IBM Security Network Protection Solutions

Similar documents
IBM Security Network Protection Solutions

Predators are lurking in the Dark Web - is your network vulnerable?

IBM Next Generation Intrusion Prevention System

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

May the (IBM) X-Force Be With You

IBM Security Network Protection Open Mic - Thursday, 31 March 2016

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

IBM Threat Protection System: XGS - QRadar Integration

MSS VSOC Portal Single Sign-On Using IBM id IBM Corporation

IBM Security Systems IBM X-Force 2012 Annual Trend and Risk Report

The New Era of Cognitive Security

Combatting advanced threats with endpoint security intelligence

Cybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

How to Secure Your Cloud with...a Cloud?

The McGill University Health Centre (MUHC)

XGS & QRadar Integration

with Advanced Protection

ISAM Advanced Access Control

CloudSOC and Security.cloud for Microsoft Office 365

GX vs XGS: An administrator s comparison of the two products

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Gladiator Incident Alert

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES

Cisco s Appliance-based Content Security: IronPort and Web Security

EXECUTIVE BRIEF: WHY NETWORK SANDBOXING IS REQUIRED TO STOP RANSOMWARE

Are we breached? Deloitte's Cyber Threat Hunting

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Endpoint Protection : Last line of defense?

Let s Talk About Threat Intelligence

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

ISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.

XGS: Making use of Logs and Captures

Security Gap Analysis: Aggregrated Results

Fabrizio Patriarca. Come creare valore dalla GDPR

RSA INCIDENT RESPONSE SERVICES

Advanced Malware Protection: A Buyer s Guide

Symantec Ransomware Protection

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

XGS Administration - Post Deployment Tasks

Trend Micro and IBM Security QRadar SIEM

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Building Resilience in a Digital Enterprise

IBM Security Strategy Intelligence, Integration and Expertise

Intelligent and Secure Network

Integrated, Intelligence driven Cyber Threat Hunting

PALANTIR CYBERMESH INTRODUCTION

Accelerating growth and digital adoption with seamless identity trust

IBM Future of Work Forum

Cisco Firepower NGFW. Anticipate, block, and respond to threats

IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions

RSA INCIDENT RESPONSE SERVICES

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

Cisco Firepower NGFW. Anticipate, block, and respond to threats

AKAMAI CLOUD SECURITY SOLUTIONS

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

ANATOMY OF AN ATTACK!

IBM MaaS360 Kiosk Mode Settings

Ponemon Institute s 2018 Cost of a Data Breach Study

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Security and Compliance for Office 365

Defend Against the Unknown

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

IBM Security Vaš digitalni imuni sistem. Dejan Vuković Security BU Leader South East Europe IBM Security

IBM Security Access Manager

Carbon Black PCI Compliance Mapping Checklist

Protection - Before, During And After Attack

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

IBM Europe, Middle East, and Africa Services Announcement ZS , dated October 6, 2009

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Prevent and Detect Malware with Symantec Advanced Threat Protection: Network

2018 Edition. Security and Compliance for Office 365

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Security Support Open Mic: ISNP High Availability and Bypass

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Advanced Threat Protection Buyer s Guide GUIDANCE TO ADVANCE YOUR ORGANIZATION S SECURITY POSTURE

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

THE ACCENTURE CYBER DEFENSE SOLUTION

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Security Update PCI Compliance

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Office 365 Buyers Guide: Best Practices for Securing Office 365

Symantec Client Security. Integrated protection for network and remote clients.

KEY FINDINGS INTERACTIVE GUIDE. Uncovering Hidden Threats within Encrypted Traffic

Achieve deeper network security

Copyright 2011 Trend Micro Inc.

Information Security Specialist. IPS effectiveness

Cisco Advanced Malware Protection. May 2016

Transcription:

Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security Systems

Increasing attack surface and threat sophistication Increasing Number of Vulnerabilities Growth in Vulnerabilities 1996-2013 Zero-day Attacks and Constantly Mutating Threats Designer Malware Spear Phishing Multi-faceted Threats and APTs Persistence Backdoors Vulnerabilities increasing Overall attack surface is growing Patches cannot be instantly implemented or do not exist Attacks constantly mutating to evade signatures Increasing number of zero-day exploits Well coordinated attacks by well coordinated teams Attackers exploiting users to gain access Traditional security tools unable to detect or assess the extent of the breach Average consolidated total cost of a data breach is $3.8 million a 23 percent increase since 2013 2 Source: 2015 Cost of Data Breach Study: Global Analysis, Ponemon Institute

Today s point product solutions defend against yesterday s attacks Broad Attacks Indiscriminate malware, spam and DoS activity Tactical Approach Compliance-driven, Reactionary Rely on pattern matching to find specific instances of attacks Rely on other add-on products like proxies and application firewalls Targets only certain types of broad attacks Solution provider obtains their research from third parties Piece-part solution Multi-faceted Targeted Attacks Advanced, persistent, organized, and politically or financially motivated Strategic Approach Intelligence-driven, Continuous Block entire classes of attacks, including mutations Protect against user-focused and application-level attacks Protect against advanced malware and persistent threats Offer industry-leading security research and development Seamlessly integrate with an entire portfolio of industry-leading security solutions 3

The history of IBM Security Network Protection Evolving beyond intrusion prevention to provide greater value Evolution based on client needs Intrusion Prevention Intrusion Detection Protects against attacks on vulnerabilities, not exploits Behavioral Defense Protects against attacks based on behavior, not specific vulnerabilities Web App Protection Heuristically protects against common app-based attacks URL/App Control Protects users from visiting risky sites on the web Threat Management.NEXT New protection and integration capabilities to stay ahead of the threat Advanced Malware Defense SSL/TLS Inspection Protects against attacks hidden inside encrypted traffic Blocks malware infections on the network 1997+ 2002+ 2005+ 2008+ 2012+ 2013+ 2014+ Future 4

IBM Intelligent Threat Protection IBM Security Network Protection solutions and integrations Smarter Prevention Trusteer Apex Endpoint Malware Protection Prevent malware installation and disrupt malware communications IBM Security Network Protection (XGS) Prevent remote network exploits and limit the use of risky web applications IBM Guardium Data Activity Monitoring Prevent unauthorized data access or leaks to help ensure data integrity Open Integrations Security Intelligence IBM Security QRadar Security Intelligence Discover and prioritize vulnerabilities Correlate enterprise-wide threats and detect suspicious behavior IBM Emergency Response Services Continuous Response IBM Security QRadar Incident Forensics Retrace full attack activity. Search for breach indicators and guide defense hardening IBM BigFix Automate and manage continuous security configuration policy compliance Assess impact, plan strategically and leverage experts to analyze data and contain threats Global Threat Intelligence Ready for IBM Security Intelligence Ecosystem Share security context across multiple products 100+ vendors, 400+ products IBM X-Force Threat Intelligence Leverage threat intelligence from multiple expert sources 5

Systems Infrastructure - Network Portfolio Overview Guard against attacks using an Advanced Threat Protection Platform with insight into users, content and applications IBM Security Network Protection (XGS) Next-generation network protection to safeguard both computing infrastructure and users from today s most serious threats IBM Security Intrusion Protection (GX) Industry-leading intrusion protection focused on protecting computing infrastructure IBM Security SiteProtector Central management of security devices to control policies, events, analysis and reporting for your business 6 IBM Security Systems

IBM Security Network Protection Pre-emptive protection to keep you Ahead of the Threat BROAD COVERAGE Protects against a full spectrum of attack techniques IBM Security Network Protection? ZERO-DAY PROTECTION Protects against known and unknown attacks ADVANCED INTELLIGENCE Powered by XForce global threat research 7

Broad coverage Protects against a full spectrum of attack techniques THREATS Traffic-based Protocol Anomalies Protocol Anomalies Protocol Tunneling RFC Non- Compliance Obfuscation Techniques System and Service Web App Unpatched / Unpatchable Vulnerabilities Cross-site Scripting Code Injection SQL Injection Buffer Overflows DoS / DDoS Cross-site Request Forgery Information Leakage Cross-path Injection IBM Security Network Protection User Spear Phishing Drive-by Downloads Malicious Attachments Malware Links Risky Applications Social Media File Sharing Remote Access Audio / Video Transmission 8

Broad coverage Comprehensive protection, visibility, and control over network traffic Deep Packet Inspection Fully classifies network traffic, regardless of address, port, or protocol SSL Visibility Identifies inbound and outbound traffic threats, without needing a separate appliance Identity and Application Awareness Associates users and groups with their network activity, application usage and actions Application A Attack Traffic Network Traffic and Flows Inbound Traffic Outbound Traffic Application B Employee A Employee B Employee C Clean Traffic Good Application Prohibited Application Botnet Traffic 400+ Protocols and file formats analyzed 25+ Billion URLs classified in 70 categories 2,000+ Applications and actions identified 9

The IBM fundamental approach to threat protection VULNERABILITY vs. EXPLOIT A weakness in a system Can be used to do something unintended Can be exploited in multiple ways A method used to gain system entry Many different exploits can target a single vulnerability Not all exploits are publicly available, and mutation is common IBM PROTECTION IBM protects the vulnerability vs. OTHER PRODUCTS Other products only block the exploits Stays ahead of the threat with pre-emptive protection that stops things from breaking the window??? Looks for methods that can break the window Keeping up can be challenging 10

IBM goes beyond pattern matching with a broad spectrum of vulnerability and exploit coverage Exploit Signatures Attack-specific pattern matching Vulnerability Decodes Focused algorithms for mutating threats Application Layer Heuristics Proprietary algorithms to block malicious use Other IPS solutions stop at pattern matching Web Injection Logic Patented protection against web attacks, e.g., SQL injection and cross-site scripting Shellcode Heuristics Behavioral protection to block exploit payloads Content Analysis File and document inspection and anomaly detection Protocol Anomaly Detection Protection against misuse, unknown vulnerabilities, and tunneling across 230+ protocols 11

Behavioral-based detection blocks attacks that have never been seen before IBM Protection Disclosed 2006 2014 Shellshock CVE 2014-6271 June 2007 Shell_Command_Injection 7.3 years ahead 10 vulnerabilities covered Sept 2014 MS IE Remote Exploit CVE-2012-4781 April 2006 JavaScript_NOOP_Sled 6.8 years ahead 94 vulnerabilities covered December 2012 Java JRE Code Execution CVE-2013-2465 October 2012 Java_Malicious_Applet 5 months ahead March 2013 8 vulnerabilities covered Cisco ASA Cross-Site Scripting CVE-2014-2120 November 2008 Cross_Site_Scripting 5.5 years ahead 8,500+ vulnerabilities covered March 2014 Symantec Live Update SQL Injection CVE-2014-1645 June 2007 SQL_Injection 6.9 years ahead 9,000+ vulnerabilities covered March 2014 12

IBM X-Force Research and Development Expert analysis and data sharing on the global threat landscape Zero-day Research IP Reputation URL / Web Filtering Malware Analysis Web Application Control Vulnerability Protection Anti-Spam The IBM X-Force Mission Monitor and evaluate the rapidly changing threat landscape Research new attack techniques and develop protection for tomorrow s security challenges Educate our customers and the general public Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter 13

XGS = X-Force in a box Coverage 20,000+ devices under contract 15B+ events managed per day 133 monitored countries (MSS) 3,000+ security related patents 270M+ endpoints reporting malware Depth 25B+ analyzed web pages & images 12M+ spam & phishing attacks daily 89K+ documented vulnerabilities 860K+ malicious IP addresses Millions of unique malware samples 14

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security 15 Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback