SlideShare une entreprise Scribd logo

McAffee_Security and System Integrity in Embedded Devices

Işınsu Akçetin
Işınsu Akçetin
TechnologieBusiness
1  sur  43
Télécharger pour lire hors ligne
McAfee Embedded Optimized Security Solutions for Embedded Systems Intel Intelligent Systems Event – Istanbul, Turkey Kathryn Martin – McAfee, OEM Account Manager April 2012
Agenda  McAfee – Security Trends & Threat Landscape  McAfee Embedded Security Solution  McAfee Software Development Kits for Embedded Systems  McAfee Global Threat Intelligence (GTI)  McAfee Centralized Embedded Security Management
Network Security Global Threat Intelligence • Next Generation Firewall • File Reputation • Network Intrusion Prevention • Web Reputation • NAC Gateway • Web Categorization • Network User Behavior Analysis • Message Reputation • Network Threat Behavior Analysis • Network Connection Reputation • Network Threat Response Content Security Endpoint Security • Email Gateway • Anti-Virus & Anti-Spyware • Web Gateway • Host Intrusion Prevention • Data Loss Prevention • Endpoint Encryption • Encryption • Application Whitelisting • Desktop Firewall • Device Control • Policy Auditing Security Management • NAC Endpoint • Email Server AV & Anti-Spam • Policy Management • SharePoint Protection • Security Reporting • Mobile Protection • Mobile Management • Virtual Desktop & Server • Vulnerability Management • Risk Management • Compliance
Security Trends Threat Landscape The Multi-Million Business
Increasing Embedded Device Security Threats 5 5 April 10,
The MALWARE Explosion 70M 60M 50M 40M 30M 20M 10M Cumulative JAN. MAR. MAY JULY SEPT. NOV. JAN. MAR. MAY 2010 FEB. 2010 APRIL 2010 JUNE 2010 AUG. 2010 OCT. 2010 DEC. 2011 FEB. 2011 APRIL 2011 JUNE Malware Threats 2010 2010 2010 2010 2010 2010 2011 2011 2011
Threat Landscape Global Malware Vision 2011 Malware (families) Malware (families) +662,900 (DAT related) (DAT related) * 2011 * Autorun Autorun +7,320,000 (Collection) (Collection) Exploits +2,800,000 (Collection) FakeAV, Scareware +8,600,000 (Collection) PassWord Stealers +14,400,000 (Collection) Rootkits +4,600,000 (Collection) Malware Zoo +75,200,000 (Collection)
Stuxnet: The Anatomy of an Attack • First worm developed with ―nation-state‖ support— WHAT targeted at sabotaging Iran’s nuclear enrichment facility • 60% infected machines in Iran—Iran confirmed damage to nuclear program in Fall 2010 • Highly sophisticated development—used 6 new zero- day vulnerabilities and worked flawlessly on all Windows versions down to Windows 95 • Digitally signed software HOW • Attacked SCADA systems running specific controllers — deep knowledge of control systems • Stealth attack, operated from 2008–2010— infected variable frequency drives with slight adjustment, enough to impact centrifuges
Explosion of IP Devices in a Connected World DEVICES CONNECTED DEVICES
Embedded Systems Are Changing Past Today Proprietary OS Windows, Linux Isolated Network Internet Connected High Development Cost Low Development Cost Low Support Cost Higher Support Cost Patching Rare * Patching Common * Limited Security Risk * Standard Security Risk *
Embedded Development Effects of Change: Higher Support Costs Development Cost Support Time
Embedded Development Goal: Keep Support Costs Low, Increase Revenue Development Cost Support Time
Embedded System Challenges Maintaining Security and Control Across the Lifecycle Device Manufacturer Distributor/Dealer Device Owner Security, Control, & Compliance
McAfee Embedded Security Solutions Key Focus Products for Embedded Application Control and Change Control Security Management (McAfee Embedded Control) (McAfee ePolicy Orchestrator) Content Security Virus Detection & Remediation (McAfee Embedded Reputation SDK) (McAfee Embedded Anti-Virus SDK) Additional Focus Products for Embedded Removable Device Security Host Network Security (McAfee Device Control) (McAfee Host Intrusion Prevention) Database Security Data Security (McAfee Activity Monitor/Virtual (McAfee Endpoint Encryption) Patching/Vulnerability Manager)
McAfee Embedded Security Protect your device effectively
McAfee Embedded Security The right security solution for your solutions Black Grey White Kiosks Point of Sale MAC REPUTATION-BASED Smart Meter Printer Firewall ATMs NetBook Email/Web Gateway Medical Devices Consumer PC Servers Web Servers SCADA Dynamic Static
Challenges - for Embedded Device/System Manufactures Unauthorized applications System Zero day downtime threats Rise in Security Secure support costs Control content Compliance Patching Device and updates management Traditional Compliance AV overhead drift
McAfee Embedded Security Single Solution for Challenge Resolution Prevention of Known & Accountability & Zero-Day Attacks Device Longevity • Dynamic whitelisting • What can change • No signatures to update • Who can change it • Only approved software Security Control • When it can change and applications run • How it can change • Patch on your schedule Compliance Compliance Ready • PCI • HIPAA • NERC • Fed. Regulations 18
The Embedded Security Product McAfee Embedded Control 1. Application control • Controls what software installs and runs • Prevents malware • Memory Protection • Reduces patching frequency Gain • Image deviation reporting Control 2. Change control • Enforces software change policy • Prevents out-of-policy changes • File integrity monitoring for compliance
McAfee Embedded Control How it works: Build the Inventory Preparation Stage Production Stage 0 1 2 3 Create Enable Solidified Solidified Inventory McAfee Disk Image Production Mode Automated Establish gold or Gold or audited Real-time continuous inventory creation audited image image solidification The solidification process requires no user intervention, and copies of solidified images can be distributed to other devices. 20
McAfee Embedded Control How it works: Maintain State With Trusted Change Solidified Authorized Returned to Production Mode Update Mode Solidified Mode Authorized Admin. AuthorizedU pdaters Secure Signed Updates Update Windows 21
McAfee Embedded Control Quick and Simple Setup • Once deployed, no re-configuration required • Nearly zero performance overhead • Small footprint 8-12MB RAM, ~25 MB HDD • Supports software distribution mechanisms • Broad platform support: • Microsoft OS since NT4 – Windows 8 (2012) • Multiple Linux Distributions (RHLE, SLES, etc.) • Solaris 8, 9, 10 (SPARC) • HPUX 11.11, .23, .31, • AIX 5.3, 6.1 • Wind River Linux 22
Blacklisting versus Whitelisting • Currently • No Signatures Required 80 Million Signatures of • Only Approved applications Malware known to McAfee allowed to execute • Every Day more than 60.000 • Protection against known unique threats newly identified threats and unknown threats • No protection against Rootkits (Zero-Day Exploits) • No protection against • Protection against rootkits Exploitation • Whitelist is dynamically evolving during lifetime
McAfee Embedded Security To secure solution for your solution Black Grey White Kiosks Point of Sale MAC REPUTATION-BASED Smart Meter Printer Firewall ATMs NetBook Email/Web Gateway Medical Devices Consumer PC Servers Web Servers SCADA Dynamic Static
McAfee Embedded Anti-Virus SDK Review Key Features, Functions, and Benefits Scan Engine SDK – Comprehensive detection so threats are isolated before they can spread – Removal of viruses, worms, and other malicious code – Reliable and accurate detection, without a costly false-alarm problem – Effective scanning of compressed, archived, and packed files – Support for a wide range of platforms – Scan engine SDK for easy integration into third-party applications
McAfee Embedded Security To secure solution for your solution Black Grey White Kiosks Point of Sale MAC REPUTATION-BASED Smart Meter Printer Firewall ATMs NetBook Email/Web Gateway Medical Devices Consumer PC Servers Web Servers SCADA Dynamic Static
McAfee Security Connected McAfee Global Threat Intelligence (GTI)
McAfee Global Threat Intelligence (GTI) • 75 Billion Malware Reputation Queries/Month • 20 Billion Email Reputation Queries/Month • 2 Billion IP Population Queries/Month Volume • 300 Million IPS Attacks/Month • 100 Million IP Port Reputation Queries/Month • 100+ BILLION QUERIES • Malware: 60 Million Endpoints Breadth • Email: 30 Million Nodes and • Web: 45 Million Endpoint and Gateway Users Depth • Intrusions: 4 Million Nodes • 100+ MILLION NODES, 120 COUNTRIES
What It Takes to Make An Organization Safe Global Threat Intelligence Threat Reputation Network Web Mail 3rd Party Firewall Gateway Gateway Host AV Host IPS IPS Feed .
Why McAfee Is Best Positioned to Deliver GTI 360˚ Correlation Across All Threat Vectors • IP addresses distributing • Mail/spam sending activity • URLs hosting malware • Web access/referer activity • Mail/spam including it • Malware hosting activity • Botnet affiliation • Hosted files • IPS attacks caused • Popups • Affiliations Web Reputation File Reputation • DNS hosting activity • Botnet/DDoS activity Network Connection Reputation • Mail/spam sending activity •Message Reputation Mail/spam sending activity • Web access activity • Intrusion attacks launched • Malware hosting activity • IP addresses of attackers • Network probing activity • Web hosting/phishing activity • Presence of malware • Botnet/DDoS activity • DNS hosting activity • Intrusion attacks launched
McAfee Embedded Reputation SDK Review Key Features, Functions, and Benefits The McAfee Embedded Reputation SDK is a software library that provides an API for obtaining reputations and categories from McAfee’s GTI Cloud. Reputation SDK Web Security • URL Categorization • Web Reputation Reputation SDK Email and Network Protection • IP Reputation (anti-spam) • Message Reputation (anti-spam) • Connection Reputation Embedded Reputation SDK Real-time Lookups via our GTI cloud service Supported Platforms • Windows, Solaris, Linux and BSD (specific x86 versions)
McAfee Embedded Security Management McAfee ePolicy Orchestrator (ePO)
McAfee ePolicy Orchestrator Centralized Security Management Extensible Automated Unified Enterprise-ready • Automate solutions • Streamline • Central point of • Distributed with open API processes reference architecture • Leverage • Speed incident • Enterprise-wide supports ecosystem responses visibility deployments of • Connect to your IT • Reduce audit • Reduce any size infrastructure fatigue management • Flexible reference complexity architecture McAfee ePolicy Orchestrator 33
McAfee ePolicy Orchestrator Key Feature Overview • End-to-End Visibility • Rogue System Detection – Unified point of reference across – Identify and manage all networked security solutions assets to lower risk • Personalized Command Center • Powerful Workflows – Tune work environment to optimize – Automate common routines, streamline efficiencies processes across systems • Drag-and-Drop Dashboards and • Enterprise-ready Actionable Reports – Flexible, scalable architecture minimizes – Immediate insight to action slashes CAPex and OPex response times • Extensible Framework • Role-based Access Control – Increase value of existing security – Distribute administration and assets, optimize for future needs information McAfee ePolicy Orchestor 34
Use Cases McAfee Technologies
OEM Case Study NCR Financial Solutions Global leader in assisted and self-service retail and financial systems, shipping 60,000+ ATMs/year with McAfee Embedded Security • Problem Definition • Lack of zero-day security • Unauthorized software changes on production ATMs • What NCR Needed • Provide zero-day comprehensive security • Transparent, small footprint & no overhead • Deploy and forget, without ongoing updates • Cost effective • Why Embedded Security • Insider threat mitigation, no unauthorized changes • Complete ATM channel change control for PCI compliance • Standardized on NCR APTRA platform • How They Did It • Utilizing process and certificate-based updaters for secure change control • Built a repeatable process for specific application and OS auditing ―With this technology and compliance-ready ATMs, our bank customers don’t have 36 to worry about security issues affecting their business or their consumer.‖ McAfee Internal Use Only Confidential
OEM Case Study NEC Infrontia POS NEC Infrontia is a leading developer of point-of-sale systems, and currently ships more than 15,000 POS systems in Japan with McAfee Embedded Security • Problem Definition • High partner support costs related to security problems • Frequent OS patching • Minimal to no PCI compliance • What NEC Needed • Reduce patching on Windows XP Embedded OS • No performance draining security • Need for service provider partners to make changes • Compliance • Why Embedded Security • Prevents unapproved installs to reduce in-field breakage • Reduces number of touch points to the device • Minimizes the need to frequently patch the OS • Change control provides tight control over what is installed • Delivers PCI compliant device to retailers ―Embedding McAfee gives us complete control and certainty over what changes on each device.‖ 37 Confidential McAfee Internal Use Only
OEM Case Study Merge Healthcare MRI Merge Healthcare’s CADstream™, the standard in CAD for magnetic resonance imaging (MRI), ships with McAfee Embedded Security • Problem Definition • Unavailability caused by unauthorized changes • Rampant field maintenance from unauthorized software modifications • Current security solution resource intensive • No Compliance • What Merge Healthcare Needed • Blocking unapproved installs to reduce in-hospital breakage • Less frequent OS patching cycles • Low overhead keeps system running smooth at hospitals • Provides zero-day protection for sustainable FDA compliance • Change control dictates what can be changed or installed • Why Embedded Security • Minimal overhead required • Protection in a standalone mode • Code protection from unwanted and unauthorized change ―Integrating McAfee Embedded Security into CADstream improved CADstream security, availability, and support.‖ Confidential McAfee Internal Use Only
OEM Case Study Sharp MFPs Global leader in developing integrated business solutions, shipping more than 15,000 MX-series MFPs in Japan with McAfee Embedded Security • Problem Definition • Lack of control and minimal device security • High field maintenance costs tied to unauthorized changes • No PCI compliance or zero-day protection • What Sharp Needed • Single solution for security and compliance • Minimal device overhead • Why Embedded Security • Prevents zero-day attacks and unnecessary field maintenance • Allows for controlled configuration changes • Improved service availability • Helps ensure PCI compliance • How They Did It • Created template policies for configuration and system protection • Trusted only the processes they wanted for application updates ―McAfee locks-down our office automation printers and multifunction peripherals 39 by preventing unauthorized access and software changes.‖ Confidential McAfee Internal Use Only
McAfee Trusted Security Partner for Embedded Developers PARTNERSHIP TECHNOLOGY McAfee Embedded Security EXPERTISE NEXT STEPS Identify & Scope and OEM evaluate conduct proof partnership needs of concept agreement
McAfee Embedded Security Compliance: PCI DSS Requirements Section 5 • Whitelisting approach provides complete malware Use and regularly update protection without need for updates anti-virus software Section 6 • Zero-day protection and change reconciliation with Develop and maintain change management systems secure systems and apps Section 10 • File change tracking on cardholder data, user Track and monitor all activity, and unauthorized change attempts access to cardholder data Section 11 • Comprehensive file integrity monitoring and Regularly test security malware protection systems and processes 42
McAfee Embedded Security Compliance: NERC CIP-007 Guidelines CIP-007-1-R1 • Application control protects the state of systems Ensure cyber assets and changes and keeps security controls pristine, while change to assets do not adversly affect control tracks changes specified in the requirement cyber security controls and during an audit CIP-007-1-R2 • Application control maintains the state of the Ensure ports and services system and prevents configuration changes to required for normal standards set by the ―responsible entity‖ operations are enabled CIP-007-1-R3 • Application control provides a compensating Security patch management for measure to mitigate risk exposure when the tracking, evaluating, testing, and security patch or patch management program installing cyber security patches cannot be accomplished CIP-007-1-R4 • Application control and whitelisting-based Use anti-virus and malware approach provides complete proactive malware prevention to detect, prevent, protection without need for updates or signatures deter, and mitigate malware CIP-007-1-R6 • Change control provides file integrity monitoring, Ensure Cyber Assets implement system alerts, and login attempts, while application automated tools or process control can lock the system controls to monitor system events 43

Recommandé

Embedded Systems Security
Embedded Systems Security Embedded Systems Security
Embedded Systems Security Malachi Jones
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System SecurityAdel Barkam
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systemsRaghav S
 
Secure Embedded Systems
Secure Embedded SystemsSecure Embedded Systems
Secure Embedded SystemsInformatik-Forum Stuttgart e.V.
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system UrmilasSrinivasan
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 

Recommandé

Embedded Systems Security
Embedded Systems Security Embedded Systems Security
Embedded Systems Security Malachi Jones
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System SecurityAdel Barkam
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systemsRaghav S
 
Secure Embedded Systems
Secure Embedded SystemsSecure Embedded Systems
Secure Embedded SystemsInformatik-Forum Stuttgart e.V.
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system UrmilasSrinivasan
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksPriyanka Aash
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 James Nesbitt
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiClubHack
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture InnoTech
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyNext Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyL. Duke Golden
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsCommunity Protection Forum
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsurancePriyanka Aash
 
Cyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsCyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsAgence du Numérique (AdN)
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryNarudom Roongsiriwong, CISSP
 
Robot supervisor
Robot supervisorRobot supervisor
Robot supervisorMalak Talbi
 

Contenu connexe

Tendances

Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksPriyanka Aash
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 James Nesbitt
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiClubHack
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture InnoTech
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyNext Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyL. Duke Golden
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsurancePriyanka Aash
 
Cyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsCyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsAgence du Numérique (AdN)
 

Tendances (20)

Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
 
Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Critical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh BelgiCritical Infrastructure Security by Subodh Belgi
Critical Infrastructure Security by Subodh Belgi
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyNext Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
 
Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- Insurance
 
Cyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsCyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy Systems
 

En vedette

Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryNarudom Roongsiriwong, CISSP
 
Robot supervisor
Robot supervisorRobot supervisor
Robot supervisorMalak Talbi
 
Embedded based home security system
Embedded based home security systemEmbedded based home security system
Embedded based home security systemNIT srinagar
 
121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheads121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheadscgodefroy
 

En vedette (7)

Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment Industry
 
Robot supervisor
Robot supervisorRobot supervisor
Robot supervisor
 
Security in Embedded systems
Security in Embedded systems Security in Embedded systems
Security in Embedded systems
 
Embedded based home security system
Embedded based home security systemEmbedded based home security system
Embedded based home security system
 
121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheads121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheads
 
Présentation des IoT
Présentation des IoTPrésentation des IoT
Présentation des IoT
 
Les systèmes embarqués arduino
Les systèmes embarqués arduinoLes systèmes embarqués arduino
Les systèmes embarqués arduino
 

Similaire à McAffee_Security and System Integrity in Embedded Devices

RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012Symantec
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012Nicolai Henriksen
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint ProtectionSophos
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudTrend Micro (EMEA) Limited
 
8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't StopSophos
 
2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk ManagementPinewood
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...Amazon Web Services
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentationsathiyamaha
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaMicrosoft Singapore
 
Real-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionReal-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionWebroot
 
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...IBM Sverige
 
MID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_ENMID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_ENVladyslav Radetsky
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightIBM WebSphereIndia
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
B sep ds-21194634.en-us
B sep ds-21194634.en-usB sep ds-21194634.en-us
B sep ds-21194634.en-usPelos TCHIKAYA
 
Kaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKirill Kertsenbaum
 
Eset India General Presentation
Eset India General PresentationEset India General Presentation
Eset India General PresentationKsenia Kondratieva
 

Similaire à McAffee_Security and System Integrity in Embedded Devices (20)

RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the Cloud
 
8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop
 
2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
Information Security
Information SecurityInformation Security
Information Security
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estonina
 
Real-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionReal-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware Infection
 
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
 
MID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_ENMID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_EN
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with Worklight
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
B sep ds-21194634.en-us
B sep ds-21194634.en-usB sep ds-21194634.en-us
B sep ds-21194634.en-us
 
Kaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISH
 
Eset India General Presentation
Eset India General PresentationEset India General Presentation
Eset India General Presentation
 

Plus de Işınsu Akçetin

Microsoft_Microsoft Embedded Solutions
Microsoft_Microsoft Embedded SolutionsMicrosoft_Microsoft Embedded Solutions
Microsoft_Microsoft Embedded SolutionsIşınsu Akçetin
 
Intel_Solid State Discs and Wireless Solutions in Embedded Devices
Intel_Solid State Discs and Wireless Solutions in Embedded DevicesIntel_Solid State Discs and Wireless Solutions in Embedded Devices
Intel_Solid State Discs and Wireless Solutions in Embedded DevicesIşınsu Akçetin
 
Wind River_Accelerate Your Next Embedded Development Project
Wind River_Accelerate Your Next Embedded Development ProjectWind River_Accelerate Your Next Embedded Development Project
Wind River_Accelerate Your Next Embedded Development ProjectIşınsu Akçetin
 
Intel_Low Power Intelligent Solutions with Intel Atom Processor
Intel_Low Power Intelligent Solutions with Intel Atom ProcessorIntel_Low Power Intelligent Solutions with Intel Atom Processor
Intel_Low Power Intelligent Solutions with Intel Atom ProcessorIşınsu Akçetin
 
Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...
Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...
Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...Işınsu Akçetin
 
Kontron_Embedded Platforms and Solutions for MAG_Ankara
Kontron_Embedded Platforms and Solutions for MAG_AnkaraKontron_Embedded Platforms and Solutions for MAG_Ankara
Kontron_Embedded Platforms and Solutions for MAG_AnkaraIşınsu Akçetin
 
Intel_Intelligent Solutions for Military and Aerospace
Intel_Intelligent Solutions for Military and AerospaceIntel_Intelligent Solutions for Military and Aerospace
Intel_Intelligent Solutions for Military and AerospaceIşınsu Akçetin
 
Intel_Embedded Intel Core Processors Do More Now and in the Future
Intel_Embedded Intel Core Processors Do More Now and in the FutureIntel_Embedded Intel Core Processors Do More Now and in the Future
Intel_Embedded Intel Core Processors Do More Now and in the FutureIşınsu Akçetin
 
Congatec_Global Vendor for Innovative Embedded Solutions_Istanbul
Congatec_Global Vendor for Innovative Embedded Solutions_IstanbulCongatec_Global Vendor for Innovative Embedded Solutions_Istanbul
Congatec_Global Vendor for Innovative Embedded Solutions_IstanbulIşınsu Akçetin
 
Congatec_Global Vendor for Innovative Embedded Solutions_Ankara
Congatec_Global Vendor for Innovative Embedded Solutions_AnkaraCongatec_Global Vendor for Innovative Embedded Solutions_Ankara
Congatec_Global Vendor for Innovative Embedded Solutions_AnkaraIşınsu Akçetin
 

Plus de Işınsu Akçetin (10)

Microsoft_Microsoft Embedded Solutions
Microsoft_Microsoft Embedded SolutionsMicrosoft_Microsoft Embedded Solutions
Microsoft_Microsoft Embedded Solutions
 
Intel_Solid State Discs and Wireless Solutions in Embedded Devices
Intel_Solid State Discs and Wireless Solutions in Embedded DevicesIntel_Solid State Discs and Wireless Solutions in Embedded Devices
Intel_Solid State Discs and Wireless Solutions in Embedded Devices
 
Wind River_Accelerate Your Next Embedded Development Project
Wind River_Accelerate Your Next Embedded Development ProjectWind River_Accelerate Your Next Embedded Development Project
Wind River_Accelerate Your Next Embedded Development Project
 
Intel_Low Power Intelligent Solutions with Intel Atom Processor
Intel_Low Power Intelligent Solutions with Intel Atom ProcessorIntel_Low Power Intelligent Solutions with Intel Atom Processor
Intel_Low Power Intelligent Solutions with Intel Atom Processor
 
Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...
Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...
Kontron_Intelligent Application Ready Platforms and Solutions for Infotainmen...
 
Kontron_Embedded Platforms and Solutions for MAG_Ankara
Kontron_Embedded Platforms and Solutions for MAG_AnkaraKontron_Embedded Platforms and Solutions for MAG_Ankara
Kontron_Embedded Platforms and Solutions for MAG_Ankara
 
Intel_Intelligent Solutions for Military and Aerospace
Intel_Intelligent Solutions for Military and AerospaceIntel_Intelligent Solutions for Military and Aerospace
Intel_Intelligent Solutions for Military and Aerospace
 
Intel_Embedded Intel Core Processors Do More Now and in the Future
Intel_Embedded Intel Core Processors Do More Now and in the FutureIntel_Embedded Intel Core Processors Do More Now and in the Future
Intel_Embedded Intel Core Processors Do More Now and in the Future
 
Congatec_Global Vendor for Innovative Embedded Solutions_Istanbul
Congatec_Global Vendor for Innovative Embedded Solutions_IstanbulCongatec_Global Vendor for Innovative Embedded Solutions_Istanbul
Congatec_Global Vendor for Innovative Embedded Solutions_Istanbul
 
Congatec_Global Vendor for Innovative Embedded Solutions_Ankara
Congatec_Global Vendor for Innovative Embedded Solutions_AnkaraCongatec_Global Vendor for Innovative Embedded Solutions_Ankara
Congatec_Global Vendor for Innovative Embedded Solutions_Ankara
 

Dernier

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 

Dernier (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 

McAffee_Security and System Integrity in Embedded Devices

  • 1. McAfee Embedded Optimized Security Solutions for Embedded Systems Intel Intelligent Systems Event – Istanbul, Turkey Kathryn Martin – McAfee, OEM Account Manager April 2012
  • 2. Agenda  McAfee – Security Trends & Threat Landscape  McAfee Embedded Security Solution  McAfee Software Development Kits for Embedded Systems  McAfee Global Threat Intelligence (GTI)  McAfee Centralized Embedded Security Management
  • 3. Network Security Global Threat Intelligence • Next Generation Firewall • File Reputation • Network Intrusion Prevention • Web Reputation • NAC Gateway • Web Categorization • Network User Behavior Analysis • Message Reputation • Network Threat Behavior Analysis • Network Connection Reputation • Network Threat Response Content Security Endpoint Security • Email Gateway • Anti-Virus & Anti-Spyware • Web Gateway • Host Intrusion Prevention • Data Loss Prevention • Endpoint Encryption • Encryption • Application Whitelisting • Desktop Firewall • Device Control • Policy Auditing Security Management • NAC Endpoint • Email Server AV & Anti-Spam • Policy Management • SharePoint Protection • Security Reporting • Mobile Protection • Mobile Management • Virtual Desktop & Server • Vulnerability Management • Risk Management • Compliance
  • 4. Security Trends Threat Landscape The Multi-Million Business
  • 5. Increasing Embedded Device Security Threats 5 5 April 10,
  • 6. The MALWARE Explosion 70M 60M 50M 40M 30M 20M 10M Cumulative JAN. MAR. MAY JULY SEPT. NOV. JAN. MAR. MAY 2010 FEB. 2010 APRIL 2010 JUNE 2010 AUG. 2010 OCT. 2010 DEC. 2011 FEB. 2011 APRIL 2011 JUNE Malware Threats 2010 2010 2010 2010 2010 2010 2011 2011 2011
  • 7. Threat Landscape Global Malware Vision 2011 Malware (families) Malware (families) +662,900 (DAT related) (DAT related) * 2011 * Autorun Autorun +7,320,000 (Collection) (Collection) Exploits +2,800,000 (Collection) FakeAV, Scareware +8,600,000 (Collection) PassWord Stealers +14,400,000 (Collection) Rootkits +4,600,000 (Collection) Malware Zoo +75,200,000 (Collection)
  • 8. Stuxnet: The Anatomy of an Attack • First worm developed with ―nation-state‖ support— WHAT targeted at sabotaging Iran’s nuclear enrichment facility • 60% infected machines in Iran—Iran confirmed damage to nuclear program in Fall 2010 • Highly sophisticated development—used 6 new zero- day vulnerabilities and worked flawlessly on all Windows versions down to Windows 95 • Digitally signed software HOW • Attacked SCADA systems running specific controllers — deep knowledge of control systems • Stealth attack, operated from 2008–2010— infected variable frequency drives with slight adjustment, enough to impact centrifuges
  • 9. Explosion of IP Devices in a Connected World DEVICES CONNECTED DEVICES
  • 10. Embedded Systems Are Changing Past Today Proprietary OS Windows, Linux Isolated Network Internet Connected High Development Cost Low Development Cost Low Support Cost Higher Support Cost Patching Rare * Patching Common * Limited Security Risk * Standard Security Risk *
  • 11. Embedded Development Effects of Change: Higher Support Costs Development Cost Support Time
  • 12. Embedded Development Goal: Keep Support Costs Low, Increase Revenue Development Cost Support Time
  • 13. Embedded System Challenges Maintaining Security and Control Across the Lifecycle Device Manufacturer Distributor/Dealer Device Owner Security, Control, & Compliance
  • 14. McAfee Embedded Security Solutions Key Focus Products for Embedded Application Control and Change Control Security Management (McAfee Embedded Control) (McAfee ePolicy Orchestrator) Content Security Virus Detection & Remediation (McAfee Embedded Reputation SDK) (McAfee Embedded Anti-Virus SDK) Additional Focus Products for Embedded Removable Device Security Host Network Security (McAfee Device Control) (McAfee Host Intrusion Prevention) Database Security Data Security (McAfee Activity Monitor/Virtual (McAfee Endpoint Encryption) Patching/Vulnerability Manager)
  • 15. McAfee Embedded Security Protect your device effectively
  • 16. McAfee Embedded Security The right security solution for your solutions Black Grey White Kiosks Point of Sale MAC REPUTATION-BASED Smart Meter Printer Firewall ATMs NetBook Email/Web Gateway Medical Devices Consumer PC Servers Web Servers SCADA Dynamic Static
  • 17. Challenges - for Embedded Device/System Manufactures Unauthorized applications System Zero day downtime threats Rise in Security Secure support costs Control content Compliance Patching Device and updates management Traditional Compliance AV overhead drift
  • 18. McAfee Embedded Security Single Solution for Challenge Resolution Prevention of Known & Accountability & Zero-Day Attacks Device Longevity • Dynamic whitelisting • What can change • No signatures to update • Who can change it • Only approved software Security Control • When it can change and applications run • How it can change • Patch on your schedule Compliance Compliance Ready • PCI • HIPAA • NERC • Fed. Regulations 18
  • 19. The Embedded Security Product McAfee Embedded Control 1. Application control • Controls what software installs and runs • Prevents malware • Memory Protection • Reduces patching frequency Gain • Image deviation reporting Control 2. Change control • Enforces software change policy • Prevents out-of-policy changes • File integrity monitoring for compliance
  • 20. McAfee Embedded Control How it works: Build the Inventory Preparation Stage Production Stage 0 1 2 3 Create Enable Solidified Solidified Inventory McAfee Disk Image Production Mode Automated Establish gold or Gold or audited Real-time continuous inventory creation audited image image solidification The solidification process requires no user intervention, and copies of solidified images can be distributed to other devices. 20
  • 21. McAfee Embedded Control How it works: Maintain State With Trusted Change Solidified Authorized Returned to Production Mode Update Mode Solidified Mode Authorized Admin. AuthorizedU pdaters Secure Signed Updates Update Windows 21
  • 22. McAfee Embedded Control Quick and Simple Setup • Once deployed, no re-configuration required • Nearly zero performance overhead • Small footprint 8-12MB RAM, ~25 MB HDD • Supports software distribution mechanisms • Broad platform support: • Microsoft OS since NT4 – Windows 8 (2012) • Multiple Linux Distributions (RHLE, SLES, etc.) • Solaris 8, 9, 10 (SPARC) • HPUX 11.11, .23, .31, • AIX 5.3, 6.1 • Wind River Linux 22
  • 23. Blacklisting versus Whitelisting • Currently • No Signatures Required 80 Million Signatures of • Only Approved applications Malware known to McAfee allowed to execute • Every Day more than 60.000 • Protection against known unique threats newly identified threats and unknown threats • No protection against Rootkits (Zero-Day Exploits) • No protection against • Protection against rootkits Exploitation • Whitelist is dynamically evolving during lifetime
  • 24. McAfee Embedded Security To secure solution for your solution Black Grey White Kiosks Point of Sale MAC REPUTATION-BASED Smart Meter Printer Firewall ATMs NetBook Email/Web Gateway Medical Devices Consumer PC Servers Web Servers SCADA Dynamic Static
  • 25. McAfee Embedded Anti-Virus SDK Review Key Features, Functions, and Benefits Scan Engine SDK – Comprehensive detection so threats are isolated before they can spread – Removal of viruses, worms, and other malicious code – Reliable and accurate detection, without a costly false-alarm problem – Effective scanning of compressed, archived, and packed files – Support for a wide range of platforms – Scan engine SDK for easy integration into third-party applications
  • 26. McAfee Embedded Security To secure solution for your solution Black Grey White Kiosks Point of Sale MAC REPUTATION-BASED Smart Meter Printer Firewall ATMs NetBook Email/Web Gateway Medical Devices Consumer PC Servers Web Servers SCADA Dynamic Static
  • 27. McAfee Security Connected McAfee Global Threat Intelligence (GTI)
  • 28. McAfee Global Threat Intelligence (GTI) • 75 Billion Malware Reputation Queries/Month • 20 Billion Email Reputation Queries/Month • 2 Billion IP Population Queries/Month Volume • 300 Million IPS Attacks/Month • 100 Million IP Port Reputation Queries/Month • 100+ BILLION QUERIES • Malware: 60 Million Endpoints Breadth • Email: 30 Million Nodes and • Web: 45 Million Endpoint and Gateway Users Depth • Intrusions: 4 Million Nodes • 100+ MILLION NODES, 120 COUNTRIES
  • 29. What It Takes to Make An Organization Safe Global Threat Intelligence Threat Reputation Network Web Mail 3rd Party Firewall Gateway Gateway Host AV Host IPS IPS Feed .
  • 30. Why McAfee Is Best Positioned to Deliver GTI 360˚ Correlation Across All Threat Vectors • IP addresses distributing • Mail/spam sending activity • URLs hosting malware • Web access/referer activity • Mail/spam including it • Malware hosting activity • Botnet affiliation • Hosted files • IPS attacks caused • Popups • Affiliations Web Reputation File Reputation • DNS hosting activity • Botnet/DDoS activity Network Connection Reputation • Mail/spam sending activity •Message Reputation Mail/spam sending activity • Web access activity • Intrusion attacks launched • Malware hosting activity • IP addresses of attackers • Network probing activity • Web hosting/phishing activity • Presence of malware • Botnet/DDoS activity • DNS hosting activity • Intrusion attacks launched
  • 31. McAfee Embedded Reputation SDK Review Key Features, Functions, and Benefits The McAfee Embedded Reputation SDK is a software library that provides an API for obtaining reputations and categories from McAfee’s GTI Cloud. Reputation SDK Web Security • URL Categorization • Web Reputation Reputation SDK Email and Network Protection • IP Reputation (anti-spam) • Message Reputation (anti-spam) • Connection Reputation Embedded Reputation SDK Real-time Lookups via our GTI cloud service Supported Platforms • Windows, Solaris, Linux and BSD (specific x86 versions)
  • 32. McAfee Embedded Security Management McAfee ePolicy Orchestrator (ePO)
  • 33. McAfee ePolicy Orchestrator Centralized Security Management Extensible Automated Unified Enterprise-ready • Automate solutions • Streamline • Central point of • Distributed with open API processes reference architecture • Leverage • Speed incident • Enterprise-wide supports ecosystem responses visibility deployments of • Connect to your IT • Reduce audit • Reduce any size infrastructure fatigue management • Flexible reference complexity architecture McAfee ePolicy Orchestrator 33
  • 34. McAfee ePolicy Orchestrator Key Feature Overview • End-to-End Visibility • Rogue System Detection – Unified point of reference across – Identify and manage all networked security solutions assets to lower risk • Personalized Command Center • Powerful Workflows – Tune work environment to optimize – Automate common routines, streamline efficiencies processes across systems • Drag-and-Drop Dashboards and • Enterprise-ready Actionable Reports – Flexible, scalable architecture minimizes – Immediate insight to action slashes CAPex and OPex response times • Extensible Framework • Role-based Access Control – Increase value of existing security – Distribute administration and assets, optimize for future needs information McAfee ePolicy Orchestor 34
  • 36. OEM Case Study NCR Financial Solutions Global leader in assisted and self-service retail and financial systems, shipping 60,000+ ATMs/year with McAfee Embedded Security • Problem Definition • Lack of zero-day security • Unauthorized software changes on production ATMs • What NCR Needed • Provide zero-day comprehensive security • Transparent, small footprint & no overhead • Deploy and forget, without ongoing updates • Cost effective • Why Embedded Security • Insider threat mitigation, no unauthorized changes • Complete ATM channel change control for PCI compliance • Standardized on NCR APTRA platform • How They Did It • Utilizing process and certificate-based updaters for secure change control • Built a repeatable process for specific application and OS auditing ―With this technology and compliance-ready ATMs, our bank customers don’t have 36 to worry about security issues affecting their business or their consumer.‖ McAfee Internal Use Only Confidential
  • 37. OEM Case Study NEC Infrontia POS NEC Infrontia is a leading developer of point-of-sale systems, and currently ships more than 15,000 POS systems in Japan with McAfee Embedded Security • Problem Definition • High partner support costs related to security problems • Frequent OS patching • Minimal to no PCI compliance • What NEC Needed • Reduce patching on Windows XP Embedded OS • No performance draining security • Need for service provider partners to make changes • Compliance • Why Embedded Security • Prevents unapproved installs to reduce in-field breakage • Reduces number of touch points to the device • Minimizes the need to frequently patch the OS • Change control provides tight control over what is installed • Delivers PCI compliant device to retailers ―Embedding McAfee gives us complete control and certainty over what changes on each device.‖ 37 Confidential McAfee Internal Use Only
  • 38. OEM Case Study Merge Healthcare MRI Merge Healthcare’s CADstream™, the standard in CAD for magnetic resonance imaging (MRI), ships with McAfee Embedded Security • Problem Definition • Unavailability caused by unauthorized changes • Rampant field maintenance from unauthorized software modifications • Current security solution resource intensive • No Compliance • What Merge Healthcare Needed • Blocking unapproved installs to reduce in-hospital breakage • Less frequent OS patching cycles • Low overhead keeps system running smooth at hospitals • Provides zero-day protection for sustainable FDA compliance • Change control dictates what can be changed or installed • Why Embedded Security • Minimal overhead required • Protection in a standalone mode • Code protection from unwanted and unauthorized change ―Integrating McAfee Embedded Security into CADstream improved CADstream security, availability, and support.‖ Confidential McAfee Internal Use Only
  • 39. OEM Case Study Sharp MFPs Global leader in developing integrated business solutions, shipping more than 15,000 MX-series MFPs in Japan with McAfee Embedded Security • Problem Definition • Lack of control and minimal device security • High field maintenance costs tied to unauthorized changes • No PCI compliance or zero-day protection • What Sharp Needed • Single solution for security and compliance • Minimal device overhead • Why Embedded Security • Prevents zero-day attacks and unnecessary field maintenance • Allows for controlled configuration changes • Improved service availability • Helps ensure PCI compliance • How They Did It • Created template policies for configuration and system protection • Trusted only the processes they wanted for application updates ―McAfee locks-down our office automation printers and multifunction peripherals 39 by preventing unauthorized access and software changes.‖ Confidential McAfee Internal Use Only
  • 40. McAfee Trusted Security Partner for Embedded Developers PARTNERSHIP TECHNOLOGY McAfee Embedded Security EXPERTISE NEXT STEPS Identify & Scope and OEM evaluate conduct proof partnership needs of concept agreement
  • 41.
  • 42. McAfee Embedded Security Compliance: PCI DSS Requirements Section 5 • Whitelisting approach provides complete malware Use and regularly update protection without need for updates anti-virus software Section 6 • Zero-day protection and change reconciliation with Develop and maintain change management systems secure systems and apps Section 10 • File change tracking on cardholder data, user Track and monitor all activity, and unauthorized change attempts access to cardholder data Section 11 • Comprehensive file integrity monitoring and Regularly test security malware protection systems and processes 42
  • 43. McAfee Embedded Security Compliance: NERC CIP-007 Guidelines CIP-007-1-R1 • Application control protects the state of systems Ensure cyber assets and changes and keeps security controls pristine, while change to assets do not adversly affect control tracks changes specified in the requirement cyber security controls and during an audit CIP-007-1-R2 • Application control maintains the state of the Ensure ports and services system and prevents configuration changes to required for normal standards set by the ―responsible entity‖ operations are enabled CIP-007-1-R3 • Application control provides a compensating Security patch management for measure to mitigate risk exposure when the tracking, evaluating, testing, and security patch or patch management program installing cyber security patches cannot be accomplished CIP-007-1-R4 • Application control and whitelisting-based Use anti-virus and malware approach provides complete proactive malware prevention to detect, prevent, protection without need for updates or signatures deter, and mitigate malware CIP-007-1-R6 • Change control provides file integrity monitoring, Ensure Cyber Assets implement system alerts, and login attempts, while application automated tools or process control can lock the system controls to monitor system events 43