SlideShare une entreprise Scribd logo

Mitigating risk by connecting the pieces

Software Guru
Software Guru

En la actualidad el crecimiento exponencial del malware sofisticado y los métodos de evasión utilizados por cibercriminales se han convertido en una combinación letal para las organizaciones. Los silos de información y la carencia de automatización entre ellos, convierte a las empresas en foco fácil de los atacantes. Hoy las empresas no solo buscan llenar el “check” de Compliance, sino realmente mitigar sus riesgos de seguridad de manera más eficiente y proactiva. Una seguridad conectada, a través de diferentes componentes tecnológicos mediante los cuales se “comparte” la información para tomar conciencia y reaccionar de manera inmediata hace la diferencia entre ser uno más de las estadísticas de incidentes de seguridad o no serlo. Dirigido a: Jefes o Coordinadores de TI, Gerentes de Sistemas o TI, CIO, CISO, CTO

Technologie
1  sur  51
Télécharger pour lire hors ligne
Conectando las piezas para mitigar el riesgo Jorge Herrerías, CISSP Sales System Engineer
Malware Continues to Grow… 128M Total Malware Samples in the McAfee Labs Database New Malware Samples 14,000,000 New malware samples grew 22% from Q4’12 to Q1‘13 12,000,000 10,000,000 2012 new malware sample discoveries increased 50% over 2011. 8,000,000 6,000,000 4,000,000 2,000,000 0 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 2010 2010 2010 2010 2011 2011 2011 2011 2012 2012 2012 2012 2013 Malware continues to grow, and getting more sophisticated… 2 Source: McAfee Labs ,2013
Ransomware The number of new, unique samples this quarter is greater than 320,000, more than twice as many as in the first quarter of 2013. During the past two quarters, McAfee Labs has catalogued more ransomware samples than in all previous periods combined. 350,000 New Ransomware Samples 300,000 250,000 200,000 150,000 100,000 50,000 0 Q1 2011 Q2 2011 Q3 2011 Q4 2011 Q1 2012 Q2 2012 Q3 2012 Q4 2012 Q1 2013 Q2 2013 3
Total Malware Samples The McAfee “zoo” now contains more than 140 million unique malware samples. Total Malware Samples 160,000,000 140,000,000 120,000,000 100,000,000 80,000,000 60,000,000 40,000,000 20,000,000 0 4 Jul-12 Aug-12 Sep-12 Oct-12 Nov-12 Dec-12 Jan-13 Feb-13 Mar-13 Apr-13 May-13 Jun-13
Suspicious Internet (MX) As of December 31, 2012, nearly 1,100 suspicious Internet addresses hosted in Mexico were analyzed by McAfee. There were only 800 in late 2011. 62 percent of the current ones are assigned with a maximum risk. Nearly 51 percent of these URLs hide malware. About 26 percent of them are used in phishing campaigns and 13 percent in spam campaigns. 5
Comprehensive Malware Protection First Layer of Defense: Global Visibility and Situational Awareness
Comprehensive Malware Protection Second Layer of Defense: McAfee Advanced Threat Defense Network Anti Malware
Comprehensive Malware Protection Third Layer of Defense: Network Threat Protection IPS Web IPS IPS
Comprehensive Malware Protection Fourth Layer of Defense: Comprehensive Endpoint Threat Defense
Comprehensive Malware Protection Fifth layer of defense: Real Time Endpoint Awareness
Comprehensive Malware Protection Sixth Layer of Defense: Heal Endpoints
Comprehensive Malware Protection Seventh Layer of Defense: Global Threat Intelligence GTI
Multi-Layering Defense | Interconnected Firewall Enterprise Web Protection Intrusion Prevention System Security for Microsoft Exchange VirusScan Email Protection Network Anti Malware Site Advisor Database Security Application Control Data Center Security MOVE AV SIEM Host IPS Unified Administration Device Control Mobilty Deep Defender Device Control
Escena 1
Escena 2
Escena 3
Escena 4
Escena 5
Escena 6
Escena 7 Result: https://www.virustotal.com/en/file/59c878b9daa887167c1857edf1d121dddfa0fb30031058e0d87f46890e7456ad/analysis/
McAfee Comprehensive Malware Protection Solution Overview McAfee Endpoint Agent* McAfee Global Threat Intelligence FREEZE FIND NSP Gateways McAfee Network IPS GTI/LTI Efficient AV Signatures McAfee Web Gateway Emulation Engine Target-Specific Sandboxing (ValidEdge) McAfee Email Gateway FIX GTI Reputation Automated Host Cleaning (ePO) McAfee Advanced Threat Defense McAfee ePO Malware Fingerprint Query (Real Time ePO)
Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM LIVE E-MAIL RECEIVED 08-27-2013 Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD URL REDIRECT TO MALWARE SITE
Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM REPUTATION CHECK OF THE URL PASSES Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD PAYLOAD APPEARS TO BE A .SCR INSIDE A .ZIP
Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD DUE TO ZERO DAY, FEW A/V SIGNATURE CATCHES
Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD MATD OR NTR EXECUTION DEMONSTRATES:
Discovering ZeroDay and Targeted Attacks Live Walkthrough WHAT’S LEARNED THROUGH EXECUTION: YOU FIND ON-PREM Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD
Escena 8 (Malware)
Usar los controles adecuados… 29 October 18, 2013
Defending Against Targeted Attacks Requires Lean-Forward Technologies and Processes
Global Threat Intelligence and SIEM IP REPUTATION CHECK GOOD SUSPECT AUTOMATIC RISK ANALYSIS VIA ADVANCED CORRELATION ENGINE BAD Medium Risk High Risk EVENT AUTOMATIC IDENTIFICATION McAfee Labs IP Reputation Updates Botnet/ DDos Mail/ Spam Sending Web Access Malware Hosting Network Probing Network Probing Presence of Malware DNS Hosting Activity Intrusion Attacks
Manejo de Eventos…
Priorizar los eventos de seguridad
De arriba hacia abajo…
Si bueno, con quién hablo?
User on WinXPHost01 downloads “Windows update” from fake site. Executes it, nothing sinister appears. D
Meanwhile, we start to see a number of potentially malicious events related to this host on McAfee ESM. 37 October 18, 2013
Step 1: This external host looks suspicious. Let's blacklist him. 38 October 18, 2013
39 October 18, 2013
40 October 18, 2013
41 October 18, 2013
42 October 18, 2013
Quarantine successfully implemented through the McAfee NSM. Link to C&C host blocked. 43 October 18, 2013
Step 2: This internal endpoint appears to have been compromised. From McAfee ESM we can lock it down and scan it immediately through ePO.
Looking at the endpoint, we see that the firewall started off disabled.
ePO enables the firewall with a restrictive policy. The Trojan is contained on the endpoint.
Simultaneously, ePO launches an aggressive scan.
Additional malware on the infected host discovered and cleaned.
• ESM Screeenshot to show remediation was successful in SIEM. Confirmation back in the SIEM. Remediation complete. 50 October 18, 2013
Comprehensive malware protection, , is an orchestrated approach to protect against malware.
Referencias de reportes de consumo 52 October 18, 2013

Recommandé

Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
2011 training presentation
2011 training presentation2011 training presentation
2011 training presentationkaspersky-lab
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
CSS Trivia
CSS TriviaCSS Trivia
CSS TriviaAlert Logic
 
Vulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionVulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionJonathan Cran
 
2019 Cybersecurity Retrospective and a look forward to 2020
2019 Cybersecurity Retrospective and a look forward to 20202019 Cybersecurity Retrospective and a look forward to 2020
2019 Cybersecurity Retrospective and a look forward to 2020Jonathan Cran
 
Top 10 exploited vulnerabilities 2019 (thus far...)
Top 10 exploited vulnerabilities 2019 (thus far...) Top 10 exploited vulnerabilities 2019 (thus far...)
Top 10 exploited vulnerabilities 2019 (thus far...) Jonathan Cran
 
Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Jonathan Cran
 

Recommandé

Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
2011 training presentation
2011 training presentation2011 training presentation
2011 training presentationkaspersky-lab
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
CSS Trivia
CSS TriviaCSS Trivia
CSS TriviaAlert Logic
 
Vulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionVulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionJonathan Cran
 
2019 Cybersecurity Retrospective and a look forward to 2020
2019 Cybersecurity Retrospective and a look forward to 20202019 Cybersecurity Retrospective and a look forward to 2020
2019 Cybersecurity Retrospective and a look forward to 2020Jonathan Cran
 
Top 10 exploited vulnerabilities 2019 (thus far...)
Top 10 exploited vulnerabilities 2019 (thus far...) Top 10 exploited vulnerabilities 2019 (thus far...)
Top 10 exploited vulnerabilities 2019 (thus far...) Jonathan Cran
 
Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Effective Prioritization Through Exploit Prediction
Effective Prioritization Through Exploit Prediction Jonathan Cran
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareTeodoro Cipresso
 
Presentatie Kaspersky over Malware trends en statistieken, 26062015
Presentatie Kaspersky over Malware trends en statistieken, 26062015Presentatie Kaspersky over Malware trends en statistieken, 26062015
Presentatie Kaspersky over Malware trends en statistieken, 26062015SLBdiensten
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupSymantec Security Response
 
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Benelux
 
Three Simple Steps to Prevent Targeted Attacks
Three Simple Steps to Prevent Targeted AttacksThree Simple Steps to Prevent Targeted Attacks
Three Simple Steps to Prevent Targeted AttacksArgyle Executive Forum
 
Ransomware 2017: New threats emerge
Ransomware 2017: New threats emergeRansomware 2017: New threats emerge
Ransomware 2017: New threats emergeSymantec Security Response
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Jacob Tranter
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Symantec Security Response
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesBunmi Sowande
 
4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced Threats4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced ThreatsSymantec
 
Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Symantec intelligence report august 2015
Symantec intelligence report august 2015Symantec intelligence report august 2015
Symantec intelligence report august 2015Symantec
 
Cyber Security and Open Source
Cyber Security and Open SourceCyber Security and Open Source
Cyber Security and Open SourcePOSSCON
 
Using Splunk for Information Security
Using Splunk for Information SecurityUsing Splunk for Information Security
Using Splunk for Information SecurityShannon Cuthbertson
 
Android stats v6 for threat report - Sophos
Android stats v6 for threat report - SophosAndroid stats v6 for threat report - Sophos
Android stats v6 for threat report - SophosITSitio.com
 
Raging Ransomware Roadshow May
Raging Ransomware Roadshow MayRaging Ransomware Roadshow May
Raging Ransomware Roadshow MaySophos Benelux
 
Cloud Security Summit (Boston) - Live Hack Demo
Cloud Security Summit (Boston) - Live Hack Demo Cloud Security Summit (Boston) - Live Hack Demo
Cloud Security Summit (Boston) - Live Hack Demo Alert Logic
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 
ChongLiu-MaliciousURLDetection
ChongLiu-MaliciousURLDetectionChongLiu-MaliciousURLDetection
ChongLiu-MaliciousURLDetectionDaniel Liu
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015SLBdiensten
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban PrósperoClusterCba
 

Contenu connexe

Tendances

Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareTeodoro Cipresso
 
Presentatie Kaspersky over Malware trends en statistieken, 26062015
Presentatie Kaspersky over Malware trends en statistieken, 26062015Presentatie Kaspersky over Malware trends en statistieken, 26062015
Presentatie Kaspersky over Malware trends en statistieken, 26062015SLBdiensten
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupSymantec Security Response
 
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Benelux
 
Three Simple Steps to Prevent Targeted Attacks
Three Simple Steps to Prevent Targeted AttacksThree Simple Steps to Prevent Targeted Attacks
Three Simple Steps to Prevent Targeted AttacksArgyle Executive Forum
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Jacob Tranter
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Symantec Security Response
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesBunmi Sowande
 
4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced Threats4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced ThreatsSymantec
 
Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Symantec intelligence report august 2015
Symantec intelligence report august 2015Symantec intelligence report august 2015
Symantec intelligence report august 2015Symantec
 
Cyber Security and Open Source
Cyber Security and Open SourceCyber Security and Open Source
Cyber Security and Open SourcePOSSCON
 
Using Splunk for Information Security
Using Splunk for Information SecurityUsing Splunk for Information Security
Using Splunk for Information SecurityShannon Cuthbertson
 
Android stats v6 for threat report - Sophos
Android stats v6 for threat report - SophosAndroid stats v6 for threat report - Sophos
Android stats v6 for threat report - SophosITSitio.com
 
Raging Ransomware Roadshow May
Raging Ransomware Roadshow MayRaging Ransomware Roadshow May
Raging Ransomware Roadshow MaySophos Benelux
 
Cloud Security Summit (Boston) - Live Hack Demo
Cloud Security Summit (Boston) - Live Hack Demo Cloud Security Summit (Boston) - Live Hack Demo
Cloud Security Summit (Boston) - Live Hack Demo Alert Logic
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 
ChongLiu-MaliciousURLDetection
ChongLiu-MaliciousURLDetectionChongLiu-MaliciousURLDetection
ChongLiu-MaliciousURLDetectionDaniel Liu
 

Tendances (20)

Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting Malware
 
Presentatie Kaspersky over Malware trends en statistieken, 26062015
Presentatie Kaspersky over Malware trends en statistieken, 26062015Presentatie Kaspersky over Malware trends en statistieken, 26062015
Presentatie Kaspersky over Malware trends en statistieken, 26062015
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack group
 
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out for
 
Three Simple Steps to Prevent Targeted Attacks
Three Simple Steps to Prevent Targeted AttacksThree Simple Steps to Prevent Targeted Attacks
Three Simple Steps to Prevent Targeted Attacks
 
Ransomware 2017: New threats emerge
Ransomware 2017: New threats emergeRansomware 2017: New threats emerge
Ransomware 2017: New threats emerge
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
 
4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced Threats4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced Threats
 
Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_training
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Symantec intelligence report august 2015
Symantec intelligence report august 2015Symantec intelligence report august 2015
Symantec intelligence report august 2015
 
Cyber Security and Open Source
Cyber Security and Open SourceCyber Security and Open Source
Cyber Security and Open Source
 
Using Splunk for Information Security
Using Splunk for Information SecurityUsing Splunk for Information Security
Using Splunk for Information Security
 
Android stats v6 for threat report - Sophos
Android stats v6 for threat report - SophosAndroid stats v6 for threat report - Sophos
Android stats v6 for threat report - Sophos
 
Raging Ransomware Roadshow May
Raging Ransomware Roadshow MayRaging Ransomware Roadshow May
Raging Ransomware Roadshow May
 
Cloud Security Summit (Boston) - Live Hack Demo
Cloud Security Summit (Boston) - Live Hack Demo Cloud Security Summit (Boston) - Live Hack Demo
Cloud Security Summit (Boston) - Live Hack Demo
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
 
ChongLiu-MaliciousURLDetection
ChongLiu-MaliciousURLDetectionChongLiu-MaliciousURLDetection
ChongLiu-MaliciousURLDetection
 

Similaire à Mitigating risk by connecting the pieces

Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015SLBdiensten
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban PrósperoClusterCba
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008tswong
 
Detecting Windows Operating System’s Ransomware based on Statistical Analysis...
Detecting Windows Operating System’s Ransomware based on Statistical Analysis...Detecting Windows Operating System’s Ransomware based on Statistical Analysis...
Detecting Windows Operating System’s Ransomware based on Statistical Analysis...IJCSIS Research Publications
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Benelux
 
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept XThis is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept XSophos Benelux
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityLumension
 
Scaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionScaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionWayne Huang
 
TRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasTRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasAditya K Sood
 
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningTackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningSymantec
 
Ceh certified ethical hacker
Ceh certified ethical hackerCeh certified ethical hacker
Ceh certified ethical hackerbestip
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network SecurityHarish Chaudhary
 

Similaire à Mitigating risk by connecting the pieces (20)

Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban Próspero
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
 
Detecting Windows Operating System’s Ransomware based on Statistical Analysis...
Detecting Windows Operating System’s Ransomware based on Statistical Analysis...Detecting Windows Operating System’s Ransomware based on Statistical Analysis...
Detecting Windows Operating System’s Ransomware based on Statistical Analysis...
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
 
This is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept XThis is Next-Gen IT Security - Introducing Intercept X
This is Next-Gen IT Security - Introducing Intercept X
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
Sandboxing
SandboxingSandboxing
Sandboxing
 
Sandboxing
SandboxingSandboxing
Sandboxing
 
Scaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionScaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware Infection
 
TRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasTRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , Texas
 
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningTackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
 
Ceh certified ethical hacker
Ceh certified ethical hackerCeh certified ethical hacker
Ceh certified ethical hacker
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
 

Plus de Software Guru

Hola Mundo del Internet de las Cosas
Hola Mundo del Internet de las CosasHola Mundo del Internet de las Cosas
Hola Mundo del Internet de las CosasSoftware Guru
 
Estructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso realesEstructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso realesSoftware Guru
 
Building bias-aware environments
Building bias-aware environmentsBuilding bias-aware environments
Building bias-aware environmentsSoftware Guru
 
El secreto para ser un desarrollador Senior
El secreto para ser un desarrollador SeniorEl secreto para ser un desarrollador Senior
El secreto para ser un desarrollador SeniorSoftware Guru
 
Cómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto idealCómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto idealSoftware Guru
 
Automatizando ideas con Apache Airflow
Automatizando ideas con Apache AirflowAutomatizando ideas con Apache Airflow
Automatizando ideas con Apache AirflowSoftware Guru
 
How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:Software Guru
 
Introducción al machine learning
Introducción al machine learningIntroducción al machine learning
Introducción al machine learningSoftware Guru
 
Democratizando el uso de CoDi
Democratizando el uso de CoDiDemocratizando el uso de CoDi
Democratizando el uso de CoDiSoftware Guru
 
Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0Software Guru
 
Taller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJSTaller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJSSoftware Guru
 
El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...Software Guru
 
¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?Software Guru
 
Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.Software Guru
 
Pruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOpsPruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOpsSoftware Guru
 
Elixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivosElixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivosSoftware Guru
 
Así publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stressAsí publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stressSoftware Guru
 
Achieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goalsAchieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goalsSoftware Guru
 
Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19Software Guru
 
De lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseñoDe lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseñoSoftware Guru
 

Plus de Software Guru (20)

Hola Mundo del Internet de las Cosas
Hola Mundo del Internet de las CosasHola Mundo del Internet de las Cosas
Hola Mundo del Internet de las Cosas
 
Estructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso realesEstructuras de datos avanzadas: Casos de uso reales
Estructuras de datos avanzadas: Casos de uso reales
 
Building bias-aware environments
Building bias-aware environmentsBuilding bias-aware environments
Building bias-aware environments
 
El secreto para ser un desarrollador Senior
El secreto para ser un desarrollador SeniorEl secreto para ser un desarrollador Senior
El secreto para ser un desarrollador Senior
 
Cómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto idealCómo encontrar el trabajo remoto ideal
Cómo encontrar el trabajo remoto ideal
 
Automatizando ideas con Apache Airflow
Automatizando ideas con Apache AirflowAutomatizando ideas con Apache Airflow
Automatizando ideas con Apache Airflow
 
How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:How thick data can improve big data analysis for business:
How thick data can improve big data analysis for business:
 
Introducción al machine learning
Introducción al machine learningIntroducción al machine learning
Introducción al machine learning
 
Democratizando el uso de CoDi
Democratizando el uso de CoDiDemocratizando el uso de CoDi
Democratizando el uso de CoDi
 
Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0Gestionando la felicidad de los equipos con Management 3.0
Gestionando la felicidad de los equipos con Management 3.0
 
Taller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJSTaller: Creación de Componentes Web re-usables con StencilJS
Taller: Creación de Componentes Web re-usables con StencilJS
 
El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...El camino del full stack developer (o como hacemos en SERTI para que no solo ...
El camino del full stack developer (o como hacemos en SERTI para que no solo ...
 
¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?¿Qué significa ser un programador en Bitso?
¿Qué significa ser un programador en Bitso?
 
Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.Colaboración efectiva entre desarrolladores del cliente y tu equipo.
Colaboración efectiva entre desarrolladores del cliente y tu equipo.
 
Pruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOpsPruebas de integración con Docker en Azure DevOps
Pruebas de integración con Docker en Azure DevOps
 
Elixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivosElixir + Elm: Usando lenguajes funcionales en servicios productivos
Elixir + Elm: Usando lenguajes funcionales en servicios productivos
 
Así publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stressAsí publicamos las apps de Spotify sin stress
Así publicamos las apps de Spotify sin stress
 
Achieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goalsAchieving Your Goals: 5 Tips to successfully achieve your goals
Achieving Your Goals: 5 Tips to successfully achieve your goals
 
Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19Acciones de comunidades tech en tiempos del Covid19
Acciones de comunidades tech en tiempos del Covid19
 
De lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseñoDe lo operativo a lo estratégico: un modelo de management de diseño
De lo operativo a lo estratégico: un modelo de management de diseño
 

Dernier

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 

Dernier (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 

Mitigating risk by connecting the pieces

  • 1. Conectando las piezas para mitigar el riesgo Jorge Herrerías, CISSP Sales System Engineer
  • 2. Malware Continues to Grow… 128M Total Malware Samples in the McAfee Labs Database New Malware Samples 14,000,000 New malware samples grew 22% from Q4’12 to Q1‘13 12,000,000 10,000,000 2012 new malware sample discoveries increased 50% over 2011. 8,000,000 6,000,000 4,000,000 2,000,000 0 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 2010 2010 2010 2010 2011 2011 2011 2011 2012 2012 2012 2012 2013 Malware continues to grow, and getting more sophisticated… 2 Source: McAfee Labs ,2013
  • 3. Ransomware The number of new, unique samples this quarter is greater than 320,000, more than twice as many as in the first quarter of 2013. During the past two quarters, McAfee Labs has catalogued more ransomware samples than in all previous periods combined. 350,000 New Ransomware Samples 300,000 250,000 200,000 150,000 100,000 50,000 0 Q1 2011 Q2 2011 Q3 2011 Q4 2011 Q1 2012 Q2 2012 Q3 2012 Q4 2012 Q1 2013 Q2 2013 3
  • 4. Total Malware Samples The McAfee “zoo” now contains more than 140 million unique malware samples. Total Malware Samples 160,000,000 140,000,000 120,000,000 100,000,000 80,000,000 60,000,000 40,000,000 20,000,000 0 4 Jul-12 Aug-12 Sep-12 Oct-12 Nov-12 Dec-12 Jan-13 Feb-13 Mar-13 Apr-13 May-13 Jun-13
  • 5. Suspicious Internet (MX) As of December 31, 2012, nearly 1,100 suspicious Internet addresses hosted in Mexico were analyzed by McAfee. There were only 800 in late 2011. 62 percent of the current ones are assigned with a maximum risk. Nearly 51 percent of these URLs hide malware. About 26 percent of them are used in phishing campaigns and 13 percent in spam campaigns. 5
  • 6. Comprehensive Malware Protection First Layer of Defense: Global Visibility and Situational Awareness
  • 7. Comprehensive Malware Protection Second Layer of Defense: McAfee Advanced Threat Defense Network Anti Malware
  • 8. Comprehensive Malware Protection Third Layer of Defense: Network Threat Protection IPS Web IPS IPS
  • 9. Comprehensive Malware Protection Fourth Layer of Defense: Comprehensive Endpoint Threat Defense
  • 10. Comprehensive Malware Protection Fifth layer of defense: Real Time Endpoint Awareness
  • 11. Comprehensive Malware Protection Sixth Layer of Defense: Heal Endpoints
  • 12. Comprehensive Malware Protection Seventh Layer of Defense: Global Threat Intelligence GTI
  • 13. Multi-Layering Defense | Interconnected Firewall Enterprise Web Protection Intrusion Prevention System Security for Microsoft Exchange VirusScan Email Protection Network Anti Malware Site Advisor Database Security Application Control Data Center Security MOVE AV SIEM Host IPS Unified Administration Device Control Mobilty Deep Defender Device Control
  • 21. McAfee Comprehensive Malware Protection Solution Overview McAfee Endpoint Agent* McAfee Global Threat Intelligence FREEZE FIND NSP Gateways McAfee Network IPS GTI/LTI Efficient AV Signatures McAfee Web Gateway Emulation Engine Target-Specific Sandboxing (ValidEdge) McAfee Email Gateway FIX GTI Reputation Automated Host Cleaning (ePO) McAfee Advanced Threat Defense McAfee ePO Malware Fingerprint Query (Real Time ePO)
  • 22. Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM LIVE E-MAIL RECEIVED 08-27-2013 Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD URL REDIRECT TO MALWARE SITE
  • 23. Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM REPUTATION CHECK OF THE URL PASSES Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD PAYLOAD APPEARS TO BE A .SCR INSIDE A .ZIP
  • 24. Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD DUE TO ZERO DAY, FEW A/V SIGNATURE CATCHES
  • 25. Discovering ZeroDay and Targeted Attacks Live Walkthrough YOU FIND ON-PREM Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD MATD OR NTR EXECUTION DEMONSTRATES:
  • 26. Discovering ZeroDay and Targeted Attacks Live Walkthrough WHAT’S LEARNED THROUGH EXECUTION: YOU FIND ON-PREM Advanced Threat Defense McAfee Global Threat Intelligence Target-Specific Sandboxing (MATD) Emulation Engine Efficient AV Signatures GTI Reputation 3rd Party Threat Data JAR Analysis .exe Analysis PDF Analysis Network Threat Response MFE FINDS VIA CLOUD
  • 28. Usar los controles adecuados… 29 October 18, 2013
  • 29. Defending Against Targeted Attacks Requires Lean-Forward Technologies and Processes
  • 30. Global Threat Intelligence and SIEM IP REPUTATION CHECK GOOD SUSPECT AUTOMATIC RISK ANALYSIS VIA ADVANCED CORRELATION ENGINE BAD Medium Risk High Risk EVENT AUTOMATIC IDENTIFICATION McAfee Labs IP Reputation Updates Botnet/ DDos Mail/ Spam Sending Web Access Malware Hosting Network Probing Network Probing Presence of Malware DNS Hosting Activity Intrusion Attacks
  • 32. Priorizar los eventos de seguridad
  • 33. De arriba hacia abajo…
  • 34. Si bueno, con quién hablo?
  • 35. User on WinXPHost01 downloads “Windows update” from fake site. Executes it, nothing sinister appears. D
  • 36. Meanwhile, we start to see a number of potentially malicious events related to this host on McAfee ESM. 37 October 18, 2013
  • 37. Step 1: This external host looks suspicious. Let's blacklist him. 38 October 18, 2013
  • 42. Quarantine successfully implemented through the McAfee NSM. Link to C&C host blocked. 43 October 18, 2013
  • 43. Step 2: This internal endpoint appears to have been compromised. From McAfee ESM we can lock it down and scan it immediately through ePO.
  • 44.
  • 45. Looking at the endpoint, we see that the firewall started off disabled.
  • 46. ePO enables the firewall with a restrictive policy. The Trojan is contained on the endpoint.
  • 48. Additional malware on the infected host discovered and cleaned.
  • 49. • ESM Screeenshot to show remediation was successful in SIEM. Confirmation back in the SIEM. Remediation complete. 50 October 18, 2013
  • 50. Comprehensive malware protection, , is an orchestrated approach to protect against malware.
  • 51. Referencias de reportes de consumo 52 October 18, 2013