SlideShare une entreprise Scribd logo

Gestiona el riesgo de las grandes amenazas

Nextel S.A.
Nextel S.A.

The document provides information about Check Point's Compliance Software Blade, which allows users to monitor security and compliance across their network in real-time. The Compliance Software Blade integrates fully with Check Point's security management platform and provides visibility into security best practices mapped to various regulations. It also offers out-of-the-box audit preparation and compliance reporting to help streamline regulatory compliance efforts.

Technologie
1  sur  58
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. ©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Los Riesgos de Nuevas amenazas Mayo 2014
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. ©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. DDoS Attacks
3©2013 Check Point Software Technologies Ltd. 2001 20102005 Attack Risk Time© 2011, Radware, Ltd. Blaster 2003 CodeRed 2001 Nimda (Installed Trojan) 2001 Slammer (Attacking SQL sites) 2003 Vandalism and Publicity Storm (Botnet) 2007 Agobot (DoS Botnet) Srizbi (Botnet) 2007Rustock (Botnet) 2007 Kracken (Botnet) 2009 2010 IMDDOS (Botnet) Financially Motivated Mar 2011 DDoS Wordpress.com Blending Motives Mar 2011 Codero DDoS / Twitter Israeli sites Google / Twitter Attacks2009 Republican website DoS 2004 Estonia’s Web Sites DoS 2007 Georgia Web sites DoS 2008 July 2009 Cyber Attacks US & Korea Dec 2010 Operation Payback Mar 2011 Netbot DDoS Mar 2011 Operation Payback II ―Hacktivism‖ LulzSec Sony, CIA, FBI Peru, Chile 2012 DDoS Timeline—Summary Graph “Worms” DDoS “Blend” DDoS Attacks Gaining Momentum
4©2013 Check Point Software Technologies Ltd. Application Layer Attacks Network Layer Attacks DDoS Attack by Types More attacks are targeted at the application layer TCP SYN Flood
5©2013 Check Point Software Technologies Ltd. Layer 7 DoS Attacks  Legitimate traffic  Low bandwidth  Exploit TCP protocol  Partial HTTP Requests  Recursive DNS Spoofing  Application Exploits  And more…  Use of TOR  Use of proxies  Use of botnets Allowed Traffic Hidden Sources Attack Vectors Attack Damage
10©2013 Check Point Software Technologies Ltd. Attackers Use Multi-Layer DDoS Large-volume network flood attacks Web attacks: brute force login locked SYN flood attack Application vulnerability ―Low and slow‖ DoS attacks (e.g., Sockstress) High and slow application DoS attacks Simultaneous Attack Vectors 1 successful attack vector = No service
11©2013 Check Point Software Technologies Ltd. DDoS and Traditional Security Attackers Take Advantage of Traditional Security  Routers may be affected before firewalls  Firewalls track state of network connections (Can be bottleneck)  Firewalls allow legitimate traffic (e.g. port 80 to web server)  IPS allows legitimate request (e.g. get http/1.0rn)  Application Control allows legitimate services (DNS or HTTPS)
12©2013 Check Point Software Technologies Ltd. Traditional Firewalls Not Sufficient Not Designed for Network and Application DDoS Protection  Basic rate based flood protection affects all traffic (Real users and attack traffic)  Lacks Comprehensive Layer 7 DDoS protection – Poor detection of sly attacks – No filters to block attacks and allow real traffic – Administrators cannot create custom signatures
13©2013 Check Point Software Technologies Ltd. What Software Blades Can Do  Firewall configurations: network access control – Aggressive aging: protection against connection-consuming attacks – Network quota: limit number of connections by source IP – ICMP/UDP perimeter, initial drop rules: drop early in policy – Lower Stateful Inspection timers: defense against slow attack  IPS configurations: proactive intrusion prevention – Geo protection: Rules to block by country and direction of traffic – Worm catcher signature: block known worms (HTTP and CIFS) – TCP window size enforcement: small TCP window and flood – SYN flood protection: cookie-based validation – HTTP flooding: rate-based blocking  SmartEvent and SmartLog: improved visibility and forensics
14©2013 Check Point Software Technologies Ltd. Block Denial of Service Attacks within seconds! Introducing Check Point Check Point DDoS Protector™
15©2013 Check Point Software Technologies Ltd. Check Point DDoS Protector Flexible deployment options Customized multi-layered DDoS protection Fast response time—protect within seconds DDoS Protector Integrated with Check Point security management
17©2013 Check Point Software Technologies Ltd. Product Information Model DP 506 DP 1006 DP 2006 DP 3006 DP 4412 DP 8412 DP 12412 Capacity 0.5Gbps 1Gbps 2Gbps 3Gbps 4GBps 8Gbps 12Gbps Max Concurrent Sessions 2 Million 4 Million Max DDoS Flood Attack Protection Rate 1 Million packets per second 10 Million packets per second Latency <60 micro seconds Real-time signatures Detect and protect against attacks in less than 18 seconds
18©2013 Check Point Software Technologies Ltd. DDoS Attack Information Network Flood High volume of packets Server Flood High rate of new sessions Application Web / DNS connection- based attacks Low & Slow Attacks Advanced attack techniques
19©2013 Check Point Software Technologies Ltd. Network Flood High volume of packets Server Flood High rate of new sessions Application Web / DNS connection- based attacks Low & Slow Attacks Advanced attack techniques Multi-Layer DDoS Protection Behavioral network analysis Stateless and behavioral engines Automatic and pre-defined signatures Protections against misuse of resources Behavioral HTTP and DNS Challenge / response mitigation methods Granular custom filters Create filters that block attacks and allow users
20©2013 Check Point Software Technologies Ltd. Flexible Deployment Options Low Maintenance and Support Optional Learning Mode Deployment Fits to Existing Network Topology Ready to Protect in Minutes 20©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |
21©2013 Check Point Software Technologies Ltd. + Deployment Locations On-Premise Deployment DDoS Security Appliance Off-Site Deployment DDoS Security Appliance Scenarios: 1 2 3 Transparent network device easily fits into existing network topology (layer 2 bridge)
22©2013 Check Point Software Technologies Ltd. Simple Deployment Ready to protect any size network in minutes 1.Plug it in… 2.Let it learn… 3.Protected by signatures Signatures are ready to protect Baseline good network and application behavior No network address changes (Layer 2 bridge)
25©2013 Check Point Software Technologies Ltd.©2013 Check Point Software Technologies Ltd. Zero Day & APTs
26©2013 Check Point Software Technologies Ltd. WOULD YOU OPEN THIS ATTACHMENT?
27©2013 Check Point Software Technologies Ltd. TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS Duqu Worm Causing Collateral Damage in a Silent Cyber-War Worm exploiting zero-day vulnerabilities in a Word document
28©2013 Check Point Software Technologies Ltd. Exploiting Zero-day vulnerabilities New vulnerabilities Countless new variants ―nearly 200,000 new malware samples appear around the world each day‖ - net-security.org, June 2013
29©2013 Check Point Software Technologies Ltd. WHAT ABOUT NEW ATTACKS? Block download of malware infested files Detect and prevent bot damage Stops exploits of known vulnerabilities Check Point Multi-Layered Threat Prevention IPS Anti-Bot Antivirus
30©2013 Check Point Software Technologies Ltd. Check Point introducing Check Point ThreatCloud Emulation Service PREVENTION OF ZERO-DAY ATTACKS !
31©2013 Check Point Software Technologies Ltd. INSPECT FILE PREVENTSHARE Stop undiscovered attacks with Check Point Threat Emulation INSPECT FILE EMULATE PREVENTSHARE
32©2013 Check Point Software Technologies Ltd. Exe files, PDF and Office documents Identify files in email attachments and downloads over the web Send file to virtual sandbox INSPECT Requires no infrastructure change or adding devices
33©2013 Check Point Software Technologies Ltd. EMULATE Open file and monitor abnormal behavior Emulating Multi OS environments WIN 7, 8, XP & user customized Monitored behavior: • file system • system registry • network connections • system processes
34©2013 Check Point Software Technologies Ltd. A STANDARD CV? Emulation @ Work
35©2013 Check Point Software Technologies Ltd. Emulation @ Work
36©2013 Check Point Software Technologies Ltd. Emulation @ Work File System Activity System Registry System Processes Network Connections Abnormal file activity Tampered system registry Remote Connection to Command & Control Sites ―Naive‖ processes created
37©2013 Check Point Software Technologies Ltd. PREVENT Security Gateway Inline stopping of malicious files on any gateway
38©2013 Check Point Software Technologies Ltd. Immediate update of all gateways SHARE
39©2013 Check Point Software Technologies Ltd. INSPECT FILE EMULATE PREVENTSHARE Stop undiscovered attacks with ThreatCloud Emulation Service
40©2013 Check Point Software Technologies Ltd. New exploit variant of vulnerability (CVE-2012-0158) Installs a bot agent Opens network ports for bot communication Steals user credentials Real Life Example Prevented 140 phishing emails targeting 4 customers in 2 days!
41©2013 Check Point Software Technologies Ltd. Most Accurate and Fastest Prevention Optimize analysis by inspecting only files at risk Zero false-positive in document emulation THREAT EMULATION with ongoing innovation
42©2013 Check Point Software Technologies Ltd. ThreatCloud Emulation Service Branch Headquarters Branch Agent for Exchange Server ThreatCloud Emulation Service Single Global Solution – For the entire organization
43©2013 Check Point Software Technologies Ltd. Specifications Recommended # of File scanning per Month 250,000 1,000,000 Recommended # of users 1,700 7,000 Throughput (Mbps) 691 2032 Threat Emulation Private Cloud Appliance Multiple deployment options: Inline, Mail Transfer Agent, Tap
44©2013 Check Point Software Technologies Ltd. ThreatCloud Emulation Service Advantages Cloud based service— works with your existing infrastructure. No need to install new equipment Control expenses with manageable lower monthly costs Organizations can choose from 5 subscription options for global file inspections, starting at 10,000 files per month and up
45©2013 Check Point Software Technologies Ltd. threats@checkpoint.com threatemulation.checkpoint.com Anyone can submit files for THREAT EMULATION
46©2013 Check Point Software Technologies Ltd. Multi-Layered Protection Against all Incoming Cyber Threats Check Point Threat Prevention Solution
47©2013 Check Point Software Technologies Ltd. Top Reasons customers pick Check Point Threat Emulation works with your existing infrastructure -- No need to install any new equipment A Complete Threat Prevention Solution for Known and Unknown threats
48©2013 Check Point Software Technologies Ltd.©2013 Check Point Software Technologies Ltd. Compliance Software Blade REVOLUTIONIZING SECURITY & COMPLIANCE
49©2013 Check Point Software Technologies Ltd. Agenda 1 Market Background Compliance Software Blade2 Extending GRC with easy2comply3 Compliance Customer Stories4 [Restricted] ONLY for designated groups and individuals Summary5
50©2013 Check Point Software Technologies Ltd. As Security Pressures Grow… [Restricted] ONLY for designated groups and individuals
51©2013 Check Point Software Technologies Ltd. … and Regulatory Compliance Needs Increase MORE MORE MORE Regulations Frequent Complex [Restricted] ONLY for designated groups and individuals
52©2013 Check Point Software Technologies Ltd.
53©2013 Check Point Software Technologies Ltd. Compliance Software Blade Presenting: Check Point’s first integrated and fully automated Security & Compliance Monitoring [Restricted] ONLY for designated groups and individuals
54©2013 Check Point Software Technologies Ltd. Security and Compliance Made Easy [Restricted] ONLY for designated groups and individuals
55©2013 Check Point Software Technologies Ltd. Easy Installation: Up and Running within 2Mouse Clicks Fully Integrated Management Blade [Restricted] ONLY for designated groups and individuals
56©2013 Check Point Software Technologies Ltd. Library of Security Best Practices [Restricted] ONLY for designated groups and individuals
57©2013 Check Point Software Technologies Ltd. 360 Security Visibility Detailed Security Analysis [Restricted] ONLY for designated groups and individuals
58©2013 Check Point Software Technologies Ltd. Detailed Security Analysis [Restricted] ONLY for designated groups and individuals
59©2013 Check Point Software Technologies Ltd. ISO 27001 PCI- DSS GLBA NIST 800-41 HIPAA ISO 27002 Cobit 4.1 Complex Regulatory Requirements……mapped to Security Best Practices
60©2013 Check Point Software Technologies Ltd. Real-Time Assessment of major regulations across Check Point Software Blades Regulatory Compliance Monitoring [Restricted] ONLY for designated groups and individuals
61©2013 Check Point Software Technologies Ltd. Out of the Box Audit Preparation [Restricted] ONLY for designated groups and individuals
62©2013 Check Point Software Technologies Ltd. Real Time Security Alerts [Restricted] ONLY for designated groups and individuals
63©2013 Check Point Software Technologies Ltd. Actionable Management [Restricted] ONLY for designated groups and individuals
64©2013 Check Point Software Technologies Ltd. NOW IS THE TIME TO STREAMLINE SECURITY WITH REGULATORY COMPLIANCE [Restricted] ONLY for designated groups and individuals  Real-Time Security Monitoring  Compliance Reporting  Security Alerts  Complementary GRC Solution Summary
Thank You

Recommandé

Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointDetección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointNextel S.A.
 
Check Point Threat emulation 2013
Check Point Threat emulation 2013Check Point Threat emulation 2013
Check Point Threat emulation 2013Group of company MUK
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a securityGroup of company MUK
 
Check point presentation june 2014
Check point presentation june 2014Check point presentation june 2014
Check point presentation june 2014David Berkelmans
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopPriyanka Aash
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefLancope, Inc.
 
Multi domain security-management_technical_presentation
Multi domain security-management_technical_presentationMulti domain security-management_technical_presentation
Multi domain security-management_technical_presentationdavebrosnan
 
Check Point sizing security
Check Point sizing securityCheck Point sizing security
Check Point sizing securityGroup of company MUK
 

Recommandé

Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointDetección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check PointNextel S.A.
 
Check Point Threat emulation 2013
Check Point Threat emulation 2013Check Point Threat emulation 2013
Check Point Threat emulation 2013Group of company MUK
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a securityGroup of company MUK
 
Check point presentation june 2014
Check point presentation june 2014Check point presentation june 2014
Check point presentation june 2014David Berkelmans
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopPriyanka Aash
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefLancope, Inc.
 
Multi domain security-management_technical_presentation
Multi domain security-management_technical_presentationMulti domain security-management_technical_presentation
Multi domain security-management_technical_presentationdavebrosnan
 
Check Point sizing security
Check Point sizing securityCheck Point sizing security
Check Point sizing securityGroup of company MUK
 
Check Point Virtual Systems
Check Point Virtual SystemsCheck Point Virtual Systems
Check Point Virtual SystemsGroup of company MUK
 
checkpoint
checkpointcheckpoint
checkpointMayank Dhingra
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service HardeningDigital Bond
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....Shah Sheikh
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Network Security - Real and Present Dangers
Network Security - Real and Present DangersNetwork Security - Real and Present Dangers
Network Security - Real and Present DangersPeter Wood
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014Digital Bond
 
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportGroup of company MUK
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data CenterGroup of company MUK
 
Mobile Device Mismanagement
Mobile Device MismanagementMobile Device Mismanagement
Mobile Device Mismanagementbreenmachine
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1Frank Avila Zapata
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Dawn Yankeelov
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
Checkpoint ccsa r76
Checkpoint ccsa r76Checkpoint ccsa r76
Checkpoint ccsa r76Vaibhav Agrawal
 
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseCheckpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseGlobal Online Trainings
 
HOMEPATH "READY BUYER"
HOMEPATH "READY BUYER"HOMEPATH "READY BUYER"
HOMEPATH "READY BUYER"SUSAN HARVEY
 
Using technology to maintain course quality- delivery a city course in the co...
Using technology to maintain course quality- delivery a city course in the co...Using technology to maintain course quality- delivery a city course in the co...
Using technology to maintain course quality- delivery a city course in the co...HMVT Teaching and Learning Space
 

Contenu connexe

Tendances

Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service HardeningDigital Bond
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....Shah Sheikh
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Network Security - Real and Present Dangers
Network Security - Real and Present DangersNetwork Security - Real and Present Dangers
Network Security - Real and Present DangersPeter Wood
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014Digital Bond
 
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportGroup of company MUK
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitShah Sheikh
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data CenterGroup of company MUK
 
Mobile Device Mismanagement
Mobile Device MismanagementMobile Device Mismanagement
Mobile Device Mismanagementbreenmachine
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Dawn Yankeelov
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseCheckpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseGlobal Online Trainings
 

Tendances (20)

Check Point Virtual Systems
Check Point Virtual SystemsCheck Point Virtual Systems
Check Point Virtual Systems
 
checkpoint
checkpointcheckpoint
checkpoint
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service Hardening
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS Communications
 
Network Security - Real and Present Dangers
Network Security - Real and Present DangersNetwork Security - Real and Present Dangers
Network Security - Real and Present Dangers
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014
 
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
 
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS SummitVIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
 
Mobile Device Mismanagement
Mobile Device MismanagementMobile Device Mismanagement
Mobile Device Mismanagement
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
Checkpoint ccsa r76
Checkpoint ccsa r76Checkpoint ccsa r76
Checkpoint ccsa r76
 
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseCheckpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online Course
 

En vedette

HOMEPATH "READY BUYER"
HOMEPATH "READY BUYER"HOMEPATH "READY BUYER"
HOMEPATH "READY BUYER"SUSAN HARVEY
 
Using technology to maintain course quality- delivery a city course in the co...
Using technology to maintain course quality- delivery a city course in the co...Using technology to maintain course quality- delivery a city course in the co...
Using technology to maintain course quality- delivery a city course in the co...HMVT Teaching and Learning Space
 
Веб-аналитика для чайников
Веб-аналитика для чайниковВеб-аналитика для чайников
Веб-аналитика для чайниковAlexander Verhozin
 
Интернет-маркетинг для тренеров личностного роста
Интернет-маркетинг для тренеров личностного ростаИнтернет-маркетинг для тренеров личностного роста
Интернет-маркетинг для тренеров личностного ростаAlexander Verhozin
 
Вам не нужен сайт!
Вам не нужен сайт!Вам не нужен сайт!
Вам не нужен сайт!Alexander Verhozin
 
Understanding gc qconny2012
Understanding gc qconny2012Understanding gc qconny2012
Understanding gc qconny2012wgrahamt
 
Manual de Identidade Visual - Amanda Melina
Manual de Identidade Visual - Amanda MelinaManual de Identidade Visual - Amanda Melina
Manual de Identidade Visual - Amanda MelinaGustavo Macedo
 
Say no to aborsi
Say no to aborsiSay no to aborsi
Say no to aborsibeautyviol
 
Product teams. The Good, the Bad, the Unaligned.
Product teams. The Good, the Bad, the Unaligned.Product teams. The Good, the Bad, the Unaligned.
Product teams. The Good, the Bad, the Unaligned.Arseny Kravchenko
 
Ukraine - et marked på grænsen til EU
Ukraine - et marked på grænsen til EUUkraine - et marked på grænsen til EU
Ukraine - et marked på grænsen til EUMorten Munk
 
ScrumMaster activities in building a winning self organized teams - Naveen Na...
ScrumMaster activities in building a winning self organized teams - Naveen Na...ScrumMaster activities in building a winning self organized teams - Naveen Na...
ScrumMaster activities in building a winning self organized teams - Naveen Na...Naveen Nanjundappa
 
First time buyers top 25 questions
First time buyers top 25 questionsFirst time buyers top 25 questions
First time buyers top 25 questionsSUSAN HARVEY
 
Presentacion motivafit startup live alicante
Presentacion motivafit startup live alicantePresentacion motivafit startup live alicante
Presentacion motivafit startup live alicanteNadia Calatayud
 
Indus Pride Take Pride India Quiz case study
Indus Pride Take Pride India Quiz case studyIndus Pride Take Pride India Quiz case study
Indus Pride Take Pride India Quiz case studyKumpz King
 
Nocall 2009 Friend Feed
Nocall 2009 Friend FeedNocall 2009 Friend Feed
Nocall 2009 Friend FeedJaye Lapachet
 
Attack Toolkit & Social Norms
Attack Toolkit & Social NormsAttack Toolkit & Social Norms
Attack Toolkit & Social NormsAlex T.
 

En vedette (20)

HOMEPATH "READY BUYER"
HOMEPATH "READY BUYER"HOMEPATH "READY BUYER"
HOMEPATH "READY BUYER"
 
Using technology to maintain course quality- delivery a city course in the co...
Using technology to maintain course quality- delivery a city course in the co...Using technology to maintain course quality- delivery a city course in the co...
Using technology to maintain course quality- delivery a city course in the co...
 
Веб-аналитика для чайников
Веб-аналитика для чайниковВеб-аналитика для чайников
Веб-аналитика для чайников
 
Интернет-маркетинг для тренеров личностного роста
Интернет-маркетинг для тренеров личностного ростаИнтернет-маркетинг для тренеров личностного роста
Интернет-маркетинг для тренеров личностного роста
 
Вам не нужен сайт!
Вам не нужен сайт!Вам не нужен сайт!
Вам не нужен сайт!
 
Understanding gc qconny2012
Understanding gc qconny2012Understanding gc qconny2012
Understanding gc qconny2012
 
Manual de Identidade Visual - Amanda Melina
Manual de Identidade Visual - Amanda MelinaManual de Identidade Visual - Amanda Melina
Manual de Identidade Visual - Amanda Melina
 
Say no to aborsi
Say no to aborsiSay no to aborsi
Say no to aborsi
 
Product teams. The Good, the Bad, the Unaligned.
Product teams. The Good, the Bad, the Unaligned.Product teams. The Good, the Bad, the Unaligned.
Product teams. The Good, the Bad, the Unaligned.
 
Leading Change and Coaching
Leading Change and CoachingLeading Change and Coaching
Leading Change and Coaching
 
Ukraine - et marked på grænsen til EU
Ukraine - et marked på grænsen til EUUkraine - et marked på grænsen til EU
Ukraine - et marked på grænsen til EU
 
FOREIGN NATIONALS
FOREIGN NATIONALSFOREIGN NATIONALS
FOREIGN NATIONALS
 
ScrumMaster activities in building a winning self organized teams - Naveen Na...
ScrumMaster activities in building a winning self organized teams - Naveen Na...ScrumMaster activities in building a winning self organized teams - Naveen Na...
ScrumMaster activities in building a winning self organized teams - Naveen Na...
 
Presentació recursos PDI 2014
Presentació recursos PDI 2014Presentació recursos PDI 2014
Presentació recursos PDI 2014
 
First time buyers top 25 questions
First time buyers top 25 questionsFirst time buyers top 25 questions
First time buyers top 25 questions
 
Presentacion motivafit startup live alicante
Presentacion motivafit startup live alicantePresentacion motivafit startup live alicante
Presentacion motivafit startup live alicante
 
Indus Pride Take Pride India Quiz case study
Indus Pride Take Pride India Quiz case studyIndus Pride Take Pride India Quiz case study
Indus Pride Take Pride India Quiz case study
 
Improve your Online Sales by Using Data Driven e-Commerce
Improve your Online Sales by Using Data Driven e-CommerceImprove your Online Sales by Using Data Driven e-Commerce
Improve your Online Sales by Using Data Driven e-Commerce
 
Nocall 2009 Friend Feed
Nocall 2009 Friend FeedNocall 2009 Friend Feed
Nocall 2009 Friend Feed
 
Attack Toolkit & Social Norms
Attack Toolkit & Social NormsAttack Toolkit & Social Norms
Attack Toolkit & Social Norms
 

Similaire à Gestiona el riesgo de las grandes amenazas

Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityAbdul Wahid
 
Uncover Vulnerabilities Beyond Software Vulnerabilities
Uncover Vulnerabilities Beyond Software VulnerabilitiesUncover Vulnerabilities Beyond Software Vulnerabilities
Uncover Vulnerabilities Beyond Software VulnerabilitiesSecPod
 
ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfTuPhan66
 
Uncovering Vulnerabilities Beyond Software Vulnerabilities
Uncovering Vulnerabilities Beyond Software VulnerabilitiesUncovering Vulnerabilities Beyond Software Vulnerabilities
Uncovering Vulnerabilities Beyond Software VulnerabilitiesSecPod
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays
 
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...Eric Vanderburg
 
Security_Testing_Presentation
Security_Testing_PresentationSecurity_Testing_Presentation
Security_Testing_PresentationRazil Shaik
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosHaltdos
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesSymantec
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsEmulex Corporation
 
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAMCómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAMMundo Contact
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
DDOS Attack on Cloud Platforms.pptx
DDOS Attack on Cloud Platforms.pptxDDOS Attack on Cloud Platforms.pptx
DDOS Attack on Cloud Platforms.pptxShaimKibria
 
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Sqreen
 
Check Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast AgentCheck Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast AgentMarketingArrowECS_CZ
 

Similaire à Gestiona el riesgo de las grandes amenazas (20)

Check Point Ddos protector
Check Point Ddos protectorCheck Point Ddos protector
Check Point Ddos protector
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Uncover Vulnerabilities Beyond Software Vulnerabilities
Uncover Vulnerabilities Beyond Software VulnerabilitiesUncover Vulnerabilities Beyond Software Vulnerabilities
Uncover Vulnerabilities Beyond Software Vulnerabilities
 
ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdf
 
Uncovering Vulnerabilities Beyond Software Vulnerabilities
Uncovering Vulnerabilities Beyond Software VulnerabilitiesUncovering Vulnerabilities Beyond Software Vulnerabilities
Uncovering Vulnerabilities Beyond Software Vulnerabilities
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
 
DDS Secure Intro
DDS Secure IntroDDS Secure Intro
DDS Secure Intro
 
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
The Bot Stops Here: Removing the BotNet Threat - Public and Higher Ed Securit...
 
Security_Testing_Presentation
Security_Testing_PresentationSecurity_Testing_Presentation
Security_Testing_Presentation
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
 
DDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-HaltdosDDoS Falcon_Tech_Specs-Haltdos
DDoS Falcon_Tech_Specs-Haltdos
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWARE
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
 
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAMCómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform Simplified
 
DDOS Attack on Cloud Platforms.pptx
DDOS Attack on Cloud Platforms.pptxDDOS Attack on Cloud Platforms.pptx
DDOS Attack on Cloud Platforms.pptx
 
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?
 
Check Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast AgentCheck Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast Agent
 

Plus de Nextel S.A.

Transformación de la organización TI
Transformación de la organización TITransformación de la organización TI
Transformación de la organización TINextel S.A.
 
Relación entre Tecnología y Negocio
Relación entre Tecnología y NegocioRelación entre Tecnología y Negocio
Relación entre Tecnología y NegocioNextel S.A.
 
Visión práctica sobre catálogo de servicios y gestión de costes TIC
Visión práctica sobre catálogo de servicios y gestión de costes TICVisión práctica sobre catálogo de servicios y gestión de costes TIC
Visión práctica sobre catálogo de servicios y gestión de costes TICNextel S.A.
 
Nuevo modelo de gestión avanzada
Nuevo modelo de gestión avanzadaNuevo modelo de gestión avanzada
Nuevo modelo de gestión avanzadaNextel S.A.
 
La gestión de una empresa pública TI
La gestión de una empresa pública TILa gestión de una empresa pública TI
La gestión de una empresa pública TINextel S.A.
 
Futuro y Tendencias TI - Preparación de profesionales en la Universidad
Futuro y Tendencias TI - Preparación de profesionales en la UniversidadFuturo y Tendencias TI - Preparación de profesionales en la Universidad
Futuro y Tendencias TI - Preparación de profesionales en la UniversidadNextel S.A.
 
Presentacion de Nextel S.A.
Presentacion de Nextel S.A.Presentacion de Nextel S.A.
Presentacion de Nextel S.A.Nextel S.A.
 
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...Nextel S.A.
 
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...Nextel S.A.
 
Linked data: mayor granularidad, mayor control de acceso
Linked data: mayor granularidad, mayor control de accesoLinked data: mayor granularidad, mayor control de acceso
Linked data: mayor granularidad, mayor control de accesoNextel S.A.
 
El Negocio del Riesgo
El Negocio del RiesgoEl Negocio del Riesgo
El Negocio del RiesgoNextel S.A.
 
Seguridad: sembrando confianza en el cloud
Seguridad: sembrando confianza en el cloudSeguridad: sembrando confianza en el cloud
Seguridad: sembrando confianza en el cloudNextel S.A.
 
Ahorrar invirtiendo, los beneficios de una buena gestión TIC
Ahorrar invirtiendo, los beneficios de una buena gestión TICAhorrar invirtiendo, los beneficios de una buena gestión TIC
Ahorrar invirtiendo, los beneficios de una buena gestión TICNextel S.A.
 
redBorder: Open or die
redBorder: Open or dieredBorder: Open or die
redBorder: Open or dieNextel S.A.
 
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidadesLa Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidadesNextel S.A.
 
Segurity Empower Business
Segurity Empower BusinessSegurity Empower Business
Segurity Empower BusinessNextel S.A.
 
Gestión automatizada de la Continuidad de Negocio con GlobalContinuity
Gestión automatizada de la Continuidad de Negocio con GlobalContinuityGestión automatizada de la Continuidad de Negocio con GlobalContinuity
Gestión automatizada de la Continuidad de Negocio con GlobalContinuityNextel S.A.
 
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...Nextel S.A.
 
El Reto de la Continuidad de Negocio
El Reto de la Continuidad de NegocioEl Reto de la Continuidad de Negocio
El Reto de la Continuidad de NegocioNextel S.A.
 
Red hat transforme su negocio mediante una estrategia de virtualización abierta
Red hat transforme su negocio mediante una estrategia de virtualización abierta Red hat transforme su negocio mediante una estrategia de virtualización abierta
Red hat transforme su negocio mediante una estrategia de virtualización abierta Nextel S.A.
 

Plus de Nextel S.A. (20)

Transformación de la organización TI
Transformación de la organización TITransformación de la organización TI
Transformación de la organización TI
 
Relación entre Tecnología y Negocio
Relación entre Tecnología y NegocioRelación entre Tecnología y Negocio
Relación entre Tecnología y Negocio
 
Visión práctica sobre catálogo de servicios y gestión de costes TIC
Visión práctica sobre catálogo de servicios y gestión de costes TICVisión práctica sobre catálogo de servicios y gestión de costes TIC
Visión práctica sobre catálogo de servicios y gestión de costes TIC
 
Nuevo modelo de gestión avanzada
Nuevo modelo de gestión avanzadaNuevo modelo de gestión avanzada
Nuevo modelo de gestión avanzada
 
La gestión de una empresa pública TI
La gestión de una empresa pública TILa gestión de una empresa pública TI
La gestión de una empresa pública TI
 
Futuro y Tendencias TI - Preparación de profesionales en la Universidad
Futuro y Tendencias TI - Preparación de profesionales en la UniversidadFuturo y Tendencias TI - Preparación de profesionales en la Universidad
Futuro y Tendencias TI - Preparación de profesionales en la Universidad
 
Presentacion de Nextel S.A.
Presentacion de Nextel S.A.Presentacion de Nextel S.A.
Presentacion de Nextel S.A.
 
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
¡Tsunami! ¿Vas a quedarte mirando la ola?: Panorama Actual de Ciberseguridad ...
 
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
Evaluación de riesgos asociados al puesto de trabajo: empleados, externos, vi...
 
Linked data: mayor granularidad, mayor control de acceso
Linked data: mayor granularidad, mayor control de accesoLinked data: mayor granularidad, mayor control de acceso
Linked data: mayor granularidad, mayor control de acceso
 
El Negocio del Riesgo
El Negocio del RiesgoEl Negocio del Riesgo
El Negocio del Riesgo
 
Seguridad: sembrando confianza en el cloud
Seguridad: sembrando confianza en el cloudSeguridad: sembrando confianza en el cloud
Seguridad: sembrando confianza en el cloud
 
Ahorrar invirtiendo, los beneficios de una buena gestión TIC
Ahorrar invirtiendo, los beneficios de una buena gestión TICAhorrar invirtiendo, los beneficios de una buena gestión TIC
Ahorrar invirtiendo, los beneficios de una buena gestión TIC
 
redBorder: Open or die
redBorder: Open or dieredBorder: Open or die
redBorder: Open or die
 
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidadesLa Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
La Web como plataforma de referencia: viejos ataques y nuevas vulnerabilidades
 
Segurity Empower Business
Segurity Empower BusinessSegurity Empower Business
Segurity Empower Business
 
Gestión automatizada de la Continuidad de Negocio con GlobalContinuity
Gestión automatizada de la Continuidad de Negocio con GlobalContinuityGestión automatizada de la Continuidad de Negocio con GlobalContinuity
Gestión automatizada de la Continuidad de Negocio con GlobalContinuity
 
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
Caso práctico: Implementación de GlobalSuite en un entorno heterogéneo de gra...
 
El Reto de la Continuidad de Negocio
El Reto de la Continuidad de NegocioEl Reto de la Continuidad de Negocio
El Reto de la Continuidad de Negocio
 
Red hat transforme su negocio mediante una estrategia de virtualización abierta
Red hat transforme su negocio mediante una estrategia de virtualización abierta Red hat transforme su negocio mediante una estrategia de virtualización abierta
Red hat transforme su negocio mediante una estrategia de virtualización abierta
 

Dernier

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 

Dernier (20)

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Gestiona el riesgo de las grandes amenazas

  • 1. ©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. ©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Los Riesgos de Nuevas amenazas Mayo 2014
  • 2. ©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. ©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. DDoS Attacks
  • 3. 3©2013 Check Point Software Technologies Ltd. 2001 20102005 Attack Risk Time© 2011, Radware, Ltd. Blaster 2003 CodeRed 2001 Nimda (Installed Trojan) 2001 Slammer (Attacking SQL sites) 2003 Vandalism and Publicity Storm (Botnet) 2007 Agobot (DoS Botnet) Srizbi (Botnet) 2007Rustock (Botnet) 2007 Kracken (Botnet) 2009 2010 IMDDOS (Botnet) Financially Motivated Mar 2011 DDoS Wordpress.com Blending Motives Mar 2011 Codero DDoS / Twitter Israeli sites Google / Twitter Attacks2009 Republican website DoS 2004 Estonia’s Web Sites DoS 2007 Georgia Web sites DoS 2008 July 2009 Cyber Attacks US & Korea Dec 2010 Operation Payback Mar 2011 Netbot DDoS Mar 2011 Operation Payback II ―Hacktivism‖ LulzSec Sony, CIA, FBI Peru, Chile 2012 DDoS Timeline—Summary Graph “Worms” DDoS “Blend” DDoS Attacks Gaining Momentum
  • 4. 4©2013 Check Point Software Technologies Ltd. Application Layer Attacks Network Layer Attacks DDoS Attack by Types More attacks are targeted at the application layer TCP SYN Flood
  • 5. 5©2013 Check Point Software Technologies Ltd. Layer 7 DoS Attacks  Legitimate traffic  Low bandwidth  Exploit TCP protocol  Partial HTTP Requests  Recursive DNS Spoofing  Application Exploits  And more…  Use of TOR  Use of proxies  Use of botnets Allowed Traffic Hidden Sources Attack Vectors Attack Damage
  • 6. 10©2013 Check Point Software Technologies Ltd. Attackers Use Multi-Layer DDoS Large-volume network flood attacks Web attacks: brute force login locked SYN flood attack Application vulnerability ―Low and slow‖ DoS attacks (e.g., Sockstress) High and slow application DoS attacks Simultaneous Attack Vectors 1 successful attack vector = No service
  • 7. 11©2013 Check Point Software Technologies Ltd. DDoS and Traditional Security Attackers Take Advantage of Traditional Security  Routers may be affected before firewalls  Firewalls track state of network connections (Can be bottleneck)  Firewalls allow legitimate traffic (e.g. port 80 to web server)  IPS allows legitimate request (e.g. get http/1.0rn)  Application Control allows legitimate services (DNS or HTTPS)
  • 8. 12©2013 Check Point Software Technologies Ltd. Traditional Firewalls Not Sufficient Not Designed for Network and Application DDoS Protection  Basic rate based flood protection affects all traffic (Real users and attack traffic)  Lacks Comprehensive Layer 7 DDoS protection – Poor detection of sly attacks – No filters to block attacks and allow real traffic – Administrators cannot create custom signatures
  • 9. 13©2013 Check Point Software Technologies Ltd. What Software Blades Can Do  Firewall configurations: network access control – Aggressive aging: protection against connection-consuming attacks – Network quota: limit number of connections by source IP – ICMP/UDP perimeter, initial drop rules: drop early in policy – Lower Stateful Inspection timers: defense against slow attack  IPS configurations: proactive intrusion prevention – Geo protection: Rules to block by country and direction of traffic – Worm catcher signature: block known worms (HTTP and CIFS) – TCP window size enforcement: small TCP window and flood – SYN flood protection: cookie-based validation – HTTP flooding: rate-based blocking  SmartEvent and SmartLog: improved visibility and forensics
  • 10. 14©2013 Check Point Software Technologies Ltd. Block Denial of Service Attacks within seconds! Introducing Check Point Check Point DDoS Protector™
  • 11. 15©2013 Check Point Software Technologies Ltd. Check Point DDoS Protector Flexible deployment options Customized multi-layered DDoS protection Fast response time—protect within seconds DDoS Protector Integrated with Check Point security management
  • 12. 17©2013 Check Point Software Technologies Ltd. Product Information Model DP 506 DP 1006 DP 2006 DP 3006 DP 4412 DP 8412 DP 12412 Capacity 0.5Gbps 1Gbps 2Gbps 3Gbps 4GBps 8Gbps 12Gbps Max Concurrent Sessions 2 Million 4 Million Max DDoS Flood Attack Protection Rate 1 Million packets per second 10 Million packets per second Latency <60 micro seconds Real-time signatures Detect and protect against attacks in less than 18 seconds
  • 13. 18©2013 Check Point Software Technologies Ltd. DDoS Attack Information Network Flood High volume of packets Server Flood High rate of new sessions Application Web / DNS connection- based attacks Low & Slow Attacks Advanced attack techniques
  • 14. 19©2013 Check Point Software Technologies Ltd. Network Flood High volume of packets Server Flood High rate of new sessions Application Web / DNS connection- based attacks Low & Slow Attacks Advanced attack techniques Multi-Layer DDoS Protection Behavioral network analysis Stateless and behavioral engines Automatic and pre-defined signatures Protections against misuse of resources Behavioral HTTP and DNS Challenge / response mitigation methods Granular custom filters Create filters that block attacks and allow users
  • 15. 20©2013 Check Point Software Technologies Ltd. Flexible Deployment Options Low Maintenance and Support Optional Learning Mode Deployment Fits to Existing Network Topology Ready to Protect in Minutes 20©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. |
  • 16. 21©2013 Check Point Software Technologies Ltd. + Deployment Locations On-Premise Deployment DDoS Security Appliance Off-Site Deployment DDoS Security Appliance Scenarios: 1 2 3 Transparent network device easily fits into existing network topology (layer 2 bridge)
  • 17. 22©2013 Check Point Software Technologies Ltd. Simple Deployment Ready to protect any size network in minutes 1.Plug it in… 2.Let it learn… 3.Protected by signatures Signatures are ready to protect Baseline good network and application behavior No network address changes (Layer 2 bridge)
  • 18. 25©2013 Check Point Software Technologies Ltd.©2013 Check Point Software Technologies Ltd. Zero Day & APTs
  • 19. 26©2013 Check Point Software Technologies Ltd. WOULD YOU OPEN THIS ATTACHMENT?
  • 20. 27©2013 Check Point Software Technologies Ltd. TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS Duqu Worm Causing Collateral Damage in a Silent Cyber-War Worm exploiting zero-day vulnerabilities in a Word document
  • 21. 28©2013 Check Point Software Technologies Ltd. Exploiting Zero-day vulnerabilities New vulnerabilities Countless new variants ―nearly 200,000 new malware samples appear around the world each day‖ - net-security.org, June 2013
  • 22. 29©2013 Check Point Software Technologies Ltd. WHAT ABOUT NEW ATTACKS? Block download of malware infested files Detect and prevent bot damage Stops exploits of known vulnerabilities Check Point Multi-Layered Threat Prevention IPS Anti-Bot Antivirus
  • 23. 30©2013 Check Point Software Technologies Ltd. Check Point introducing Check Point ThreatCloud Emulation Service PREVENTION OF ZERO-DAY ATTACKS !
  • 24. 31©2013 Check Point Software Technologies Ltd. INSPECT FILE PREVENTSHARE Stop undiscovered attacks with Check Point Threat Emulation INSPECT FILE EMULATE PREVENTSHARE
  • 25. 32©2013 Check Point Software Technologies Ltd. Exe files, PDF and Office documents Identify files in email attachments and downloads over the web Send file to virtual sandbox INSPECT Requires no infrastructure change or adding devices
  • 26. 33©2013 Check Point Software Technologies Ltd. EMULATE Open file and monitor abnormal behavior Emulating Multi OS environments WIN 7, 8, XP & user customized Monitored behavior: • file system • system registry • network connections • system processes
  • 27. 34©2013 Check Point Software Technologies Ltd. A STANDARD CV? Emulation @ Work
  • 28. 35©2013 Check Point Software Technologies Ltd. Emulation @ Work
  • 29. 36©2013 Check Point Software Technologies Ltd. Emulation @ Work File System Activity System Registry System Processes Network Connections Abnormal file activity Tampered system registry Remote Connection to Command & Control Sites ―Naive‖ processes created
  • 30. 37©2013 Check Point Software Technologies Ltd. PREVENT Security Gateway Inline stopping of malicious files on any gateway
  • 31. 38©2013 Check Point Software Technologies Ltd. Immediate update of all gateways SHARE
  • 32. 39©2013 Check Point Software Technologies Ltd. INSPECT FILE EMULATE PREVENTSHARE Stop undiscovered attacks with ThreatCloud Emulation Service
  • 33. 40©2013 Check Point Software Technologies Ltd. New exploit variant of vulnerability (CVE-2012-0158) Installs a bot agent Opens network ports for bot communication Steals user credentials Real Life Example Prevented 140 phishing emails targeting 4 customers in 2 days!
  • 34. 41©2013 Check Point Software Technologies Ltd. Most Accurate and Fastest Prevention Optimize analysis by inspecting only files at risk Zero false-positive in document emulation THREAT EMULATION with ongoing innovation
  • 35. 42©2013 Check Point Software Technologies Ltd. ThreatCloud Emulation Service Branch Headquarters Branch Agent for Exchange Server ThreatCloud Emulation Service Single Global Solution – For the entire organization
  • 36. 43©2013 Check Point Software Technologies Ltd. Specifications Recommended # of File scanning per Month 250,000 1,000,000 Recommended # of users 1,700 7,000 Throughput (Mbps) 691 2032 Threat Emulation Private Cloud Appliance Multiple deployment options: Inline, Mail Transfer Agent, Tap
  • 37. 44©2013 Check Point Software Technologies Ltd. ThreatCloud Emulation Service Advantages Cloud based service— works with your existing infrastructure. No need to install new equipment Control expenses with manageable lower monthly costs Organizations can choose from 5 subscription options for global file inspections, starting at 10,000 files per month and up
  • 38. 45©2013 Check Point Software Technologies Ltd. threats@checkpoint.com threatemulation.checkpoint.com Anyone can submit files for THREAT EMULATION
  • 39. 46©2013 Check Point Software Technologies Ltd. Multi-Layered Protection Against all Incoming Cyber Threats Check Point Threat Prevention Solution
  • 40. 47©2013 Check Point Software Technologies Ltd. Top Reasons customers pick Check Point Threat Emulation works with your existing infrastructure -- No need to install any new equipment A Complete Threat Prevention Solution for Known and Unknown threats
  • 41. 48©2013 Check Point Software Technologies Ltd.©2013 Check Point Software Technologies Ltd. Compliance Software Blade REVOLUTIONIZING SECURITY & COMPLIANCE
  • 42. 49©2013 Check Point Software Technologies Ltd. Agenda 1 Market Background Compliance Software Blade2 Extending GRC with easy2comply3 Compliance Customer Stories4 [Restricted] ONLY for designated groups and individuals Summary5
  • 43. 50©2013 Check Point Software Technologies Ltd. As Security Pressures Grow… [Restricted] ONLY for designated groups and individuals
  • 44. 51©2013 Check Point Software Technologies Ltd. … and Regulatory Compliance Needs Increase MORE MORE MORE Regulations Frequent Complex [Restricted] ONLY for designated groups and individuals
  • 45. 52©2013 Check Point Software Technologies Ltd.
  • 46. 53©2013 Check Point Software Technologies Ltd. Compliance Software Blade Presenting: Check Point’s first integrated and fully automated Security & Compliance Monitoring [Restricted] ONLY for designated groups and individuals
  • 47. 54©2013 Check Point Software Technologies Ltd. Security and Compliance Made Easy [Restricted] ONLY for designated groups and individuals
  • 48. 55©2013 Check Point Software Technologies Ltd. Easy Installation: Up and Running within 2Mouse Clicks Fully Integrated Management Blade [Restricted] ONLY for designated groups and individuals
  • 49. 56©2013 Check Point Software Technologies Ltd. Library of Security Best Practices [Restricted] ONLY for designated groups and individuals
  • 50. 57©2013 Check Point Software Technologies Ltd. 360 Security Visibility Detailed Security Analysis [Restricted] ONLY for designated groups and individuals
  • 51. 58©2013 Check Point Software Technologies Ltd. Detailed Security Analysis [Restricted] ONLY for designated groups and individuals
  • 52. 59©2013 Check Point Software Technologies Ltd. ISO 27001 PCI- DSS GLBA NIST 800-41 HIPAA ISO 27002 Cobit 4.1 Complex Regulatory Requirements……mapped to Security Best Practices
  • 53. 60©2013 Check Point Software Technologies Ltd. Real-Time Assessment of major regulations across Check Point Software Blades Regulatory Compliance Monitoring [Restricted] ONLY for designated groups and individuals
  • 54. 61©2013 Check Point Software Technologies Ltd. Out of the Box Audit Preparation [Restricted] ONLY for designated groups and individuals
  • 55. 62©2013 Check Point Software Technologies Ltd. Real Time Security Alerts [Restricted] ONLY for designated groups and individuals
  • 56. 63©2013 Check Point Software Technologies Ltd. Actionable Management [Restricted] ONLY for designated groups and individuals
  • 57. 64©2013 Check Point Software Technologies Ltd. NOW IS THE TIME TO STREAMLINE SECURITY WITH REGULATORY COMPLIANCE [Restricted] ONLY for designated groups and individuals  Real-Time Security Monitoring  Compliance Reporting  Security Alerts  Complementary GRC Solution Summary

Notes de l'éditeur

  1. File #: 10275353
  2. File #: 4910971
  3. The blade is responsible for 3 main activities:Identifying bot infected machines in the organization (most orgs today are unable to detect bot infections)preventing their damages by blocking bot communication to C&amp;C sites, making sure no sensitive information can be stolen and sent out of the organizationand providing the organization with threat visibility to asses damages and decide on next steps (again most orgs today have limited visibility to malware infections)
  4. Simple deployment: Ready to protect any network in minutes!Transparent network device easily fits into existing network topology (layer 2 bridge) Can also be deployed in Learning Mode for adjusting the Behavioral Analysis Engine to the protected network and applicationsMinimal maintenance after initial configuration
  5. There are 3 DDoS protection deployment types: on the customer premises, off-site, or bothOn-Premise solutions can have better response times and can be customized to each networkOff-Site deployment helps with moving the problem away from the protected network - Fits when attack is on bandwidthA deployment of both types of solution can leverage advantages of the two deployment options
  6. High-Availability on DefenseProTo support high availability (HA), you can configure two compatible DefensePro devices to operate in a two-node cluster.To be compatible, both cluster members must be of the same platform, software version, software license, throughput license, and Radware signature file. One member of the cluster is the primary; the other member of the cluster is the secondary.When you configure a cluster and commit the configuration, the newly specified primary device configures the required parameterson the secondary device.You can configure a DefensePro high-availability cluster in the following ways:• To configure the primary device of the cluster, the failover parameters, and the advanced parameters, you can use the High Availability pane (Configuration perspective &gt; Setup &gt; High Availability). When you specify the primary device, you specify the peer device, which becomes the secondary member of the cluster.• To configure only the basic parameters of a cluster (Cluster Name, Primary Device, andAssociated Management Ports), you can use the Configuration perspective main navigation pane System tab.The members of a cluster work in an active-passive architecture.When a cluster is created:• The primary device becomes the active member.• The secondary device becomes the passive member.• The primary device transfers the relevant configuration objects to the secondary device.A secondary device maintains its own configuration for the device users, IP interfaces, and routing.A primary device immediately transfers each relevant change to its secondary device. For example, after you make a change to a Network Protection policy, the primary device immediately transfers the change to the secondary device. However, if you change the list of device users on the primary device, the primary device transfers nothing (because the secondary device maintains its own list of device users).The passive device periodically synchronizes baselines for BDoS and HTTP Mitigator protections.The following situations trigger the active device and the passive device to switch states (active to passive and passive to active):• The passive device does not detect the active device according to the specified HeartbeatTimeout.• All links are identified as down on the active device according to the specified Link DownTimeout.• Optionally, the traffic to the active device falls below the specified Idle Line Threshold for thespecified Idle Line Timeout.• You issue the Switch Over command. To switch the device states, in the Monitoring &amp; Control perspective navigation pane System tab, right-click the cluster node; and then select Switch over. You can perform only the following actions on a secondary device:• Switch the device state (that is, switch over active to passive and passive to active)• Break the cluster if the primary device is unavailable• Configure management IP addresses and routing• Manage device users• Download a device configuration• Upload a signature file• Download the device log file• Download the support log file• Reboot• Shut down• Change the device name• Change the device time• Initiate a baseline synchronization if the device is passive, using CLI or Web Based Management.Notes:You can initiate a baseline synchronization if a cluster member is passive, using CLI or Web Based Management.In an existing cluster, you cannot change the role of a device (primary to secondary or vice versa). To change the role of a device, you need to break the cluster (that is, ungroup the two devices), and then, reconfigure the cluster as you require.If the devices of a cluster belong to different sites, APSolute Vision creates the cluster node under the site where the primary device resides; and APSolute Vision removes thesecondary device from the site where it was configured.APSolute Vision issues an alert if the state of the device clusters is ambiguous. For example, if there has been no trigger for switchover and both cluster members detect traffic. This state is normal during the initial synchronization process.There is no failback mechanism. There is only the automatic switchover action and the manual Switch Over command.When a passive device becomes active, any grace time resets to 0 (for example, the time of the Graceful Startup Mode Startup Timer).You can monitor high-availability operation in the High Availability pane of the Monitoring &amp; Control perspective.For more details please refer to the DefensePro User Guide
  7. Have you ordered a product online and seen a product shipping email that looked like this? If you didn’t look closely, you might think it was legitimate.This attempt to deliver malware is not unusual.Around Valentine’s day, infected e-cards were making the rounds. If you received a message with ValentineCard4you.zip and opened it, you would become infected with backdoor.trojan.--CKthe Wall Street Journal stated that “Over 90% of targeted emails use malicious file attachments as the payload or infection source”.
  8. The attacks are especially dangerous when they leverage zero-day vulnerabilities. One example that leverages such vulnerabilities is Duqu.--CKDuqu, as some have named “son of stuxnet” used zero-day vulnerabilities in business documents such as MS Word files to compromise target Windows operating systems to harvest information The tell-tale signs included process injection, downloading an installing additional software drivers, modifications to the registry, and contact to C&amp;C servers using HTTP and HTTPS
  9. What are Zero-Day attacks and why should we be concerned? These attacks that have no known defenses.In 2012, there were over 200 new vulnerabilities in applications we use every day, and malware variants like SpyEye can be created with a click of a button. In the time I described this slide, someone could have created 60 malware variants. To put this in perspective, Dark Reading reported that up to 100,000 new malware samples are created each day. --CKIf we are only using signature based detections, how are security teams supposed to keep up with the new exploits and new malware? New challenges need new solutions.Oct 15, 2012Dark Reading
  10. On May 2013 a customer noticed that a file is being detected as a zero day attack. It was an email coming from citibank, with the title “statement id”. The customer was expecting such an email from this bank, and did not understand why the system blocks it. After talking and providing this email to check point – our analysts detected this file as malicious – that exploiting a vulnerability in MS word, installing a bot agent and trying to communicate with a CnC. Threat Emulation detected and prevented this attack, that at this time was known only to 2 AV vendors in the entire industry (our of almost 50 AV vendors). At the following week – the Threat Emulation system detected this exact same file at additional organizations running the system – and this time stopped it as it was shared with ThreatCloud.
  11. This discovery and prevention happens in 1 to 2 minutes. In case you’re worried that Threat Emulation might block good documents, or interrupt business access to key files… we have good news--CKWe use patent pending technologies that has been proven to emulate over a quarter million files with zero false positives--CKWe built in heuristics in file inspection (such as positive elimination of files) that assure that only suspicious files are emulated –completing the process as fast as possible and optimizing performance
  12. Threat Emulation is provided as a cloud service.Organizations can set up any gateway running R77 in their environment to inspect incoming files over email or web (HTTP &amp; HTTPS). In case that the file is suspicious – the gateway will send the file to the Threat Emulation Cloud Service for emulation. The cloud service allows the organization to use a global-quota of files that can be inspected, and any security gateway can send files for emulation. We are also introducing an Exchange Agent that can inspect incoming emails on the mail server, and will send files for emulation in the cloud. The exchange agent allows organizations that don’t have Check Point gateways (or not upgrading to R77) to inspect files.
  13. In addition to the cloud service, Check Point offers a local-emulation solution – as an appliance. We will provide two dedicated appliances for threat emulation – a small solution and a larger one. Our appliances can be placed on several locations at the organization, such as inline, as a mail transfer agent or as a tap. This appliance can receive files from several or even all gateway at the organization and emulate them.
  14. And, for those of you who want to try it now,--CKYou can try Threat Emulation in action by sending a file to the email shown, or uploading to the URL shown.--CKYou will receive a report like the one I should you a few moments ago.This is open to the public now, and I encourage you to try it and even let your customers try it to get a feel for the information summary and detail that we report to you.
  15. Threat Emulation is a new and important part of the Check Point multi-layer solution.
  16. אנחנו חושבים שזה הזמן למצוא דרך לפשט את העבודה ולחבר בין best practices של סקיורטי לבין הדרישות הרגולטוריות החלות על אירגונים
  17. Today we present Check Point’s Compliance blade which changes the way organizations manage compliance!