Cisco Advanced Malware Protection. May 2016

Similar documents
Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

Network Visibility and Advanced Malware Protection. James Weathersby, Director Technical Marketing Gyorgy Acs, Consulting Security Engineer

Cisco Advanced Malware Protec3on

The Internet of Everything is changing Everything

Intelligent Cyber Security for Real World

Cisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Cisco Advanced Malware Protection for Endpoints

AMP for Endpoints & Threat Grid

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Advanced Malware Protection: A Buyer s Guide

Agile Security Solutions

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Next Generation IPS and Advance Malware Protection. Mahmoud Rabi Consulting Systems Engineer - Security

Cisco Advanced Malware Protection

Cisco Advanced Malware Protection against WannaCry

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

Cisco Security Exposed Through the Cyber Kill Chain

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

Security Experts Webinar

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Sourcefire and ThreatGrid. A new perspective on network security

Cisco Firepower NGFW. Anticipate, block, and respond to threats

We re ready. Are you?

How to build a multi-layer Security Architecture to detect and remediate threats in real time

Cisco AMP Solution. Rene Straube CSE, Cisco Germany January 2017

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Protection - Before, During And After Attack

Cisco ASA with FirePOWER Services

Secure solutions for advanced threats

THE ACCENTURE CYBER DEFENSE SOLUTION

Modern attacks and malware

Cisco Advanced Malware Protection for Networks

Cisco Customer Education

Security-as-a-Service: The Future of Security Management

Service Provider Security Architecture

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)

Cisco ASA 5500-X NGFW

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

Security Gap Analysis: Aggregrated Results

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Expert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire

Cisco Advanced Malware Protection for Networks

Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků

An Investment Checklist

The Importance of Threat-Centric Security

Cisco Security Enterprise License Agreement

Threat Centric Network Security

The Importance of Threat-Centric Security

Best Practices in Securing a Multicloud World

Cisco s Appliance-based Content Security: IronPort and Web Security

SYMANTEC DATA CENTER SECURITY

Securing Today s Mobile Workforce

Securing Your Microsoft Azure Virtual Networks

Agenda: Insurance Academy Event

Simplify Technology Deployments

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

Chapter 1: Content Security

Securing Your Amazon Web Services Virtual Networks

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Security in India: Enabling a New Connected Era

File Reputation Filtering and File Analysis

Cisco and Web Security News

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Snort: The World s Most Widely Deployed IPS Technology

Compare Security Analytics Solutions

Total Threat Protection. Whitepaper

Architecting a More Effective Enterprise Security Program

Product Overview Version 1.0. May 2018 Silent Circle Silent Circle. All Rights Reserved

Cisco Comstor

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Security and Compliance for Office 365

IBM Security Network Protection Solutions

Cisco Advanced Malware Protection (AMP) for Endpoints

CYBER SECURITY EFFECTIVENESS FOR THE RESOURCE-CONSTRAINED ORGANIZATION

Fully Integrated, Threat-Focused Next-Generation Firewall

BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response

The Internet of Everything is changing Everything

TREND MICRO SMART PROTECTION SUITES

BUFFERZONE Advanced Endpoint Security

Access Control Using Intrusion and File Policies

Secure Network Access for Personal Mobile Devices

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics

McAfee Advanced Threat Defense

Put an end to cyberthreats

HOSTED SECURITY SERVICES

TREND MICRO SMART PROTECTION SUITES

The threat landscape is constantly

Office 365 Buyers Guide: Best Practices for Securing Office 365

Technical Brochure F-SECURE THREAT SHIELD

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Transcription:

Cisco Advanced Malware Protection May 2016

The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious traffic 100% Cybercrime is lucrative, barrier to entry is low Hackers are smarter and have the resources to compromise your organization Malware is more sophisticated Organizations face tens of thousands of new malware samples per hour of organizations interacted with websites hosting malware Phishing, Low Sophistication Hacking Becomes an Industry Sophisticated Attacks, Complex Landscape 1990 1995 2000 2005 2010 2015 2020 Viruses 1990-2000 Worms 2000-2005 Spyware and Rootkits 2005-Today APTs Cyberware Today +

Malware Will Get Into Your Environment 95% of large companies targeted by malicious traffic $5.9M Average cost of a breach in the United States 60% of data stolen in hours 65% of organizations say attacks evaded existing preventative security tools.

Once Inside, Organizations Struggle to Deal with It 33% of organizations take 2+ years to discover breach 54% of breaches remain undiscovered for months 55% of organizations unable to determine cause of a breach 45 days Average time to resolve a cyber-attack

Point-in-Time Detection Tools Alone Are Insufficient and Provide Limited or No Visibility Into Threats Once They Get in Event Horizon Antivirus Analysis Stops Not 100% Sleep Techniques Unknown Protocols Encryption Polymorphism Blind to scope of compromise Legacy IPS Initial Disposition = Clean Actual Disposition = Bad Too Late!!

Breach Prevention Detection Containment Remediation Continuously + Rapidly

Cisco AMP Provides Threat Intelligence, Point-in-Time Detection, and Continuous Analysis of Files to Defeat Advanced Threats Attack Continuum Before During After Before Discover During Detect After Scope Enforce Harden Block Defend Contain Remediate Threat intelligence and analytics Point-in-Time detection Retrospective security and continuous analysis Email and Web Data Center/Servers Network Endpoints Mobile

AMP Provides the Visibility and Control to Effectively Prevent, Block, Detect, and Remediate Advanced Threats Before an attack During an attack After an attack 1. Visibility See Detect Record, Analyze, Detect 2. Control Prevent Block and Contain Remediate with Threat Intelligence and Analytics with Point-in-Time Protection with Continuous Analysis and Retrospective Security

Threat Intelligence and Advanced Analytics AMP Strengthens Defenses Using Threat Intelligence and Malware Analysis Learn about threats faster Expertise Team of threat analysts/researches working to provide you with the latest threat intelligence 24/7 Knowledge base Extensive and growing back-end research on the latest threats and security trends Insight Analytics and behavioral indicators for your system written in plain English 35% worldwide email traffic 13 billion web requests per day 100 TB of data received daily 1.1 million incoming malware samples per day

Threat Intelligence and Advanced Analytics The Numbers Cisco Collective Security Intelligence 1001 1101 1110011 0110011 101000 0110 00 1001 1101 1110011 0110011 101000 0110 00 101000 0110 00 0111000 111010011 101 1100001 110 101000 0110 00 0111000 111010011 Cisco Collective 101 1100001 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 1100001110001110 1001 1101 1110011 0110011 10100 Security Intelligence Cloud WWW Email Endpoints 1.6 million global sensors 100 TB of data received per day 150 million+ deployed endpoints Experienced team of engineers, technicians, and researchers 35% worldwide email traffic Web 13 billion web requests 24x7x365 operations 4.3 billion web blocks per day 40+ languages 1.1 million incoming malware samples per day AMP Community Private/Public Threat Feeds Networks IPS Talos Security Intelligence AMP Threat Grid Intelligence AMP Threat Grid Dynamic Analysis 10 million files/month Advanced Microsoft and Industry Disclosures Snort and ClamAV Open Source Communities AEGIS Program Devices Automatic updates in real time AMP Advanced Malware Protection

Point-in-Time Detection AMP Delivers the First Line of Defense, Blocking Known and Emerging Threats with Point-in-Time Defenses Automatically stop as many threats as possible, known and unknown One-to-one signature Offer better accuracy and dispositioning Fuzzy finger-printing Machine learning Block known and emerging threats Advanced analytics Static and dynamic analysis (sandboxing) Protect your business with no lag

But Point-in-Time Detection Alone Will Never Be 100% Effective

Continuous Analysis and Retrospective Security Only AMP Continuously Monitors and Analyzes All File Activity, Regardless of Disposition Across all control points WWW Email Web Network Endpoints Mobile Take advantage of key capabilities Identify a threat s point of origin Track it s rate of progression and how it spread See where it's been See what it is doing Surgically target and remediate To answer the questions that matter

The AMP Everywhere Architecture AMP Protection Across the Extended Network for an Integrated Threat Defense AMP Threat Intelligence Cloud Remote Endpoints AMP for Endpoints AMP on Firepower NGIPS Appliance (AMP for Networks) Threat Grid Malware Analysis + Threat Intelligence Engine AMP Private Cloud Virtual Appliance AMP on Cisco ASA Firewall with Firepower Services AMP for Endpoints AMP on Web and Email Security Appliances AMP on ISR with Firepower Services Windows OS Android Mobile Virtual MAC OS AMP for Endpoints can be launched from AnyConnect CentOS, Red Hat Linux for servers and datacenters CWS/CTA AMP on Cloud Web Security and Hosted Email

Deployment Options in Detail Private Deployment options AMP on ESA, WSA, ASA, CWS AMP for Networks (AMP on FirePOWER Network Appliance) AMP for Endpoints AMP Private Cloud Virtual Appliance Method License with ESA, WSA, CWS, or ASA customers Snap into your network Install lightweight connector on endpoints Deploy on-premises Virtual Appliance Ideal for New or existing Cisco CWS, Email/Web Security, ASA customers FirePOWER NGIPS customers Windows, Mac, Android, Linux, virtual machines; can also deploy from AnyConnect client High-Privacy Environments Details ESA/WSA: Prime visibility into email/web CWS: web and advanced malware protection in a clouddelivered service AMP capabilities on ASA with FirePOWER Services Wide visibility inside network Broad selection of featuresbefore, during, and after an attack Comprehensive threat protection and response Granular visibility and control Widest selection of AMP features Private Cloud option for those with high-privacy requirements Can deploy full air-gapped mode or cloud proxy mode For endpoints and networks Threat Grid Hybrid or on-premises integration On-premises integration in 1H 2016 Integrated into file analysis feature Integration coming in 1H 2016

If Something Gets in, Retrospective Security Helps You Find Answers to the Most Pressing Security Questions What happened? Where did the malware come from? Where has the malware been? What is it doing? How do we stop it? See AMP in Action! : https://www.youtube.com/watch?v=srqlhdxap5g

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback