Modern attacks and malware

Similar documents
Secure solutions for advanced threats

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Cisco and Web Security News

Cisco Security Exposed Through the Cyber Kill Chain

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Security Experts Webinar

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Cisco Advanced Malware Protection

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

Agenda: Insurance Academy Event

The Internet of Everything is changing Everything

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco Security Enterprise License Agreement

Cisco s Appliance-based Content Security: IronPort and Web Security

CloudSOC and Security.cloud for Microsoft Office 365

Cisco Ransomware Defense The Ransomware Threat Is Real

Cisco Advanced Malware Protection. May 2016

Simplify Technology Deployments

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Security and Compliance for Office 365

Cisco Advanced Malware Protection against WannaCry

We re ready. Are you?

Chapter 1: Content Security

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Office 365 Buyers Guide: Best Practices for Securing Office 365

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

2018 Edition. Security and Compliance for Office 365

with Advanced Protection

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Security Hands-On Lab

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

Cisco Security Appliances

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

PEOPLE CENTRIC SECURITY THE NEW

Enterprise SM VOLUME 1, SECTION 5.7: SECURE MANAGED SERVICE

Symantec Protection Suite Add-On for Hosted Security

BEST PRACTICES FOR PERSONAL Security

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

MODERN DESKTOP SECURITY

MESSAGING SECURITY GATEWAY. Solution overview

Cisco Comstor

Security Landscape Thorsten Stoeterau Security Systems Engineer - Barracuda Networks

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Synchronized Security

Office 365 Integration Guide Software Version 6.7

SAFE Architecture Guide. Places in the Network: Secure Campus

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Cisco & IBM Security SECURING THE THREATS OF TOMORROW, TODAY, TOGETHER

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Threat Control Solutions. Version: Demo

Advanced Malware Protection: A Buyer s Guide

Architecting a More Effective Enterprise Security Program

Cloud Security & Advance Threat Protection. Cloud Security & Advance Threat Protection

Security for the Cloud Era

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Securing the SMB Cloud Generation

Intelligent Cyber Security for Real World

SaaS Flyer for Trend Micro

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Sales Training

CHECK POINT CLOUDGUARD SAAS SUPERIOR THREAT PREVENTION FOR SAAS APPLICATIONS

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

9 Steps to Protect Against Ransomware

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.

Service Provider Security Architecture

Seqrite Endpoint Security

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Simple and Powerful Security for PCI DSS

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Copyright 2011 Trend Micro Inc.

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Cisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant

Future-ready security for small and mid-size enterprises

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Security-as-a-Service: The Future of Security Management

2017 Annual Meeting of Members and Board of Directors Meeting

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Total Threat Protection. Whitepaper

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

Secure Network Access for Personal Mobile Devices

Compare Security Analytics Solutions

THE EVOLUTION OF SIEM

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

Securing Office 365 with SecureCloud

Transcription:

Modern attacks and malware Everything starts with an email and web Dragan Novakovic Cisco Systems

New Cyber Threat Reality Your environment will get breached You ll most likely be infected via email Hackers will likely command and control your environment via web

Cisco Email Security Solutions

Email is still the #1 threat vector

Phishing leaves businesses on the line Phishing $500M Spoofing Ransomware 30% 94% malicious attachments 1 are opened 1 of phish mail has of phishing messages Loss incurred due to phishing attacks in a year by US companies 2 1 2016 Cisco Annual Security Report 2 2016 Verizon Data Breach Report, Kerbs on Security Messages contain attachments and URL s Socially engendered messages are well crafted and specific Credential hooks give criminals access to your systems

Spoofing rates are on the rise Phishing Spoofing 270 % increase 1 $2.3B Ransomware 2015 2016 In losses from spoofing 2013-2015 1 1 FBI Warns of Dramatic Increase in Business email scams, 2016 Forged addresses fool recipients Threat actors extensively research targets Money and sensitive information are targeted

Ransomware attacks are holding companies hostage Phishing Spoofing Ransomware 9,515 users are paying ransoms per month 2 Ransomware represents the biggest jump in occurrences of crimeware 1 $60M Cost to consumers and companies of a single campaign 2 1 2016 Verizon Data Breach Report, Kerbs on Security 2 2016 Cisco Annual Security Report Malware encrypts critical files Locking you out of your own system Extortion demands are made

Cisco Email Security Talos Cisco Before During Cloud Appliance After Virtual Inbound Email Email Reputation Mail Flow Policies Acceptance Controls Anti-Spam Anti-Virus File Reputation ThreatGrid Graymail Management Safe Unsubscribe Content Controls URL Rep & Cat Outbreak Filters Anti-Phish File Sandboxing & Retrospection Tracking User click Activity (Anti-Phish) X X X X X X X X Outbound Email Outbound Liability Before X X During X X HQ Admin Management Reporting Message Track Mail Flow Policies Anti-Spam and Anti-Virus Data Loss Protection Encryption Allow Warn Block Partial Block

Gain security backed by the most advanced threat intelligence 100 TB Of Data Received Daily 1.5 MILLION Daily Malware Samples 600 BILLION Daily Email Messages III00II 0II00II 0I0I0I0I 0I I0 I00 000II0 I0I0 0II0 00 III00II 0II00II I0I0II0II0 I0 I0 I00 00I0 I000 0II0 00 III00II 0II00II I0I000 0II0 00I0I00 I0 I000I0I 0II 0I0I0I 00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 00 II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I00 II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00 00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I 250+ Full Time Threat Intel Researchers MILLIONS Of Telemetry Agents 4 Global Data Centers 16 BILLION Daily Web Requests 24 7 365 Operations Over 100 Threat Intelligence Partners Global scanning 30 years building the world s networks

Detect threats embedded in email content Reputation filter Anti spam Graymail detection Threat outbreak filters Content filters CASE engine Optimize detection with machine and human intelligence -10 +10 Stop more than 99% of Spam Keep good emails flowing with a < 1 in 1M false-positive rate?

Guard against malicious attachments Anti virus File reputation Advanced sandboxing Retrospective alerting Auto remediation for Office 365 Virus outbreak filters Track email behavior with over 560 indicators Quickly neutralize threats with Zero Hour Malware Protection Continuously track files with retrospective security? Advanced Malware Protection (AMP)?

Reduce the hassle of compliance Protect intellectual property DLP prevents confidential information from leaving your network Ensure compliance with industry and government regulations RSA and Digital Guardian partnership Enable users to do business Encryption ensures your email is confidential with complete control as the sender Send confidential mail Read receipts Recall ability Secure reply and forwarding ZIX or CRES or S/MIME or TLS

Move to the cloud with confidence Maintain peak performance with capacity assurance Ensure performance with continuous monitoring of system health Count on the stability and relatability of a strong tier one infrastructure Add capacity easily as message volumes increase Avoid downtime with 99.999 availability Enjoy the highest levels of service availability with dedicated cloud infrastructure Receive dedicated IPs and storage Prevent shared-fate with compute instances

Expand with security that grows with you Grow in the cloud Expand geographically Gain full admin access Increase dedicated instances up to 50% of the originally sized environment at no cost Utilize Cisco s data center footprint as you grow into new regions Maintain full admin level access to your appliances at all times Easily orchestrate changes or access reports

Optimize security resources to focus on business outcomes Keep consistent policy as you shift to cloud email Reduce investigations and response times Identify trends with scheduled and ad-hoc reporting

AsyncOS 10.0 Feature rich release Forged Email Detection Cisco Email Security AsyncOS 10.0 AMP Private Cloud Improved AMP Reporting Language Detection & Filter Actions SAML Authentication Malware Auto-Remediation for Office 365 Customers URL Logging & Message Tracking

Think Before You Click

With Cisco email security, you can Reduce exposure Support growth Achieve agility with advanced threat protection with availability and assurance through operational efficiency

Cisco Web Security Solutions

Cisco Web Security Protects the Web Vector While Supporting Your Business Comprehensive Defense Advanced Threat Protection Superior Flexibility Cisco Web Security Appliance (WSA) Cisco Cloud Web Security (CWS)

Talos WSA Cisco Web Security After www Web Filtering Web Reputation Application Visibility and Control Webpage www.website.com Anti- Malware File Reputation Outbreak Intelligence File Sandboxing Cognitive Threat Analytics DLP Integration File Retrospection X X X X X X Client Authentication Methods Traffic Redirection Methods CWS WSA ASA WCCP WSA Load Balancer Explicit/PAC Explicit/PAC ISR G2 PBR ISR 4K AnyConnect AnyConnect HQ Admin Reporting Management Log Extraction Key: CWS Only WSA/WSAv Only Hybrid Campus Office Branch Office Roaming User BYOD User Allow Warn Block Partial Block

It Starts with Usage Control and Active Defense Web Filtering Block over 50 million known malicious sites Web Reputation Restrict access to sites based on assigned reputation score Dynamic Content Analysis Categorize webpage content and block sites automatically Outbreak Intelligence Identify unknown malware and zero-hour outbreaks in real time Application Visibility and Control Regulate access to website components and apps DLP Integration Prevent confidential information from leaving your network Time and Bandwidth Quotas Set controls for users in terms of time on social media sites as well as bandwidth usage Roaming User Protection Protect users while away from the corporate network Available only on WSA/WSAv Available only on CWS

Extending Protection Beyond the Network Key Benefits WSA WWW Save network bandwidth CWS Browser Mobile User Improve user experience HQ WAN Remote Sites VPN Roaming User Defend against malware Protect your investment

And Extending User Identity and Context ISE Integration Who: Doctor What: Laptop Where: Office Acquires important context and identity from the network Who: Doctor What: ipad Where: Office Who: Guest What: ipad Where: Office Cisco Identity Service Engine Consistent Secure Access Policy WSA Confidential Patient Records Internal Employee Intranet Monitors and provides visibility into unauthorized access Provides differentiated access to the network Cisco TrustSec provides segmentation throughout the network Cisco Web Security Appliance provides web security and policy enforcement Internet Available only on WSA

Cisco Web Security Combats Evolving Threats Cisco Advanced Malware Protection (AMP) File Reputation File Sandboxing File Retrospection Increase the accuracy of threat detection by examining every aspect of a file Determine the malicious intent of a file before it enters the network Identify a breach faster by tracking a file s disposition over time

Updating Security to Meet Tomorrow s Challenges Talos Security Intelligence and Research Group Threat Intelligence Web Research Response Network Endpoint Get industry-specific threat intelligence tailored to your business Catch advanced threats endpoints miss with Cisco s reverse engineers and threat analysts Virtual Cloud 600+ Researchers Stay protected against the latest threats with regular updates pushed automatically Email Multi-tiered defense Industry-leading research

Identifying Unnamed Threats and Breaches Continuous Capabilities with Cisco Cognitive Threat Analytics (CTA) Anomaly Detection Detect infections faster by automatically scanning for symptoms of an attack Behavioral Analysis Identify unknown breaches by analyzing a user s behavior over time Machine Learning Automatically learn and adapt to threats with big-data algorithms

With Unified Reporting and Policy Management Unified Reporting Unified Policies Roaming User HQ Roaming User HQ WSA WSA ü ü ü ü Web Security Reporting Application Cloud Web Security Graphical User Interface

And Work with Your Existing Environment CWS Traffic Redirectors WSA Models Physical Appliance Perfect for small business branches Perfect for mid-size offices Perfect for large enterprises WSA-S190 WSA-S390 WSA-S690 ASA WSA Explicit/ PAC ISR G2/ ISR 4K* AnyConnect Virtual Appliance (WSAv) Respond instantly to traffic spikes and eliminate capacity planning by never shipping or installing a physical appliance *GRE over IPsec

Only Cisco Offers Web Security with Advanced Threat Protection Comprehensive Defense Advanced Threat Protection Superior Flexibility

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback