The S in IoT is for Security Owning all the Things

Similar documents
Data-Driven DevOps: Bringing Visibility to Any Cloud, Any App, & Any Device. Erik Giesa SVP of Marketing and Business Development, ExtraHop Networks

Rethink the Network It is more than just transport

Trends and Challenges We now live in a data-driven economy A recent Gartner report discussing NetOps 2.0 stated, NetOps teams must embrace practices a

Help Your Security Team Sleep at Night

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

The Why, What, and How of Cisco Tetration

TLS 1.1 Security fixes and TLS extensions RFC4346

Cisco Tetration Analytics

BMC Remedyforce Discovery and Client Management. Frequently asked questions

Seceon s Open Threat Management software

The Business Case for Network Segmentation

Delivering Visibility for Your Risk Management Framework

2018 Edition. Security and Compliance for Office 365

The Critical Assets Filter for the SOC Focus discovery and analytics to expedite security investigations

Strengthening Identity Infrastructure Through Visibility & Vigilance

Security analytics: From data to action Visual and analytical approaches to detecting modern adversaries

Cisco s Appliance-based Content Security: IronPort and Web Security

SYMANTEC DATA CENTER SECURITY

Russian Cyber Attack Warning and Impact on AccessEnforcer UTM Firewall

IMPLEMENTING A SOLUTION FOR ASSURING KEYS AND CERTIFICATES

ExtraHop Platform Overview: Gain Control With Real-Time IT Analytics

Security and Compliance for Office 365

Exposing The Misuse of The Foundation of Online Security

RSA INCIDENT RESPONSE SERVICES

Intelligent Edge Protection

RSA. The security division of EMC. Visibilidad total en el entorno de seguridad. Javier Galvan Systems Engineer Mexico & NOLA

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

M2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres

Lessons from the Human Immune System Gavin Hill, Director Threat Intelligence

Pulseway Security White Paper

Artificial Intelligence Drives the next Generation of Internet Security

WHY ARMIS. 1. Comprehensive Asset Discovery and Inventory. 2. Agentless. Top 10 Reasons To Consider Armis

Securing CS-MARS C H A P T E R

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

Qualys Cloud Platform

Achieving End-to-End Security in the Internet of Things (IoT)

Forescout. Configuration Guide. Version 2.4

The Cognito automated threat detection and response platform

BIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0

IBM Security Network Protection Solutions

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Network Device Forensics. Digital Forensics NETS1032 Winter 2018

ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

ELIMINATE SECURITY BLIND SPOTS WITH THE VENAFI AGENT

Comodo Certificate Manager

ForeScout Agentless Visibility and Control

Infinite Device Management

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Imperva Incapsula Website Security

Protecting Your SaaS Investment: Monitoring Office 365 Performance

Speed Up Incident Response with Actionable Forensic Analytics

Facilities Manager Technical Overview

Vectra Cognito. Brochure HIGHLIGHTS. Security analyst in software

Cognito Detect is the most powerful way to find and stop cyberattackers in real time

Cisco Secure Access Control

Security in Bomgar Remote Support

CloudSOC and Security.cloud for Microsoft Office 365

Forescout. eyeextend for Palo Alto Networks Wildfire. Configuration Guide. Version 2.2

Design and Deployment of SourceFire NGIPS and NGFWL

Copyright 2011 Trend Micro Inc.

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

BraindumpsVCE. Best vce braindumps-exam vce pdf free download

Corrigendum 3. Tender Number: 10/ dated

Cloud Customer Architecture for Securing Workloads on Cloud Services

CompTIA Security+ (Exam SY0-401)

First Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.

A10 HARMONY CONTROLLER

Cisco Tetration Analytics

Configuring Vulnerability Assessment Devices

Built-in functionality of CYBERQUEST

TeamViewer Security Statement

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Enterprise & Cloud Security

Fidelis Overview. ISC 2 DoD and Industry Forum. Rapid Detection and Automated Incident Response DoD & Commercial Active Defense Use Cases

The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company

Cisco Encrypted Traffic Analytics Security Performance Validation

AAA (Authentication, Authorization, and Accounting) is a framework that contains protocols that control user access and resource tracking.

Cyber Defense Operations Center

WHITEPAPER Linking ExtraHop Wire Data Analytics solution with the compliance module of macmon NAC

Demystifying Machine Learning

Chapter 2. Switch Concepts and Configuration. Part II

2 Me. 3 The Problem. Speaker. Company. Ed Breay Sr. Sales Engineer, Hitachi ID Systems.

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

Configure Site Network Settings

Powerful Insights with Every Click. FixStream. Agentless Infrastructure Auto-Discovery for Modern IT Operations

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

The threat landscape is constantly

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Security Considerations for Cloud Readiness

Integration Guide. Auvik

The Future of Network Infrastructure & Management

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

McAfee Network Security Platform 8.3

RSA INCIDENT RESPONSE SERVICES

CNIT 121: Computer Forensics. 9 Network Evidence

with Advanced Protection

Cisco Next Generation Firewall Services

PROTECTING INFORMATION ASSETS NETWORK SECURITY

Transcription:

Raja Mukerji Co-Founder, ExtraHop Networks @rajamukerji The S in IoT is for Security Owning all the Things

Why Now?

Topics of Discussion Why should you care about the Internet of Things? What challenges does IoT pose for Enterprise IT? What you can do to prepare for IoT?

20 Billion Connected Devices by 2020 No logging, no agents, no instrumentation who s ready? 2012 1.3 billion connected things in use worldwide People outnumber connected devices by roughly 5:1 2016 6.4 billion connected things in use worldwide, up 30 percent from 2015 5.5 million new things will get connected every day 2020 20.8 billion connected things in use worldwide Internet-connected devices will outnumber people by at least 2:1 Source: Gartner, November 2015, http://www.gartner.com/newsroom/id/3165317

Enterprise IoT Challenges Here is what is in store in the years ahead IT asset discovery Think VM sprawl was bad? CMDBs will not work with the Internet of Things. Instrumentation IoT devices do not offer system logs or support monitoring agents. Security IoT devices represent dangerous open vectors for attack.

You cannot secure what you cannot see.

What Is the Internet of Things Saying? Analyze data-in-flight to gain understanding and insight for IoT Auto-Discovery See which devices are really talking to each other. Performance Identify causes of latency that can affect operations. Malware Detection Detect anomalous behavior such as connections to external servers. Identity and Trust Track use of credentials used to access files and applications. Business Intelligence Monitor operations and sales in real time.

Wire Data: Visibility for the Internet of Things Ubiquitous Definitive Real-Time No logs or agents Every thing touches the network Forensic data Meets chain-of-custody requirements No polling intervals Sees ephemeral services

Stream Processing for Network Traffic Full-stream reassembly to create wire data in real time at scale Unstructured packets Stream processor Structured wire data Application & User Behavior Protocol Activity Encryption Profile Compliance Network Forensics CVE Detection Privileged user logins Unencrypted FTP Certificate expiration SSH tunneling Automatic discovery Shellshock Unauthorized outbound Telnet Key length Non-standard ICMP Precisions PCAP HTTP.sys connections Gopher Outdated SSL sessions Non-standard DNS User activity Turla malware Lateral network traversal TACACS MD5/SHA-1 cert signing Non-standard HTTP Network scanning Heartbleed Brute force attacks SNMP v1, v2, v2c SSL traffic by port Disallowed file types Triggers FREAK SSL/TLS Storage/DB access Finger Email encryption Invalid file extension writes Flow analysis POODLE Fraudulent transactions IRC Wild card certificates Blacklisted traffic Historical auditing Logjam Large data transfers

Mine the Network in Real Time ExtraHop s unique stream analytics platform rapidly transforms all data-in-motion into IT and business insights. Our intuitive plug-and-play platform leverages Big Data technology for real-time and historical analytics. Unstructured Packets Structured Wire Data A single ExtraHop appliance can extract, analyze, and visualize up to 432 TB of data exchanged per day in real time. 11 TB of analysis @1 Gbps/day 108 TB of analysis @10 Gbps/day 216 TB of analysis @20 Gbps/day 432 TB of analysis @40 Gbps/day IT Operations Security Operations Business Operations

Expanding Data on the Network Cisco Traffic Forecasts for 2019 Traditional Datacenter Traffic 1.47 ZB of traffic growing at 5% Private & Public Cloud Datacenter Traffic 2.96 ZB of traffic growing at 33% Source: Cisco Global Cloud Index

Expanding Data on the Network Cisco Traffic Forecasts for 2019 Traditional Datacenter Traffic 1.47 ZB of traffic growing at 5% Internet of Things Private & Public Cloud Datacenter Traffic 2.96 ZB of traffic growing at 33% IoT data to reach 507.5 ZB growing at 200% Source: Cisco Global Cloud Index

Visibility Into East-West Traffic IoT increases lateral communications behind the firewall N O R T H - S O U T H Enterprise Network EAST - WEST SAN Bare Metal Servers Blade Chassis Exchange Server Blade Chassis w/ Integrated Switches Database Servers

Personal Devices Are an Open Vector Apple iwatch Example: watchos 2.2.22 Update

IoT-Vectored Ransomware It is a matter of time you heard it here first Attacker File Share Client Client Client

Medical Devices hit by Malware Bayer MedRad device for MRI scanning hit by WannaCry ransomware

Ransomware Detection by Reveal(x) The Rx for a compromised immune system

BYOD Auto-Discovery Automatic discovery and classification based on heuristic analysis of communications

Healthcare IoT (Medical devices) Source: thehackernews, June 2017

Use Wire Data to Gain IoT Insights The visibility you need for the Internet of Things is on the wire Ubiquitous Definitive Real-Time See all application, data, network, user, and system behavior Automatically discover all connected devices Identify suspicious behavior Quickly gather the details needed to resolve issues Make decisions based on empirical evidence Track ephemeral services and connections Scale to support high volumes of IoTdriven traffic

Raja Mukerji Co-Founder, ExtraHop Networks @rajamukerji Thank You!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback