Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Similar documents
INVISIBLE END-TO-END WEB SECURITY

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Online (in)security: The current threat landscape Nikolaos Tsalis

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.

Symantec Ransomware Protection

IBM Security Network Protection Solutions

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

PCI DSS Compliance. White Paper Parallels Remote Application Server

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

A Taxonomy and a Knowledge Portal for Cybersecurity

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Quick Heal Total Security

Securing Information Systems

e-commerce Study Guide Test 2. Security Chapter 10

Chapter 12. Information Security Management

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

AT&T Endpoint Security

IBM SmartCloud Notes Security

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

The Interactive Guide to Protecting Your Election Website

Deliver Strong Mobile App Security and the Ultimate User Experience

Web insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.

Gujarat Forensic Sciences University

Future-ready security for small and mid-size enterprises

ANATOMY OF AN ATTACK!

The security of Mozilla Firefox s Extensions. Kristjan Krips

Unique Phishing Attacks (2008 vs in thousands)

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Simple and Powerful Security for PCI DSS

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

RSA Web Threat Detection

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Ethical Hacking and Prevention

DenyAll Protect. accelerating. Web Application & Services Firewalls. your applications. DenyAll Protect

MRG Effitas Online Banking Browser Security Assessment Project Q Q1 2014

Secure Web Appliance. SSL Intercept

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Building Resilience in a Digital Enterprise

Securing the SMB Cloud Generation

How WebSafe Can Protect Customers from Web-Based Attacks. Mark DiMinico Sr. Mgr., Systems Engineering Security

All-in one security for large and medium-sized businesses.

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

2016 Tri-State CF Partnership Webinar Series. Cyber Crime Trends a State of the Union April 7, 2016

Quick Heal AntiVirus Pro Advanced. Protects your computer from viruses, malware, and Internet threats.

Security Gap Analysis: Aggregrated Results

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

SonicOS Enhanced Release Notes

How to build a multi-layer Security Architecture to detect and remediate threats in real time

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Défense In-Depth Security. Samson Oduor - Internet Solutions Kenya Watson Kamanga - Seacom

Copyright

DreamFactory Security Guide

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Brocade Virtual Traffic Manager and Parallels Remote Application Server

ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Training UNIFIED SECURITY. Signature based packet analysis

Web Application Penetration Testing

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Corrigendum 3. Tender Number: 10/ dated

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

INFORMATION SUPPLEMENT. Use of SSL/Early TLS for POS POI Terminal Connections. Date: June 2018 Author: PCI Security Standards Council

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Security+ SY0-501 Study Guide Table of Contents

COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE

Introduction. The Safe-T Solution

PLATO Learning Environment (v2.0) System and Configuration Requirements

Palo Alto Networks PAN-OS

The Top 6 WAF Essentials to Achieve Application Security Efficacy

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Copyright Huawei Technologies Co., Ltd All rights reserved. Trademark Notice General Disclaimer

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

What is Zemana AntiLogger?

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Gladiator Incident Alert

INSIDE. Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server. Enhanced virus protection for Web and SMTP traffic

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Solutions Business Manager Web Application Security Assessment

Certified Ethical Hacker (CEH)

Transport Layer Security

Endpoint Protection : Last line of defense?

Application and Data Security with F5 BIG-IP ASM and Oracle Database Firewall

for businesses with more than 25 seats

Personal Cybersecurity

epldt Web Builder Security March 2017

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

THE KERNEL. Our in-house professional team is highly skilled in delivering cutting-edge solutions to our clients.

Information Technology Enhancing Productivity and Securing Against Cyber Attacks

Rethinking Security: The Need For A Security Delivery Platform

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Transcription:

Author: Tonny Rabjerg Version: 20150730 Company Presentation WSF 4.0 WSF 4.0

Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the global economy from cybercrime is more than $445 billion, including both the gains to criminals and the costs to companies for recovery and defense. A conservative estimate would be $375 billion in losses, while the maximum could be as much as $575 billion. Source: Intel Security Losses: Estimating the Global Cost of Cybercrime Economic impact of cybercrime II Center for Strategic and International Studies June 2014

Cybercrime Online and mobile customers surpass physical operations Customers accesses banks, financial institutes and official sites during work hours and on company devices Companies access internal applications using public networks 20.000 new malwares DAILY 70-80% of all devices infected today 40% of all users attacked Increased focus on online security and cybercrime prevention * Intel Security, Center for Strategic and International Studies: Losses: Estimating the Global Cost of Cybercrime Economic impact of cybercrime II

Benefits Investments Security 14% of total IT costs Expected increase 9% per year Prioritization between Commercial Project & Security Project Cost Assessment = Likelihood * Risk Financial Theft Financial Impact Deployment &Maintenance Delayed Implementation of Online Strategy Forensic Analysis Investigation Reputation, Image & Negative Press Compliance EU Data Protection 2015 Validity of Presented Data $$ $$$ $$$ $$ $$$ $$ $

The Market

Cybercrime Multi Stage Web Application Firewall Virus Scanning Profiling Web Session Protection Cyber Security Authentication Source: FBI IC3 Forensic Analysis Firewall Multiple solutions Increased security

Cybercrime Multi Stage Firewall / WAF Protects against known illegal intrusion and hackers Protect against DoS/DDoS and intruders Virus Scan Protects against installed malware Profiling Predictive modelling to investigate abnormal customer patterns and behavior Authentication Web Session & Browser Forensic Analysis Validation of user identification Protection of web sessions and browser traffic Protection of data and browser manipulation Creation of forensic reports Analysis of Cybercrime methods and impact Analysis of potential threats and security situation

WSF Market Analysis No single vendor or product provides 100% security WSF a unique and unmatched solution Extensive market research required Vendors provide similar type of security, Firewall, Virus Scanning and Authentication Vendors advertise support for mobile devices and Web Session, though not WSF protection WSF protects Desktops, Tablets, Mobile Browsers and Web View applications

The Company

CodeSealer ApS International privately held company with HQ in Copenhagen, Denmark Two main investors SEED Capital Vækstfonden Two products WSF Bootloader Patented technology Efficient and Professional Organization

WSF Increases Security Protecting your Customers Customer Data Bank & Insurance Passwords Financial Data Account Information Online Betting Public Institutions Credit Card & Payment Details WSF Protecting You Corporate data Corporate Institutions Online Shops Casino & Gaming

The Customers Denmark Bootloader in production, September 2014 Country wide solution across All banks All public institutions Multiple corporate institutions Norway Bootloader in production, September 2014 Country wide solution across All banks All public institutions Multiple corporate institutions

The Product

WSF Customer Oriented Protecting the Customer Web Session & Browser Protection (Man-in-the- Browser/Middle) Customer Invisible No Customer Installation 100% Customer coverage Protects Desktop, Tablets, Mobile Browsers and Web View applications Introduction to WSF Protects infected devices Protects against unknown malware

WSF Key Features Secure Sessions Web Page Protection Customization Built in Bootloader Session authentication and session keys Additional encryption Dynamic obfuscation Web page encapsulation, monitoring and control Detection of malicious and illegal changes Hidden application code Encrypted URL s Customized feature handling Selected web pages and/or domains Customized malicious request handling Forensic reports

The Solution

WSF INVISIBLE END-TO-END SECURITY Operating System Browser Client - HTML - JavaScript - DOM - Plugins SSL Termination Network SSL Encrypted DMZ / Firewall SSL Encryption WSF Protection HTTPS Gateway WSF Server Application Servers Sessions protected by dynamic obfuscation, additional encryption and session keys Hidden application code and URL s Browser and session protected by monitoring and integrity checks Forensic reports and attack handling

The future is WSF Current solutions protect traffic via HTTPS HTTPS protects between HTTPS gateway and customers device Traffic and data between HTTPS/SSL termination and browser unprotected Solution vulnerable for attack at SSL/HTTPS termination Operating System Browser Client - HTML - JavaScript - DOM - Plugins SSL Termination Network SSL Encrypted DMZ / Firewall SSL Encryption HTTPS Gateway Application Servers

WSF Session Handling Easy deployment Session Protected Dynamic Obfuscation WSF Authentication Additional Encryption WSF Session Keys Protection One step Beyond SSL Protection of session and application data with WSF

WSF Web Client All traffic via WSF Server Easy deployment Transparent for existing applications Web Page Monitoring & Control WSF Client Server Integrity Check WSF Client Server Keys Detection of Malicious Requests and Attacks Protection against addition of false button to redirect customer to a false page

WSF Malicious Attacks Injects / plugin Installed at HTTPS Termination WSF Monitoring and Integrity Check identify attack Malicious requests are rejected* Client attack includes Forensic Report Protection against field overall and field injection attacks *Configurable

WSF Technical Setup Technical Setup WSF includes integrated WSF Client & WSF Server WSF Server Go WSF Client JavaScript WSF supports major server platforms WSF deployed on existing server infrastructure WSF installed behind customers firewall and load balancer WSF transparent for application, installed as proxy Protects commonly used browsers and supporting all others Performance: Initial request <1 Sec Subsequent, cached data MSEC Maximum payload: 5.000 Requests per Second

PROTECTING THE CUSTOMER NO CUSTOMER INSTALLATION CUSTOMER INVISIBLE WEB SESSION & BROWSER PROTECTION (MAN-IN-THE- BROWSER/MIDDLE) 100% CUSTOMER COVERAGE PROTECTS DESKTOP, TABLETS, MOBILE BROWSERS AND WEB VIEW APPLICATIONS PROTECTS INFECTED DEVICES PROTECTS AGAINST UNKNOWN MALWARE

Video & Product Description: (requires internet connection) Demo Video Teaser Video 8 minutes video explaining the unique features of WSF and demonstrating live the added security 4 minutes video explaining the unique features of WSF Product Sheet A one page Product Sheet outlining the unique features of WSF A detailed description of how the cyber crime changes the threat and how the White Paper unique features of WSF can enhance your security significantly

Technical presentation available after this slide.

Technical Specifications

Architecture Operating System Attack Examples - Virus - Trojan - Phishing - Root/Boot kit Protection - Antivirus identifying and cleaning for known viruses - Firewall Browser Client - HTML - JavaScript - DOM - Plugins - Man-in-the- Browser - Injects - Phishing - Overlay - Form - Firewall - WSF monitoring & Integrity check identifying for any kind of manipulation SSL Termination - Man-in-the- Middle after decryption - Manipulation of data - Session hijacking - Session injects - WAF protecting against known attacks Network SSL Encrypted SSL Encryption WSF Protection DMZ / Firewall DoS/DDoS HTTPS Gateway DoS/DDoS WSF Server DoS/DDoS - SSL Encryption - WAF protecting against known attacks and virus - WSF Client / Server Integrity check Application Servers DoS/DDoS - Antivirus identifying and cleaning for known viruses WSF Bootloader - Dynamic obfuscation, additional encryption and session keys Hidden application code and URL s WSF Client WSF Server Integrity Check

WSF Client WSF Server Technical Specification WSF 4.0 Server An advanced, secure HTTP Proxy Built In Bootloader Secure JavaScript payload delivery system, hiding and protecting the application Dynamic obfuscation, with scripts replaced with new, uniquely obfuscated variants every 5 minutes Dynamic Keys Proprietary encryption protocols Diffie-Hellman key negotiation 128-bit key strength Rabbit as stream cipher, Badger as message authentication code No useful attacks known Decrypted in JavaScript, one step further than SSL/TLS (HTTPS) Bootloader Establishment of a Secure Session Front Page Request Boot Script Request Key Exchange Request WSF Kernel Code Request HTML script tag referring to Boot Script Dynamic Obfuscated Code Unique Key Generator Negotiate Encryption & Authentication Keys Authenticate, Decrypt and Execute WSF Kernel Code

WSF Client WSF Server Technical Specification WSF 4.0 Client JavaScript Secure and proprietary communication protocol Web page running in protected in Sandbox WSF Client HTML Request Establishment of Sandbox DOM tree validation Cookies protected in Sandbox DOM tree validation for detection of unauthorized page manipulation Checks 4 times per second Forensic Report generation Transmitted instantly or on next server communication event Encrypted Page Request Decrypt & Authenticate Page Response Decrypt & Authenticate Page Request Page Response from Web Server Encrypted Page Response Execute Page in Sandbox

WSF Client WSF Server Technical Specification WSF 4.0 Supported Operating systems Linux (Debian or Red Hat based), kernel version 2.6+ Solaris 10/11+ Windows Server 2008+ Hardware At least 8GB of unused RAM At least 4 cores Supported web standards HTML 4 and above CSS 1 and above ECMAScript 3 and above Performance WSF Potential Attack Handling Detection of Illegal Action (DOM Manipulation) Create Forensic Report Encrypted Forensic Report Verify Defined Attack Action Disconnect Established Session Re-direct to a new Unsecured Session Initial request: < 1 second Later requests: < 0.5 seconds Max load: 5.000 Requests per second

Technical Specification WSF 4.0 Devices Supported browsers* Desktop Google Chrome Mozilla Firefox Safari 5+ Internet Explorer 9+ Opera Mobile (ios, Android, WP, Blackberry) Google Chrome Mozilla Firefox Safari IE for Windows Phone 7+ Opera Dolphin Any device with a supported browser, regardless of form factor, will work. * All other browsers can operate unsecured if configured by the customer

WSF 4.0 Technical Setup WSF Server installed behind Firewall and Load Balancer, in front of Web Server Installation on same or separate hardware, based on customer infrastructure WSF encrypt data on internal and external network Recommended that SSL/HTTPS is installed on external network Sticky Sessions required

WSF 4.0 Installed behind Firewall & Load Balancer (Standard Preferred Setup) HTTP(S) traffic to/from WSF 4.0 Server Load Balancer WSF 4.0* / Web Server SSL/HTTPS Encryption/Decryption WSF 3.0 Encryption/Decryption * It is recommended to have one WSF 4.0 Server per Web Server

WSF 4.0 Installed behind Firewall & Load Balancer. WSF 4.0 on dedicated HW Server, SSL Encrypted Monitoring / Analytics HW Server HW Server Load Balancer HW Server HW Server Web Server WSF 4.0* WAF WEB SERVER SSL/HTTPS Encryption/Decryption WSF 4.0 / SSL/HTTPS Encryption/Decryption * One or more WSF 4.0 Servers. 1:1 relation between WSF 4.0 and Web Server

WSF 4.0 Installed behind Firewall & Load Balancer. WSF 4.0 on shared HW Server, SSL Encrypted Monitoring / Analytics HW Server 1 SSL & WSF Encrypted WSF 1 WEB 1 Load Balancer & Network Switch SSL Encrypted WSF 2 WEB 2 WAF HW Server 2 Monitoring / Analytics WSF 3 WEB 3 WSF 4 WEB 4 WSF 4.0 / SSL/HTTPS Encryption/Decryption * One or more WSF 4.0 Servers. 1:1 relation between WSF 4.0 and Web Server Traffic from Network Switch to WSF 4.0 SSL/HTTPS & WSF Encryption WSF 1 connected to WEB 3 WSF 2 connected to WEB 4 WSF 3 connected to WEB 1 WSF 4 connected to WEB 2 Traffic sent from HW 1 to HW 2 vv., using IP and Network Switch Traffic between HW Servers protected by SSL/HTTPS WAF and Monitoring sniffing on SSL/HTTPS between HW Servers

Technical presentation available after this slide.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback