Contenu connexe Similaire à Sécurité: Risques, tendances & préconisations à venir par Eric HOHBAUER, Directeur Commercial Stormshield (20) Sécurité: Risques, tendances & préconisations à venir par Eric HOHBAUER, Directeur Commercial Stormshield 1. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
SECURITE
Risques, tendances & préconisations
à venir
Eric HOHBAUER, Directeur Commercial Stormshield
2. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Stormshield
The European leader
for network, data and endpoint
cybersecurity solutions.
Eric HOHBAUER
Sales Director
06 16 40 31 90 / eric.hohbauer@stormshield.eu
3. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
ACTIVE CYBER-PROTECTION
RISKS, TRENDS, PROACTIVITY
NATIONAL AND PERSONAL INTERESTS ARE ALL AT RISK
4. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
THIS IS REALITY
5. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
6. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Critical National
Infrastructures are exposed
Stuxnet, BlackEnergy,…
7. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
State-sponsored cyber-
espionnage is effective
Regin, Red October, …
8. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Hacktivists are disturbing National
Interests
Singapour, Israël, China, US, Tunisia…
9. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Military e-strikes are more and
more frequent and systematic
Recent US/North Korea conflict
10. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
An online information goldmine
The explosion of social
networks has made it so
much easier to collect
information on the
victim and increase the
chances of successful
hack.
11. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Attacks have become more intelligent and harder
to detect
11
Spearphishing
Multi-vector attacks
Polymorphic malware
0-day exploitation
…
RSA, VMWare, Google,
French Ministry of
Finance, DoD, New York
Times, Domino’s Pizza,…
12. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Traditional methods are no longer enough
12
13. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
SECURITY ANALYSIS ARE PERFORMED ON THE SOURCE, ON SECURITY
DEVICES AND ON THE DESTINATION WITHOUT ANY RELATIONSHIP
BETWEEN THESE ANALYSIS.
Traditional model
13
14. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
HACKERS TODAY USE ADVANCED TECHNIQUES TO BYPASS
PROTECTION SYSTEMS OR SECURITY ENGINES SO AS TO REACH THEIR
TARGETS
Traditional model
14
15. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
A Multi-Layer and In-depth Defense
Approach is Needed
16. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
A behavioral approach
0-day
Exploit
Advisory Public
Exploit
Patch
Deployment
Risk of vulnerability
exploit
Time
SIGNATURE-BASED
RESPONSE
STORMSHIELD ENDPOINT
SECURITY RESPONSE
Signature
deployment
17. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
CONFIDENTIAL – Copyright © 2014
PROTECTION ON THE
INFRASTRUCTURES & ON THE
ENDPOINTS
18. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
OUR vision
multi-layer collaborative security
INTERNAL
COLLABORATION
THREAT
INTELLIGENCE
CONTEXT
AWARENESS
19. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Layer 1: internal collaboration
19
20. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Layer 2: context-awareness
20
20
VM
VM
VM
VM = Vulnerability Manager
21. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Stormshield Cloud
SOC, CERT, Partenaires THREAT INTELLIGENCE
Layer 3: threat intelligence
21
Stormshield community
(Network + Endpoint)
Statistical reports
Global risk level
Main threats
Anonymized security
alerts
(may be disabled)
Countermeasures
Signatures, dedicated reports, filter rules
Information security traffic
Security information and qualified alerts
22. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Stormshield provides a
global and comprehensive solution with its
Stormshield Network Security
and
Stormshield Endpoint Security
product lines
23. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
CONFIDENTIAL – Copyright © 2014
GLOBAL PROTECTION
24. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Protecting Endpoints against
Targeted and Sophisticated Attacks
25. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
CONFIDENTIAL – Copyright © 2014
THE 3 STEPS OF A TARGETED ATTACK
Get in the
infrastructure
• Exploit
vulnerabilities:
PDF, Flash,
browsers, etc.
• Leverage
removable
devices misuses
Spread and seek
targets
• Make good use
of the Pass-
the-Hash
design flaw
• Capitalize on
removable
devices’
mobility
Steal or destroy
• Exfiltrate data to
C&C
• Wipe out
repositories
• Lure hardware
into abnormal
and harmful
behaviors
These attacks are widely used in cyberespionnage targeting governments
26. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Protecting Industrial
Environments
27. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Securing Sensitive National
Information
28. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Ensure In-depth
Infrastructure Protection
29. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Trusted Solutions
30. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
TRUSTED SOLUTIONS
Corporate Overview
To ensure full confidence in your security, it is necessary to choose solutions that are certified
and labeled by non-commercial, independent and impartial organisms.
Stormshield Security solutions are based upon Arkoon and NETASQ technologies which provide
the best guarantees:
Common Criteria certifications, EAL 3 + / EAL4 +, granted by a European
administration. The EAL4 + certification for NETASQ products was awarded by two
different European certifying organisms (France and Netherlands).
Standard Level Qualification which certifies that the product complies with the
french security requirements. The qualification process includes a detailed audit and
review of the code related to encryption mechanisms.
NATO Restricted classification carried by a European certification body.
EU Restricted classification which certifies that the product has a sufficient level of
confidence to protect sensitive data in the EU. The NETASQ products are the only
firewall / UTM products to be referenced in the official catalog of the EU.
31. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
32. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Thanks for your attention
Eric HOHBAUER
Sales Director
06 16 40 31 90 / eric.hohbauer@stormshield.eu