Smart Protection Network. Raimund Genes, CTO

Similar documents
Web Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates

Invincea Endpoint Protection Test

Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro

Detect Cyber Threats with Securonix Proxy Traffic Analyzer

1 Introduction Requirements Architecture Feature List... 4

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Trend Micro Deep Discovery Training Advanced Threat Detection 2.0 for Certified. Professionals Course Description

Sophos Central for partners and customers: overview and new features. Jonathan Shaw Senior Product Manager, Sophos Central

Securing the SMB Cloud Generation

This report is based on sampled data. Jun 1 Jul 6 Aug 10 Sep 14 Oct 19 Nov 23 Dec 28 Feb 1 Mar 8 Apr 12 May 17 Ju

Trend Micro Deep Discovery Training for Certified Professionals

This course incorporates a variety of hands-on lab exercises allowing participants to put the lesson content into action.

Protecting Virtual Environments

Trend Micro SMB Endpoint Comparative Report Performed by AV-Test.org

Get BitDefender Client Security 2 Years 30 PCs software suite ]

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

AdaptiveMobile Security Practice

Trend Micro SMB Endpoint Comparative Report Performed by AV-Test.org

MOBILE DEFEND. Powering Robust Mobile Security Solutions

Symantec Endpoint Protection

Omega Engineering Software Archive - FTP Site Statistics. Top 20 Directories Sorted by Disk Space

Polycom Advantage Service Endpoint Utilization Report

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

GWDG Software Archive - FTP Site Statistics. Top 20 Directories Sorted by Disk Space

CAS Quick Deployment Guide January 2018

COURSE LISTING. Courses Listed. with SAP Hybris Marketing Cloud. 24 January 2018 (23:53 GMT) HY760 - SAP Hybris Marketing Cloud

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

Malicious traffic detection system. Miroslav Stampar @stamparm)

FP7 NEMESYS Project: Advances on Mobile Network Security

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

DMARC Continuing to enable trust between brand owners and receivers

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

SOLUTION MANAGEMENT GROUP

AT&T Endpoint Security

MODERN DESKTOP SECURITY

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

deseo: Combating Search-Result Poisoning Yu USF

Securing the Modern Data Center with Trend Micro Deep Security

Opera Web Browser Archive - FTP Site Statistics. Top 20 Directories Sorted by Disk Space

University of Osnabruck - FTP Site Statistics. Top 20 Directories Sorted by Disk Space

McAfee Network Security Platform 8.3

OfficeScan 10 Cloud Client File Reputation Technology

Real World Testing Report

OpenINTEL an infrastructure for long-term, large-scale and high-performance active DNS measurements. Design and Analysis of Communication Systems

Transparency report. Examining the AV-TEST January-February 2018 Results. Prepared by. Windows Defender Research team

Every product has a story. Let ScanLife tell it.

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Internet of Things real life cases Alex Ahlberg

Remediation Testing Report

Beyond Testing: What Really Matters. Andreas Marx CEO, AV-TEST GmbH

Cisco Firepower NGFW. Anticipate, block, and respond to threats

DIGITAL LIFE E-GUIDE. A Guide to 2013 New Year s Resolutions

Mpoli Archive - FTP Site Statistics. Top 20 Directories Sorted by Disk Space

Why ESET. We help more than 100,000,000 users worldwide to Enjoy Safer Technology. The only vendor with record-breaking protection


Copyright 2011 Trend Micro Inc.

Automating Security Response based on Internet Reputation

Polycom Advantage Service Endpoint Utilization Report

Discount Kaspersky PURE 3.0 internet download software for windows 8 ]

File Reputation Filtering and File Analysis

The Scenes of Cyber Crime

Cisco Tetration Analytics

How to Secure Your Cloud with...a Cloud?

Trend Micro Deep Discovery Training for Certified Professionals

software.sci.utah.edu (Select Visitors)

Asks for clarification of whether a GOP must communicate to a TOP that a generator is in manual mode (no AVR) during start up or shut down.

Server Virtualization and Optimization at HSBC. John Gibson Chief Technical Specialist HSBC Bank plc

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

Kaspersky Internet Security - Top 10 Internet Security Software in With Best Antivirus, Firewall,

Zimperium Global Threat Data

PineApp Mail Secure SOLUTION OVERVIEW. David Feldman, CEO


Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Remove Trend Micro Titanium Internet Security Without Password

Quatius Corporation - FTP Site Statistics. Top 20 Directories Sorted by Disk Space


Symantec Hosted Services. Eugenio Correnti / Senior Pre-Sales Consultant EMEA 1


Symantec Ransomware Protection

Cisco s Appliance-based Content Security: IronPort and Web Security

Maximum Security with Minimum Impact : Going Beyond Next Gen

Threat Landscape vs Threat Management. Thomas Ludvik Næss Country Manager

Exploring the ecosystem of malicious domain registrations in the.eu TLD

Behind the Yellow Curtain Symantec s Proactive Protection and Detection Technology

One Phish, Two Phish, Three! Building an Active Threat Management Framework for Malicious

Trend Micro Endpoint Comparative Report Performed by AV-Test.org

Streaming Prevention in Cb Defense. Stop malware and non-malware attacks that bypass machine-learning AV and traditional AV

Securing Cisco s Network


National Aeronautics and Space Admin. - FTP Site Statistics. Top 20 Directories Sorted by Disk Space

Symantec Endpoint Protection 14

IKS Service GmbH - FTP Site Statistics. Top 20 Directories Sorted by Disk Space

Security Trend of New Computing Era

Monthly SEO Report. Example Client 16 November 2012 Scott Lawson. Date. Prepared by

COUNTERMEASURE SELECTION FOR VIRTUAL NETWORK SYSTEMS USING NETWORK INTRUSION DETECTION

1 Introduction Requirements Architecture Feature List... 3

Trend Micro Enterprise Endpoint Comparative Report Performed by AV-Test.org

CUSTOMER INTERACTION MANAGER WITH INTEGRATED DIGITAL MESSAGING

Technical Brochure F-SECURE THREAT SHIELD

Herd Intelligence: true protection from targeted attacks. Ryan Sherstobitoff, Chief Corporate Evangelist

Transcription:

Smart Protection Network Raimund Genes, CTO

Overwhelmed by Volume of New Threats New unique samples added to AV-Test's malware repository (2000-2010) 20.000.000 18.000.000 16.000.000 14.000.000 12.000.000 10.000.000 8.000.000 6.000.000 4.000.000 Dec Nov Oct Sep Aug Jul Jun May Apr Mar Feb Jan 2.000.000 0 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Source: AV-Test.org

File Web E- Mail

Smart Protection Network Sourcing Processing & Analysis Validate & Create Solution Quality Assurance Solution Distribution Solution Adoption File Web / URL Email Domain IP File Reputation Service Web Reputation Service Email Reputation Service Smart Protection Customer SPN Correlation Community Intelligence (Feedback loop)

Correlation Fake news by email. One A compromised click in a link. web site EMAIL REPUTATION WEB REPUTATION FILE REPUTATION A fake video

Backend Operations Data Feeds Correlation Monitor & Trigger Systems

Big Data!

Email Reputation ER S Spam Samples Reputation Data Feedback Data Storage Clusters VM Clusters Query Logs New Threat Discovery

Email Reputation Spam Samples Reputation Data 50M/day SPN Infrastructure Query Logs Reputation Servers Honeypot 1TB/day Pattern Feedback Data Query 200M/day Costumers

Email Reputation Daily Service Capacity Data Sourcing Data Analytics Solution Delivery 50M Spam samples 180,000 Suspicious IPs 200M User s feedback 1TB Mail traffic logs 806TB Raw data 1B IP address reputation 278GB Sampling pool 668,000 Cloud entries 8,050 Signatures 130,000 New IP listing

Web Reputation

Web Reputation Statistics Data Sourcing 42 Sources (16-19 in Regularity) 11,000 Unique Feedbacks 8~10 Billion URL Queries Data Analyses 1 Billion URLs Analyzed 7.2 TB raw and condensed data for correlations and mining Solution Delivery 52,580,000 static patterns 20,000 new patterns 15~20 million infections blocked

File Reputation

Do we need to rethink IT Security?

+ GRID and MARS Goodware Ressource and Information Database Mobile Application Reputation Service

GRID

146.000.000 GRID - Largest Catalog of Goodware 1.268.808 1.400.000 145.000.000 144.808.694 1.200.000 144.000.000 143.000.000 998.996 876.703 144.118.367 143.175.756 942.611 912.480 871.183 142.304.573 1.000.000 800.000 142.000.000 Unique File 141.000.000 526.272141.035.765 690.327 600.000 Weekly Added Files 140.000.000 276.013139.597.013 140.123.285 400.000 139.000.000 138.720.310 138.444.297 200.000 138.000.000 Mar 1 Mar 8 Mar 15 Mar 22 Mar 29 Apr 5 Apr 12 Apr 19 Apr 26 2012 - (Bit 9 = 120M unique files)

File Reputation Rating GRID Access Layer Used by Deep Security 8 to provide File Integrity Monitoring, Deep Discovery 3, and DTAS 3 for file reputation Integrated with SPN Backend Services (ex. FLUSTR (for SPN feedback), Census (planned), etc.) GFR Service (formerly NFC look-up) 2 Billion queries per day from the following products CSM 5.0 CSM 5.1 "CSM 6.X(WFBS 6.X) "CSM 7.X(WFBS 7.X) Deep Security Deep Discovery HouseCall 7.1 PC-cillin 2007 PC-cillin 2008 PC-cillin 2009 PC-cillin Pro 2009 PC-cillin 2010 PC-cillin Pro 2010 TDME v2.1 Titanium 1.0 WFBS-SVC 3.01 Titanium 3.0 OSCE v10.x "Fake AntiVirus Remover 0.9() Titanium 5.0 CPM 10.5 DCE 6.0 Titanium 6.0

Application Control: Endpoint TMAC blocks Skype as its usage is not allowed within the company s usage policy

Big Picture TMAC Communication GRID (Goodware Resources and Information Database) HTTP / SOAP Live Information / Translations TMAC Server (PLS) HTTP / Zipped / Encryped XML Incremental & channel based updates Customer Network Pull HTTP/S + GZIP Mime based protocol TMAC Agent (PLS) Push (PLS) Pull

Application Control: GRID Backend

ISP s, Telcos, Providers:

Mobile App Reputation 1. Collects Apps and scans them in the cloud 3. Correlates web queries with Smart Protection Network 2. Static Analysis: Dissects app code and private data access. Generates reputation scores and detailed report 4. Dynamic Analysis: Activates app to analyze actual behaviour

New in v2.1 Private Data Leak Protection Analyses App Behaviour Determines if it collects private information; IMEI Contacts Messages Photos Location Microphone Keyboard Input Determines if it sends it off the device; SMS or Internet NOTE: This is different to other privacy solutions that purely dissect the permissions an app requests. Mobile App Reputation Technology uses Data-taint technology to track private data accessed by an app and monitor its usage.

Trend Micro Mobile App Reputation Service Trend Micro Mobile App Reputation Service is a cloud based service that dynamically tests mobile applications for malicious activity, resource usage and privacy violations. It enables app store providers to block infected apps and provide customers with an enhanced app discovery experience. Cloud Service Dynamically Scans Apps Integrates with App Store Managed by Trend Micro No Infrastructure Cost Reduce Staff Cost Always available Monitors App Behaviour Detects Malware, Private Data Theft, Resource Abuse Remove bad apps Improved app discovery Customers can have a delightful experience World Leader in Cloud Security 22+ years of security expertise Correlates with Smart Protection Network

The Service Web Upload FTP Crawler Report is provided HTML Appstore removes bad apps and adds detailed info to app listings Appstore submits new apps Apps are scanned XML EMAIL

Benefits the ecosystem App Store Developer Consumer Ensures all apps are safe, provides more detailed search information to user, no infrastructure or expertise required Only competes with high quality, safe apps & apps can be found more easily based on more detailed criteria. Is assured that apps they are downloading are safe and that they can make informed decisions about resource usage. Ndoo Network is the first Android AppStore to integrate the Mobile App Reputation technology. We have been working with Trend Micro to test and evaluate the technology since mid-2011 and are seeing great results in catching malicious apps before they get onto the market-- it builds trust with our consumers, helping to increase downloads. This is fantastic and we have been able to integrate security expertise into the vetting process of our 60,000 apps without any hardware or headcount increase. Chong Chen, CEO, Ndoo Network

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback