Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Similar documents
Securing the Modern Data Center with Trend Micro Deep Security

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Seamless Security in the Age of Cloud Services: Securing SaaS Applications & Cloud Workloads

Maximum Security with Minimum Impact : Going Beyond Next Gen

Best Practices in Securing a Multicloud World

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

A Simple Guide to Understanding EDR

Stopping Advanced Persistent Threats In Cloud and DataCenters

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

BUILT TO STOP BREACHES. Cloud-Delivered Endpoint Protection

Symantec Ransomware Protection

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

10 FOCUS AREAS FOR BREACH PREVENTION

PT Unified Application Security Enforcement. ptsecurity.com

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Securing Your Cloud Introduction Presentation

HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE

From Managed Security Services to the next evolution of CyberSoc Services

Copyright 2011 Trend Micro Inc.

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Automated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend

Securing the SMB Cloud Generation

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

SYMANTEC DATA CENTER SECURITY

TREND MICRO SMART PROTECTION SUITES

Why the cloud matters?

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

MODERN DESKTOP SECURITY

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Popular SIEM vs aisiem

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

Threat Landscape vs Threat Management. Thomas Ludvik Næss Country Manager

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Symantec Endpoint Protection Family Feature Comparison

Put an end to cyberthreats

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Cybersecurity Roadmap: Global Healthcare Security Architecture

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

TREND MICRO SMART PROTECTION SUITES

Windows Server The operating system

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

Server Protection Buyers Guide

Managed Endpoint Defense

The threat landscape is constantly

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Threat Centric Vulnerability Management

RSA NetWitness Suite Respond in Minutes, Not Months

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

The Evolution of : Continuous Advanced Threat Protection

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

INFINIT Y TOTAL PROTECTION

Gujarat Forensic Sciences University

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

CSP 2017 Network Virtualisation and Security Scott McKinnon

The Top 6 WAF Essentials to Achieve Application Security Efficacy

The Evolution of Data Center Security, Risk and Compliance

Managing Microsoft 365 Identity and Access

ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE

Checklist for Evaluating Deception Platforms

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Proofpoint, Inc.

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

A Risk Management Platform

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

Cisco Firepower NGFW. Anticipate, block, and respond to threats

External Supplier Control Obligations. Cyber Security

100% Endpoint Protection dank Machine Learning, EDR & Deception?

Datacenter Security: Protection Beyond OS LifeCycle

McAfee Public Cloud Server Security Suite

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Symantec Security Monitoring Services

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

CLOUD WORKLOAD SECURITY

Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection

Cisco Ransomware Defense The Ransomware Threat Is Real

Commercial Product Matrix

Moving Beyond Prevention: Proactive Security with Integrity Monitoring

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Microsoft Security Management

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Servers, Servers, Everywhere

Deploy Symantec Cloud Workload Protection for Storage

Building Resilience in a Digital Enterprise

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Security by Default: Enabling Transformation Through Cyber Resilience

ANATOMY OF AN ATTACK!

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Seqrite Endpoint Security

Incident Response Agility: Leverage the Past and Present into the Future

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

Enterprise & Cloud Security

BETTER Mobile Threat Defense (BMTD)

HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL

Transcription:

Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab

Modern Challenges

By 2020, 60% of Digital Businesses will suffer Major Service Failures due to the inability of IT Security Teams to manage Digital Risk! ~ Gartner http://www.gartner.com/newsroom/id/3337617

Lack of Security Talent 86% of respondents believe there is a shortage of skilled cybersecurity professionals 0% unemployment rate for cybersecurity professionals (Source: Information Systems Audit and Control Association - ISACA)

146 days before detecting Targeted Attacks 53% of attacks discovered externally

Source: Live proof of concepts 263 organizations, 2016 90% 65% 80% Had zero-day or Had active Had network Command and Control unknown attacks in their or malware exploits networks

60% 90% of malware only affects Only 60 seconds of to malicious encrypt domains endpoints are alive with for one less ransomware device than hour Sources: Trend Research, Verizon Data Breach Report, 2016

Data Center Challenges

Infrastructure Modernization Containers 1011 0100 0010 Serverless Public Cloud AWS Lambda Azure Functions Physical Servers Virtual Servers Virtual Desktops

Increasingly, organizations are asking what can t go to the cloud, rather than what can Source: Gartner Blog Network. The end of the beginning of cloud computing by Lydia Leong

Performance Protection Simplified management against without advanced compromising and operational threats across security across environments efficiency, legacy especially and with modern ability in light to architectures of audit skills shortage

Timely Patch Management Wishful Thinking Test Completed Time Patch Available (if in support) Begin Deployment Vulnerability disclosed or exploit available

Ransomware in the Modern Data Center Attacks typically focus on users, but spread to servers through file shares Some new attacks (WannaCry) are focusing on unpatched and vulnerable servers!

Data Center Security Approach

#1 - Focus on Time to Detect

Block and Prevent Detect and Respond

Gartner s Adaptive Security Architecture Policy Predict Risk-prioritized exposure assessment Adjust posture Implement posture Harden systems Prevent Anticipate threats/attacks Baseline systems and security posture Remediate Design/model policy change Adjust posture Continuous visibility and assessment Users Systems System activity Payload Network Monitor posture Isolate systems Prevent attacks Detect incidents Confirm and prioritize risk Respond Investigate incidents/ retrospective analysis Contain incidents Detect Compliance

#2 Machine Learning and AI

Artificial Intelligence Deep Learning Neural Networks Machine Learning SUPERVISED LEARNING Nearest Neighbor Decision Trees Support Vector Machine (SVM) and more Clustering UN-SUPERVISED LEARNING and more Perception: Vision, object tracking and more Language: NLP, Translation

ML tricked to recognize photos as an ostrich Researchers tuned the input images to maximize the prediction error and called these adversarial examples. Exactly what malware authors are going to do. doing. Source: Intriguing properties of Neural Networks, Szegedy et al., Feb 2014, https://arxiv.org/pdf/1312.6199.pdf

#3 - Servers are Not Endpoints

Application-Specific: WAF, DDOS Less Critical AV Deception Vulnerability Shielding Optional server protection strategies Advanced behavioral Detection and response IAAS data at rest Encryption Exploit Prevention/Memory Protection Application controls/whitelisting Integrity Monitoring/Management Core server protection strategies Network Segmentation and Traffic Visibility Foundational No Arbitrary Code No Email, Web Client Configuration and Vulnerability Management Operations Hygiene Admin privilege Management Change Management Log Management Gartner Cloud Workload Security Source: Gartner (March 2016)

#4 - Intelligence Sharing Across Security Controls

Your Security is as strong as your Vendor s Threat Intelligence

#5 Centralized Visibility and Control

Mining of Security Data Lots of information but no correlation!

Minimum Best Practices

Key Best Practices

Trend Micro Approach

Defend Against Network & App Threats Sandbox Analysis Intrusion Prevention Application Control Machine Learning Integrity Monitoring Behavioral Analysis Log Inspection Anti-Malware & Content Filtering

LEGEND The Good, The Bad and The Unknown Known Good Known Bad Unknown Anti-Malware & Web Reputation Intrusion Prevention (IPS) & Firewall Integrity Monitoring & Log Inspection Application Control MUST Machine Learning Behavioral Analysis Safe files & actions allowed Custom Sandbox Analysis Malicious files & actions blocked

Reduce Operational Impacts Reduce operational costs of emergency & ongoing patching Protect systems where no patches will be provided Secure server and application-level vulnerabilities Virtual patch available Time Patch Available (if in support) Continuous protection Test Begin Deployment Completed WannaCry ransomware protection delivered in March, 2017, with enhancements at public disclosure (May 2017) Vulnerability disclosed or exploit available

Stop Ransomware Use layered security to: Stop ransomware on servers with advanced malware prevention that includes behavioral monitoring Lock down Windows & Linux servers with application control Shield from network attacks with IPS, including the protection of network file shares (over SMB) Stop lateral movement and detect command & control (C&C) traffic File Servers C&C Communication Other Servers

We are the BEST!!! Leader for 14 straight years!

The MARKET LEADER in server security for 7 straight years Other Intel 30% Symantec Source: IDC, Securing the Server Compute Evolution: Hybrid Cloud Has Transformed the Datacenter, January 2017 #US41867116

Thank you MUHAMMAD WAJAHAT RAJAB, PRE-SALES CONSULTANT TREND MICRO, PAKISTAN & AFGHANISTAN

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback