If you made it through 2014 without suffering a significant breach, you can consider yourself fortunate. After a year filled with new exploits & high profile breaches, it's time to look back at what we learned and look ahead to the trends that will surely have an impact in 2015. Join Mike Rothman, President of Security Analyst firm Securosis, and Patrick Bedwell, VP of Product Marketing for AlienVault, for an entertaining overview of key trends you should consider as you plan for 2015.
In this session, Mike and Patrick will cover:
Trends in the threat landscape that will bring new infosec challenges
How those challenges will affect your network security strategy
A 2015 "shopping list" of core technologies you should consider to secure your environment in 2015
2. About Securosis
• Independent analysts with backgrounds on both
the user and vendor side.
• Focused on deep technical and industry expertise.
• We like pragmatic.
• We are security guys - that’s all we do.
8. Benefiting from the Misfortune of Others
• You can’t “get ahead of the threat”
• But you can learn from high profile folks
• Threat intelligence broke out in 2014
• How can you use it?
• Changing market dynamics
https://flic.kr/p/82JDK8
9. We haven’t addressed the security skills gap
http://www.flickr.com/photos/morton/2305095296/
11. On the Horizon
Mobile Everything. Cloud Everything. Connected Everything (IoT)
http://www.flickr.com/photos/52859023@N00/644335254 https://flic.kr/p/aGWfWB
13. Network Security
• NGFW vs. UTM vs. IPS
• Sandbox for the masses
• SDN emerging? (and how do you secure it?)
• Consistency of Policy is Paramount
https://flic.kr/p/4pK11q
14. Endpoint Security
• Lots of new “solutions” that are shiny.
• Advanced Malware Protection
• Bundled with Network Security?
• Whither traditional AV? (Finally)
https://flic.kr/p/4Weo8G
15. Security Management
• Threat Intelligence hits the mainstream
• Forensics and IR to the forefront
• Monitoring the Hybrid Cloud
17. OTX + AlienVault Labs
Threat Intelligence Powered by Open Collaboration
18. Preparing for the Future
• Security skills for success are evolving quickly.
• AWS accounts for everyone!
• Back to the Future — Scripting and programming
https://flic.kr/p/8kq5vp
19. Questions?
More from Securosis:
• Blog: http://securosis.com/blog
• Research: http://securosis.com/research
• We publish (almost) everything for free
• Contribute. Make it better.
More from AlienVault:
• Free 30-day trial of AlienVault
USM:https://www.alienvault.com/free-trial
• Free Interactive
Demo:https://www.alienvault.com/live-demo-site
• Join the Open Threat Exchange (OTX):
https://www.alienvault.com/open-threat-
exchange
Integrated approach to threat intel
Comprised of OTX (data from 140+ countries) and the independent research from our AlienVault Labs’ team
we’re analyzing over 500.000 malware samples per day
Users submitting an average of ~11 million per month (365,000 a day)
Updated every 30 minutes
the ability to quickly convert data into actionable information
So you can call out those truly significant events to help you prioritize your efforts
reduce the need for in-house expertise.
------
OTX derives its data from three primary sources: USM and OSSIM that systems that enable OTX sharing, external feeds from public researchers and partners, and the research from our alienvault
labs team.
- This data is automatically analyzed through a powerful discovery engine that is able to granularly analyze the nature of the threat, and a similarly powerful validation engine
that continually curates the database and certifies the validity of those threats.
Crowd-sourced information remains the core focus of OTX. OTX derives information from normalized an anonymous event logs: firewalls, content filters, ips/ids logs, etc. We receive approximately 17,000 contributions daily from over 140+ countries.
-I want to make something clear: OTX's information is anonymous and normalized. OTX does not analyze your data or do anything that would identify you,
we are solely focused on analyzing the nature of the threat jeopardizing your system.
OTX derives a significant amount of data from the security community. We work with public research institutions, government organizations, and private companies and partners to
share and analyze threat data. With over 50+ partners working with us on OTX, if you look around Blackhat you're likely to see some of our partners.
- AlienVault labs research is also a critical part of our analysis. Our labs team generates novel research on high profile threats, as well as instrumenting the automatic analysis for discovering
and certifying all threats coming from OTX partners and OSSIM and USM customers who opt in to share data.