MODERN DESKTOP SECURITY

Similar documents
Enterprise Ransomware Mitigations

Consultant since many years. Mainly working with defense and public sector. MCSE on Windows Server 2000 security ;-)

Windows 10 Identity and Security

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Pieter Wigleven Windows Technical Specialist

WINDOWS 10 ENTERPRISE New Security Features

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Symantec Ransomware Protection

Hardening the Modern Windows Client Let s NOT break it this time

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Identity & Access Management

CloudSOC and Security.cloud for Microsoft Office 365

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

with Advanced Protection

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge

Building Resilience in a Digital Enterprise

Windows Server Security Guide

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Technical Brochure F-SECURE THREAT SHIELD

Streaming Prevention in Cb Defense. Stop malware and non-malware attacks that bypass machine-learning AV and traditional AV

Synchronized Security

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Becoming the Adversary

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

Mobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015

1

Maximum Security with Minimum Impact : Going Beyond Next Gen

Cisco Ransomware Defense The Ransomware Threat Is Real

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Microsoft Security Management

The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

SECURING DEVICES IN THE INTERNET OF THINGS

SECURING DEVICES IN THE INTERNET OF THINGS

Next Generation Enduser Protection

PEOPLE CENTRIC SECURITY THE NEW

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.

Cyber Defense Operations Center

McAfee Advanced Threat Defense

Securing the SMB Cloud Generation

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Securing the Modern Data Center with Trend Micro Deep Security

Bromium: Virtualization-Based Security

12/5/2013. work-life blur. more mobile. digital generation. multiple devices. tech. fast savvy

Update on new Microsoft Cloud Technology

Managing Microsoft 365 Identity and Access

How To Remove Personal Antivirus Security Pro Virus Windows 8

Office 365 Buyers Guide: Best Practices for Securing Office 365

MD-101: Modern Desktop Administrator Part 2

INTRODUCING SOPHOS INTERCEPT X

Next Generation Endpoint Security Confused?

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

The emerging battle between Cyber Defense and Cybercrime: How Technology is changing to keep Company and HR data safe

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

SentinelOne Technical Brief

FIREWALL BEST PRACTICES TO BLOCK

SentinelOne Technical Brief

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco Advanced Malware Protection (AMP) for Endpoints

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

10 FOCUS AREAS FOR BREACH PREVENTION

Cloud Security, Mobility and Current Threats. Tristan Watkins, Head of Research and Innovation

Cisco Firepower NGFW. Anticipate, block, and respond to threats

June 2 nd, 2016 Security Awareness

Gladiator Incident Alert

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Windows 10 Security & Audit

Secure solutions for advanced threats

Security Gaps from the Field

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Behavioral Analytics A Closer Look

How do you decide what s best for you?

Evolution Of Cyber Threats & Defense Approaches

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

What is Zemana AntiLogger?

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

CipherCloud CASB+ Connector for ServiceNow

SandBlast Agent FAQ Check Point Software Technologies Ltd. All rights reserved P. 1. [Internal Use] for Check Point employees

Managed Endpoint Defense

Proofpoint, Inc.

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

Cyber Security. Our part of the journey

Office 365 Integration Guide Software Version 6.7

Endpoint Protection : Last line of defense?

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

IBM Security Network Protection Solutions

Advanced Endpoint Protection

Securing Devices in the Internet of Things

Transcription:

MODERN DESKTOP SECURITY I M GOING TO BE HONEST. WE RE IN THE FIGHT OF OUR DIGITAL LIVES, AND WE ARE NOT WINNING! M I C H A E L M C C A U L, C H A I R M A N, U S H O M E L A N D S E C U R I T Y C O M M I T T E E

RANSOMWARE HAS BECOME THE BLACK PLAGUE "We can not say it loud and often enough, ransomware has become the black plague of the internet, spread by highly sophisticated exploit kits and countless spam campaigns.," says Cisco s Talos. Attackers are going after bigger targets that can afford to pay more, with potentially catastrophic consequences A dangerous piece of PC ransomware is now impossible to crack STEVE DENT Engadget March 17, 2016 Source: A dangerous piece of PC ransomware is now impossible to crack, Steve Dent, Engadget, Macrh 17, 2016

Evolution of Attacks Mischief Fraud and Theft Damage and Disruption Script Kiddies Unsophisticated Organized Crime Recently achieved apex attacker status, well resourced Nations, Terror Groups, Activists Traditional apex attackers, well resourced

THE MODERN DESKTOP SECURIT Y PROTECT, DETECT & RESPOND Servicing and Centralized Security Management Threat Protection Protect, detect, and respond to the most advanced threats using advanced based hardware security and the power of the cloud Identity Protection Kick passwords to the curb with a convenient, easy to use and enterprise-grade alternative that is designed for today s mobile-first world. Information Protection Protect data on lost and stolen devices and prevent accidental data leaks using data separation, containment, and encryption.

THE MODERN DESKTOP SECURIT Y PROTECT, DETECT & RESPOND Servicing and Centralized Security Management Threat Protection Office 365 ATP Windows Firewall Microsoft Edge Device Guard Windows Defender Antivirus Windows Defender ATP Windows Defender SmartScreen Identity Protection Windows Hello Credential Guard Azure Active Directory Premium Advanced Threat Analytics Information Protection BitLocker Device Encryption Windows Information Protection Azure Information Protection Microsoft Cloud App Security

THE MODERN DESKTOP SECURIT Y PROTECT, DETECT & RESPOND Servicing and Centralized Security Management Threat Protection Office 365 ATP Windows Firewall Microsoft Edge Device Guard Windows Defender Antivirus Windows Defender ATP Windows Defender SmartScreen Identity Protection Windows Hello Credential Guard Azure Active Directory Premium Advanced Threat Analytics Information Protection BitLocker Device Encryption Windows Information Protection Azure Information Protection Microsoft Cloud App Security

Office 365 ATP Multiple features, maximum security Safe Links Provides time-of-click malicious URL detection URL Detonation Scan files that are linked in email via URLs to websites Safe Attachments Helps protect against malicious attachments

Safe Links Web servers perform latest URL reputation check Helps protect against phishing and sites with malicious content. http://www. Provides visibility into compromised users for administrators. Rewrites all URLs to proxy through an EOP server. User clicking URL is taken to EOP web servers for the latest check at the time-of-click IP + envelope filter Signaturebased AV Blocking known exploits Anti-spam filter EOP user without Office 365 ATP Rewriting URLs to redirect to a web server EOP user with Office 365 ATP

Safe Links Admin sets policy Users notified if a malicious link is clicked in email

Safe Attachments Helps protect against zero-day exploits in email attachments. Provides visibility into compromised users for administrators. Leverages sandboxing technology. IP + envelope filter Signaturebased AV Blocking known exploits Anti-spam filter EOP user without Office 365 ATP EOP user with Office 365 ATP

Dynamic Delivery

TRADITIONAL PLATFORM STACK JUST ONE VULNERABILITY AWAY FROM FULL COMPROMISE Apps Windows Platform Services Kernel Device Hardware

Trustlet #1 Trustlet #2 Trustlet #3 VIRTUALIZATION BASED SECURITY WITH WINDOWS DEFENDER SYSTEM GUARD Apps Windows Platform Services Kernel Kernel Windows Operating System Windows Defender System Guard Hyper-V Hyper-V Device Hardware Hypervisor

PASS THE HASH ATTACKS Today s security challenge

TODAY S SECURITY CHALLENGE: PASS THE HASH AT TACKS Access to one device can lead to access to many 1. Single IT Pro s machine is compromised IT Pro manages kiosks/shared devices on network Attacker steals IT Pro s access token 2. Using IT Pros access token attacker looks for kiosk/shared devices and mines them for tokens 3. Repeat

Credential Guard Trustlet #2 Trustlet #3 TODAY S SOLUTION: CREDENTIAL GUARD Pass the Hash (PtH) attacks are the #1 go-to tool for hackers. Used in nearly every major breach and APT type of attack Credential Guard uses Windows Defender System Guard to isolate Windows authentication from Windows operating system Protects LSA Service (LSASS) and derived credentials (NTLM Hash) Fundamentally breaks derived credential theft using MimiKatz, Apps Windows Platform Services Kernel Windows Operating System Hyper-V Hypervisor Device Hardware Kernel Windows Defender System Guard Hyper-V

SLIDE TITLE TODA Y S CH ALLENGE: APPS OUR A NSWER : APPS MUST EARN TRUST BEFORE USE

WINDOWS DEFENDER ANTI-VIRUS PROTECTION Protection that competes to win Scored 100% detection in Real World Testing against top competitors (AVTest Feb 2017). Behavior and cloud-powered malware detection Can detect fast changing malware varietals using behavior monitoring and cloud-powered protection that expedites signature delivery Tamper Resistant Windows Trusted Boot and platform isolation and protect Windows Defender from attacks and enable it to self-repair Built into Windows and Always Up-To-Date No additional deployment & Infrastructure. Continuously up-todate, lower costs

AT TACKS HAPPEN FAST AND ARE HARD TO STOP If an attacker sends an email to 100 people in your company 23 people will open it 11 people will open the attachment and six will do it in the first hour.

WINDOWS DEFENDER ADVANCED THREAT PROTECTION DETECT ADVANCED ATTACKS AND REMEDIATE BREACHES Built into Windows No additional deployment & Infrastructure. Continuously up-to-date, lower costs. Behavior-based, cloud-powered breach detection Actionable, correlated alerts for known and unknown adversaries. Real-time and historical data. Rich timeline for investigation Easily understand scope of breach. Data pivoting across endpoints. Deep file and URL analysis. Unique threat intelligence knowledge base Unparalleled threat optics provide detailed actor profiles 1st and 3rd party threat intelligence data.

CUSTOMER

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback