Outwit Cyber Criminals with Comprehensive Malware and Exploit Protection.

Similar documents
Simplify Your Network Security with All-In-One Unified Threat Management

Get Armoured Against Endpoint Attacks. Singtel Business. Managed Defense Endpoint Services Threat Detection and Response (ETDR)

3 Tips for Your Woes: Streamline. Simplify. Cloud.

Enhance Your Cyber Risk Awareness and Readiness. Singtel Business

Reaping the Full Benefits of a Hybrid Network

Singtel Managed Virtual Private Cloud powered by VMware. Fits Your Unique Business Needs Perfectly.

Safeguard Your Internet Presence with Sophisticated DDoS Mitigation.

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Conquer New Digital Frontiers with leading Public Cloud Platforms.

RSA INCIDENT RESPONSE SERVICES

Drive digital transformation with an enterprise-grade Managed Private Cloud

CloudSOC and Security.cloud for Microsoft Office 365

Strengthen hybrid cloud operations and controls with Liquid Sky. Singtel Business

RSA INCIDENT RESPONSE SERVICES

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

with Advanced Protection

Gear Up for Cyber Combat: Be Prepared For the Real Thing.

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Reducing the Cost of Incident Response

Toughen Your Security Posture: Cyber Consulting that Keeps You On Track.

THE ACCENTURE CYBER DEFENSE SOLUTION

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

SentinelOne Technical Brief

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

SentinelOne Technical Brief

RSA NetWitness Suite Respond in Minutes, Not Months

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Automating the Top 20 CIS Critical Security Controls

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Proactive Approach to Cyber Security

Are we breached? Deloitte's Cyber Threat Hunting

ForeScout ControlFabric TM Architecture

Transforming Security from Defense in Depth to Comprehensive Security Assurance

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

Agile Security Solutions

Protecting enterprises from potentially disastrous data loss.

Building Resilience in a Digital Enterprise

Un SOC avanzato per una efficace risposta al cybercrime

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

locuz.com SOC Services

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

SOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE

Ensuring business continuity with comprehensive and cost-effective disaster recovery service.

Symantec Ransomware Protection

FIREWALL BEST PRACTICES TO BLOCK

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Traditional Security Solutions Have Reached Their Limit

esendpoint Next-gen endpoint threat detection and response

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Application Whitelisting and Active Analysis Nick Levay, Chief Security Officer, Bit9

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

External Supplier Control Obligations. Cyber Security

Security by Default: Enabling Transformation Through Cyber Resilience

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Aligning Agency Cybersecurity Practices with the Cybersecurity Framework

Privileged Account Security: A Balanced Approach to Securing Unix Environments

SIEMLESS THREAT MANAGEMENT

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

CYBER RESILIENCE & INCIDENT RESPONSE

SECURITY SERVICES SECURITY

empow s Security Platform The SIEM that Gives SIEM a Good Name

Pieter Wigleven Windows Technical Specialist

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Top 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX

Security

The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

Imperva Incapsula Website Security

TRUE SECURITY-AS-A-SERVICE

Securing the Software-Defined Data Center

Carbon Black PCI Compliance Mapping Checklist

MODERN DESKTOP SECURITY

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

RSA ADVANCED SOC SERVICES

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Visibility: The Foundation of your Cybersecurity Infrastructure. Marlin McFate Federal CTO, Riverbed

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Transcription:

Singtel Business Product Brochure Managed Advanced Threat Prevention Outwit Cyber Criminals with Comprehensive Malware and Exploit Protection. As cyber criminals outwit businesses by employing ever-new techniques and multi-vectors to gain a foothold in one s network, legacy approaches no longer work. Our Managed Advanced Threat Prevention Service helps you unify threat detection and prevention for network and endpoint defence against today s new enemies.

Managed Advanced Threat Prevention Outwit Cyber Criminals with Comprehensive Malware and Exploit Protection Cyber criminals are as creative in their methods as they are relentless. They are more than a match for traditional network defences, which are too rigid and limited in the scope of their detection capabilities. What is needed is a new, proactive defence against modern cyber criminals: get inside their minds and anticipate their antics. One possibility concerns the scripted nature of all cyber attacks, which adhere to the progression of the Cyber Kill Chain: the breach of the perimeter; the delivery of the malware; and, the lateral transport of malware across the network as well as the exfiltration of targeted data. Stopping a cyber attack at any of these stages will cripple the attack. Hence, businesses can effectively protect their networks and endpoints through a multi-layered, complete threat protection approach, utilising threat preventing next-generation firewalls, cloud-based malware analysis, advanced endpoint protection and cloud-based threat intelligence. New Ways to Prevent a Perimeter Breach A threat prevention next-generation firewall defends a network from known threats by inspecting all traffic for commonly exploited file types and high-risk applications. By enforcing strict security policies, the lateral movement of malware within one s network can be prevented. Furthermore, ongoing monitoring and traffic inspection helps to block outbound command-and-control communications and prevents any data exfiltration. Real-time cloud-based malware analysis protects a network from unknown threats by investigating unknown files or traffic patterns. Network security is thus guaranteed by automatically identifying unknown threats and turning them into known ones through the issuance of new signatures. Rich forensics and threat intelligence collates attack data and patterns, and then correlates the data with analysis and past trends to increase the risk posture of the network, improving protection against future threats. Preventing Attacks at Every Stage of the Kill Chain Breach the perimeter Deliver the malware Lateral movement Exfiltrate data Next-Generation Firewall Visibility into all traffic, including SSL Enable business-critical applications Block high-risk applications Block commonly exploited file types Threat Prevention Block known exploits, malware and inbound command-and-control communications URL Filtering Prevent use of social engineering Block known malicious URLs and IP addresses Advanced Endpoint Protection /Cloud Based Malware Analysis Block known and unknown vulnerability exploits Block known and unknown malware Provide detailed forensics on attacks Next-Generation Firewall Establish secure zones with strictly enforced access control Provide ongoing monitoring and inspection of all traffic between zones Cloud Based Malware Analysis Detecting unknown threats pervasively throughout the network Threat Prevention Block outbound command-and-control communications Block file and data pattern uploads DNS monitoring and sinkholing URL Filtering Block outbound communication to known malicious URLs and IP addresses Cloud Based Malware Analysis Send specific incoming files and email links from the internet to public or private cloud for inspection Detect unknown threats Automatically deliver protections globally

Preventing Attacks at Every Stage of the Kill Chain (continued) Hacker delivers malware into victims endpoints Targeted data is exfiltrated from the server The malware moves laterally within the network New Ways to Prevent an Endpoint Exploit Protect against both known and unknown threats by injecting traps via advanced endpoint protection, allowing for the inspection of all processes/files and blocking of core techniques before any malicious activity can be initiated Integrate with cloud-based threat intelligence to collect forensic data, which triggers alerts to security operations centres and correlates intelligence for sharing across security services Exploit Prevention - User Experience When an exploitation attempt is made, the exploit hits a trap and fails before any malicious activity can be initiated. Advanced Endpoint Protection Forensic data is collected Process is terminated User/admin is notified Infected document is opened by unsuspecting user Advanced Endpoint Protection seamlessly injects traps into processes Exploit technique is attempted and blocked by the traps before any malicious activity is initiated The traps report the event and collect detailed forensics Time to Close the Security Gap Cyber crimes are still widespread due to continued reliance on legacy approaches. It is time to close the security gap with these new approaches that: Prevent all known and unknown malware and zero-day exploits Are scalable and lightweight for deployment across all endpoints Offer closed-loop prevention and forensics to quickly share intelligence on new threats and report on potential infections Seamlessly protect network, endpoints and the cloud with unified detection, prevention and security policy for all users and devices.

Managed Advanced Threat Prevention (ATP) Service Our Managed Advanced Threat Prevention (ATP) Service offers unified advanced threat detection and prevention for network and endpoint defence. It provides comprehensive exploit, malware, and command and control protection for your networks to prevent attacks at every stage of the cyber kill-chain. Managed ATP Service, delivered via our Managed Security Services (MSS), offers multi-layered threat protection to stop advancing threats at every opportunity via four service offerings: 1. Threat Prevention Next-Generation Firewall 2. Advanced Endpoint Protection 3. Cloud-Based Malware Analysis 4. Cloud-Based Threat intelligence Service Offerings 1. Threat Prevention Next-Generation Firewall Our Threat Prevention Next-Generation Firewall performs a full-stack, single-pass inspection of all traffic across all ports regardless of applications, threats and content. By taking an application-centric approach to inspect and classify all traffic, it helps to secure your network perimeter, while enabling full visibility and control over your business networks with policies that secure access to all applications located on them. Features Intrusion Prevention System (IPS): One-pass inspection, identification and mapping of applications and users to protect against known/unknown network and application-borne threats. Anti-virus and anti-malware: Identifies and blocks malware variants and threats hidden in encrypted files and web traffic. Command and Control (CnC) Protection: Blocks outbound requests to malicious domains/unknown CnC toolkits from infected devices. Prevents requests from leaving network to block possible exfiltration of data. Compiles reports on network hosts that are making these requests. Content and URL filtering: Blocks access to undesirable websites via customisable URL filtering engine to enable granular web-browsing policies, whitelisting, blacklisting, custom categories, database customisation and more; while facilitating SSL decryption policies. Benefits Ensures high throughput and eliminate redundant processes with a full-stack, single-pass inspection of all traffic (applications, threats, content) across all ports, protocol, evasive tactics, or SSL encryption. Reduces network threat while allowing security-controlled access to applications via an application-focused approach. Enables tight security policies focused on applications, users and content. Enables fine-grained visibility and policy control over application access and functionality, with access to a complete context of applications, user identities and devices. Global protect virtual private network (VPN): Enables IPsec compliant site-to-site and certificate-based remote user VPN for secure, encrypted access to corporate systems and remote offices. Sandboxing: Integrates with cloud-based malware analysis platform for real-time protection from unknown threats.

2. Advanced Endpoint Protection Out of the thousands of new vulnerabilities and millions of malware introduced each year, only 2 to 4 typically employ entirely new techniques. Several may devise new malware sub-techniques, but only as a minor permutation of the core techniques. 2 Our Advanced Endpoint Protection focuses on 24 core techniques that are commonly used to protect endpoints against all exploits and malicious executables without prior knowledge of threats and before any malicious activity can initiate. When a user tries to open an exploit document or executable, traps are injected into processes to scan for any core techniques. Once identified, the processes in question are automatically blocked before any malicious activity can be initiated. In effect, the prevention of one technique blocks the entire attack. Features Scalable and lightweight: Highly scalable, lightweight, and seamless, while offering minimal to no disruption. Policy-based restrictions: Sets up security policies to restrict specific execution scenarios (e.g. prevent execution of certain file types from USB devices). Advanced execution control: Enables granular control of global policies, applications, etc. Malware techniques mitigation: Implements technique-based mitigations to prevent attacks using certain techniques like thread injection. Benefits Prevents all exploits including zero-day vulnerabilities. Prevents all malicious executables without requiring prior knowledge. Reduces surface area of attack with granular control of global policies, applications, etc. Proactively defends other unprotected endpoints against possible attacks with detailed forensics against prevented attacks. Forensics capabilities: Gathers detailed forensic information after an attack is blocked. Logs information with Endpoint Security Manager. Sandboxing: Integrates with cloud-based malware analysis platform for real-time protection from unknown threats. Close integration with security policies: Integrates closely with network and cloud security.

3. Cloud-Based Malware Analysis Our Cloud-Based Malware Analysis offers revolutionary, real-time detection and protection against advanced, unknown threats. With granular malware detection across all protocols, it turns unknown threats into known, preventable incidents by automatically creating protection against new threats within 5 minutes. Detailed forensic information is also collected to prioritise remedial action. Features Malware analysis: Real-time granular inspection and analysis of malware across more than 250 malicious indicators (e.g. host changes, outbound traffic, attempts to bypass analysis, etc.) Automatic creation of new signatures: Creates protection against new threats by making them available across all globally, connected networks within 5 minutes. Virtual malware verification in sandbox: Executes suspected malicious file in a virtual environment to determine if malicious or benign. Dynamic whitelisting: Dynamically whitelists non-malicious URLs without manual intervention or maintenance. Correlated forensics: Provides intelligence to easily investigate suspected infections. Benefits Offers comprehensive protection against unknown threats by turning unknown threats into known, preventable incursions within 5 minutes. Shortens time between detection and mitigation with automatic protection against new threats. Reduces costs with automatic protection without having to implement and manage separate devices for various security protection (e.g. web, email, etc.) Ensures enterprise-wide protection with easy scaling of malware detection and protection via unique cloud-based architecture with no configuration required. Hastens investigations with correlated forensics, and enables easy prioritisation and execution of security actions. 4. Cloud-Based Threat Intelligence Our Cloud-Based Threat Intelligence provides actionable threat intelligence that highlights unique, targeted attacks to accelerate threat analysis and prioritise remediation action. Using powerful analytics, comprehensive information on the actor and his attack techniques are provided to expedite a timely response to the incursion. In addition, with intelligence gathered from our cloud-based malware analysis platform, together with third-party global intelligence feeds from both closed and open source intelligence, we can help you proactively prevent and respond to possible threats before a breach occurs. Features Statistical analysis engine: Offers artefact-level statistical analysis to correlate billions of artefacts across a global data set of indicators of compromise (IOCs). Applies unique weighting system to identify critical IOCs. Actionable intelligence: Provides actionable intelligence and context around attacks, adversaries and campaigns, including targeted industries. Enables export of high-value IOCs into security devices to block malicious URLs, domains or IP addresses instantly. Priority alerts: Triggers prioritised security alerts to distinguish most critical threats based on IOCs. Security controls: Allows only authorised access to confidential security information with strict privacy and security controls. Benefits Increases threat understanding with contextual-based visibility into threats targeted at industry or global context to speed up decisive action to prevent future attacks. Speeds up mitigation action with powerful analysis and correlation of threat intelligence to extract actionable intelligence for prioritised actions and alerts, without requiring additional specialised resources. Ensures continuous protection against latest advanced threats by leveraging global threat intelligence. Empowers entire IT security teams to become advanced threat hunters instead of relying on specific groups of highly-organised security operations professionals.

Why Singtel Comprehensive prevention against both known and unknown threats Comprehensive exploit, malware, command and control protection for your network and endpoints, backed by real-time, cloud-based malware analysis and cyber intelligence. 24x7x365 Singtel global managed security services (MSS), powered by Trustwave Gain peace of mind with 24x7x365 security monitoring via our global network of federated Security Operation Centres (SOC), managed by the ITIL best practices-certified SOC team. Incident and monthly reporting Proactive monitoring and management of service platforms via SOC portal to maximise service availability Monthly threat intelligence reporting Leverage global threat intelligence platforms to deliver actionable intelligence. Regional coverage and deployment Streamline security delivery with regional coverage and deployment, backed by in-country operations in 42 cities across 22 countries. World-class data centres Benefit from one of the most extensive points of presence in the Asia Pacific with our network of data centres, which provide 24x7 facilities management, direct interconnectivity access, and a range of Information Communication Technology (ICT) Managed Services. Footnotes: 1. http://cyber.lockheedmartin.com/solutions/cyber-kill-chain 2. https://www.paloaltonetworks.com/content/dam/pan/en_us/assets/pdf/white-papers/traps-pci-compliance.pdf

About Singtel Singtel is Asia's leading communications group providing a portfolio of services including voice and data solutions over fixed, wireless and Internet platforms as well as infocomm technology and pay TV. The Group has presence in Asia, Australia and Africa with over 600 million mobile customers in 25 countries, including Bangladesh, India, Indonesia, the Philippines and Thailand. It also has a vast network of offices throughout Asia Pacific, Europe and the United States Awards NetworkWorld Asia Info Mgmt Awards Security-as-a-Service (2012-2016) NetworkWorld Asia Readers Choice Awards Managed Infrastructure Services (2012 2015) Managed Security Services (2014-2015) Telco Cloud Forum Awards 2016 Telco Cloud of the Year World Communication Awards 2015 Best Enterprise Service Managed Hybrid Network NetworkWorld Asia Info Mgmt Awards Disaster Recovery & Business Continuity (2014-2016) For more information www.singtel.com/security g-security@singtel.com July 2016 Copyright 2016 Singapore Telecommunications Ltd (CRN:199201624D). All rights reserved. All other trademarks mentioned in this document are the property of their respective owners.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback