F5 Warsaw SOC Kamil Woniak Security Operations Manager, F5 Networks k.wozniak@f5.com
Agenda The Story of the SOC Threat intelligence & Research F5 Anti-Fraud, DDOS and WAF protection services Highlights and Lowlights Reporting on Customer Growth and Customer expirience Customer Feedback SOC and F5 Networks priorities and focus points Publications
OUR Map
2013 Versafe acquisition AGENDA DRAFT 2014 F5 WebSafe release Seattle SOC launch Defense.net acquisition F5 Silverline Volumetric DDoS release 2015 Poland SOC Launch F5 Silverline Web Application Firewall release 2016 Delivering 3 SOC services 24x7x365 Silverline DDoS mitigation, Silverline WAFaaS, Anti Fraud services
Story of the SOC Warsaw Focus 1 2 3 4 5 6 7 8 9 10 Around two + years ago a decision has been made to create the a SOC outside of Seattle Extensive research started decision to choose Poland has been made In August 2015 we ve got our first 2 Analysts starting in F5 (AF roles) September 2015- official ribbon cutting event Aggressive hiring for all 3 groups Regular travels of the new hires to Seattle for weeks long boot camps Great results of the newly established teams after few months of being operational Great talent presenting the Warsaw office Employees and values GTM Japan
F5 Threat Monitor
Threat Intelligence Statistics
Threat Intelligence Statistics World wide web-injects map
F5 Anti-Fraud, DDOS and WAF protection services
Anti-Fraud & DDOS Specialized researchers and analyst at your service Unlimited Expert Malware Analysis Assess damage, understand attackers and resolve vulnerabilities understand attackers and mitigate to keep your business safe Analyzes any malware submitted including that detected by F5 Web Fraud Protection solutions Investigates and reports on malware including components, attributes, target, controls, purpose, etc.. Discovers indicators of compromise Identifies source and level of sophistication Helps prevent future malware attacks and eliminate risks associated with analyzing malware Constant traffic monitoring Mitigations applied within seconds Protection and analysis of different attack vectors Identifies source and level of sophistication Keep your business online during a DDoS attack Defends against the largest volumetric attacks Always available 24x7 Malware Analysis Team and Security Experts Includes C&C shutdown services, and WebSafe C&C drop zone investigation Protecting against all DDoS attack vectors
448 Gbps UDP/ICMP fragmentation
DDoS Attack Types 8% 11% Q1 FY17 15% 13% 15% UDP Fragment, 23% 15% UDP Fragment DNS Reflection UDP Flood ICMP SYN Flood NTP Reflection Other 9% 13% Q4 FY16 17% 18% [CATEGOR Y NAME], [PERCENT AGE] 21% DNS Reflection UDP Flood UDP Fragment SYN Flood NTP Reflection Other 15% Q3 FY16 9% 8% 21% 21% [CATEGOR Y NAME], [PERCENT AGE] UDP Fragment DNS Reflection UDP Flood SYN Flood NTP Reflection Other
WAF as a Service F5 security experts proactively monitor, and fine-tune policies to protect web applications and data from new and emerging threats. F5 Security Operations Center Expert policy setup Policy fine-tuning Proactive alert monitoring False positives tuning Detection tuning Whitelist / Blacklist Set up and monitoring
WarSOC Highlights, Customer Experience and Growth
Highlights Operations Local presence Cooperation Candidate pool The most rapidly growing F5 office worldwide Office Space doubling the office space
Customer Experience DDoS customers increase of almost 100% compared to the same period last year. WAF customers were up 136%, and Anti-fraud rose by 88%.
Customer Feedback You guys [SOC] have definitely raised the bar for customer service! Great Support and Great Product. [SOC Engineer] is very professional and knowledgeable The SOC analysts are very friendly and helpful regardless of the issue at hand. Really great to deal with.
Customer Feedback During the call today, Gibrail and the XYZ Company engineers mentioned that they were totally astounded by the superior quality of support provided by the Silverline support team so far. They went so far as to say it is the best support they have ever received, period It was awesome. One of the best service provided among tech company
THANK YOU