Cliccare è Sicuro: come Menlo Security Isolation Platform risolve i problemi di Navigazione Sicura e minacce Ransomware per le Grandi Aziende. I maggiori siti e portali sono Mashup che purtroppo nascondono molte vulnerabilità. L'approccio tradizionale "sito sicuro vs sito pericoloso" ha fallito e serve un nuovo paradigma.
Centinaia di diverse varianti di Ransomware in costante modifica e trasformazione. Modello di business con fornitore di software malevolo che danno garanzia di non tracciabilità. Business estremamente lucrativo
Posso ricevere ad esempio un link a cartella di documenti condivisi sui cloud più diffusi via email da una email di un collega che porta ad un documento con Ransomware!
Mittente conosciuto
Sito “sicuro”
Infezione assicurata!!!
To help enterprises design an architecture and select from among competing solutions for adaptive protection from advanced threats, we have developed an architecture composed of four high-level categories of competencies, with three drill-down capabilities in each category, for a total of 12 capabilities.
It is necessary to focus on capabilities within each category to deliver comprehensive, adaptive protection from attacks.
The adaptive protection architecture is a useful framework to help enterprises classify existing and potential security investments to ensure that there is a balanced approach to security investments. Rather than allowing the "hot" security startup of the day to define security investments, security organizations should evaluate their existing investments and competencies to determine where they are deficient. The adaptive protection architecture is also useful in classifying and evaluating vendors. Those that provide capabilities in multiple categories are more strategic than vendors that only fit in one category.
Independent (was hit last year)
135 Scripts
From x domains
Link back to risk of the site
Vulns – softeware versions out of date on servers + list of vulnerabilities associated
Do view page source can see call made to other sites showing the risks
Turn on:
See site loads in exactly the same way, adverts are running, scrolling same, hover overs the same, No pixilation, delay, effect on user experience at all
Flash working – converting to M4P
Hover overs
View source – link is our re-rendeing element
Demo:
Have a tool to show risks on the internet
Go to independent
Go direct
Site loading
To load 141 pieces of java script
4.8mb is all active content
Servers serving the content are out of date – ie vulnerable
Not saying independent has been hit, Independent not necessariy at risk, but 3rd party sites serving up the content
No user interuption
Hover overs
Click a link
Everything renders as expected
Do a view page source
Only showing banner information
Image file
Everything delivered through this javascript, click on link, only see our ACR code
Got to Sky
Whenever I
Eg Bloomberg – taking Flash stream and converting to M4p – Disable flash within the browser, take all those Flash vulnerabilities away, take a load of risk off the table instantly
Documents – bring link into platform , users do not get link to source
The unique advantages of the MSIP enable organizations to deploy isolation at scale, gaining the benefits of complete malware elimination without the drawbacks of prior isolation-based systems.