Vajra Daily APT Cloud Scan

Similar documents
Vajra Cyber Threat Mitigation Service (Vajra CTMS)

Synchronized Security

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Seqrite Endpoint Security

Getting over Ransomware - Plan your Strategy for more Advanced Threats

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Automated Context and Incident Response

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

JPCERT/CC Incident Handling Report [January 1, March 31, 2018]

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Social Engineering (SE)

Imperva Incapsula Website Security

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

CipherPost Pro Enterprise Dedicated Cloud

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

IBM Security Network Protection Solutions

Built without compromise for users who want it all

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Cirius Secure Messaging Enterprise Dedicated Cloud

Building Resilience in a Digital Enterprise

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Symantec Ransomware Protection

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY

2018 Cyber Security Predictions

ECDL / ICDL IT Security. Syllabus Version 2.0

JPCERT/CC Incident Handling Report [October 1, 2015 December 31, 2015]

RiskSense Attack Surface Validation for Web Applications

Cloud Security & Advance Threat Protection. Cloud Security & Advance Threat Protection

SECURE USE OF IT Syllabus Version 2.0

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Security Solutions. Overview. Business Needs

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Endpoint Protection : Last line of defense?

The best for everyday PC users

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Cyber Security Audit & Roadmap Business Process and

Censornet. CensorNet Unified Security Service (USS) FREEDOM. VISIBILITY. PROTECTION. Lars Gotlieb Regional Manager DACH

with Advanced Protection

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

May the (IBM) X-Force Be With You

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Intelligent Protection

CloudSOC and Security.cloud for Microsoft Office 365

Ingram Micro Cyber Security Portfolio

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

Enterprise Security Solutions by Quick Heal. Seqrite.

From Managed Security Services to the next evolution of CyberSoc Services

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

TRUE SECURITY-AS-A-SERVICE

Quick Heal Mobile Device Management. Available on

Securing Today s Mobile Workforce

Quick Heal Total Security

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

10 FOCUS AREAS FOR BREACH PREVENTION

FAQ. Usually appear to be sent from official address

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

Kaspersky Internet Security - Top 10 Internet Security Software in With Best Antivirus, Firewall,

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Enterprise Security Solutions by Quick Heal. Seqrite.

Copyright

Trend Micro and IBM Security QRadar SIEM

RSA NetWitness Suite Respond in Minutes, Not Months

Stopping Advanced Persistent Threats In Cloud and DataCenters

A company built on security

How to Secure Your Cloud with...a Cloud?

The Data Breach: How to Stay Defensible Before, During & After the Incident

Curso: Ethical Hacking and Countermeasures

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Application Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks

Croatian National CERT ACDC project Darko Perhoc, Head of National CERT CISSP, CEH, CCNP Security R&S,CCDP

CLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

6 Ways Office 365 Keeps Your and Business Secure

Security by Default: Enabling Transformation Through Cyber Resilience

Qualys Cloud Platform

PRODUCT OVERVIEW. Extend your security intelligence from local network to global cyberspace

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Ethical Hacking and Prevention

RISING CYBER SECURITY CAPABILITY WITH A UNIQUE NETWORK OF TRUSTED PARTNERS. Jan De Blauwe Chairman Cyber Security Coalition Belgium

How WebSafe Can Protect Customers from Web-Based Attacks. Mark DiMinico Sr. Mgr., Systems Engineering Security

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

Simple and Powerful Security for PCI DSS

C1: Define Security Requirements

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

EARLY THREAT DETECTION USING TELEMETRY DATA

AT&T Endpoint Security

NIP6000 Next-Generation Intrusion Prevention System

Mobile Devices prioritize User Experience

Juniper Vendor Security Requirements

Proactive Approach to Cyber Security

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Transcription:

Vajra Daily APT Cloud Scan An Introduction Cyber Security & Privacy Foundation Pte Ltd Contact-director@cysecurity.co

The Problem Hacking Incidents Persistent global hacking incidents on US Govt & Fortune 100 firms. BFSI organization recently compromised and regulators have taken strict action Points of infiltration (APT): External web application /services/mobile application insecure SQL injection/xss/idor/file upload/broken authentication 0 day vulnerabilities on exposed services Default passwords on frameworks/application/devices Lateral movement through Pivoting - from exposed interfaces Existing Cyber Security Structure not able to address these infiltration points 2

The Solution Vajra Daily APT Cloud Scan Anti-fraud module extending to Anti Phishing, Anti-Malware and Anti Spam (APMS). Protect against Reputational, Financial & IP loss. Secure against Trojan Horses, Ransom Demands Web Security scanner scans for vulnerabilities on web portal/web services APMS Corporate Web Reputation & Security Scan (WRSS) Automated Vulnerability Assessment DF 24 Advanced intrusive model including external VA of network for protective and compliance requirements Defacement monitor for customer facing web portals. Includes Android mobile app/windows SOC desktop app (for quick alerts) 3

Deliverables Daily APMS report to customer Weekly AVA/WRSS report with Bugtrack report All critical/high vulnerabilities from automated WRSS/AVA and manual apt testing that need addressing are exported into Bugtrack in the portal Prioritize vulnerability and work with SOC/Vendor (network/ application level) to fix them Strive to ensure no exploitable vulnerability is present 4

Vajra Cloud Fact Sheet APMS Anti Phishing, Malware, Spamming Module (Anti Fraud Service) Non-intrusive monitoring - protection from Reputation, Financial & IP loss Exhaustive scan of global phishing andspamming databases to cross-check potential compromises of customer s domain/s Sandbox application to browse customer s site/sand check if iframe, malware, java driveby can be downloaded to infect the machines of the end users of a bank s website or an e-commerce portal Automated daily scan and report generation Phishing complaints reporting system Anti viruses check for web portal infections by crawling through all known paths DNS Hijack Detection via cross checking with 450 odd DNS servers from across the world Similarly named websites detection using a) Advanced heuristics algorithm (even a 5 % match generates alert) and b) Automated Electronic Eye, a recognition and comparison engine toscan screen shots AP 24 Uses phishing feeds on24/7 basis to detect logo spoofing; image processing engine incorporates machine learning; Use of feedsfrom certificate transparency logs (CTL) for comparison and monitoring of logo misuse WRSS Web Reputation and Security Scan Module Security Scan of Web portals Protect customers/clients, employees, suppliers, distributors Automated scan and report generation Advanced shell detector module to identifystealth shell-codes Web reputation scan is non-intrusive testing while security scan is intrusive testing AVA Automated Vulnerability Assessment for IP Address Identification, quantification, and prioritisation of vulnerabilities Security scans of external IP addresses Charts for easy human interpretations Delta reporting of vulnerabilities (calculates difference in vulnerability reports) Scanner finds vulnerabilities for CMS system False positive & Ignore list for each device/server/web portal Dedicated Monitoring partner with customer to fix vulnerabilities proactively Reports vetted by security researchers and cyber defense experts who are listed on Hall of Fame of firms such as Google, Microsoft, Apple andfacebook among others In built Cyber Defense Access Point (allows Cyber Defense experts to manually & securely insert access point) for cloud scanning of vulnerabilities DF24-Defacement monitor for customer facing web portals DF24 monitors key homepage(s) for defacement and instantly raises a flag upon detection of defacements Separate servers for monitoring defacements and scan of key homepage(s) every 2 hours. Should DF24 detect a home pagemodification, an instant alert is transmitted - Windows app for SOC, Android app for CISO and IT mgr Allows companies and organisations to detect defacements and take corrective measures before others such as the media and regulators discover it. DF24 uses technology of word match algorithm and source code analysis. Calculating unique signature for main pages of URL, any change beyond 20% is immediately sent for review. The mobile app runs in two modes (review/ciso mode). Reviewer gets first level alert, once defacement is confirmed, an escalation to CISO follows for immediate action. 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback