Gladiator Incident Alert

Similar documents
Gladiator Hosted Network Solutions Raising the Bar on Risk and Compliance: Hosted Network Services and your Cloud Service Provider.

Dealing with Risks in the Financial Industry

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

IBM Security Network Protection Solutions

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Symantec Ransomware Protection

Service Provider View of Cyber Security. July 2017

Dynamic Datacenter Security Solidex, November 2009

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

AKAMAI CLOUD SECURITY SOLUTIONS

The Future of Threat Prevention

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

CloudSOC and Security.cloud for Microsoft Office 365

13 Ways Through A Firewall What you don t know will hurt you

Ethical Hacking and Prevention

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Put an end to cyberthreats

Security

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

Imperva Incapsula Website Security

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Building Resilience in a Digital Enterprise

Endpoint Protection : Last line of defense?

Understanding Cisco Cybersecurity Fundamentals

Pass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores

The Internet of Everything is changing Everything

68 Insider Threat Red Flags

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Synchronized Security

Copyright 2011 Trend Micro Inc.

Cyber security tips and self-assessment for business

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

ANATOMY OF AN ATTACK!

Cybersecurity Auditing in an Unsecure World

PROTECTING INFORMATION ASSETS NETWORK SECURITY

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

CYBERSECURITY RISK LOWERING CHECKLIST

Next Generation Endpoint Security Confused?

Seqrite Endpoint Security

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Compare Security Analytics Solutions

We re Different. Founded in 2007, Secure Source specializes in Network Security technology and compliance solutions.

Table of Content Security Trend

CIH

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Business Strategy Theatre

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

RSA Security Analytics

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

NetDefend Firewall UTM Services

Sobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.

Rethinking Security: The Need For A Security Delivery Platform

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

MODERN DESKTOP SECURITY

Isla Web Malware Isolation and Network Sandbox Solutions Security Technology Comparison and Integration Guide

Activating Intrusion Prevention Service

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Network Security Issues and New Challenges

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

SentinelOne Technical Brief

Improved C&C Traffic Detection Using Multidimensional Model and Network Timeline Analysis

ERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016

CS System Security 2nd-Half Semester Review

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Arbor Networks Spectrum. Wim De Niel Consulting Engineer EMEA

Advanced Threat Defense Certification Testing Report. Trend Micro Incorporated Trend Micro Deep Discovery Inspector

How to build a multi-layer Security Architecture to detect and remediate threats in real time

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Intelligent and Secure Network

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Cisco Firepower NGFW. Anticipate, block, and respond to threats

RSA. The security division of EMC. Visibilidad total en el entorno de seguridad. Javier Galvan Systems Engineer Mexico & NOLA

AMP for Endpoints & Threat Grid

Cybowall Solution Overview

Integrating Juniper Sky Advanced Threat Prevention (ATP) and ForeScout CounterACT for Infected Host Remediation

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats.

Symantec Endpoint Protection Family Feature Comparison

UTM Firewall Registration & Activation Manual DFL-260/ 860. Ver 1.00 Network Security Solution

Security Made Simple by Sophos

Security Landscape Thorsten Stoeterau Security Systems Engineer - Barracuda Networks

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Automated Threat Management - in Real Time. Vectra Networks

Symantec Endpoint Protection 14

THE ACCENTURE CYBER DEFENSE SOLUTION

Implementing Cisco Cybersecurity Operations

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Transcription:

Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates, Inc.

Cybersecurity Threat Landscape Many, Highly Sophisticated, Significant Impact Few, Moderately Sophisticated, Medium Impact Cross-site Scripting SSL-encrypted threats Zombie Bots RDP Exploits Buffer Overflow Memory Few, unsophisticated, Low Impact Self Replicating Code Password Guessing Password Cracking Disabling Audits Hijacking Sessions Exploit Known Vulnerabilites Packet Forging & Spoofing SPAM Back Doors Sweeper & Sniffers Service Overwhelm Stealth Diagnostics DoS SQL Injections Phishing Web Browser Pop-Ups VBA, ActiveX Flash Tricks OS Specific Attack Tools Scrapping Ddos Ransomeware APT s Spear Phising Trageted Attacks Drive-by Downloads Watering Hole Attacks

Cybercrime will Cost Businesses $2 Trillion Increase cost of data breaches to $2.1 trillion globally by 2019 Increasing to almost four times the estimated cost of breaches in 2015 Rapid digitization of consumers lives and enterprise records Source: Juniper The Future of Cybercrime & Security: Financial and Corporate Threats & Mitigation 3 2016 Jack Henry & Associates, Inc.

More Malware & More Attacks Symantec Internet Security Threat Report More than 430 million new pieces of malware in 2015 36% increase from 2014 Attacks targeting businesses with fewer than 250 employees are increasing each year 43% of all attacks in 2015 were targeted at small businesses 4 2016 Jack Henry & Associates, Inc.

Millions of Raw Events a Day Single Digit Incident Notifications

CoreDEFENSE (Managed end to end Security) 1. Server Host IPS 11 6 8 5 7 2. Endpoint Security Protection 3. Security Event Log Analysis 6 2 4 5 4. System and Application Patching 5. Email Protection 3 4 9 10 8 2 4 5 6. UTM (Fortinet, SonicWall, Cisco) 7. AMP (Advanced Malware Protection) 5 10 8. Incident Alert Sandbox 3 4 1 2 3 4 5 10 9. Enterprise Vulnerability Scanning 10. Enterprise Mobility Management 11. JHA Core System & NetTeller Monitoring ESM 12 12. esat End-user Security Awareness Training 6 2016 Jack Henry & Associates, Inc.

Why Most Malware Protections Fail The Arms Race is in their favor Automated tools have made it simple to author new, effective malware variants 5.5 million new variants of malware monthly Obfuscation makes it easy to get around pesky signature based solutions 735 2016 Jack Henry & Associates, Inc.

AV is Failing, and IPS is not far Behind Signature Based Safety Net Zero Day and APT attacks the Sacrificial Lambs 8 2016 Jack Henry & Associates, Inc.

How do we Gain an Edge? Solutions must focus on behavior and threat intelligence AV and IPS focus here 150,000 Malware Variants a Day Nearly Infinite Exploit Methods End Users Opening Holes Gladiator advanced solutions AMP & IA focus here Attack Sources Expected Behavior Malware Hosting 9 2016 Jack Henry & Associates, Inc.

Gladiator Incident Alert 24/7 Managed Security Services: Integrated with Gladiator Expert SIEM Architecture to identify malware and prevent cybersecurity incidents. Superior Detection: Detects unknown threats (APTs, ATAs, zero-days, etc.) specifically designed to evade first-generation APT sandbox appliances. Advanced Threat Intelligence: Contains active command and control (C&C) servers, objects with zero-day exploits, toxic web sites, and malware distribution points identified as having breach intent. 10 2016 Jack Henry & Associates, Inc.

Incident Alert Gladiator SOC Expert Threat Intelligence SIEM Unified Threat Management Security Appliance FW DS/IPS AV WCF VPN Users LastLine Sandbox Deep Content Inspection Security Appliance Memory CPU Operating Systems Applications 11 2016 Jack Henry & Associates, Inc.

The Deep Content Inspection Difference Scripts hidden in documents can Compromise users and server as a Launch pad for further compromises Dynamic analysis of artifacts enable LastLine to interact with malware During Hidden execution paths to identify Evasive behavior LastLine emulates computing hardware enabling visibility into CPU instructions, system memory and device interaction Dormant code analysis enables LastLine To identify dormant behavior, enabling Identification of even the most targeted malware Applications Operation Systems CPU Memory Application vulnerabilities exploited by malware are highly version dependent True Kernel Visibility enables identification and manipulation of stalling loops, delay tactic and other evasions used to avoid detection Able to inspect memory contents of malware including encrypted strings 12 2016 Jack Henry & Associates, Inc. Deep Content Inspection Engine

LastLine NSS Labs 100% In the history of NSS Labs evaluations, Lastline is the first and only vendor ever to score 100% Security Effectiveness with zero false positives 13 2016 Jack Henry & Associates, Inc.

LastLine Best in Breed 14 2016 Jack Henry & Associates, Inc.

LastLine - Innovation 15 2016 Jack Henry & Associates, Inc.

Last Line Analytics 16 2016 Jack Henry & Associates, Inc.

CoreDEFENSE Multi-layered Firewall Monitoring & Management Gladiator - SIEM First layer of defense Protect ports of entry to the financial institution Raw traffic analysis Cloud Services DDOS Mitigation Perimeter Protection Malware Protection Data Exfiltration User Education Detailed Reporting Intrusion Prevention Incident Alert & Advanced Malware Protection Server Security Monitoring Gladiator - SIEM Monitor all incoming and outgoing traffic Looking for virus and hacker signatures Provided by Fortinet, Cisco, SonicWall Gladiator - SIEM Sandbox-enabled deep content inspection Hosted DNS Anomaly Detection Service blocks connectivity to sites hosting malware Gladiator - SIEM Event log monitoring Vulnerability scanning Server IPS esat Employee Security Awareness Training Web based training w/ quiz & reporting Content updated regularly Separate module for Board members Monthly Security Timely Tips email newsletter 17 2016 Jack Henry & Associates, Inc.

QUESTIONS Allen Eaves aeaves@jackhenry.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback