© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
SECURITE
...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Stormshield
The European leader
for network, data and endpoint
cy...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
ACTIVE CYBER-PROTECTION
RISKS, TRENDS, PROACTIVITY
NATIONAL AND P...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
THIS IS REALITY
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Critical National
Infrastructures are exposed
Stuxnet, BlackEnerg...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
State-sponsored cyber-
espionnage is effective
Regin, Red October...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Hacktivists are disturbing National
Interests
Singapour, Israël, ...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Military e-strikes are more and
more frequent and systematic
Rece...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
An online...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Attacks have become more intelligent and harder
to detect
11
Spea...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Traditional methods are no longer enough
12
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
SECURITY ANALYSIS ARE PERFORMED ON THE SOURCE, ON SECURITY
DEVICE...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
HACKERS TODAY USE ADVANCED TECHNIQUES TO BYPASS
PROTECTION SYSTEM...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
A Multi-Layer and In-depth Defense
Approach is Needed
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
A behavio...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
CONFIDENT...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
OUR vision
multi-layer collaborative security
INTERNAL
COLLABORAT...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Layer 1: internal collaboration
19
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Layer 2: context-awareness
20
20
VM
VM
VM
VM = Vulnerability Mana...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Stormshield Cloud
SOC, CERT, Partenaires THREAT INTELLIGENCE
Laye...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Stormshield provides a
global and comprehensive solution with its...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
CONFIDENT...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Protecting Endpoints against
Targeted and Sophisticated Attacks
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
CONFIDENTIAL – Copyright © 2014
THE 3 STEPS OF A TARGETED ATTACK
...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Protecting Industrial
Environments
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Securing Sensitive National
Information
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Ensure In-depth
Infrastructure Protection
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Trusted Solutions
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
TRUSTED SOLUTIONS
Corporate Overview
To ensure full confidence in...
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
Thanks for your attention
Eric HOHBAUER
Sales Director
06 16 40 3...
Prochain SlideShare
Chargement dans…5
×

Sécurité: Risques, tendances & préconisations à venir par Eric HOHBAUER, Directeur Commercial Stormshield

1 176 vues

Publié le

"Sécurité: Risques, tendances & préconisations à venir " thème abordé par Eric HOHBAUER, Directeur Commercial de Stormshield, lors du Printemps de l'Infra 2015, évènement Nware.

Publié dans : Ingénierie
0 commentaire
1 j’aime
Statistiques
Remarques
  • Soyez le premier à commenter

Aucun téléchargement
Vues
Nombre de vues
1 176
Sur SlideShare
0
Issues des intégrations
0
Intégrations
20
Actions
Partages
0
Téléchargements
32
Commentaires
0
J’aime
1
Intégrations 0
Aucune incorporation

Aucune remarque pour cette diapositive

Sécurité: Risques, tendances & préconisations à venir par Eric HOHBAUER, Directeur Commercial Stormshield

  1. 1. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 SECURITE Risques, tendances & préconisations à venir Eric HOHBAUER, Directeur Commercial Stormshield
  2. 2. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Stormshield The European leader for network, data and endpoint cybersecurity solutions. Eric HOHBAUER Sales Director 06 16 40 31 90 / eric.hohbauer@stormshield.eu
  3. 3. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 ACTIVE CYBER-PROTECTION RISKS, TRENDS, PROACTIVITY NATIONAL AND PERSONAL INTERESTS ARE ALL AT RISK
  4. 4. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 THIS IS REALITY
  5. 5. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
  6. 6. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Critical National Infrastructures are exposed Stuxnet, BlackEnergy,…
  7. 7. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 State-sponsored cyber- espionnage is effective Regin, Red October, …
  8. 8. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Hacktivists are disturbing National Interests Singapour, Israël, China, US, Tunisia…
  9. 9. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Military e-strikes are more and more frequent and systematic Recent US/North Korea conflict
  10. 10. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 An online information goldmine The explosion of social networks has made it so much easier to collect information on the victim and increase the chances of successful hack.
  11. 11. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Attacks have become more intelligent and harder to detect 11 Spearphishing Multi-vector attacks Polymorphic malware 0-day exploitation … RSA, VMWare, Google, French Ministry of Finance, DoD, New York Times, Domino’s Pizza,…
  12. 12. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Traditional methods are no longer enough 12
  13. 13. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 SECURITY ANALYSIS ARE PERFORMED ON THE SOURCE, ON SECURITY DEVICES AND ON THE DESTINATION WITHOUT ANY RELATIONSHIP BETWEEN THESE ANALYSIS. Traditional model 13
  14. 14. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 HACKERS TODAY USE ADVANCED TECHNIQUES TO BYPASS PROTECTION SYSTEMS OR SECURITY ENGINES SO AS TO REACH THEIR TARGETS Traditional model 14
  15. 15. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 A Multi-Layer and In-depth Defense Approach is Needed
  16. 16. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 A behavioral approach 0-day Exploit Advisory Public Exploit Patch Deployment Risk of vulnerability exploit Time SIGNATURE-BASED RESPONSE STORMSHIELD ENDPOINT SECURITY RESPONSE Signature deployment
  17. 17. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 CONFIDENTIAL – Copyright © 2014 PROTECTION ON THE INFRASTRUCTURES & ON THE ENDPOINTS
  18. 18. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 OUR vision multi-layer collaborative security INTERNAL COLLABORATION THREAT INTELLIGENCE CONTEXT AWARENESS
  19. 19. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Layer 1: internal collaboration 19
  20. 20. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Layer 2: context-awareness 20 20 VM VM VM VM = Vulnerability Manager
  21. 21. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Stormshield Cloud SOC, CERT, Partenaires THREAT INTELLIGENCE Layer 3: threat intelligence 21 Stormshield community (Network + Endpoint) Statistical reports Global risk level Main threats Anonymized security alerts (may be disabled) Countermeasures Signatures, dedicated reports, filter rules Information security traffic Security information and qualified alerts
  22. 22. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Stormshield provides a global and comprehensive solution with its Stormshield Network Security and Stormshield Endpoint Security product lines
  23. 23. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 CONFIDENTIAL – Copyright © 2014 GLOBAL PROTECTION
  24. 24. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Protecting Endpoints against Targeted and Sophisticated Attacks
  25. 25. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 CONFIDENTIAL – Copyright © 2014 THE 3 STEPS OF A TARGETED ATTACK Get in the infrastructure • Exploit vulnerabilities: PDF, Flash, browsers, etc. • Leverage removable devices misuses Spread and seek targets • Make good use of the Pass- the-Hash design flaw • Capitalize on removable devices’ mobility Steal or destroy • Exfiltrate data to C&C • Wipe out repositories • Lure hardware into abnormal and harmful behaviors These attacks are widely used in cyberespionnage targeting governments
  26. 26. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Protecting Industrial Environments
  27. 27. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Securing Sensitive National Information
  28. 28. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Ensure In-depth Infrastructure Protection
  29. 29. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Trusted Solutions
  30. 30. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 TRUSTED SOLUTIONS Corporate Overview To ensure full confidence in your security, it is necessary to choose solutions that are certified and labeled by non-commercial, independent and impartial organisms. Stormshield Security solutions are based upon Arkoon and NETASQ technologies which provide the best guarantees:  Common Criteria certifications, EAL 3 + / EAL4 +, granted by a European administration. The EAL4 + certification for NETASQ products was awarded by two different European certifying organisms (France and Netherlands).  Standard Level Qualification which certifies that the product complies with the french security requirements. The qualification process includes a detailed audit and review of the code related to encryption mechanisms.  NATO Restricted classification carried by a European certification body.  EU Restricted classification which certifies that the product has a sufficient level of confidence to protect sensitive data in the EU. The NETASQ products are the only firewall / UTM products to be referenced in the official catalog of the EU.
  31. 31. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105© 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105
  32. 32. © 2015 by NWARE - LE PRINTEMPS DE L’INFRA – 26 MARS 2105 Thanks for your attention Eric HOHBAUER Sales Director 06 16 40 31 90 / eric.hohbauer@stormshield.eu

×