Spectre, Meltdown, and the Impact of Security Vulnerabilities on your IT Environment. Orin Jeff Melnick
|
|
- Lynn Malone
- 5 years ago
- Views:
Transcription
1 Spectre, Meltdown, and the Impact of Security Vulnerabilities on your IT Environment Orin Jeff Melnick
2 In this session Vulnerability types Spectre Meltdown Spectre Vs Meltdown Impact on IT Operations
3 Types of vulnerabilities Application vulnerabilities Application can be exploited Fixed by vendor update OS vulnerabilities OS & applications can be exploited Fixed by vendor update Hardware vulnerabilities May require OS fix May require firmware update to hardware May be unfixable
4 Spectre: What is it? Given the name because The root cause is speculative execution Isn t easy to fix Will haunt the industry for some time
5 Spectre: What is it? Class of vulnerabilities that impacts Intel, AMD, ARMbased and IBM processors CVE (Bounds check bypass, Spectre V1) CVE (Branch target injection, Spectre V2) Spectre NG CVE (Rogue system register read) CVE (Speculative store bypass) CVE (Lazy FP state restore)
6 Spectre: How it works Vulnerabilities are based on exploiting side effects of speculative execution Common method of hiding memory latency to speed up execution in modern processors Related to branch prediction, a special case of speculative execution
7 Spectre: How it works Tricks an application into accessing arbitrary locations in the program s memory space Allows attacker to read content of accessed memory and perhaps access sensitive data Does not rely on a specific feature of a specific processor s memory management and protection system
8 Spectre Exploits Just-In-Time engines used for JavaScript can be vulnerable Allows a website to read data stored in the browser s memory for another website, or the contents of the browser memory Remotely exploitable through unpatched browsers Local malicious code can also exploit Spectre vulnerabilities
9 Meltdown: What is it? CVE Rogue Data Cache Load Hardware vulnerability impacting Intel x86, IBM POWER processors and some (not all) ARM processors Does not impact AMD processors Allows rogue process to read all memory regardless of whether process is authorized to do so
10 Meltdown: How it works Exploits race condition in modern CPUs that occurs between memory access and privilege checking during processing of instructions Allows process to bypass privilege checks that isolate data belonging to the OS or other processes running on the host
11 Meltdown: How it works Unauthorized process can read data from any address mapped to the current process s memory space Most OS map RAM, kernel processes and other running processes to the address space of every process Means that memory from almost everywhere can be read by a rogue process exploiting meltdown
12 Spectre Vs Meltdown Attackers can use Spectre to manipulate processes into revealing data Attackers can use Meltdown to read privileged memory which the process itself may not normally be able to access
13 Impact on IT Ops: Mitigation No single patch for Spectre, it is a class of attack Mitigations for Spectre and Meltdown have performance impacts Spectre: 2-14% Meltdown: 5-30%
14 Impact on IT Ops: Spectre Mitigation Windows Recompile with new compiler, harden browser to prevent JavaScript exploit New CPU instructions that remove branch speculation assigned through firmware update , , CPU firmware update Latest versions of browsers are hardened Chrome, Edge, Firefox
15 Impact on IT Ops: Meltdown Mitigation Mitigate by isolating kernel and user mode page tables Requires update to OS kernel code Patches on Windows OS incompatible with 3 rd party AV software that uses unsupported kernel calls OS won t update unless 3 rd party AV sets special registry key indicating that update will not break system Does not require CPU firmware update
16 Spectre & Meltdown: The Future CPUs being redesigned so that these exploits are mitigated Speculation that these CPUs will not perform as well as vulnerable CPUs because of the mitigations Existing systems and hardware vulnerable unless patched
17 Netwrix Auditor A visibility platform for user behavior analysis and risk mitigation that enables control over changes, configurations, and access in hybrid IT environments. It provides security intelligence to identify security holes, detect anomalies in user behavior and investigate threat patterns in time to prevent real damage.
18 Netwrix solutions Data Access Governance Privileged User Activity Tracking Alerts on Suspicious Activity Using Behavior Anomaly Discovery User Activity Video Recording Restore of Deleted Active Directory Objects
19 Product Demonstration
20 Thank You for Attending Brought to you by Sponsor Logo
Meltdown and Spectre - understanding and mitigating the threats (Part Deux)
Meltdown and Spectre - understanding and mitigating the threats (Part Deux) Gratuitous vulnerability logos Jake Williams @MalwareJake SANS / Rendition Infosec sans.org / rsec.us @SANSInstitute / @RenditionSec
More informationSpectre and Meltdown. Clifford Wolf q/talk
Spectre and Meltdown Clifford Wolf q/talk 2018-01-30 Spectre and Meltdown Spectre (CVE-2017-5753 and CVE-2017-5715) Is an architectural security bug that effects most modern processors with speculative
More informationMeltdown and Spectre - understanding and mitigating the threats
Meltdown and Spectre - understanding and mitigating the threats Gratuitous vulnerability logos Jake Williams @MalwareJake SANS / Rendition Infosec sans.org / rsec.us @RenditionSec The sky isn t falling!
More informationSide Channel Analysis Security issue ANALYST CONSULTATION JANUARY
Side Channel Analysis Security issue ANALYST CONSULTATION JANUARY 3 2018 briefing Objectives Provide information on a new class of security issue & mitigation Provide context on how this issue has brought
More informationSecurity Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors
SECURITY ADVISORY Processor based Speculative Execution Vulnerabilities AKA Spectre and Meltdown Version 1.6 Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors
More informationMeltdown and Spectre Mitigation. By Sathish Damodaran
Meltdown and Spectre Mitigation By Sathish Damodaran Introduction Meltdown allows attackers to read arbitrary physical memory (including kernel memory) for an unprivileged user process. Meltdown uses out
More informationSecurity Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors
SECURITY ADVISORY Processor based Speculative Execution Vulnerabilities AKA Spectre and Meltdown Version 1.4 Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors
More informationMeltdown, Spectre, and Security Boundaries in LEON/GRLIB. Technical note Doc. No GRLIB-TN-0014 Issue 1.1
Template: GQMS-TPLT-1-1-0 Meltdown, Spectre, and Security Boundaries in LEON/GRLIB Technical note 2018-03-15 Doc. No Issue 1.1 Date: 2018-03-15 Page: 2 of 8 CHANGE RECORD Issue Date Section / Page Description
More informationTo accelerate our learnings, we brought in an expert in CPU side channel attacks. Anders Fogh
To accelerate our learnings, we brought in an expert in CPU side channel attacks Anders Fogh Virtualization-based isolation Microsoft Azure, Hyper-V Affected Kernel-user separation Windows Affected Process-based
More informationThe 3 Pillars of SharePoint Security
The 3 Pillars of SharePoint Security Liam Cleary CEO/Owner SharePlicity Jeff Melnick Systems Engineer Netwrix Corporation AGENDA The Problem Attack Vectors Intranet, Extranet and Public Facing Proactive
More informationDisclaimer. This talk vastly over-simplifies things. See notes for full details and resources.
Greg Kroah-Hartman Disclaimer This talk vastly over-simplifies things. See notes for full details and resources. https://github.com/gregkh/presentation-spectre Spectre Hardware bugs Valid code can be tricked
More informationDisclaimer. This talk vastly over-simplifies things. See notes for full details and resources.
Greg Kroah-Hartman Disclaimer This talk vastly over-simplifies things. See notes for full details and resources. https://github.com/gregkh/presentation-spectre Spectre Hardware bugs Valid code can be tricked
More informationIntel Analysis of Speculative Execution Side Channels
Intel Analysis of Speculative Execution Side Channels White Paper Revision 1.0 January 2018 Document Number: 336983-001 Intel technologies features and benefits depend on system configuration and may require
More informationWhat s New in Netwrix Auditor 9.5
What s New in Netwrix Auditor 9.5 Presenter: Jeff Melnick Systems Engineer Jeff.Melnick@netwrix.com Housekeeping All attendees are on mute Ask your questions! Questions will be answered during the session
More informationMeltdown and Spectre: Complexity and the death of security
Meltdown and Spectre: Complexity and the death of security May 8, 2018 Meltdown and Spectre: Wait, my computer does what? January 24, 2018 Meltdown and Spectre: Whoever thought that was a good idea? January
More informationWhat s New in Netwrix Auditor 9.7
What s New in Netwrix Auditor 9.7 Jeff Melnick Manager, Pre-Sales Engineering Jeff.Melnick@netwrix.com Agenda What s New in Netwrix Auditor 9.7 Briefly About Netwrix Auditor Q&A Prize Drawing INTRODUCING
More informationSpectre and Meltdown: Data leaks during speculative execution
Spectre and Meltdown: Data leaks during speculative execution Speaker: Jann Horn (Google Project Zero) Paul Kocher (independent) Daniel Genkin (University of Pennsylvania and University of Maryland) Yuval
More information4 Ways Your Organization Can Be Hacked
Behind the Scenes 4 Ways Your Organization Can Be Hacked Brian Johnson President, 7 Minute Security Jeff Melnick Netwrix, Systems Engineer Agenda Quick introductions The ways your organization can be hacked
More informationHacker Explains Privilege Escalation: How Hackers Get Elevated Permissions
Hacker Explains Privilege Escalation: How Hackers Get Elevated Permissions Liam Cleary Solution Architect Protiviti Jeff Melnick Systems Engineer Netwrix Corporation Agenda Elevation Escalation Prevention
More informationTech Announcement 2018_1
Tech Announcement 2018_1 Windows updates cause data communication problems with zenon www.copadata.com pm@copadata.com History Date Comment 09.01.2018 Document Version 1 16.01.2018 Document Version 2 19.02.2018
More informationSecurity-Aware Processor Architecture Design. CS 6501 Fall 2018 Ashish Venkat
Security-Aware Processor Architecture Design CS 6501 Fall 2018 Ashish Venkat Agenda Theme Selection (due today at 11:59:59pm) Readings and Presentation Logistics Quick Processor Architecture Review (continued
More informationWhite Paper SOFTWARE TECHNIQUES FOR MANAGING SPECULATION ON AMD PROCESSORS
White Paper SOFTWARE TECHNIQUES FOR MANAGING SPECULATION ON AMD PROCESSORS INTRODUCTION Speculative execution is a basic principle of all modern processor designs and is critical to support high performance
More informationNetwrix Virtual. Customer Summit 2016
Netwrix Virtual Customer Summit 2016 Welcome Michael Fimin Chief Executive Officer Phone: 1.949.407.5125 x1057 Email: Michael.Fimin@netwrix.com linkedin.com/in/michaelfimin Agenda Michael Fimin Chief Executive
More informationSymantec Endpoint Protection Family Feature Comparison
Symantec Endpoint Protection Family Feature Comparison SEP SBE SEP Cloud SEP Cloud SEP 14.2 Device Protection Laptop, Laptop Laptop, Tablet Laptop Tablet & & Smartphone Smartphone Meter Per Device Per
More information01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED
01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments
More informationMCAFEE FOUNDSTONE FSL UPDATE
2018-JAN-15 FSL version 7.5.994 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary
More informationWhite Paper. How the Meltdown and Spectre bugs work and what you can do to prevent a performance plummet. Contents
White Paper How the Meltdown and Spectre bugs work and what you can do to prevent a performance plummet Programs that do a lot of I/O are likely to be the worst hit by the patches designed to fix the Meltdown
More informationProviding a Rapid Response to Meltdown and Spectre for Hybrid IT. Industry: Computer Security and Operations Date: February 2018
Market Guide Providing a Rapid Response to Meltdown and Spectre for Hybrid IT Industry: Computer Security and Operations Date: February 2018 Meltdown and Spectre Exploits Vulnerabilities in Common Processors
More informationSpectre Returns! Speculation Attacks Using Return Stack Buffer
Spectre Returns! Speculation Attacks Using Return Stack Buffer Esmaeil Mohammadian, Khaled N. Khasawneh, Chengyue Song and Nael Abu-Ghazaleh University of California, Riverside WOOT 2018 BALTIMORE, USA
More informationCounterACT Security Policy Templates
n Guide Version 18.0.1 Table of Contents About Security Policy Templates... 3 Tracking Vulnerable and Infected Endpoints... 3 Supported CounterACT Versions... 3 Requirements... 3 Installation... 4 n...
More informationTop 5 NetApp Filer Incidents You Need Visibility Into
Top 5 NetApp Filer Incidents You Need Visibility Into www.netwrix.com Toll-free: 888-638-9749 Table of Contents #1: Failed NetApp Filer Activity #2: Activity Involving Potentially Harmful Files #3: Anomalous
More informationPrivileged Account Security: A Balanced Approach to Securing Unix Environments
Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged
More informationCSE 127 Computer Security
CSE 127 Computer Security Stefan Savage, Spring 2018, Lecture 19 Hardware Security: Meltdown, Spectre, Rowhammer Vulnerabilities and Abstractions Abstraction Reality Vulnerability Review: ISA and µarchitecture
More informationMeltdown for Dummies. The road to hell is full of good intentions
Meltdown for Dummies The road to hell is full of good intentions Reusing this material This work is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International License. http://creativecommons.org/licenses/by-nc-sa/4.0/deed.en_us
More informationIntel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE ) Side Channel Exploits.
Intel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE-2017-5753) Side Channel Exploits White Paper Revision 1.0 February 2018 Intel technologies features
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 13: Operating System Security Department of Computer Science and Engineering University at Buffalo 1 Review Previous topics access control authentication session
More informationPatching and Updating your VM SUSE Manager. Donald Vosburg, Sales Engineer, SUSE
Patching and Updating your VM SUSE Manager Donald Vosburg, Sales Engineer, SUSE dvosburg@suse.com Why should I care? I just clone my base VM image, and after that it is not my problem... Understand the
More informationHardened Security in the Cloud Bob Doud, Sr. Director Marketing March, 2018
Hardened Security in the Cloud Bob Doud, Sr. Director Marketing March, 2018 1 Cloud Computing is Growing at an Astounding Rate Many compelling reasons for business to move to the cloud Cost, uptime, easy-expansion,
More informationSPECTRES, VIRTUAL GHOSTS, AND HARDWARE SUPPORT
SPECTRES, VIRTUAL GHOSTS, AND HARDWARE SUPPORT Xiaowan Dong Zhuojia Shen John Criswell Alan Cox Sandhya Dwarkadas University of Rochester University of Rochester University of Rochester Rice University
More informationWhat s New in Netwrix Auditor 8.0. PRESENTER: Jeff Melnick Manager of Sales Engineering x 971
What s New in Netwrix Auditor 8.0 PRESENTER: Jeff Melnick Manager of Sales Engineering Jeff.Melnick@netwrix.com 888-638-9749 x 971 How to Ask Questions 1. Type your question here 2. Click Send Agenda What
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationForeScout CounterACT. Security Policy Templates. Configuration Guide. Version
ForeScout CounterACT Security Policy Templates Version 18.0.1 Table of Contents About Security Policy Templates... 3 Tracking Vulnerable and Infected Endpoints... 3 Requirements... 3 Installation... 4
More informationMeltdown and Spectre: Complexity and the death of security
Meltdown and Spectre: Complexity and the death of security May 8, 2018 Meltdown and Spectre: Wait, my computer does what? May 8, 2018 Meltdown and Spectre: Whoever thought that was a good idea? May 8,
More informationCybersecurity in Government
Cybersecurity in Government Executive Development Course: Digital Government Ng Lup Houh, Principal Cybersecurity Specialist Cybersecurity Group 03 April 2018 Agenda Cyber Threats & Vulnerabilities Cyber
More informationMcAfee Exploit Prevention Content Release Notes New Windows Signatures
McAfee Exploit Prevention Content 8966 Release Notes 2019-02-12 Content package version for - McAfee Host Intrusion Prevention: 8.0.0.8966 McAfee Endpoint Security Exploit Prevention: 10.6.0.8966 Below
More informationTop 5 Oracle Database Incidents You Need Visibility Into
Top 5 Oracle Database Incidents You Need Visibility Into www.netwrix.com Toll-free: 888-638-9749 Table of Contents #1: Table and Record Deletions #2: Role and Privilege Escalation #3: Failed Activity by
More informationEffective Virtual CPU Configuration in Nova
Effective Virtual CPU Configuration in Nova Kashyap Chamarthy OpenStack Summit Berlin, 2018 1 / 39 Timeline of recent CPU flaws, 2018 (a) Jan 03 Spectre v1: Bounds Check Bypass Jan
More informationIoT Vulnerabilities. By Troy Mattessich, Raymond Fradella, and Arsh Tavi. Contribution Distribution
Security Penetration Through IoT Vulnerabilities By Troy Mattessich, Raymond Fradella, and Arsh Tavi Contribution Distribution Arsh Tavi Troy Mattessich Raymond Fradella Conducted research and compiled
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationNetwrix Auditor. Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer
Netwrix Auditor Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer Agenda Company overview Briefly about Netwrix Auditor Netwrix Auditor Data Discovery and Classification Edition Product
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationMonitoring Active Directory: Both Azure AD and On-Premise AD and How Synchronization and Federation Play In
Monitoring Active Directory: Both Azure AD and On-Premise AD and How Synchronization and Federation Play In Sponsored by 2016 Monterey Technology Group Inc. Thanks to Made possible by Preview of key points
More informationTOP 10 Vulnerability Trends for By Nevis Labs
TOP Vulnerability Trends for 28 By Nevis Labs Date: December 11, 27 Page 1 It s the last month of 27 and the time is right to look back at the year and predict the vulnerability trends for 28. A quick
More informationArsenal. Shadow-Box: Lightweight Hypervisor-Based Kernel Protector. Seunghun Han, Jungwhan Kang (hanseunghun
Arsenal Shadow-Box: Lightweight Hypervisor-Based Kernel Protector Seunghun Han, Jungwhan Kang (hanseunghun ultract)@nsr.re.kr Who are we? - Senior security researcher at NSR (National Security Research
More informationHow to build a multi-layer Security Architecture to detect and remediate threats in real time
How to build a multi-layer Security Architecture to detect and remediate threats in real time Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist March 2018 Agenda Cisco Strategy Umbrella
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationProduct Overview. Netwrix Auditor. Presenter: Jeff Melnick Manager of Sales Engineering x 971
Product Overview Netwrix Auditor Presenter: Jeff Melnick Manager of Sales Engineering Jeff.Melnick@netwrix.com 888-638-9749 x 971 About Netwrix Corporation Year of foundation: 2006 Headquarters location:
More informationIT Security Horrors That Keep You Up at Night
IT Security Horrors That Keep You Up at Night and How to Stop Them! Brian Johnson 7 Minute Security Jeff Melnick Systems Engineer Agenda Introductions My epic breach response fail (a tale of tears and
More informationCisco Advanced Malware Protection (AMP) for Endpoints
Cisco Advanced Malware Protection (AMP) for Endpoints Endpoints continue to be the primary point of entry for attacks! 70% of breaches start on endpoint devices WHY? Gaps in protection Gaps in visibility
More informationMeltdown or "Holy Crap: How did we do this to ourselves" Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory
Meltdown or "Holy Crap: How did we do this to ourselves" Abstract Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory locations Breaks all security assumptions given
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationIBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
More information#RSAC #RSAC Thing Thing Thing Thing Thing Thing Edge Edge Gateway Gateway Cut costs Create value Find information in data then act Maintain Things Enrol Authorized Users & Things Authentication
More informationCybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY
Cybersecurity THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY Gary Meshell World Wide Leader Financial Services Industry IBM Security March 21 2019 You have been breached; What Happens Next 2 IBM Security
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationCyber Hygiene: Uncool but necessary. Automate Endpoint Patching to Mitigate Security Risks
Cyber Hygiene: Uncool but necessary Automate Endpoint Patching to Mitigate Security Risks 1 Overview If you analyze any of the recent published attacks, two patterns emerge, 1. 80-90% of the attacks exploit
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationA Data Driven Approach to Designing Adaptive Trustworthy Systems
A Data Driven Approach to Designing Adaptive Trustworthy Systems Ravishankar K. Iyer (with A. Sharma, K. Pattabiraman, Z. Kalbarczyk, Center for Reliable and High-Performance Computing Department of Electrical
More informationECE 471 Embedded Systems Lecture 22
ECE 471 Embedded Systems Lecture 22 Vince Weaver http://www.eece.maine.edu/~vweaver vincent.weaver@maine.edu 31 October 2018 Don t forget HW#7 Announcements 1 Computer Security and why it matters for embedded
More informationQualys Indication of Compromise
18 QUALYS SECURITY CONFERENCE 2018 Qualys Indication of Compromise Bringing IOC to the Next Level Chris Carlson VP, Product Management, Qualys, Inc. Adversary TTPs are Changing Early 2010s Zero-day Vulnerabilities
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationSecuring Your Cloud Introduction Presentation
Securing Your Cloud Introduction Presentation Slides originally created by IBM Partial deck derived by Continental Resources, Inc. (ConRes) Security Division Revision March 17, 2017 1 IBM Security Today
More informationMeltdown and Spectre Interconnect Performance Evaluation Jan Mellanox Technologies
Meltdown and Spectre Interconnect Evaluation Jan 2018 1 Meltdown and Spectre - Background Most modern processors perform speculative execution This speculation can be measured, disclosing information about
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 3.1: OS Security Basics of secure design Endadul Hoque Slide Acknowledgment Contents are based on slides from Ninghui Li (Purdue), John Mitchell (Stanford), Dan Boneh (Stanford)
More informationVersion:2.1. Overview of speculation-based cache timing side-channels
Date: May 2018 Version 2.1 Introduction This whitepaper looks at the susceptibility of Arm implementations following recent research findings from security researchers at Google on new potential cache
More informationHardware Enclave Attacks CS261
Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Service (IAS) Process Enclave Untrusted Trusted Enclave Code Enclave Data Process Process Other Enclave OS and/or Hypervisor
More informationCyberArk Privileged Threat Analytics
CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical
More informationWeb Application Firewall Subscription on Cyberoam UTM appliances
On-Appliance Reporting Web Application Firewall Subscription on Cyberoam UTM appliances Protecting Web Applications from hackers Application Visibility and Control Bandwidth Management Firewall Web Application
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationMWR InfoSecurity Advisory. 26 th April Elastic Path Administrative. Quit. Session Hijacking through Embedded XSS
Quit MWR InfoSecurity Advisory Elastic Path Administrative Session Hijacking through Embedded XSS 26 th April 2007 2007-04-26 1 of 7 INDEX 1 Detailed Vulnerability description...4 1.1 Introduction...4
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationChrome Extension Security Architecture
Chrome Extension Security Architecture Presenter: Jienan Liu Network, Intelligence & security Lab outline Chrome extension introduction Threats towards extension Chrome extension s security architecture
More informationSoftware-based Microarchitectural Attacks
Software-based Microarchitectural Attacks Daniel Gruss January 23, 2019 Graz University of Technology Frame Rate of Slide Deck: 11 fps 1 Daniel Gruss Graz University of Technology 1337 4242 Revolutionary
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationRanking Vulnerability for Web Application based on Severity Ratings Analysis
Ranking Vulnerability for Web Application based on Severity Ratings Analysis Nitish Kumar #1, Kumar Rajnish #2 Anil Kumar #3 1,2,3 Department of Computer Science & Engineering, Birla Institute of Technology,
More informationComprehensive Database Security
Comprehensive Database Security Safeguard against internal and external threats In today s enterprises, databases house some of the most highly sensitive, tightly regulated data the very data that is sought
More informationWEB BROWSER SANDBOXING: SECURITY AGAINST WEB ATTACKS
WEB BROWSER SANDBOXING: SECURITY AGAINST WEB ATTACKS AVAR 2011 by Rajesh Nikam Security Simplified CONTENTS Rise of Web Attacks Application Vulnerabilities Existing Protection Mechanisms Need for Effective
More informationTrend Micro. Apex One as a Service / Apex One. Best Practice Guide for Malware Protection. 1 Best Practice Guide Apex One as a Service / Apex Central
Trend Micro Apex One as a Service / Apex One Best Practice Guide for Malware Protection 1 Best Practice Guide Apex One as a Service / Apex Central Information in this document is subject to change without
More informationVersion:1.1. Overview of speculation-based cache timing side-channels
Author: Richard Grisenthwaite Date: January 2018 Version 1.1 Introduction This whitepaper looks at the susceptibility of Arm implementations following recent research findings from security researchers
More informationDefend Against the Unknown
Defend Against the Unknown Stay ahead of new threats with McAfee Endpoint Threat Defense solutions Targeted exploits. Ransomware. Explosive growth in zero-day malware. Organizations are locked in an ongoing
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationMobile Security Fall 2013
Mobile Security 14-829 Fall 2013 Patrick Tague Class #6 More WiFi Security & Privacy Issues WiFi Security Issues A Scenario Internet Open AP SSID Network X Open OpenAP AP SSID Attacker Network X LaptopLaptop
More informationCeedo Client Family Products Security
ABOUT THIS DOCUMENT Ceedo Client Family Products Security NOTE: This document DOES NOT apply to Ceedo Desktop family of products. ABOUT THIS DOCUMENT The purpose of this document is to define how a company
More informationPortnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview
Portnox CORE On-Premise Technology Introduction Portnox CORE provides a complete solution for Network Access Control (NAC) across wired, wireless, and virtual networks for enterprise managed, mobile and
More informationWHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX
WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX 1 INTRODUCTION The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK ) Matrix provides a model
More informationSecuring Devices in the Internet of Things
AN INTEL COMPANY Securing Devices in the Internet of Things WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe
More informationRBS NetGain Enterprise Manager Multiple Vulnerabilities of 11
RBS-2018-004 NetGain Enterprise Manager Multiple Vulnerabilities 2018-03-22 1 of 11 Table of Contents Vendor / Product Information 3 Vulnerable Program Details 3 Credits 3 Impact 3 Vulnerability Details
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationCopyright
1 Security Test EXTRA Workshop : ANSWER THESE QUESTIONS 1. What do you consider to be the biggest security issues with mobile phones? 2. How seriously are consumers and companies taking these threats?
More information