SlideShare une entreprise Scribd logo

Global Cyber Threat Intelligence

NTT Innovation Institute Inc.
NTT Innovation Institute Inc.

Recently, NTT published the Global Threat Intelligence Report 2016 (GTIR). This year’s report focused both on the changes in threat trends and on how security organizations around the world can use the kill chain to help defend the enterprise. Turning threat intelligence data from multiple sources into actionable, contextual information is a challenge faced by many organizations today. The Global Threat Intelligence Platform provides increased efficiency, reduces risks and focuses on global coverage with accurate and up-to-date threat intelligence. This presentation was given at Carnegie Mellon University by Kenji Takahashi, VP of Product Management, Security at NTT Innovation Institute.

Technologie
1  sur  25
Télécharger pour lire hors ligne
Global Cyber Threat Intelligence Kenji Takahashi NTT Innovation Institute, Inc. 2016 Copyright NTT Innovation Institute, Inc. All rights reserved.
2 NTT i3 ACCELERATING THE TRANSFORMATION OF IDEAS FROM LAB TO MARKET Full Lifecycle Innovation FOCUS NTT Global Strategic Assets LEVERAGE Leading Companies and Startups ENGAGE INNOVATION Internet of Things Wearables Machine Learning MARKET-READY PLATFORMS Elastic Services Infrastructure Global Threat Intelligence Platform Cloud Service OrchestrationPlatform 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
3 THE EVOLVING GLOBAL SECURITY LANDSCAPE Cybercriminals • Large and sophisticated global crime groups • Black markets for stolen data, tool, and hacker talent • Detailed knowledge on targets (vulnerabilities, businesses, organizations and people) Enterprise Security Team • Technology vulnerability of IT • Largely reactive security practices • Limited data sources and analytic capabilities • Security skills gaps Threats and attacks generated by criminals outpace security team capabilities 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
4 THE GLOBAL THREATS LANDSCAPE IN 2016 Global Threat Intelligence Report 2016 (GTIR 2016) www.nttgroupsecurity.com Top 10 External Vulnerabilities Outdated PHP Version 8% Cross-Site Scripting (CSS/XSS) 7% Outdated Apache Web Server 7% SSL/TLS Information Disclosure 6% Web Clear Text Username/Password 5% Weak SSL/TLS Ciphers/Certificate 5% Outdated Apache Tomcat Server 4% Weak/No HTTPS cache policy 4% Cookie without HTTPOnly attribute set 3% SSL Certificate Signed using Weak Hashing Algorithm 3% Top 10 Internal Vulnerabilities Outdated Java Version 51% Outdated Adobe Flash Player 11% Outdated Adobe Reader and Acrobat 5% Outdated Microsoft Windows 3% Outdated Microsoft Internet Explorer 3% Outdated Mozilla Firefox 2% Outdated Microsoft Office 1% Outdated Linux Kernel 1% Outdated Novell Client 1% Outdated OpenSSH Version 1% The data presented is based on information gathered through 2015 Vulnerabilities 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
5 THE GLOBAL THREATS LANDSCAPE IN 2016 Attacks The data presented is based on information gathered through 2015 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
6 THE GLOBAL THREATS LANDSCAPE IN 2016 Incidents The data presented is based on information gathered through 2015 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
7 HACKING FOR PROFIT – THE JP MORGAN CYBERATTACK 100 million customers of 12 companies in the US 8 years of operation 2007-2015 $100Ms in illicit proceeds Global cybercrime network 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
8 RANSOM32: RANSOMWARE AS A SERVICE (source: http://blog.emsisoft.com/2016/01/01/meet-ransom32-the-first-javascript-ransomware/) 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
9 THE CYBERCRIME INFRASTRUCTURE OF BOTNETS • Consists of thousands of victimized computers (”nodes”) • Buy or rent tools, data, services, and talents on the cyber black market using bitcoins • Recycled in 30 – 90 day cycle 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
10 CYBER KILL CHAIN THE SEVEN PHASES OF A CYBER ATTACK *1: “Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains” by E. Hutchins, M. Cloppert, R. Amin, Lockheed Martin Corporation, 2011. http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf Cyber Kill Chain is a registered trademark of Lockheed Martin Corporation. RECONNAISSANCE WEAPONIZATION DELIVERY EXPLOITATION INSTALLATION COMMAND & CONTROL ACTIONS & OBJECTIVES 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
11 CYBER KILL CHAIN: CASE STUDY RECONNAISSANCE Recon, PHP and SQL fingerprinting 0 DELIVERY & Delivery of SQL injection via Havij tool & Exploitation of injection attack Command & Control Establish and maintain C2 WEAPONIZATION Recon data analyzed and Havij tool selected and configured for attack Creation of accounts and installation of RAT EXPLOITATION 46 53 58 51 55 ACTIONS & OBJECTIVES 0 6059 65 First Identified Log Public Disclosure Observed 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved. Data exfiltration INSTALLATION
12 CKC AS A GUIDELINE FOR THREAT INTELLIGENCE • Analysis of earlier phase provides threat intelligence for later phases • Attribution underpins the analysis of CKC phases § Victims § Capabilities § Resources § Objectives • Strategic priority and focus are essential § Systems, services, data, and people of importance
13 WHAT CONSTITUTE THREAT INTELLIGENCE Threat intelligence is gathered from disparate sources and synthesized by human analysts to identify a specific threat and its target in advance of an incident. 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
14 THREAT INTELLIGENCE EVOLVING SECURITY FROM REACTION TO PREDICTION A new approach to addressing global threats requires: 1 Creation of potential victim/target profiles 2 Prediction of threats based on the real-time analysis of a variety of data sources 3 Deployment of security control to monitor and block both predicted and existing threats 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
15 GLOBAL THREAT INTELLIGENCE PLATFORM • Single holistic view of the real-time evolution of the dynamic threat landscape • Global dataset of more than 18 million attacks gathered from a wide variety of sources, across geographical and organizational boundaries • Advanced analytics driven by machine learning (including malware taint analysis) • API for seamless integration into applications, services and systems • Support led by managed security service professionals 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
16 DEMO 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
CONTEXTUALIZATION Provide the “right” information best fit to user context • Context can be expressed by vertical industry, geographical region, CKC phases, attack type, victim profile, used resources (IP addresses, URLs/domains, malware, etc.) Enable users to formulate contextualized queries • Users can save and manage queries The information is further enriched • Gathering the data from multiple non threat sources • Put them into consistent format • Pivoting Facilitate collaboration among security experts • Annotation, Labeling 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved. 17
18 GTIP – MALWARE TAINT ANALYSIS ENGINE Dynamic data flow analysis by tracking down every movement of every bit of data by malware on a computer. Keep track of the trace of “tags” • Tags are identifiers placed on data, and are propagated as data moves inside computer, automatically tracking and identifying data provenance. BLACKLIST ANALYTICS ENGINE MALWARE BINARIES 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
19 IMPORTANT ISSUES FOR THE FUTURE OF CYBERSECURITY • Information Sharing • Big Data and Machine Learning for Malware and Traffic Analysis • Software Defined Security Orchestration 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
20 INFORMATION SHARING 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
21 MALWARE CLASSIFICATION BY MACHINE LEARNING Applying Machine Learning to both dynamic and static analysis • Features from execution in GTIP Malware Taint Analysis Engine (dynamic analysis) • Features extracted from raw files (static analysis) Preliminary experiments result in promising 98% accuracy • 4,000 malware files and 3,000 benign files • Windows binaries Same approach can be applied to other types of malware • Mobile (.apk), PDF, JavaScript, MS Office, etc. 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
TEMPORAL VISUALIZATION AND ANALYSIS • Different types of attacks and CKC phases show distinguishing temporal patterns. • By visualizing and analyzing the patterns, we are exploring a way of taking actions in an earlier, quicker and effective manner. SSH attacks access many targets in Reconnaissance phase A malware attacks accesses only one target in Exploitation phase 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved. 22
23 TRAFFIC ANALYSIS: BOTNET INFRASTRUCTURE DETECTION Network providers, vendors, and law enforcements could detect bot masters and their infrastructures by working together Information sharing and massively scalable analytics are the key • Streaming analytics • Machine learning ML outlier detection Black lists, DNS sink holes, Passive DNS, DNS Cache, Domain Generation Algorithm (DGA), Domain profiling, ML clustering Netflow analysis, Behavior analysis 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
24 BENDABLE NETWORKS: SOFTWARE DEFINED SECURITY ORCHESTRATION The integration of ESI and GTIP takes security operation integrity and agility to a new level. DEVICES GTIP + ESI SOURCES FW, IPS, IDS, SIEM… On-demand installation On-demand policy and configuration Detect Install and update SDN + NFV + Threat Intelligence BENDABLE NETWORKS
25 ACCELERATING THE TRANSFORMATION OF IDEAS FROM LAB TO MARKET h t t p : / / www. n t t i3 . co m h t t p s: / / t wit t e r. co m / n t t i3 h t t p s: / / www. lin ke d in . c o m / co m p a n y / n t t in n o va t io n i n st it u t e h t t p s: / / www. f a ce b o o k. co m / n t t in n o va t io n h t t p s: / / www. yo u t u b e . co m / u se r / NT Ti3 Ch a n n e l 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.

Recommandé

Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
Priyanka Aash
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
Steve Lodin
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
Sirius
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
Andreas Sfakianakis
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
 

Recommandé

Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
Priyanka Aash
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
Steve Lodin
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
Sirius
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat IntelligenceWelcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
Andreas Sfakianakis
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
Mark Arena
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
Prachi Mishra
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
CMR WORLD TECH
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
PECB
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
ZaiffiEhsan
 
Threat Intelligence & Threat research Sources
Threat Intelligence & Threat research SourcesThreat Intelligence & Threat research Sources
Threat Intelligence & Threat research Sources
LearningwithRayYT
 
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to InsightCyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to Insight
Deep Shankar Yadav
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
Kumar Gaurav
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
Digit Oktavianto
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
Cyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down IntrudersCyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down Intruders
Infosec
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
Ben Boyd
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
Priyanka Aash
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
Ahmed Ayman
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
Erik Van Buggenhout
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
AbimbolaFisher1
 
How Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecurityHow Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber Security
Saqib Chaudhry
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
Cristian Garcia G.
 

Contenu connexe

Tendances

Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
 
Cyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down IntrudersCyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down Intruders
Infosec
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
Erik Van Buggenhout
 

Tendances (20)

Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Threat Intelligence & Threat research Sources
Threat Intelligence & Threat research SourcesThreat Intelligence & Threat research Sources
Threat Intelligence & Threat research Sources
 
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to InsightCyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to Insight
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
Cyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down IntrudersCyber Threat Hunting: Identify and Hunt Down Intruders
Cyber Threat Hunting: Identify and Hunt Down Intruders
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
 

Similaire à Global Cyber Threat Intelligence

A Study on Honeypots and Deceiving Attacker using Modern Honeypot Network
A Study on Honeypots and Deceiving Attacker using Modern Honeypot NetworkA Study on Honeypots and Deceiving Attacker using Modern Honeypot Network
A Study on Honeypots and Deceiving Attacker using Modern Honeypot Network
ijtsrd
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty
 
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018 NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptx
yugandharadahiphale2
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptx
yugandharadahiphale2
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector
Scott Geye
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Ivan Sang
 

Similaire à Global Cyber Threat Intelligence (20)

How Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber SecurityHow Data Analytics is Re-defining Modern Era in Cyber Security
How Data Analytics is Re-defining Modern Era in Cyber Security
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
 
Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
 
A Study on Honeypots and Deceiving Attacker using Modern Honeypot Network
A Study on Honeypots and Deceiving Attacker using Modern Honeypot NetworkA Study on Honeypots and Deceiving Attacker using Modern Honeypot Network
A Study on Honeypots and Deceiving Attacker using Modern Honeypot Network
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018 NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptx
 
icon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptxicon-aiincs-obusolini201809131800-190310184140.pptx
icon-aiincs-obusolini201809131800-190310184140.pptx
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
The malware monetization machine
The malware monetization machineThe malware monetization machine
The malware monetization machine
 
The artificial reality of cyber defense
The artificial reality of cyber defenseThe artificial reality of cyber defense
The artificial reality of cyber defense
 
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk ManagementOpen Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 
Evolución de la Ciber Seguridad
Evolución de la Ciber SeguridadEvolución de la Ciber Seguridad
Evolución de la Ciber Seguridad
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated Ransomware
 
World best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious linkWorld best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious link
 
Security Industry Overview
Security Industry OverviewSecurity Industry Overview
Security Industry Overview
 

Plus de NTT Innovation Institute Inc.

In Pursuit of Innovation: Full Lifecycle Innovation
In Pursuit of Innovation: Full Lifecycle InnovationIn Pursuit of Innovation: Full Lifecycle Innovation
In Pursuit of Innovation: Full Lifecycle Innovation
NTT Innovation Institute Inc.
 
In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...
In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...
In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...
NTT Innovation Institute Inc.
 
Cybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatCybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global Threat
NTT Innovation Institute Inc.
 
NTT i3 Point of View: Network Infrastructure Elasticity
NTT i3 Point of View: Network Infrastructure ElasticityNTT i3 Point of View: Network Infrastructure Elasticity
NTT i3 Point of View: Network Infrastructure Elasticity
NTT Innovation Institute Inc.
 

Plus de NTT Innovation Institute Inc. (6)

In Pursuit of Innovation: Full Lifecycle Innovation
In Pursuit of Innovation: Full Lifecycle InnovationIn Pursuit of Innovation: Full Lifecycle Innovation
In Pursuit of Innovation: Full Lifecycle Innovation
 
In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...
In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...
In Pursuit of Innovation: Curating the Culture of Ambitious Ideas, Rebellious...
 
Cybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global ThreatCybercrime: Radically Rethinking the Global Threat
Cybercrime: Radically Rethinking the Global Threat
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 
NTT i3 at OpenStack Summit - May 20th, 2015
NTT i3 at OpenStack Summit - May 20th, 2015NTT i3 at OpenStack Summit - May 20th, 2015
NTT i3 at OpenStack Summit - May 20th, 2015
 
NTT i3 Point of View: Network Infrastructure Elasticity
NTT i3 Point of View: Network Infrastructure ElasticityNTT i3 Point of View: Network Infrastructure Elasticity
NTT i3 Point of View: Network Infrastructure Elasticity
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Global Cyber Threat Intelligence

  • 1. Global Cyber Threat Intelligence Kenji Takahashi NTT Innovation Institute, Inc. 2016 Copyright NTT Innovation Institute, Inc. All rights reserved.
  • 2. 2 NTT i3 ACCELERATING THE TRANSFORMATION OF IDEAS FROM LAB TO MARKET Full Lifecycle Innovation FOCUS NTT Global Strategic Assets LEVERAGE Leading Companies and Startups ENGAGE INNOVATION Internet of Things Wearables Machine Learning MARKET-READY PLATFORMS Elastic Services Infrastructure Global Threat Intelligence Platform Cloud Service OrchestrationPlatform 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 3. 3 THE EVOLVING GLOBAL SECURITY LANDSCAPE Cybercriminals • Large and sophisticated global crime groups • Black markets for stolen data, tool, and hacker talent • Detailed knowledge on targets (vulnerabilities, businesses, organizations and people) Enterprise Security Team • Technology vulnerability of IT • Largely reactive security practices • Limited data sources and analytic capabilities • Security skills gaps Threats and attacks generated by criminals outpace security team capabilities 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 4. 4 THE GLOBAL THREATS LANDSCAPE IN 2016 Global Threat Intelligence Report 2016 (GTIR 2016) www.nttgroupsecurity.com Top 10 External Vulnerabilities Outdated PHP Version 8% Cross-Site Scripting (CSS/XSS) 7% Outdated Apache Web Server 7% SSL/TLS Information Disclosure 6% Web Clear Text Username/Password 5% Weak SSL/TLS Ciphers/Certificate 5% Outdated Apache Tomcat Server 4% Weak/No HTTPS cache policy 4% Cookie without HTTPOnly attribute set 3% SSL Certificate Signed using Weak Hashing Algorithm 3% Top 10 Internal Vulnerabilities Outdated Java Version 51% Outdated Adobe Flash Player 11% Outdated Adobe Reader and Acrobat 5% Outdated Microsoft Windows 3% Outdated Microsoft Internet Explorer 3% Outdated Mozilla Firefox 2% Outdated Microsoft Office 1% Outdated Linux Kernel 1% Outdated Novell Client 1% Outdated OpenSSH Version 1% The data presented is based on information gathered through 2015 Vulnerabilities 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 5. 5 THE GLOBAL THREATS LANDSCAPE IN 2016 Attacks The data presented is based on information gathered through 2015 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 6. 6 THE GLOBAL THREATS LANDSCAPE IN 2016 Incidents The data presented is based on information gathered through 2015 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 7. 7 HACKING FOR PROFIT – THE JP MORGAN CYBERATTACK 100 million customers of 12 companies in the US 8 years of operation 2007-2015 $100Ms in illicit proceeds Global cybercrime network 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 8. 8 RANSOM32: RANSOMWARE AS A SERVICE (source: http://blog.emsisoft.com/2016/01/01/meet-ransom32-the-first-javascript-ransomware/) 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 9. 9 THE CYBERCRIME INFRASTRUCTURE OF BOTNETS • Consists of thousands of victimized computers (”nodes”) • Buy or rent tools, data, services, and talents on the cyber black market using bitcoins • Recycled in 30 – 90 day cycle 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 10. 10 CYBER KILL CHAIN THE SEVEN PHASES OF A CYBER ATTACK *1: “Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains” by E. Hutchins, M. Cloppert, R. Amin, Lockheed Martin Corporation, 2011. http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf Cyber Kill Chain is a registered trademark of Lockheed Martin Corporation. RECONNAISSANCE WEAPONIZATION DELIVERY EXPLOITATION INSTALLATION COMMAND & CONTROL ACTIONS & OBJECTIVES 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 11. 11 CYBER KILL CHAIN: CASE STUDY RECONNAISSANCE Recon, PHP and SQL fingerprinting 0 DELIVERY & Delivery of SQL injection via Havij tool & Exploitation of injection attack Command & Control Establish and maintain C2 WEAPONIZATION Recon data analyzed and Havij tool selected and configured for attack Creation of accounts and installation of RAT EXPLOITATION 46 53 58 51 55 ACTIONS & OBJECTIVES 0 6059 65 First Identified Log Public Disclosure Observed 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved. Data exfiltration INSTALLATION
  • 12. 12 CKC AS A GUIDELINE FOR THREAT INTELLIGENCE • Analysis of earlier phase provides threat intelligence for later phases • Attribution underpins the analysis of CKC phases § Victims § Capabilities § Resources § Objectives • Strategic priority and focus are essential § Systems, services, data, and people of importance
  • 13. 13 WHAT CONSTITUTE THREAT INTELLIGENCE Threat intelligence is gathered from disparate sources and synthesized by human analysts to identify a specific threat and its target in advance of an incident. 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 14. 14 THREAT INTELLIGENCE EVOLVING SECURITY FROM REACTION TO PREDICTION A new approach to addressing global threats requires: 1 Creation of potential victim/target profiles 2 Prediction of threats based on the real-time analysis of a variety of data sources 3 Deployment of security control to monitor and block both predicted and existing threats 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 15. 15 GLOBAL THREAT INTELLIGENCE PLATFORM • Single holistic view of the real-time evolution of the dynamic threat landscape • Global dataset of more than 18 million attacks gathered from a wide variety of sources, across geographical and organizational boundaries • Advanced analytics driven by machine learning (including malware taint analysis) • API for seamless integration into applications, services and systems • Support led by managed security service professionals 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 16. 16 DEMO 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 17. CONTEXTUALIZATION Provide the “right” information best fit to user context • Context can be expressed by vertical industry, geographical region, CKC phases, attack type, victim profile, used resources (IP addresses, URLs/domains, malware, etc.) Enable users to formulate contextualized queries • Users can save and manage queries The information is further enriched • Gathering the data from multiple non threat sources • Put them into consistent format • Pivoting Facilitate collaboration among security experts • Annotation, Labeling 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved. 17
  • 18. 18 GTIP – MALWARE TAINT ANALYSIS ENGINE Dynamic data flow analysis by tracking down every movement of every bit of data by malware on a computer. Keep track of the trace of “tags” • Tags are identifiers placed on data, and are propagated as data moves inside computer, automatically tracking and identifying data provenance. BLACKLIST ANALYTICS ENGINE MALWARE BINARIES 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 19. 19 IMPORTANT ISSUES FOR THE FUTURE OF CYBERSECURITY • Information Sharing • Big Data and Machine Learning for Malware and Traffic Analysis • Software Defined Security Orchestration 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 20. 20 INFORMATION SHARING 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 21. 21 MALWARE CLASSIFICATION BY MACHINE LEARNING Applying Machine Learning to both dynamic and static analysis • Features from execution in GTIP Malware Taint Analysis Engine (dynamic analysis) • Features extracted from raw files (static analysis) Preliminary experiments result in promising 98% accuracy • 4,000 malware files and 3,000 benign files • Windows binaries Same approach can be applied to other types of malware • Mobile (.apk), PDF, JavaScript, MS Office, etc. 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 22. TEMPORAL VISUALIZATION AND ANALYSIS • Different types of attacks and CKC phases show distinguishing temporal patterns. • By visualizing and analyzing the patterns, we are exploring a way of taking actions in an earlier, quicker and effective manner. SSH attacks access many targets in Reconnaissance phase A malware attacks accesses only one target in Exploitation phase 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved. 22
  • 23. 23 TRAFFIC ANALYSIS: BOTNET INFRASTRUCTURE DETECTION Network providers, vendors, and law enforcements could detect bot masters and their infrastructures by working together Information sharing and massively scalable analytics are the key • Streaming analytics • Machine learning ML outlier detection Black lists, DNS sink holes, Passive DNS, DNS Cache, Domain Generation Algorithm (DGA), Domain profiling, ML clustering Netflow analysis, Behavior analysis 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.
  • 24. 24 BENDABLE NETWORKS: SOFTWARE DEFINED SECURITY ORCHESTRATION The integration of ESI and GTIP takes security operation integrity and agility to a new level. DEVICES GTIP + ESI SOURCES FW, IPS, IDS, SIEM… On-demand installation On-demand policy and configuration Detect Install and update SDN + NFV + Threat Intelligence BENDABLE NETWORKS
  • 25. 25 ACCELERATING THE TRANSFORMATION OF IDEAS FROM LAB TO MARKET h t t p : / / www. n t t i3 . co m h t t p s: / / t wit t e r. co m / n t t i3 h t t p s: / / www. lin ke d in . c o m / co m p a n y / n t t in n o va t io n i n st it u t e h t t p s: / / www. f a ce b o o k. co m / n t t in n o va t io n h t t p s: / / www. yo u t u b e . co m / u se r / NT Ti3 Ch a n n e l 2016 CopyrightNTT Innovation Institute, Inc. All rights reserved.