CyberDen 2020

Agenda
Lunch
Pitches, Round 1
Break
Pitches, Round 2
Exhibition & Networking
Close
1.00pm
1.45pm
2.45pm
3.00pm
4.15pm
5.00pm

Protecting and Optimizing Your
Email
Oliver Tribe
Sr Enterprise Account Manager
The Power of Email Authentication

Agari Secure Email Cloud
©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.5

Email Scams Continue to Plague Businesses

Two Mega Trends Re-Shaping Email Security Defenses
Advanced
Email Attacks
#1 Cybersecurity
Problem
Email continues to be the
most common vector (96%)
– Verizon
2018 Data Breach Investigations Report
Migration to
Cloud Mail
Redefining Email
Architectures
By 2021, more than 70% of
business users will be provisioned
with cloud office capabilities.
– Gartner
2017 Market Guide for Secure Email Gateways

Decline in Email Security Efficiency
Criminals continue to exploit gaps in your security
YoY rise in BEC victim losses88%
Victims lost 92x more
in BEC scams than
ransomware &
malware combined
22% of employees
will click on a
phishing campaign

The Digital Marketer’s Dilemma…
©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.
Sources:
1. Data and Marketing Assoc 2018
2. Verizon, 2018
96%
Cyberattacks start
with email2
3,800%
Average ROI
for email marketing1
…ALSO THE TOP
VECTOR FOR
CYBERCRIMINALS
EMAIL: THE BEST,
MOST PROFITABLE WAY
FOR BRANDS TO
REACH CONSUMERS…

Email is Powerful and Efficient

However, Email Has a Basic Flaw:
The Sender Can Be Faked
• Criminals can impersonate someone
you trust and steal your credentials,
information, or money
• They trick you into falling for
ransomware

2018
Account
Takeover
Identity Impersonation Attacks Have Changed the Rules
Sources: CSOonline.com, Cybersecurity ventures, Nucleus Research, FBI I3C (Jan ‘15 – Dec ‘16)
$
2000s 2015
Spam Email
Malware
Spear
Phishing
Social
Eng Attacks Business Email
Compromise
2017
Content Deception Identity Deception
Zero Day
Attacks
30% open malicious emails
13% click on malicious attachments
3:45 until first user is compromised
From: CEO Name
cybercriminal@gmail.com
To: CFO NAME

Impersonation Techniques

Impostor Authentic
Spoof Look-alike Domain Display Name Deception Account OwnerAccount Takeover
Sender
Phishing Threat Landscape
Business Email Compromise Traditional Phishing EmployeeVEC ScarewareProblem
Customer Importance
Problem Example
VEC From: “Rama <rsekhar@nvp.com>”
Subject:Can you please send me your 2020 financial plan?
BEC From: “Pat Peterson <ceo123@gmail.com>”
Subject: Raymond, please pay this invoice
Employee From: “Pat Peterson <ppeterson@agari.com>”
Subject: Raymond, please pay this invoice
Traditional Phish From: “MS File Share <susie.q@example.com>”
Subject:Open this file shared from Microsoft Onedrive
Scareware From: “Aŉonymer Hʌcker <heidemarie-236@misleads.stonecast.top>”
Send me bitcoin or I’ll post your naked pictures on social media

BEC – Now the #1 Reason for Cyber Insurance Claims
https://www.thesslstore.com/blog/the-dirty-dozen-the-12-most-costly-phishing-attack-examples/

Cyber Criminals are operating like a Modern Enterprise

Email Authentication and Identity-based Detection:
Digital ID for Your Brand that Improves Customer Experience
IMPROVED DELIVERABILTY
BETTER ENGAGEMENTMORE CONFIDENCE
TOTAL VISIBILITY
Blocks unauthorized
emails attempting to
use your domain

Thank You
Oliver Tribe
otribe@agari.com
M: 07501 520 620

AUTOMATED TARGETED THREAT INTELLIGENCE
February 2020 – David Marlow

• About Blueliv
• The Evolution of Threat Intelligence
• Adding value to your business
• CTI delivered by Blueliv
• Use case
• Blueliv product
• Threat landscape trends in 2020
SECON CYBERDEN
AGENDA
22

23
ABOUT BLUELIV
SECON CYBERDEN
Blueliv is Europe’s leading cyberthreat intelligence
provider, headquartered in Barcelona, Spain.
We look beyond your perimeter, scouring the open,
deep and dark web to deliver fresh, automated and
actionable threat intelligence to protect the
enterprise and manage your digital risk.
Intelligence modules are scalable, easy to deploy and
easy to use, maximizing security resource while
accelerating threat detection, incident response
performance and forensic investigations.

THE EVOLUTION OF THREAT INTELLIGENCE
SECON CYBERDEN
Threat Intelligence 1.0
Generic, report driven
intelligence about malicious
activity, usually historical
10-15yrs ago
Vertical-based threat
intelligence, largely report
driven, built manually by
analysts and delivered as a
single, feature-rich platform
5-10yrs ago
Targeted threat intelligence,
delivered automatically and
continuously in near real-
time. Limited human
intervention allows for scale
and speed. Modular to
enable customers to
prioritise tasks
Past 5yrs
24

25
HOW DO WE ADD VALUE
TO YOUR BUSINESS
SECON CYBERDEN
• Increase Security maturity for external
threats and help plug gaps by tracking
where the breach originated
• Loss of Intellectual Property, Fines and
Reputational Damage, Potential to
reduce GDPR fines by demonstrating
you have a proactive approach to
external threats
• Despite massive investments in Endpoint
Protection, Data Loss Prevention,
Firewalls etc breaches and leaks still
happen. Blueliv help understand the
blind spots
• Automated solution – so you don’t have
continuously search, rest assured that we
are looking out for your digital assets
online – focus on remediation and
reduce potential harm and losses

THREAT INTELLIGENCE DELIVERED BY BLUELIV
26 Big Data Algorithms
Proprietary
intelligence
Blueliv
Community
Third Parties
Internet Deep Web Dark Web
Partners
Public
sources
Experts
Organization
s
Malware
sharing
Malware
sharing
Web
Crawlers
Sinkholing Honeypots
Malware
Reversal
2. PROCESSING1. INFORMATION GATHERING 3. INFORMATION DELIVERY + REMEDIATION
Enriched data
Threat Compass
Threat Exchange
Network
MRTI Data Feed
SECON CYBERDEN

THREAT INTELLIGENCE DELIVERED BY BLUELIV
27
Retrieve in
compromised
credentials in real
time
Track illegitimate
entities and domains
Recover stolen card
information in real-
time
Track malicious
activities in the
underground
Discover your
sensitive data leaked
in the wild
Be armed with
continuously updated,
intuitive threat
intelligence
Detect malware &
analyze suspicious
executable files
Detect and monitor
false, infected,
modified or copied
apps
Monitor your
organization’s digital
footprint
Monitor global social-
borne hacktivism
operations
CREDENTIALS DOMAIN PROTECTION CREDIT CARD THEFT DARK WEB DATA LEAKAGE
HACKTIVISM SOCIAL MEDIA ROGUE MOBILE APPS MALWARE THREAT CONTEXT
SECON CYBERDEN

USE CASE: PROACTIVE EXTERNAL THREAT INTEL
28
• Gain visibility on external cyber-threats that can affect your assets, brand,
employees and even customers.
• Discover compromised devices and credentials, leaked information and
rogue mobile applications.
• Empower your response and investigation activities with access to
contextualized information.
• Enjoy these benefits in a frictionless and automated way, reducing you FTE
needs to cover much more ground.
• CISO
• IT Security Manager
• Threat Intelligence
Manager
• SOC Team
• Fraud Manager
• GRC/IP/Brand Manager
• MRTI
• Botnets and C&C
• Targeted Malware
• Credit Card Theft
• Rogue Mobile App
• Media Tracker
• Hacktivism
• Data Leakage
• Phishing & Cybersquatting
• Brand Abuse
• Dark Web
• Threat Actors
Role
Blueliv Technology that can be used
Use Case
SECON CYBERDEN

MODULAR - CREDENTIALS
30
SECON CYBERDEN

THREAT CONTEXT – MALWARE HUNTING
31
SECON CYBERDEN

• Cyberthreats becoming increasingly diverse, sophisticated and malicious
• More mirroring the Commercial world – dark web black Friday sale – reduced price, 24x7
support, crowd funding, gamification, customer satisfaction scores, Uptime for Dark Web
Markets
• Skills shortage – products being simpler to use so employees are more productive
• Account checking Armageddon – password hygiene
• Remote Access Trojans (RATS) – increased sophisticated – man in the middle,
uninstalling AV
• Increased usage in Monero Cryptocurrency
• Increase in Ransomware and mobile attacks – companies are still paying up
WHAT ARE WE SEEING IN 2020
32
SECON CYBERDEN

We would welcome your investment and
as next steps are happy to provide
follow up meeting and a demonstration
Thank You

Mark Draper
EMEA Channel Director
35
Top WAN Transformation
Challenges For The Global
Enterprise

Cato Networks
36Network at the Speed of NOW

Market Opportunity
• SD-WAN solutions help organizations in simplifying the WAN and branch networks,
significantly improves WAN performance, reduces Capex and Opex, and provides
higher agility of WAN management
• Software-defined wide-area network market is expected to grow significantly in the next
3 to 4 years
• Market size anticipated to be $12.11 billion by 2023
• The market is expected to grow at a compound annual growth rate (CAGR) of 56.1%
from 2018-2023.

Remote
Sites
Private
Cloud
On-Prem
Data Center
SaaS
Applications
Public
Cloud
Users
Partners
Customers
Employees
Customers
Revenue
Partners
Unknown
Applications
IP
IP
Unknown
Applications
Unknown
Network Data Users Threats Tools
The Current Network Landscape

The WAN is Incompatible with Today’s Business Needs
39
Cloud, Mobility and Globalization drastically changing traffic patterns
Network at the Speed of NOW
Security
Appliances
Legacy
WAN

Digital Transformation
40
The Most Impactful IT Trend on Business

Digital Transformation
The Most Impactful IT Trend on Business

• The rise of cloud applications and mobile workforces is changing the shape of
business. Today, applications are hosted in on-premise data centers, private
& public clouds, or consumed as a subscription-based Software-as-a-
service (SaaS) offering. (Salesforce.com, Workday, Office365, Box and
Dropbox)
• The Wide Area Network (WAN) and network security appliances were built to
connect and secure static and physical locations - not today’s mobile-first and
cloud-centric networks.
• Legacy WAN and Network Security Appliances are Incompatible with the
Modern Enterprise.
The WAN is Incompatible with Today’s Business Needs
 Cloud, Mobility and Globalization drastically changing traffic patterns

Mobile
Users
Point solutions? You can’t patch your way to a better network
DC
Cloud
Global
Branch
Legacy Network
Branch
| 43
MPLS
Mobile
VPN/SDP
Network
Security

Cloud-Native Convergence Drives WAN Transformation
| 44
MPLS
Network
Security
Mobile
VPN/SDP
ALL-IN-1
Faster Innovation
Better Service
Lower Costs

Cato Keeps it Simple
Connect. Secure. Run
| 45
Secure.
Protect all traffic with built-in
security as a service
Connect.
End-to-end optimized connectivity for all
locations, clouds, and users
Run.
One console for all network and
security policies and analytics
BranchHQ/DC Cloud Mobile

Service

One Network
47
Global SD-WAN
CatoCloud
Routing Reliability Optimization Encryption
• Global, SLA-backed backbone
of Points of Presence (PoPs)
• Network Optimization – Last
Mile, Middle Mile, Cloud
Optimization
• Secure Tunnels Overlay
connects all resources to the
backbone
• MPLS Augmentation with core
SD-WAN capabilities
• MPLS Replacement
with SLA-backed backbone
• Connects Cloud Data Center
and Mobile Users to the WAN
• Managed service by Cato:
Intelligent Last-Mile
Management (ILMM)
(2) MPLS Replacement
SLA-backed Backbone
Last-Mile Management
Branch
Cato
Socket
HQ
Cato
Client
Mobile Users
Agentless
Cloud Data Center
Network
Security
SD-WAN
(1) MPLS Augmentation or
Enhanced Internet WAN
Policy Based Routing,
Active/Active, Packet Loss
Mitigation
MPLS
PoPs Map Cato SocketILMM

Next Generation
Firewall VPN
Secure Web
Gateway
Secure Cloud and
Mobile Access
Advanced Threat
Prevention
Network
Forensics
• Enterprise grade security
available everywhere
(local secure Internet exit)
• Elastic and agile: scale up,
seamlessly updated
• Cloud traffic visibility
accelerates defense
adaptation
• Appliance elimination in
remote locations and
datacenters
• Managed Threat Detection
and Response (MDR)
Service by Cato
One Security
48
Built-in Network Security
CatoCloud
Routing Reliability Optimization Encryption
Branch
Cato
Socket
HQ
Cato
Client
Mobile Users
Agentless
Cloud Data Center
Network
Security
SD-WAN
MPLS
Network and Security ManagementManaged Detection and Response

Cato Management Application

NG Firewall
Secure Web Gateway
Advanced Threat Prevention
Cloud and Mobile Security
Cloud Optimization
WAN Optimization
Global Route Optimization
Self-healing Architecture
Cato Cloud: The Network for the Digital Business
| 50
Branch Datacenter
Edge SD-WAN
• Active / Active / Active
• Dynamic Path Selection
• Application- and User Aware QoS
• Packet Loss Mitigation
IPSec
Internet
MPLS
Hybrid/Multi Cloud
Agentless
Mobile
Client/Clientless
SDP
Flexible Management
• Self-service
• Co-managed
• Fully managed
PoP
Converged
Network &
Security

A New Networking & Security Architecture for the Business
| 51

Experience WAN Transformation with
Cato Networks.
| 52

Andrew Thompson
Software security for DevOps and beyond

3Things to
remember
THE PITCH
Software Security for Devops and beyond
• Trends in Software Development – Shortening Delivery Cycle and
Machine Learning in Testing
• Maslow Hierarchy of Needs – Software Version
• Addressing these requirements

are predictable
Trends in AppSec

Advances in development always precede
advancesinAppSec
ApplicationDevelopment ApplicationSecurity
Starting point
Peak of inflated expectations

advancesinAppSec
1996
Advances in dev
Web Apps
1999
Sec protection
WAFs
2003
Security from the source
SAST

advancesinAppSec
1996
Advances in dev
Web Apps
1999
Sec protection
WAFs
2003
SAST
2004
Advances in dev
Open source by enterprises
2011
Sec protection
Sec by risk
2015
Sec by dev

we need to
understand
current Dev
trends
To predict future Sec
trends
Proprietary & Confidential | All Rights Reserved

2007
Advances in dev
Infrastructure as code
2010
Sec protection
Cloud infrastructure protection
???
???
Network
Servers
services
= DevITTrend 1 :
Infrastructure
as code
Trend 2:
Trend 3:
Trend 4:

2013
Advances in dev
Containers dockers
2015
Sec protection
Containers dockers security
???
???
Apps >> ContainersDirectly on OSTrend 1 :
Infrastructure
as code
Trend 2:
Containers
dockers
Trend 3:
Trend 4:

2013
Advances in dev
Microservices
2017
Sec protection
API security protection
???
???
Microservices >> APIMonolithTrend 1 :
Infrastructure
as code
Trend 2:
Containers
dockers
Trend 3:
APIs
Trend 4:

Trend 1 :
Infrastructure
as code
Trend 2:
Containers
dockers
Trend 3:
APIs
Trend 4:
git is the
new
norm
Ops through git
is the new norm >> using git for sec scans
Build Test Deploy
Build Test Deploy

/ Maslow Hierarchy of needs
Proprietary & Confidential | All Rights Reserved | 66
Self-
actualization
Esteem
Love / Belonging
Safety
Physiological

/
Remediation
Prioritization
Correlations
Policy
CI/CD Automation
User & Project Management
Maslow Hierarchy of needs – For Software Security

/ Maslow Hierarchy of needs – For Software Security
Project Management - Know your Software Exposure KPIs
Remediation
Prioritization
Correlations
Policy
CI/CD Automation

CI plugins
IDE plugins
Mass onboarding (Github /
Gitlab / Bitbucket)
Defect management (JIRA)
CI/CD Automation
SDLC Integration
Remediation
Prioritization
Correlations
Policy
CI/CD Automation

CI/CD Automation
SDLC Integration
Self-Service AST
Automation with Zero Configuration
Commit
Or
Pull request
Issues
Remediation
Prioritization
Correlations
Policy
CI/CD Automation

CI/CD Automation
SDLC Integration
Self-Service AST
Unified Policy Management
Remediation
Prioritization
Correlations
Policy
CI/CD Automation

CI/CD Automation
SDLC Integration
Self-Service AST
Vulnerability Detection and Correlation
SAST  SCA  IAST  Training
Remediation
Prioritization
Correlations
Policy
CI/CD Automation

CI/CD Automation
SDLC Integration
Self-Service AST
Automatic Prioritization
Remediation
Prioritization
Correlations
Policy
CI/CD Automation

CI/CD Automation
SDLC Integration
Self-Service AST
Automatic Prioritization
Remediate - What And How To Fix
Best Fix & Codebashing – How To Fix Remediation
Prioritization
Correlations
Policy
CI/CD Automation

/
About Checkmarx
The world's top organizations choose Checkmarx
to manage their software exposure
Gartner Magic Quadrant
Leader 2019 for Application
Security Testing
700 employees
60% year-over-year growth
deployed in 70+ countries
Trusted by 1,400+
of the world’s largest
organizations

/
Checkmarx Software Security Platform

/ Security in a SDLC & DevOps Environment
IDEs
Source Code
Management Solutions
Build/CI Solutions
Defect Tracking
Dashboarding
Dev
OpsCLI, Web Services API
Data Export API

/
And the future ?

Securing software takes more than a tool

/ Come and have a chat
To hear more about how we
translate our philosophy and
upcoming trends into actionable
security

www.checkmarx.com
/ Thank You
Declan.Dickens@checkmarx.com
Andrew.Thompson@checkmarx.com

Break
Take a breather for 15
mins

www.egress.com © Egress Software Technologies Ltd. All rights reserved.
Mark Lendon, VP of Sales
Will Renwick, Account Executive
13th February 2020
Predicting the unpredictable:
Preventing email data breaches
Egress Software Technologies

Human Layer Security – Category Leader
Founded
in 2007
3000 clients and
6 million users
Global offices An industry
leader
One of the fastest growing
UK SaaS businesses
$40m growth equity
funding
Highest level industry
certifications
Key strategic
partnerships

• Firewalls
• Authentication
• Disk Encryption
In the 2000s…

• Spam
• Malware
• Data Loss Prevention
In the 2010s…

95% of breaches will be
human activated…
In the 2020s???

90
Mis-directed emails are the most underreported
security threats to your business

• More mistakes happen during
repetitive tasks
• Roles that have similar tasks are
more prone to mistakes
• While a data breach may not
necessarily be caused, it can
certainly involve an embarrassing
conversation!
Sent an email or attachment to the wrong person?

Insider threat:
a disconnect
The market challenge
79% of IT leaders:
my employees have put company
data at risk accidently
Human error
to blame
The risk is
on email
92% of employees:
we haven’t accidentally broken
data sharing policy
60%
of data breach incidents are the
result of human error (ICO research)
74%
of information shared by staff
contains sensitive data
61%
of this sensitive data is shared
via plain text email!
50%
of these incidents are the result
of incorrect disclosure

• Deeply understands human
behaviour
• Contextual machine learning
• Detect anomalies and prevent data
breaches
Human Layer Security

Intelligent Email Security
Analyse and measure
the risk of sharing
sensitive data
Investigate
Apply the right level of
protection when
sharing sensitive data
Protect
Remove the risk of
accidental or malicious
data breaches
Prevent
01 0302

95
The misdirected email is one of the biggest security
threats to your business…
…and Egress removes that risk from the table.

Thank you for your time
E: info@egress.com | T: +44 (0) 2076248500 | W: www.egress.com | Twitter: @EgressSoftware

"Protecting your business does not stop at these four walls"
•Traditional protection perimeters are expanding and sometimes dissolving
completely.
•How do you provide protection beyond the perimeter for your business brand.
•How do you provide protection beyond the perimeter for your customers.

10
0
©2019 Mimecast. All Rights Reserved 10
0

10
1
©2019 Mimecast. All Rights Reserved

10
2
2

10
3
3

10
4
4

10
5
5

10
6
6

10
7
7

10
9
©2019 Mimecast. All Rights Reserved
Cometalk
withme
abouttrust

CONTROL
ACCESS
PROTECT
ENDPOINTS
SECURE
PASSWORDS
3 Key Steps to
PAM Maturity
Scott Shields

85%
O R G A N I Z A T I O N S
Fail to meet even basic
PAM security hygiene

PAM
Gartner Ranks
CISO’s
#1 Security
Priority
On Gartner’s List of Top 6 Security Projects
THYCOTIC ADRESSES 4
 #1 – Privilege Account Management
 #3 – Anti-phishing
 #4 – Application Control
 #6 – Detection & Response

Privileged
Access
Management
Maturity
Model

MATURITYLEVEL
ADAPTIVE
INTELLIGENT4
SECURITYPOSTURE
BEGINNERS
LEADERS
ANALOG1
BASIC2
High risk to
architecture &
operations
CRITICAL RISK THRESHOLD
Low risk to
architecture
& operations
ADVANCED3
PAM Maturity Model

MATURITYLEVEL
ADAPTIVE
INTELLIGENT4
SECURITYPOSTURE
BEGINNERS
LEADERS
ANALOG1
BASIC2
High risk to
architecture &
operations
Low risk to
architecture
& operations
 Paper-based
password & credential
tracking
 Default password use
 No password rotation
 No or minimal
password complexity
requirements
 Automated privileged
account discovery
 Password vaulting
 Non-default password
use
 Multi-factor
authentication
 Automated password
rotation &
randomization
 Password hiding
 Privileged session
proxying
 Dual control & 4-eyes
protocols
 Session monitoring
 Immutable privileged
activity auditing
 Endpoint Least
Privilege & application
control
 Automated anomoly
detection &
remediation
 Automated
privileged account
lifecycle
management
 DevOps workflow
privileged account
management
FEATURES
ADVANCED3
PAM Maturity Model

MATURITYLEVEL
ADAPTIVE
INTELLIGENT4
SECURITYPOSTURE
BEGINNERS
LEADERS
ANALOG1
BASIC2
High risk to
architecture &
operations
Low risk to
architecture
& operations
 Paper-based
tracking
 No or minimal
password complexity
requirements
account discovery
use
 Multi-factor
authentication
rotation &
randomization
 Password hiding
proxying
protocols
activity auditing
 Endpoint Least Privilege &
application control
detection &
remediation
 Automated
privileged account
lifecycle
management
 DevOps workflow
privileged account
management
FEATURES
ADVANCED3
PAM Maturity Model

MATURITYLEVEL
ADAPTIVE
INTELLIGENT4
SECURITYPOSTURE
BEGINNERS
LEADERS
ANALOG1
BASIC2
High risk to
architecture &
operations
CRITICAL RISK THRESHOLD
Low risk to
architecture
& operations
 Paper-based
tracking
 No or minimal
password complexity
requirements
account discovery
use
 Multi-factor
authentication
rotation &
randomization
 Password hiding
proxying
protocols
activity auditing
 Endpoint Least Privilege &
application control
detection &
remediation
account lifecycle
management
 DevOps workflow
privileged account
management
FEATURES
ADVANCED3
PAM Maturity Model

You can’t protect
what you don’t know
exist
Discover

Protect, Rotate and
encrypt all privileged
credentials
Secure

True RBAC +
Workflow controls +
Analytics and Audit
control
Control Access

PRIVILEGED ACCOUNT MANAGEMENT
SECRET SERVER
ENDPOINT APPLICATION CONTROL
PRIVILEGE MANAGER
ANALYTICS
PRIVILEGED BEHAVIOUR ANALYTICS
SERVICE ACCOUNT GOVERNANCE
ACCOUNT LIFECYCLE MANAGER
DYNAMIC SECRETS MANAGEMENT
DEVOPS SECRETS VAULT

134
134
It’s a Digital World.
Engage Securely.

135
#WHOAMI
Gavin Cameron
ZeroFOX
Regional Sales Director, UK
13 Years in Cybersecurity

• Defining your Digital "Perimeter" & Risks
• Leverage the ZeroFOX Platform for real-time
Digital Visibility, Intelligence & Protection
• Defend and Remediate your Digital Risks with
ZeroFOX Takedown as a Service™
AGENDA

137
Our Mission
ZeroFOX exists to protect people and organisations in
the quickly expanding digital world.
Our Reach
Presence in United States, United Kingdom, Canada,
Chile and India, with customers in over 25 countries,
providing best in class SaaS platform, support and
services to organizations of all verticals and sizes.
About ZeroFOX
It’s a Digital World. Engage Securely.

138
Understand your Digital
"Perimeter" & Risks

139
Impersonations
Social Accounts
Fake Domains
Fake Websites
Fraudulent Email
Securing Your Everchanging “Perimeter”
Public Platforms
Virtualization
The Good Ole Days
Cloud Computing
Forums, Blogs, News
& Reviews
Code Sharing
Web Marketplaces
Social Media
Email & Slack
Deep & Dark Web
Domain Registries
Mobile App
Stores

140
Securing Your Everchanging “Perimeter”
Impersonations
Social Accounts
Fake Domains
Fake Websites
Fraudulent Email
Partners
Customers
Employees

141
360°
Visibility into risks on
social and digital channels
outside your firewall
15 seconds
Average time to alert, saving
internal teams valuable time
spent searching for
risks manually
6+ hours
Saved per week on manual
identification of
impersonations on
average
Phishing/SMiShing
and Malware
Account
Hacking
Domain Spoofing
Piracy and Counterfeit
Goods
Customer
Scams
Trademark Infringements
Brand & Executive
Impersonators
Reputation Damage
Information Leakage
Offensive Content
Compliance Violations
Physical Violence
TM
Risks Beyond Your “Perimeter”

142
Real-time Digital Visibility,
Threat Intelligence &
Protection

143SLIDE
/
Identify
Risks on digital platforms
Protect & Monitor
What matters to
your organization
Gain Intelligence &
Remediate
Threats to your brand,
customers, execs, employees
and business
Identify Digital Channel Exposure
Define Your Digital Assets
Brands | Domains | Executives | Data | Employees | Locations
Machine-Driven Monitoring & Analysis
AI-Based| Alerts | Reporting
Human-Driven Analysis
ZeroFOX OnWatch™
Threat Intelligence &
Remediation
ZeroFOX Alpha Team
Takedown-as-a-Service™
Complete Digital Visibility, Intelligence & Protection
Digital Protection
Strategy

144
Defend & Remediate with
Takedown as-a-Service

Remediate all threats to your brand and org.
Hide, block, delete and remove offending profiles and posts
Identify and remove threats
Mitigate threats to your brand, business, people and
locations across social media, mobile, web, email,
marketplaces, domains and more
Save time and resources
Reduce time spent identifying, investigating and
mitigating threats manually — rely on ZeroFOX to act on
your behalf
Increase reach and effectiveness
Strengthen your digital visibility and protection by not only
identifying threats, but taking action against those threats
145

Sophos Security for the Public
Cloud
David Okeyode – Public Cloud Security Architect
3xMCSE | MCT | VCP | CCNP | AWS SA-Pro
@asegunlolu asegunlolu
Is YOUR head in the
Clouds?
Jon Hope -
Senior Sales Engineer
@JonHope_Sophos

3%
11%
12%
17%
19%
52%
61%
6%
8%
9%
16%
22%
16%
16%
8%
7%
6%
13%
14%
9%
7%
Alibaba
Oracle Cloud
IBM Cloud
Vmware Cloud on AWS
Google Cloud
Azure
AWS
Currently use Experimenting Plan to use
Public Cloud Adoption
% of All Respondants
Source: RightScale, 2019 State of the Cloud Report from Flexera 150

Growing at 6x rate of general IT
spending through 2020*
151
Source IDC, “The Salesforce Economy,” September 2016, salesforce.com.

Responsibility IaaS
Data classification &
accountability
Client & end-point
protection
Identity & access
management
Application level
controls
Network controls
Host infrastructure
Physical security
SaaSPaaSOn-prem
Division of Responsibility
Source: Microsoft TechNet – Shared Responsibilities for Cloud Computing
Platform provider is
responsible for the
security ‘of’ the Cloud
The Customer is
responsible for
security ‘in’ the Cloud
Customer Cloud provider
Who’s Problem is it Anyway?
YOU are

Sophos Solutions
For Public Cloud Security
156

Sophos Server Protection
• Prevents attacks by:
o Reducing the attack surface
o Identifying malware before it
runs
• Detects malicious activity:
o Hacking and exploit attempts
o Ransomware and malware
• Responds by:
o Allowing for automated or
manual removal
o Providing Root Cause Analysis
Responsibility IaaS
accountability
Client & end-point
protection
Identity & access
management
Application level
controls
Network controls
Host infrastructure
Physical security
SaaSPaaSOn-prem

Ransomware Behavior Protection
CryptoGuard – File Protection
• Takes just in time file cache
• Identifies malicious file encryption behavior
• Isolates malicious process
• Automatically rolls back affected files
WipeGuard – Disk & Boot Protection
• Prevents malicious tampering with
system areas of disk
• Stops malicious processes
• Proven effective during NotPetya
DATA PARTITION
WIPEGUARD
CRYPTOGUARD
MBR
SYSTEM
INFORMATION
.DOC .JPG .XLSX
DISK LAYOUT
160

Azure Network Security Best Practices
162

• Illuminates hidden risk:
o Exposing suspect users and apps
o Rich on-device reporting
• Protects against malware:
o Pedigree IPS plus Dual A/V
o Sandboxes unknown content
• Responds by:
o Denying the hacker
o Automated isolation of
compromised servers
o Lateral movement prevention
Responsibility IaaS
accountability
Client & end-point
protection
Identity & access
management
Application level
controls
Network controls
Host infrastructure
Physical security
On-prem
Sophos Firewall
On-prem SaaSPaaS

Sophos Firewall: WAF and IPS Single Solution
Inbound
Request
No
Yes
Route to
Destination
GEO IP Filtering SSL TerminationInbound DoS & IPS
Proxy request on
behalf of sender
URL Based
Routing (+
Access
Control)
Http/Https
Protocol
Anomaly
Detection
RPC
Traffic?
RPC
Protocol
Filter
SSL Re-EncryptionQOS
OWASP
“10”
Cookie
Tampering
Detection
URL Hardening
& Session
Handling
Reverse Proxy
Authentication
(w/MFA)
Request
Redirection
Reverse Proxy
Authentication
(w/MFA)
OWASP
“10”
Content
Inspection
File Type
Detection &
Enforcement
Load Balancing
and Failover
Routing
Request
Rewriting
IPS

Security Heartbeat™
Synchronized Security in The Public Cloud
Security Heartbeat™
Servers
XG Firewall Sophos Central
Internet
XG Firewall Servers
Availability Zone
Availability Zone
167

Sophos Central-Single Pane of Glass Management
169
Allows partners to manage
multiple customer installations
Endpoint Protection
Email Security
Web Gateway
Server Protection
Encryption
Mobile Protection
Wireless Allows users to access email,
mobile, and encryption features
Reseller Dashboard Customer Admin User Self Service
Firewall Management

Sophos Intercept X for Server and Endpoint
Manage all your Firewalls, Servers and Endpoints from a single interface
Hybridenvironment CorporateDatacentre
170

Sophos Central Cloud Workload Discovery
172
Auto-Scaling
Versioning
Encryption
AWSS3 permissions
IdentifyAWS S3 configurations
violating company policy

Public Cloud Security Breaches
of cloud security failures will
be the customer’s fault
95%
SIX MILLION PII RECORDS
20 THOUSAND CUSTOMER RECORDS
200K CUSTOMER CALL RECORDINGS EXPOSED
175
Source: There's a Hole in 1,951 Amazon S3 Buckets, Rapid 7
LARGE DISCOUNT BROKERAGE FIRM
TELETEXT HOLIDAYS
TELECOMMUNICATIONS COMPANY
By 2020

Built for The Cloud
Cloud Optix
• You can’t secure what you can’t see
• Automatic workload discovery, security vulnerability
scanning and response
AI Powered Security
Analytics and Monitoring
Governance, Risk
and Compliance
DevSecOps
176

177
END-TO-END
VISIBILITY
177
• Full asset inventory
(AWS, Azure, and GCP)
• Network topology
visualisation
• View traffic flow
(ingress/egress/
internal)
• Security Group
analyses how traffic
may flow
• Analyse Host traffic for
hidden vulnerability
i.e. open databases

178
CONTINUOUS
COMPLIANCE
178
• Continuous monitoring
• Custom policies
• Out of the box
templates
• GDPR, CIS, SOC2,
HIPAA, ISO 27001
and PCI DSS
• Guardrails prevent
changes to critical
systems
• Jira and ServiceNow
integration

179
AI-POWERED
ALERTS AND
RESPONSE
179
• Identify suspicious
logins and API calls
• Detect suspicious
traffic patterns
• Close open storage
buckets (S3) and ports
• Detect configuration
drift
• Scan IaC templates in
Github, Bitbucket and
Jenkins Pipeline

You NEED Protection
181
 Sophos Cloud Optix
 Intercept X for Server
 UTM
 XG Firewall

• Your Servers :
o Blocking Malware
o Ransomware Prevention
• Your Virtual Networks:
o Firewall, A/V Scanning
o IPS and WAF
o Sandboxing Unknown Content
o Automated Isolation of
Compromised
o Servers
• Your Dynamic Estate:
o Single Management Platform
o Automated Workload Discovery
o Cloud Optix
Responsibility IaaS
accountability
Client & end-point
protection
Identity & access
management
Application level
controls
Network controls
Host infrastructure
Physical security
On-prem
Sophos Protects
SaaSPaaS

Exhibition &
Networking
Get into the thick of it and network for the rest of
the evening with these wonderful speakers. Who will
pique your interest?

Contact us
Phone: +44(0)203 657 0707
Email: hello@seconcyber.com

CyberDen 2020

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to CyberDen 2020

Similar to CyberDen 2020 (20)

Recently uploaded

Recently uploaded (20)

CyberDen 2020