Soumettre la recherche
Mettre en ligne
Advanced Threat Protection - Sandboxing 101
•
Télécharger en tant que PPTX, PDF
•
2 j'aime
•
3,187 vues
Blue Coat
Suivre
Advanced Threat Protection Solution Lifecycle Defense
Lire moins
Lire la suite
Technologie
Signaler
Partager
Signaler
Partager
1 sur 8
Télécharger maintenant
Recommandé
CAS MAA Infographic
CAS MAA Infographic
Blue Coat
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
Blue Coat
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
Blue Coat
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
Blue Coat
Advanced Threat Protection
Advanced Threat Protection
Lan & Wan Solutions
SonicWALL Advanced Features
SonicWALL Advanced Features
David Perkins
Preventing Today's Malware
Preventing Today's Malware
David Perkins
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your Favor
David Perkins
Recommandé
CAS MAA Infographic
CAS MAA Infographic
Blue Coat
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
Blue Coat
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
Blue Coat
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
Blue Coat
Advanced Threat Protection
Advanced Threat Protection
Lan & Wan Solutions
SonicWALL Advanced Features
SonicWALL Advanced Features
David Perkins
Preventing Today's Malware
Preventing Today's Malware
David Perkins
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your Favor
David Perkins
Thinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and Prevention
David Perkins
Cerdant Security State of the Union
Cerdant Security State of the Union
David Perkins
Advanced Threat Defense Intel Security
Advanced Threat Defense Intel Security
xband
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
MarketingArrowECS_CZ
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
David Sweigert
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept X
Sophos Benelux
Security Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
Humla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null Singapore
n|u - The Open Security Community
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
Cisco Canada
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension Inc.
Managing third party libraries
Managing third party libraries
n|u - The Open Security Community
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
Sophos Benelux
Cisco amp for endpoints
Cisco amp for endpoints
Cisco Canada
ATP
ATP
Lan & Wan Solutions
Cisco amp everywhere
Cisco amp everywhere
Cisco Canada
Talos threat-intelligence
Talos threat-intelligence
xband
Intercept X - Sophos Endpoint
Intercept X - Sophos Endpoint
DeServ - Tecnologia e Servços
Cisco amp for networks
Cisco amp for networks
Cisco Canada
Security Implications of the Cloud - CSS ATX 2017
Security Implications of the Cloud - CSS ATX 2017
Alert Logic
Cisco NGFW AMP
Cisco NGFW AMP
Cisco Canada
Wccp introduction final2
Wccp introduction final2
bui thequan
Cloud Sandboxing Solution for Cyber Ranges
Cloud Sandboxing Solution for Cyber Ranges
QualiQuali
Contenu connexe
Tendances
Thinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and Prevention
David Perkins
Cerdant Security State of the Union
Cerdant Security State of the Union
David Perkins
Advanced Threat Defense Intel Security
Advanced Threat Defense Intel Security
xband
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
MarketingArrowECS_CZ
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
David Sweigert
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept X
Sophos Benelux
Security Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
Humla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null Singapore
n|u - The Open Security Community
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
Cisco Canada
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension Inc.
Managing third party libraries
Managing third party libraries
n|u - The Open Security Community
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
Sophos Benelux
Cisco amp for endpoints
Cisco amp for endpoints
Cisco Canada
ATP
ATP
Lan & Wan Solutions
Cisco amp everywhere
Cisco amp everywhere
Cisco Canada
Talos threat-intelligence
Talos threat-intelligence
xband
Intercept X - Sophos Endpoint
Intercept X - Sophos Endpoint
DeServ - Tecnologia e Servços
Cisco amp for networks
Cisco amp for networks
Cisco Canada
Security Implications of the Cloud - CSS ATX 2017
Security Implications of the Cloud - CSS ATX 2017
Alert Logic
Cisco NGFW AMP
Cisco NGFW AMP
Cisco Canada
Tendances
(20)
Thinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and Prevention
Cerdant Security State of the Union
Cerdant Security State of the Union
Advanced Threat Defense Intel Security
Advanced Threat Defense Intel Security
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept X
Security Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas Azure
Humla workshop on Android Security Testing - null Singapore
Humla workshop on Android Security Testing - null Singapore
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Managing third party libraries
Managing third party libraries
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
Cisco amp for endpoints
Cisco amp for endpoints
ATP
ATP
Cisco amp everywhere
Cisco amp everywhere
Talos threat-intelligence
Talos threat-intelligence
Intercept X - Sophos Endpoint
Intercept X - Sophos Endpoint
Cisco amp for networks
Cisco amp for networks
Security Implications of the Cloud - CSS ATX 2017
Security Implications of the Cloud - CSS ATX 2017
Cisco NGFW AMP
Cisco NGFW AMP
En vedette
Wccp introduction final2
Wccp introduction final2
bui thequan
Cloud Sandboxing Solution for Cyber Ranges
Cloud Sandboxing Solution for Cyber Ranges
QualiQuali
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředí
MarketingArrowECS_CZ
Enhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open Enterprise
Symantec
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Eliza Hedegaard
DLP Executive Overview
DLP Executive Overview
Kim Jensen
Sandboxing in .NET CLR
Sandboxing in .NET CLR
Mikhail Shcherbakov
Hack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical Sandboxing
Tom Keetch
Secure and Simple Sandboxing in SELinux
Secure and Simple Sandboxing in SELinux
James Morris
2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack
Raleigh ISSA
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)
itforum-roundtable
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
NetCraftsmen
Stopping zero day threats
Stopping zero day threats
Zscaler
Bluecoat Services
Bluecoat Services
ChessBall
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
SolarWinds
Redefining Endpoint Security
Redefining Endpoint Security
Burak DAYIOGLU
En vedette
(16)
Wccp introduction final2
Wccp introduction final2
Cloud Sandboxing Solution for Cyber Ranges
Cloud Sandboxing Solution for Cyber Ranges
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředí
Enhancing Authentication to Secure the Open Enterprise
Enhancing Authentication to Secure the Open Enterprise
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
Mimecast Case Study - Targeted Threat Protection - Berrymans Lace Mawer
DLP Executive Overview
DLP Executive Overview
Sandboxing in .NET CLR
Sandboxing in .NET CLR
Hack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical Sandboxing
Secure and Simple Sandboxing in SELinux
Secure and Simple Sandboxing in SELinux
2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Stopping zero day threats
Stopping zero day threats
Bluecoat Services
Bluecoat Services
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
Redefining Endpoint Security
Redefining Endpoint Security
Similaire à Advanced Threat Protection - Sandboxing 101
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
Custom defense - Blake final
Custom defense - Blake final
Minh Le
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
Advanced Endpoint Protection
Advanced Endpoint Protection
Mustafa YÜKSEL
Symantec Endpoint Suite
Symantec Endpoint Suite
MarketingArrowECS_CZ
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Bitglass
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Ingram Micro Cloud
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
AlienVault
Unveiling the Shadows: A Comprehensive Guide to Malware Analysis for Ensuring...
Unveiling the Shadows: A Comprehensive Guide to Malware Analysis for Ensuring...
cyberprosocial
Endpoint Security Pres.pptx
Endpoint Security Pres.pptx
NBBNOC
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
Dam Frank
WithSecure Deepguard WhitePaper
WithSecure Deepguard WhitePaper
lincktello
Key Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your Enterprise
Lumension
Complete Endpoint protection
Complete Endpoint protection
xband
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Marlabs cyber threat management
Marlabs cyber threat management
Rajendra Menon
How to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USM
AlienVault
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
Types-of-Cyber-Attacks-E-book.pdf
Types-of-Cyber-Attacks-E-book.pdf
ANUSREEASHOK5
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
Invincea, Inc.
Similaire à Advanced Threat Protection - Sandboxing 101
(20)
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Custom defense - Blake final
Custom defense - Blake final
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Advanced Endpoint Protection
Advanced Endpoint Protection
Symantec Endpoint Suite
Symantec Endpoint Suite
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Trend Micro Keynote: Nightingale Floors: Mitigating Cyber Attacks in 2015
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Unveiling the Shadows: A Comprehensive Guide to Malware Analysis for Ensuring...
Unveiling the Shadows: A Comprehensive Guide to Malware Analysis for Ensuring...
Endpoint Security Pres.pptx
Endpoint Security Pres.pptx
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
WithSecure Deepguard WhitePaper
WithSecure Deepguard WhitePaper
Key Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your Enterprise
Complete Endpoint protection
Complete Endpoint protection
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Marlabs cyber threat management
Marlabs cyber threat management
How to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USM
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Types-of-Cyber-Attacks-E-book.pdf
Types-of-Cyber-Attacks-E-book.pdf
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
Plus de Blue Coat
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber Crime
Blue Coat
What is Heartbleed?
What is Heartbleed?
Blue Coat
Infographic: Stop Attacks Hiding Under the Cover of SSL Encryption
Infographic: Stop Attacks Hiding Under the Cover of SSL Encryption
Blue Coat
Empowering the Campus Network
Empowering the Campus Network
Blue Coat
Why Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You Think
Blue Coat
How Safe Is YOUR Social Network?
How Safe Is YOUR Social Network?
Blue Coat
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Blue Coat
Are You a Hacker's Target?
Are You a Hacker's Target?
Blue Coat
How To Catch A Hidden Spammer
How To Catch A Hidden Spammer
Blue Coat
Plus de Blue Coat
(9)
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber Crime
What is Heartbleed?
What is Heartbleed?
Infographic: Stop Attacks Hiding Under the Cover of SSL Encryption
Infographic: Stop Attacks Hiding Under the Cover of SSL Encryption
Empowering the Campus Network
Empowering the Campus Network
Why Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You Think
How Safe Is YOUR Social Network?
How Safe Is YOUR Social Network?
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Big Data Security Intelligence and Analytics for Advanced Threat Protection
Are You a Hacker's Target?
Are You a Hacker's Target?
How To Catch A Hidden Spammer
How To Catch A Hidden Spammer
Dernier
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
OnBoard
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Pooja Nehwal
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
HostedbyConfluent
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Dernier
(20)
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Advanced Threat Protection - Sandboxing 101
1.
ADVANCED THREAT PROTECTION SANDBOXING
101 KEVIN FLYNN PRODUCT MARKETING OCTOBER, 2013 Blue Coat Confidential – Internal Use Only Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 1
2.
ADVANCED THREAT PROTECTION
SOLUTION LIFECYCLE DEFENSE The Blue Coat ATP solution delivers the industry’s most comprehensive protection through the following: 1) Lifecycle Defense: Protection that maps to three threat stages: Realtime blocking for known threats and malware sources (malnets); Advanced threat analysis for unknown threats; and Dwell time reduction for latent threats 2) Adaptive Malware Analysis: Dynamic APT protection that analyzes unknown threats and shares information with other systems in the security infrastructure to increase protection efficiency for unknown and latent threats 3) Network Effect: APT information sharing between 75M users in 15,000 organizations through a feedback loop into the Blue Coat Global Intelligence Network Blue Coat Confidential – Internal Use Only STAGE 3 STAGE 1 Resolve & Remediate Threats Discovered on the Network Block & Enforce All Known Threats GLOBAL INTELLIGENCE NETWORK STAGE 2 Detect & Analyze Unknown Threats Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 2
3.
WHY SANDBOXING? DETECTING &
ANALYZING UNKNOWN THREATS Traditional network defenses are great at dealing with known-threats, terrible at dealing with unknown-threats Unknown threats require dynamic analysis (aka detonation) in the form of a virtual machine and/or bare-metal or emulation sandbox Tight integration is necessary between the sandbox and your web gateway Blue Coat Confidential – Internal Use Only Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 3
4.
BLUECOAT SANDBOX MALWARE ANALYSIS
APPLIANCE CORE TECHNOLOGY Hybrid Analysis Unmatched intelligence SandBox emulation IntelliVM virtualization Behavioral Patterns Expose targeted attacks Detection patterns Open source patterns Custom patterns Plug-in Architecture Extend detection and processing Interact with running malware Click-through dialogs and installers Blue Coat Confidential – Internal Use Only SandBox IntelliVM Software x86 emulator Full Windows XP or Win 7 licensed software Hardware emulation Hardware virtualization Generates numerous low-level events – page faults, exceptions, etc. Generates high-level events – file, registry, network, process, etc. Emulated network access and services Real network access and services Hook-based event introspection KernelScout filter driver captures lowlevel events Add your own patterns Add your own patterns Supports EXEs and DLLs Wide range of file support Portable executable memory dumps Extend processing with plugins Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 4
5.
BEHAVIORAL DETECTION PATTERNS INTELLIVM
PROFILES AND PLUGINS Generic and malware campaign specific patterns • Trojan, spyware, worm, ransomware Extensive pattern library • • • • Core patterns (incl. WebPulse info) Create your own patterns All matching patterns will trigger Global and user-specific patterns Risk scoring • Set by highest matched pattern • Scores update with new patterns • Script notification triggers for further action Patterns can detect targeted and single-use malware, and do not rely on signature-based detection methodologies Blue Coat Confidential – Internal Use Only Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 5
6.
MALWARE APPLIANCE KEY FEATURES Malware
Appliance Enterprise Scalability – Approximately 50,000 analysis tasks per day per appliance – Automated bulk sample processing and risk scoring – Parallel processing on up to 40 virtual machines per appliance Hybrid Analysis – Superior threat dual-detection methodology using SandBox and VM IntelliVMs – Replicate actual production environments including custom applications Plugins – Interact with malware, click through installers, extend custom processing Best-in-class full-featured Web-UI, Analysis Desktop, searching and data mining Open Patterns – Detection criteria is never hidden; Users can add custom patterns Powerful RESTful API – Full programmatic access for integration and automation Pub-Sub API – Secure notifications of analysis task status and task completion Remote management, security, and health status monitoring eases deployment Blue Coat Confidential – Internal Use Only Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 6
7.
BLOCKING, DETECTION &
ANALYSIS ProxySG + CAS + Malware Analysis Appliance (Sandbox) Proxy SG Content Analysis System Malware Analysis System Blue Coat Confidential – Internal Use Only Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 7
8.
WWW.BLUECOAT.COM Blue Coat Confidential
– Internal Use Only Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved. 8
Télécharger maintenant