SlideShare une entreprise Scribd logo

festival ICT 2013: Check Point 2013 Security Report

festival ICT 2016
festival ICT 2016
TechnologieBusiness
1  sur  54
Télécharger pour lire hors ligne
11©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] ONLY for designated groups and individuals
22©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | A comprehensive survey – and much more ! 888 companies 1,494 gateways 120,000 Monitoring hours 112,000,000 security events [Restricted] ONLY for designated groups and individuals
33©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | 40% 40% 20% 39% 14%10% 7% 4% 26% A comprehensive survey % of companies Americas EMEA APAC Industrial Finance Government Telco Consulting Other By geography By sector [Restricted] ONLY for designated groups and individuals
44©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Multiple sources of data SensorNet 3D Reports Threat Cloud [Restricted] ONLY for designated groups and individuals
55©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Looking back and forward Main security threats & risks Security architecture Recommendations 2012 2013 and beyond [Restricted] ONLY for designated groups and individuals
66©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Check Point Security Report 2013 About the research Key findings Security strategy Summary [Restricted] ONLY for designated groups and individuals
77©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
88©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Another day, another major hack [Restricted] ONLY for designated groups and individuals
99©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Just this week…. [Restricted] ONLY for designated groups and individuals “Hackers in China Attacked The Times for Last 4 Months” (NY Times , Jan 30, 2013) “Wall Street Journal also hit by hack” (WSJ , Jan 31 2013)
1010©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | 2012: the year of hacktivism Arab Spring Political freedom Foxcon Working conditions Justice Department Anti-corruption Vatican Unhealthy transmitters UN ITU Internet deep packet inspection [Restricted] ONLY for designated groups and individuals
1111©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | This does not affect me, right? [Restricted] ONLY for designated groups and individuals
1212©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The majority of companies are infected 63% 100% = 888 companies of the organizations (2 out of 3) in the research were infected with bots [Restricted] ONLY for designated groups and individuals
1313©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Once in … always on Communicating with command & control every 21minutes [Restricted] ONLY for designated groups and individuals
1414©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Top 2012 Bots [Restricted] ONLY for designated groups and individuals
1515©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Exploit kits are easy to buy Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Available online [Restricted] ONLY for designated groups and individuals
1616©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | But there is more than Bots, right? Malware INSIDE How does malware get to my network? [Restricted] ONLY for designated groups and individuals
1717©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Going to the wrong places… [Restricted] ONLY for designated groups and individuals
1818©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Downloading malware all the time 53%of organizations saw malware downloads [Restricted] ONLY for designated groups and individuals
1919©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anatomy of an attack Recon Exploit Toolkit Backdoor Damage4 3 2 1 BOT Virus RAT [Restricted] ONLY for designated groups and individuals
2020©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Two major trends BOT Virus Damage Profit drivenA Ideological driven B 4RAT [Restricted] ONLY for designated groups and individuals
2121©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case example Massive SQL injection attack Italian University [Restricted] ONLY for designated groups and individuals
2222©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case Study Hacker injected the following string… In normal language: “Please give me the usernames and passwords from the database” In normal language: “Please give me the usernames and passwords from the database” [Restricted] ONLY for designated groups and individuals
2323©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | BLOCKED by Check Point IPS Software Blades From around the world… Case study - the success [Restricted] ONLY for designated groups and individuals
2424©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Main takeaways… 63%63% of organizations were infected with bots 53%53% of organizations experienced malware downloads [Restricted] ONLY for designated groups and individuals
2525©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
2626©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | No longer a game [Restricted] ONLY for designated groups and individuals
2727©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What are risky applications? Bypassing security or hiding identity Do harm without the user knowing it P2P file sharing Anonymizers File sharing / storage Social networks [Restricted] ONLY for designated groups and individuals
2828©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Just this week…. [Restricted] ONLY for designated groups and individuals We discovered one live attack and were able to shut it down in process moments later, However, our investigation has thus far indicated that the attackers may have had access to limited user information — usernames, email addresses and passwords — for approximately 250,000 users.” Bob Lord, Twitter’s director of information security. (Friday, Feb 1, 2013)
2929©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications Anonymizers [Restricted] ONLY for designated groups and individuals
3030©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What is an anonymizer? Firewall OK User Proxy Site [Restricted] ONLY for designated groups and individuals
3131©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | History of Anonymizers Began as “The Onion Router” Officially sponsored by the US Navy 80% of 2012 budget from US Government Used widely during Arab Spring [Restricted] ONLY for designated groups and individuals
3232©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The risk of anonymizers Bypasses security infrastructure Used by botnets to communicate Hide criminal, illegal activity [Restricted] ONLY for designated groups and individuals
3333©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anonymizers inside the corporation 47% of organizations had users of Anonymizers (80% were not aware that their employees use Anonymizers) 100% = 888 companies [Restricted] ONLY for designated groups and individuals
3434©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications P2P file sharing [Restricted] ONLY for designated groups and individuals
3535©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Risk of P2P Applications Downloading the latest “24” episode right now ☺ Pirated content liability Malware downloads “Back door” network access [Restricted] ONLY for designated groups and individuals
3636©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | P2P inside the corporation 61% of organizations had a P2P file sharing app in use 100% = 888 companies [Restricted] ONLY for designated groups and individuals
3737©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case example: P2P 3,800 personal details shared on P2P 95,000 personal details shared on P2P Fines for information disclosers [Restricted] ONLY for designated groups and individuals
3838©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Main takeaways… 61% of organizations had a P2P file sharing app in use 47% of organizations had users of anonymizers [Restricted] ONLY for designated groups and individuals
3939©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
4040©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | How common is it? 54% of organizations experienced data loss [Restricted] ONLY for designated groups and individuals
4141©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Many types of data leaked [Restricted] ONLY for designated groups and individuals
4242©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | PCI compliance can be improved Of financial organizations sent credit card data outside the organization [Restricted] ONLY for designated groups and individuals
4444©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We have all had this problem Error 552: sorry, that message exceeds my maximum message size limit Dropbox? YouSendIt? Windows Live? [Restricted] ONLY for designated groups and individuals
4545©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Storing and Sharing applications 80% of organizations use file storage and sharing applications 100% = 888 companies [Restricted] ONLY for designated groups and individuals
4646©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Top sharing and storage apps 70 51 25 22 13 10 Dropbox Windows Live Curl YouSendIt Sugarsync PutLocker % of organizations But sharing is not always caring… [Restricted] ONLY for designated groups and individuals
4747©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Check Point Security Report 2013 About the research Key findings Security strategy Summary [Restricted] ONLY for designated groups and individuals
4848©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We talked about three issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
4949©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anatomy of an attack Recon Exploit Toolkit Backdoor Damage4 3 2 1 BOT Virus RAT [Restricted] ONLY for designated groups and individuals
5050©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Addressing external threats FW AVIPS AntiBot URLF ThreatEmulation [Restricted] ONLY for designated groups and individuals
5151©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Enabling secure application use URLF Antivirus ApplicationControl [Restricted] ONLY for designated groups and individuals Endpoint
5252©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Preventing data loss DocSec DLP Data EndPoint ApplicationControl Usercheck [Restricted] ONLY for designated groups and individuals
5353©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Seeing attacks and protections SmartEvent SmartLog SmartDashboard [Restricted] ONLY for designated groups and individuals
5454©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Summary 63% 47% 54% Infected with bots 3 key Takeaways Used Anonymizer Experienced data leak Multi Layer Security Central Management Manage & Monitor Protect from external threats Protect from external threats Prevent access to bad sources Prevent access to bad sources Keep the organization secured Keep the organization secured [Restricted] ONLY for designated groups and individuals
5555©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] ONLY for designated groups and individuals

Recommandé

Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul FenwickDelivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
MAXfocus
 
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
CODE BLUE
 
[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...
[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...
[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...
CODE BLUE
 
Update from the MITRE ATT&CK Team
Update from the MITRE ATT&CK TeamUpdate from the MITRE ATT&CK Team
Update from the MITRE ATT&CK Team
Adam Pennington
 
State of the ATT&CK - ATT&CKcon Power Hour
State of the ATT&CK - ATT&CKcon Power HourState of the ATT&CK - ATT&CKcon Power Hour
State of the ATT&CK - ATT&CKcon Power Hour
Adam Pennington
 
Emulating an Adversary with Imperfect Intelligence
Emulating an Adversary with Imperfect IntelligenceEmulating an Adversary with Imperfect Intelligence
Emulating an Adversary with Imperfect Intelligence
Adam Pennington
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security
SecureAuth
 
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence WebinarEnhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Adelaide Hill
 

Recommandé

Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul FenwickDelivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
MAXfocus
 
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
CODE BLUE
 
[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...
[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...
[CB21] Were "2020" Subdomains Abused Actually? - Mining the Real Threat Hidde...
CODE BLUE
 
Update from the MITRE ATT&CK Team
Update from the MITRE ATT&CK TeamUpdate from the MITRE ATT&CK Team
Update from the MITRE ATT&CK Team
Adam Pennington
 
State of the ATT&CK - ATT&CKcon Power Hour
State of the ATT&CK - ATT&CKcon Power HourState of the ATT&CK - ATT&CKcon Power Hour
State of the ATT&CK - ATT&CKcon Power Hour
Adam Pennington
 
Emulating an Adversary with Imperfect Intelligence
Emulating an Adversary with Imperfect IntelligenceEmulating an Adversary with Imperfect Intelligence
Emulating an Adversary with Imperfect Intelligence
Adam Pennington
 
2017 Predictions: Identity and Security
2017 Predictions: Identity and Security 2017 Predictions: Identity and Security
2017 Predictions: Identity and Security
SecureAuth
 
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence WebinarEnhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Adelaide Hill
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
Ulf Mattsson
 
Web Application Security: Connecting the Dots
Web Application Security: Connecting the DotsWeb Application Security: Connecting the Dots
Web Application Security: Connecting the Dots
InnoTech
 
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityChapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data Security
Dr. Ahmed Al Zaidy
 
Grc f42
Grc f42Grc f42
Grc f42
SelectedPresentations
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
Jim Kaplan CIA CFE
 
RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...
RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...
RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...
Adam Pennington
 
SolarWinds State of Government IT Management and Monitoring Survey
SolarWinds State of Government IT Management and Monitoring SurveySolarWinds State of Government IT Management and Monitoring Survey
SolarWinds State of Government IT Management and Monitoring Survey
SolarWinds
 
Hacking3e ppt ch10
Hacking3e ppt ch10Hacking3e ppt ch10
Hacking3e ppt ch10
Skillspire LLC
 
Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated Analytics
Jim Kaplan CIA CFE
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
Bryson Bort
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
seadeloitte
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9
seadeloitte
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
seadeloitte
 
Funsec3e ppt ch03
Funsec3e ppt ch03Funsec3e ppt ch03
Funsec3e ppt ch03
Skillspire LLC
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
Phil Agcaoili
 
June 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be YouJune 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be You
seadeloitte
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
 
Hacking3e ppt ch15
Hacking3e ppt ch15Hacking3e ppt ch15
Hacking3e ppt ch15
Skillspire LLC
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec
 
2015 Security Report
2015 Security Report 2015 Security Report
2015 Security Report
Check Point Software Technologies
 
Check Point Consolidation
Check Point ConsolidationCheck Point Consolidation
Check Point Consolidation
Group of company MUK
 

Contenu connexe

Tendances

Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
Ulf Mattsson
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
Jim Kaplan CIA CFE
 
Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated Analytics
Jim Kaplan CIA CFE
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
Bryson Bort
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
seadeloitte
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
Phil Agcaoili
 
June 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be YouJune 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be You
seadeloitte
 

Tendances (20)

Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
Web Application Security: Connecting the Dots
Web Application Security: Connecting the DotsWeb Application Security: Connecting the Dots
Web Application Security: Connecting the Dots
 
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityChapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data Security
 
Grc f42
Grc f42Grc f42
Grc f42
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
 
RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...
RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...
RH-ISAC Summit 2019 - Adam Pennington - Leveraging MITRE ATT&CK™ for Detectio...
 
SolarWinds State of Government IT Management and Monitoring Survey
SolarWinds State of Government IT Management and Monitoring SurveySolarWinds State of Government IT Management and Monitoring Survey
SolarWinds State of Government IT Management and Monitoring Survey
 
Hacking3e ppt ch10
Hacking3e ppt ch10Hacking3e ppt ch10
Hacking3e ppt ch10
 
Driving More Value With Automated Analytics
Driving More Value With Automated AnalyticsDriving More Value With Automated Analytics
Driving More Value With Automated Analytics
 
NDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeawaysNDIA 2021 - solar winds overview and takeaways
NDIA 2021 - solar winds overview and takeaways
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
 
Funsec3e ppt ch03
Funsec3e ppt ch03Funsec3e ppt ch03
Funsec3e ppt ch03
 
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber SecurityThe Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
 
2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security2015 KSU So You Want To Be in Cyber Security
2015 KSU So You Want To Be in Cyber Security
 
June 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be YouJune 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be You
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Hacking3e ppt ch15
Hacking3e ppt ch15Hacking3e ppt ch15
Hacking3e ppt ch15
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
 

Similaire à festival ICT 2013: Check Point 2013 Security Report

Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Clouditalia Telecomunicazioni
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
Zivaro Inc
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
SolarWinds
 
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docxForm Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
alisondakintxt
 
Completing your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check PointCompleting your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check Point
aliciasyc
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
 

Similaire à festival ICT 2013: Check Point 2013 Security Report (20)

2015 Security Report
2015 Security Report 2015 Security Report
2015 Security Report
 
Check Point Consolidation
Check Point ConsolidationCheck Point Consolidation
Check Point Consolidation
 
Staying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day ProtectionStaying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day Protection
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
 
SandBlast Agent
SandBlast AgentSandBlast Agent
SandBlast Agent
 
Check Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast AgentCheck Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast Agent
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
R u hacked
R u hackedR u hacked
R u hacked
 
комплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblastкомплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblast
 
SolarWinds Federal Cybersecurity Survey 2016
SolarWinds Federal Cybersecurity Survey 2016SolarWinds Federal Cybersecurity Survey 2016
SolarWinds Federal Cybersecurity Survey 2016
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and Compliance
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
 
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docxForm Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
Form Responses 1TimestampUntitled QuestionRisk TableRisk IDID Da.docx
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security Conference
 
Completing your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check PointCompleting your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check Point
 
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalystScale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
Scale vp wisegate-investing-in_security_innovation_aug2014-gartner_catalyst
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 

Plus de festival ICT 2016

Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
festival ICT 2016
 
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
festival ICT 2016
 
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
festival ICT 2016
 
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
festival ICT 2016
 
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
festival ICT 2016
 
LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...
festival ICT 2016
 
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
festival ICT 2016
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
festival ICT 2016
 

Plus de festival ICT 2016 (20)

Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
 
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
 
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
 
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
 
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
 
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
 
LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...
 
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
 
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
 
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
 
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
 
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
 
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
 
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
 
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
 
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
 
Web e privacy, le nuove regole per i cookies - festival ICT 2015
Web e privacy, le nuove regole per i cookies - festival ICT 2015Web e privacy, le nuove regole per i cookies - festival ICT 2015
Web e privacy, le nuove regole per i cookies - festival ICT 2015
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
 
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution... Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
 
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

festival ICT 2013: Check Point 2013 Security Report

  • 1. 11©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] ONLY for designated groups and individuals
  • 2. 22©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | A comprehensive survey – and much more ! 888 companies 1,494 gateways 120,000 Monitoring hours 112,000,000 security events [Restricted] ONLY for designated groups and individuals
  • 3. 33©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | 40% 40% 20% 39% 14%10% 7% 4% 26% A comprehensive survey % of companies Americas EMEA APAC Industrial Finance Government Telco Consulting Other By geography By sector [Restricted] ONLY for designated groups and individuals
  • 4. 44©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Multiple sources of data SensorNet 3D Reports Threat Cloud [Restricted] ONLY for designated groups and individuals
  • 5. 55©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Looking back and forward Main security threats & risks Security architecture Recommendations 2012 2013 and beyond [Restricted] ONLY for designated groups and individuals
  • 6. 66©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Check Point Security Report 2013 About the research Key findings Security strategy Summary [Restricted] ONLY for designated groups and individuals
  • 7. 77©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  • 8. 88©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Another day, another major hack [Restricted] ONLY for designated groups and individuals
  • 9. 99©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Just this week…. [Restricted] ONLY for designated groups and individuals “Hackers in China Attacked The Times for Last 4 Months” (NY Times , Jan 30, 2013) “Wall Street Journal also hit by hack” (WSJ , Jan 31 2013)
  • 10. 1010©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | 2012: the year of hacktivism Arab Spring Political freedom Foxcon Working conditions Justice Department Anti-corruption Vatican Unhealthy transmitters UN ITU Internet deep packet inspection [Restricted] ONLY for designated groups and individuals
  • 11. 1111©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | This does not affect me, right? [Restricted] ONLY for designated groups and individuals
  • 12. 1212©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The majority of companies are infected 63% 100% = 888 companies of the organizations (2 out of 3) in the research were infected with bots [Restricted] ONLY for designated groups and individuals
  • 13. 1313©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Once in … always on Communicating with command & control every 21minutes [Restricted] ONLY for designated groups and individuals
  • 14. 1414©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Top 2012 Bots [Restricted] ONLY for designated groups and individuals
  • 15. 1515©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Exploit kits are easy to buy Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Available online [Restricted] ONLY for designated groups and individuals
  • 16. 1616©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | But there is more than Bots, right? Malware INSIDE How does malware get to my network? [Restricted] ONLY for designated groups and individuals
  • 17. 1717©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Going to the wrong places… [Restricted] ONLY for designated groups and individuals
  • 18. 1818©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Downloading malware all the time 53%of organizations saw malware downloads [Restricted] ONLY for designated groups and individuals
  • 19. 1919©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anatomy of an attack Recon Exploit Toolkit Backdoor Damage4 3 2 1 BOT Virus RAT [Restricted] ONLY for designated groups and individuals
  • 20. 2020©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Two major trends BOT Virus Damage Profit drivenA Ideological driven B 4RAT [Restricted] ONLY for designated groups and individuals
  • 21. 2121©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case example Massive SQL injection attack Italian University [Restricted] ONLY for designated groups and individuals
  • 22. 2222©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case Study Hacker injected the following string… In normal language: “Please give me the usernames and passwords from the database” In normal language: “Please give me the usernames and passwords from the database” [Restricted] ONLY for designated groups and individuals
  • 23. 2323©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | BLOCKED by Check Point IPS Software Blades From around the world… Case study - the success [Restricted] ONLY for designated groups and individuals
  • 24. 2424©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Main takeaways… 63%63% of organizations were infected with bots 53%53% of organizations experienced malware downloads [Restricted] ONLY for designated groups and individuals
  • 25. 2525©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  • 26. 2626©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | No longer a game [Restricted] ONLY for designated groups and individuals
  • 27. 2727©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What are risky applications? Bypassing security or hiding identity Do harm without the user knowing it P2P file sharing Anonymizers File sharing / storage Social networks [Restricted] ONLY for designated groups and individuals
  • 28. 2828©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Just this week…. [Restricted] ONLY for designated groups and individuals We discovered one live attack and were able to shut it down in process moments later, However, our investigation has thus far indicated that the attackers may have had access to limited user information — usernames, email addresses and passwords — for approximately 250,000 users.” Bob Lord, Twitter’s director of information security. (Friday, Feb 1, 2013)
  • 29. 2929©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications Anonymizers [Restricted] ONLY for designated groups and individuals
  • 30. 3030©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What is an anonymizer? Firewall OK User Proxy Site [Restricted] ONLY for designated groups and individuals
  • 31. 3131©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | History of Anonymizers Began as “The Onion Router” Officially sponsored by the US Navy 80% of 2012 budget from US Government Used widely during Arab Spring [Restricted] ONLY for designated groups and individuals
  • 32. 3232©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The risk of anonymizers Bypasses security infrastructure Used by botnets to communicate Hide criminal, illegal activity [Restricted] ONLY for designated groups and individuals
  • 33. 3333©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anonymizers inside the corporation 47% of organizations had users of Anonymizers (80% were not aware that their employees use Anonymizers) 100% = 888 companies [Restricted] ONLY for designated groups and individuals
  • 34. 3434©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications P2P file sharing [Restricted] ONLY for designated groups and individuals
  • 35. 3535©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Risk of P2P Applications Downloading the latest “24” episode right now ☺ Pirated content liability Malware downloads “Back door” network access [Restricted] ONLY for designated groups and individuals
  • 36. 3636©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | P2P inside the corporation 61% of organizations had a P2P file sharing app in use 100% = 888 companies [Restricted] ONLY for designated groups and individuals
  • 37. 3737©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case example: P2P 3,800 personal details shared on P2P 95,000 personal details shared on P2P Fines for information disclosers [Restricted] ONLY for designated groups and individuals
  • 38. 3838©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Main takeaways… 61% of organizations had a P2P file sharing app in use 47% of organizations had users of anonymizers [Restricted] ONLY for designated groups and individuals
  • 39. 3939©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  • 40. 4040©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | How common is it? 54% of organizations experienced data loss [Restricted] ONLY for designated groups and individuals
  • 41. 4141©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Many types of data leaked [Restricted] ONLY for designated groups and individuals
  • 42. 4242©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | PCI compliance can be improved Of financial organizations sent credit card data outside the organization [Restricted] ONLY for designated groups and individuals
  • 43. 4444©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We have all had this problem Error 552: sorry, that message exceeds my maximum message size limit Dropbox? YouSendIt? Windows Live? [Restricted] ONLY for designated groups and individuals
  • 44. 4545©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Storing and Sharing applications 80% of organizations use file storage and sharing applications 100% = 888 companies [Restricted] ONLY for designated groups and individuals
  • 45. 4646©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Top sharing and storage apps 70 51 25 22 13 10 Dropbox Windows Live Curl YouSendIt Sugarsync PutLocker % of organizations But sharing is not always caring… [Restricted] ONLY for designated groups and individuals
  • 46. 4747©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Check Point Security Report 2013 About the research Key findings Security strategy Summary [Restricted] ONLY for designated groups and individuals
  • 47. 4848©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We talked about three issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  • 48. 4949©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anatomy of an attack Recon Exploit Toolkit Backdoor Damage4 3 2 1 BOT Virus RAT [Restricted] ONLY for designated groups and individuals
  • 49. 5050©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Addressing external threats FW AVIPS AntiBot URLF ThreatEmulation [Restricted] ONLY for designated groups and individuals
  • 50. 5151©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Enabling secure application use URLF Antivirus ApplicationControl [Restricted] ONLY for designated groups and individuals Endpoint
  • 51. 5252©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Preventing data loss DocSec DLP Data EndPoint ApplicationControl Usercheck [Restricted] ONLY for designated groups and individuals
  • 52. 5353©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Seeing attacks and protections SmartEvent SmartLog SmartDashboard [Restricted] ONLY for designated groups and individuals
  • 53. 5454©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Summary 63% 47% 54% Infected with bots 3 key Takeaways Used Anonymizer Experienced data leak Multi Layer Security Central Management Manage & Monitor Protect from external threats Protect from external threats Prevent access to bad sources Prevent access to bad sources Keep the organization secured Keep the organization secured [Restricted] ONLY for designated groups and individuals
  • 54. 5555©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] ONLY for designated groups and individuals