourcefire and ThreatGrid. A new perspective on network security
Sourcefire and ThreatGrid A new perspective on network security Agenda An overview of traditional IPS solutions Next-Generation IPS Requirements Sourcefire Next-Generation IPS Advanced Malware Protection
More informationData Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview creates a protected endpoint and messaging environment that is secure against today s complex data loss, malware, and spam threats controlling
More informationAgenda: Insurance Academy Event
Agenda: Insurance Academy Event Drs Ing René Pluis MBA MBI Cyber Security Lead, Country Digitization Acceleration program the Netherlands The Hague, Thursday 16 November Introduction Integrated Security
More informationCisco Security Appliances
Data Sheet Cisco Email Security Appliances Product Overview Over the past 20 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate
More informationAgenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options
Agenda Why we need a new approach to endpoint security Introducing Sophos Intercept X Demonstration / Feature Walk Through Deployment Options Q & A 2 Endpoint Security has reached a Tipping Point Attacks
More informationFile Reputation Filtering and File Analysis
This chapter contains the following sections: Overview of, page 1 Configuring File Reputation and Analysis Features, page 5 File Reputation and File Analysis Reporting and Tracking, page 14 Taking Action
More informationMcAfee Advanced Threat Defense
Advanced Threat Defense Detect advanced malware Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike
More informationFIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?
WHAT IS FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT? While firewalls started life simply protecting networks from outside hacks and attacks, the role of the firewall has greatly evolved to take
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationSimplify Technology Deployments
Cisco Security Enterprise License Agreement: Simplify Technology Deployments The need for Pervasive Security Coverage Security measures can t be limited to certain areas of your business. Mobility has
More informationProteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro
Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro 2 Customer Challenges 3 Most Attacks Include Phishing Emails 5 Advanced Malware Difficult to
More informationCisco Advanced Malware Protec3on
Cisco Advanced Malware Protec3on Malware is an ever- growing problem The Reality: Organiza3ons Are Under AAack 95% of large companies targeted by malicious traffic 100% of organiza3ons interacted with
More informationCisco AMP Solution. Rene Straube CSE, Cisco Germany January 2017
Cisco AMP Solution Rene Straube CSE, Cisco Germany January 2017 The AMP Everywhere Architecture AMP Protection Across the Extended Network for an Integrated Threat Defense AMP Threat Intelligence Cloud
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview Organizations today are under the constant threat of cyber attack, and security breaches happen every day. Cisco Advanced Malware
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationFirewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků
Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků Jiří Tesař, CSE Security, jitesar@cisco.com CCIE #14558, SFCE #124266 Mapping Technologies to the
More informationSeceon s Open Threat Management software
Seceon s Open Threat Management software Seceon s Open Threat Management software (OTM), is a cyber-security advanced threat management platform that visualizes, detects, and eliminates threats in real
More informationCisco Security Enterprise License Agreement
Cisco Security Enterprise License Agreement Deploy Software and Technology more easily The Cisco Security Enterprise Licensing Agreement (ELA) gives you a simpler way to manage your licenses. And it saves
More informationUn SOC avanzato per una efficace risposta al cybercrime
Un SOC avanzato per una efficace risposta al cybercrime Identificazione e conferma di un incidente @RSAEMEA #RSAEMEASummit @masiste75 Mauro Costantini - Presales Consultant Agenda A look into the threat
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationMODERN DESKTOP SECURITY
MODERN DESKTOP SECURITY I M GOING TO BE HONEST. WE RE IN THE FIGHT OF OUR DIGITAL LIVES, AND WE ARE NOT WINNING! M I C H A E L M C C A U L, C H A I R M A N, U S H O M E L A N D S E C U R I T Y C O M M
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationEU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux
EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider
More informationCisco Ransomware Defense The Ransomware Threat Is Real
Cisco Ransomware Defense The Ransomware Threat Is Real Seguridad Integrada Abril 2018 Ransomware B Malicious Software Encrypts Critical Data Demands Payment Permanent Data Loss Business Impacts Ramifications
More informationProtection - Before, During And After Attack
Advanced Malware Protection for FirePOWER TM BENEFITS Continuous detection of malware - immediately and retrospectively Inline detection of sophisticated malware that evades traditional network protections
More informationSelftestengine q
Selftestengine 700-281 49q Number: 700-281 Passing Score: 800 Time Limit: 120 min File Version: 18.5 http://www.gratisexam.com/ 700-281 Web Security for Field Engineers Still Valid in Egypt, Passed today
More informationSymantec Protection Suite Add-On for Hosted Security
Symantec Protection Suite Add-On for Hosted Email Security Overview Malware and spam pose enormous risk to the health and viability of IT networks. Cyber criminal attacks are focused on stealing money
More informationIntelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,
More informationSandBlast Agent FAQ Check Point Software Technologies Ltd. All rights reserved P. 1. [Internal Use] for Check Point employees
SandBlast Agent FAQ What is Check Point SandBlast Agent? Check Point SandBlast Agent defends endpoints and web browsers with a complete set of realtime advanced browser and endpoint protection technologies,
More informationSecurity Hands-On Lab
Email Security Hands-On Lab Ehsan A. Moghaddam Consulting Systems Engineer Nicole Wajer Consulting Systems Engineer LTRSEC-2009 Ehsan & Nicole Ehsan Moghaddam Consulting Systems Engineer @MoghaddamE EMEAR
More informationSecuring Your Business Against the Diversifying Targeted Attacks Leonard Sim
Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim Manager, Client & Partner Services, Asia 1 Agenda 2010 Threats Targeted Attacks Defense Against Targeted Attacks Questions 2
More informationADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY
ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY OUTLINE Advanced Threat Landscape (genv) Why is endpoint protection essential? Types of attacks and how to prevent them
More informationA MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE
SESSION ID: SPO2-W12 A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE Frank Bunton VP, CISO MedImpact Healthcare Systems, Security @frankbunton Larry Biggs Security Engineer III - Threat
More informationThreat Centric Network Security
BRKSEC-2056 Threat Centric Network Security Ted Bedwell, Principal Engineer Network Threat Defence Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationThe Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy
The Next Generation Security Platform Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy The Next Generation Enterprise Security Platform Core Value Proposition An Enterprise Security
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationVendor: Cisco. Exam Code: Exam Name: Implementing Cisco Threat Control Solutions. Version: Demo
Vendor: Cisco Exam Code: 300-207 Exam Name: Implementing Cisco Threat Control Solutions Version: Demo DEMO QUESTION 1 When learning accept mode is set to auto, and the action is set to rotate, when is
More informationCisco ASA Next-Generation Firewall Services
Q&A Cisco ASA Next-Generation Firewall Services Q. What are Cisco ASA Next-Generation Firewall Services? A. Cisco ASA Next-Generation Firewall Services are a modular security service that extends the Cisco
More informationMcAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks
McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks Key Advantages Stay ahead of zero-day threats, ransomware, and greyware with machine learning and dynamic
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More information2018 Edition. Security and Compliance for Office 365
2018 Edition Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world,
More informationCisco AnyConnect Secure Mobility & VDI Demo Guide
Cisco AnyConnect Secure Mobility & VDI Demo Guide (partner version) Overview... 2 Value Proposition... 2 Deployment Scenario... 3 Role Play Demo Script... 5 Demo Equipment Bill of Material... 9 Demo Documentation
More informationAvanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.
Avanan for G Suite Technical Overview Contents Intro 1 How Avanan Works 2 Email Security for Gmail 3 Data Security for Google Drive 4 Policy Automation 5 Workflows and Notifications 6 Authentication 7
More information2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1
2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco AnyConnect as a Service György Ács Regional Security Consultant Mobile User Challenges Mobile and Security Services Web Security
More informationNetwork Visibility and Advanced Malware Protection. James Weathersby, Director Technical Marketing Gyorgy Acs, Consulting Security Engineer
Network Visibility and Advanced Malware Protection James Weathersby, Director Technical Marketing Gyorgy Acs, Consulting Security Engineer Security Challenges Changing Business Models Dynamic Threat Landscape
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More informationAdvanced Malware Protection: A Buyer s Guide
Advanced Malware Protection: A Buyer s Guide What You Will Learn This document will identify the essential capabilities you need in an advanced malware protection solution, the key questions you should
More informationATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK
PARTNER BRIEF ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK INTRODUCTION Attivo Networks has partnered with Cisco Systems to provide advanced real-time inside-the-network
More informationBehavioral Analytics A Closer Look
SESSION ID: GPS2-F03 Behavioral Analytics A Closer Look Mike Huckaby VP, Global Systems Engineering RSA The world is full of obvious things which nobody by any chance ever observes. Sherlock Holmes 2 Patterns
More informationThreat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)
Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN) JP Vasseur, PhD - Cisco Fellow jpv@cisco.com Maik G. Seewald, CISSP Sr. Technical Lead maseewal@cisco.com June 2016 Cyber
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationTotal Threat Protection. Whitepaper
Total Threat Protection Whitepaper Organizations Are Caught Between a Growing Threat Landscape and Resource Limitations Today s organizations continue to struggle with providing adequate protection in
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More informationSecurity and Compliance for Office 365
Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world, you may be
More informationImplementing Cisco Edge Network Security Solutions ( )
Implementing Cisco Edge Network Security Solutions (300-206) Exam Description: The Implementing Cisco Edge Network Security (SENSS) (300-206) exam tests the knowledge of a network security engineer to
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationCisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018
Cisco Advanced Malware Protection for Endpoints Donald J Case, Inc. Saturday, May 19, 2018 Every single attack that an organization experiences is either on an endpoint or it s headed there Malware is
More informationFully Integrated, Threat-Focused Next-Generation Firewall
Cisco Firepower NGFW Fully Integrated, Threat-Focused Next-Generation Firewall Fuat KILIÇ, fkilic@cisco.com, +905339284608 Security Consulting Systems Engineer, CCIE #21150 September 2016 Get ahead of
More informationTrend Micro and IBM Security QRadar SIEM
Trend Micro and IBM Security QRadar SIEM Ellen Knickle, PM QRadar Integrations Robert Tavares, VP IBM Strategic Partnership February 19, 2014 1 Agenda 1. Nature of the IBM Relationship with Trend Micro
More informationExam : Title : Security Solutions for Systems Engineers. Version : Demo
Exam : 642-566 Title : Security Solutions for Systems Engineers Version : Demo 1. Which one of the following elements is essential to perform events analysis and correlation? A. implementation of a centralized
More informationProduct Guide. McAfee Web Gateway Cloud Service
Product Guide McAfee Web Gateway Cloud Service COPYRIGHT Copyright 2017 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee epo, McAfee
More informationJuniper Sky Advanced Threat Prevention
Juniper Sky Advanced Threat Prevention Product Overview Juniper Sky Advanced Threat Prevention is a cloud-based service that provides complete advanced malware protection. Integrated with SRX Series Services
More informationProduct Guide. McAfee Web Gateway Cloud Service
Product Guide McAfee Web Gateway Cloud Service COPYRIGHT Copyright 2017 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee epo, McAfee
More informationJUNIPER SKY ADVANCED THREAT PREVENTION
Data Sheet JUNIPER SKY ADVANCED THREAT PREVENTION Product Overview Juniper Sky Advanced Threat Prevention is a cloud-based service that provides complete advanced malware protection. Integrated with SRX
More informationFile Policies and AMP for Firepower
The following topics provide an overview of file control, file policies, file rules, AMP cloud connections, and dynamic analysis connections. About, page 1 File Control and Cisco AMP Basics, page 2 File
More informationCisco ASA with FirePOWER Services
Cisco ASA with FirePOWER Services TDM Thomas Jankowsky Consulting Systems Engineer May 2015 Introduction Industry s First Threat-Focused Next-Generation Firewall (NGFW) Proven Cisco ASA firewalling Industry-leading
More informationOPSWAT Metadefender. Superior Malware Threat Prevention and Analysis
OPSWAT Metadefender Superior Malware Threat Prevention and Analysis Agenda What is Metadefender How Metadefender Protects Metadefender Core Features Metadefender Product Family What s New in Metadefender
More informationAn Investment Checklist
Next-Generation Addressing Advanced Firewalls: Web Threats Next-Generation Firewalls: What You Will Learn When you buy a next-generation firewall (NGFW), you want to determine whether the solution can
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More information