SlideShare una empresa de Scribd logo

3D Security Report

Group of company MUK
Group of company MUK
Tecnología
1 de 20
SAMPLE REPORT Prepared by Check Point Software Technologies
Contents Executive Summary………………………………………………………… 3 Web Security Events………………………………………………………… 4 Intrusion and Attack Events………………………………………………… 6 Data Loss Events…………………………………………………………… 8 Bot and Virus Events………………………………………………………… 9 Bandwidth Analysis………………………………………………………… 12 Remediation Recommendations………………………………………… 16 Web Security Event Remediation Recommendations……………… 16 Intrusion Prevention Event Remediation Recommendations…… 16 Data Loss Event Remediation Recommendations………………… 17 Bot and Virus Event Remediation Recommendations……………… 17 Introducing Check Point 3D Security…………………………………… 18 About Check Point Software Technologies……………………………… 19 ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 2
Executive Summary This document provides the findings of a recent 3D Security Analysis of your infrastructure. The document represents a summary of these findings and presents a set of recommendations for addressing the discovered events. The analysis is based on data collected using the characteristics below: 3D Security Analysis Date 18/04/2012 In-Network Analysis Duration 5 hours Monitored Network Internal network facing the internet Deployment Type Check Point 4800 Appliance Release Version R75.40 Security Gateway Software Blades Identity Awareness, Application Control, URL Filtering, IPS, Data Loss Prevention, Anti-Virus and Anti-Bot Security Management Software Blades Pre-Defined 7 Blades with SmartEvent The following is a summary of the main high and critical risk security events detected: High and Critical Event Summary 8 High-Risk Application Events 288 Intrusion and Attack Events 103 Data Loss Events 42 Bot and Virus Events ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 3
Web Security Events Top High Risk Applications and Sites Within the areas of Application Control and URL Filtering, the following items are of the highest risk level (the first column specifies the number of events related to the mentioned application/site): ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 4
Top High-Risk Application Descriptions The following tables provide summary explanations of the top events found and their associated security or business risks. Application and Description Sopcast Sopcast is a media streaming application which allows media streaming via P2P networks. Sopcast allows users to broadcast media to other users or watchstreams broadcasted by other users. Events 2 Dropbox 70 Sugarsync 15 Dropbox is an application that allows the user to share files. SugarSync provides online backup, syncing, and sharing files from the user's PC and mobile devices. uTorrent uTorrent is a freeware closed source BitTorrent client that is designed to use minimal computer resources while offering functionality comparable to larger BitTorrent clients such as Vuze or BitComet. Torrent's development had started in 2005 by Ludvig Strigeus, a Swedish programmer, and since 2006 the code has been owned and maintained by BitTorrent, Inc. 5 Vuze Vuze (formerly Azureus) is a Java-based BitTorrent client that is used to transfer files via the BitTorrent protocol. The software provides users the ability to view, publish and share original DVD and HD quality video content as well. Vuze was released under the GNU General Public License. 2 Top Users of High-Risk Applications The following users were involved in the highest number of risky application and Web usage events: Users* Events Irma Whitewash 23 Ingrid Whitewash 21 Zachary Zest 16 Leif Lash 11 Ella Eyelash 9 Carlos Cash 5 Hope Hash 2 Evan Eyelash 1 Joe Roberts 1 *Note: User names will be displayed in the above table only when Check Point Identity Awareness Software Blade is enabled and configured. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 5
Intrusion and Attack Events During the 3D Security Analysis, the Check Point solution identified a number of intrusion prevention-related events. Some of these events were categorized as critical. The following chart shows the distribution of events according to severity: Severity Event Name CVE* Events Microsoft Windows Remote Desktop protocol code execution (MS12-020) CVE-2012-0002 2 Adobe Flash Player URL security domain checking code execution (APSB12-07) CVE-2012-0772 70 Microsoft DNS server denial of service (MS12-017) CVE-2012-0006 15 Interactive Data eSignal stack buffer overflow CVE-2012-3494 5 Critical High Medium Total 50 *CVE (Common Vulnerabilities and Exposures) is a dictionary for publicly known security vulnerabilities. To find more information about specific IPS event, search the CVE ID using National Vulnerability Database CVE search Web page. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 6
IPS Events by Country The following map shows the distribution of IPS events according to their origin countries. To mitigate attacks based on source or destination countries, create a policy using Check Point IPS Geo-protection feature. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 7
Data Loss Events Your company data is one of the the most valuable assets to your organization. Any intentional or unintentional loss can cause damage to your organization. The following represents the characteristics of the data loss events that were identified during the course of the anlysis. Top Data Loss Events The following list summarizes the identified data loss activity and the number of times that the specific type of events occurred for different data types configured for the DLP Software Blade. Severity Data Events Critical Data containing credit card numbers was sent outside the organization (PCI compliance violation). 17 Data containing programming language lines (Source Code) such as C, C++, C#, JAVA and more, was sent outside the organization. Indicates leaks of intellectual property. 14 Pay slip file was sent outside the organization. 16 International Bank Account Number (IBAN) was sent outside the organization. 61 Data containing Mergers and Acquisitions (M&A) plans was sent outside the organization (e.g., corporate strategy, corporate finance and more). 2 Email sent to several internal recipients and a single external one. Such emails are usually being sent unintentionally to a wrong external recipient. 18 High Medium Total 128 Top Data Loss Events by Mail Sender This chart shows data leakage by mail sender on your network. Sender Events giovannicash@myBiz.com 5 jezebeljosh@myBiz.com 5 dantedash@myBiz.com 5 daphnedash@myBiz.com 4 johnjosh@myBiz.com 4 ericaeyelash@myBiz.com 4 javonjosh@myBiz.com 4 artash@myBiz.com 4 hernandohash@myBiz.com 4 ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 8
Bot and Virus Events A bot is malicious software that invades your computer. Bots allow criminals to remotely control your computer to execute illegal activities such as stealing data, spreading spam, distributing malware or participating in Denial of Service attacks, without your knowledge. Bots are often used as tools in targeted attacks known as Advanced Persistent Threats or APTs. A botnet is a collection of such compromised computers. High and Critical Bot and Virus Events Summary The following table summarizes the total number of infected hosts involved in malicious activity and the number of Malware found (bots and viruses). Description Findings Hosts infected with bots 5 Hosts downloaded a malware 4 Hosts accessed a site/host known to contain malware 3 Different types of high and critical malware found 7 Traffic Sent and Received by Bots and Viruses The following amount of traffic was sent and received as a result of bot and virus activity. This traffic might indicate illegal activities executed remotely such as stealing data, spreading spam, distributing malware and participation in Denial of Service (DOS) attacks. 0.9 MB Total Sent 6.5 MB Total Received ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 9
Top Bot and Virus Events During the 3D Security Analysis, the Check Point solution identified a number of malware-related events. The following table summarizes the top bots and viruses detected in your environment. Severity Bot/Virus Name Events Critical Backdoor.IRC.Zapchast.zwrc 8 Backdoor.Win32.Gbot.pzh 5 P2P-Worm.Win32.Palevo.ath 8 Backdoor.Win32.Hupigon.ozqk 6 Trojan-Downloader.JS.Expack.bn 1 Worm.Win32.AutoRun.duv 5 Email-Worm.Win32.Bagle.pac 7 Trojan-Downloader.JS.Agent.gco 25 Trojan-Downloader.Win32.Pendix.d 24 Worm.BAT.Autorun.gr 2 High Medium Total 91 More details about malware identified in this report can be found by searching Check Point ThreatWiki, Check Point's public malware database at threatwiki.checkpoint.com. Bot and Virus Activity The following chart shows the distribution of detected malware activity according to their infected hosts. Bots usually communicate with Command and Control (C&C) which is the bots’ remote operator server used to send data outside of the organization. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 10
Top Hosts Involved in Malicious Activity From a host perspective, the following machines have the highest number of bots and virus events: Host User DierdreDash-desktop (125.0.0.63) Dierdre Dash 2 EvanEyelash-laptop (125.0.0.26) Evan Eyelash 2 LindaLash-laptop (125.0.0.80) Linda Lash 3 ArielAsh-laptop (86.0.0.57) Ariel Ash 2 ClarissaCash-desktop (86.0.0.62) Clarissa Cash 2 ElvinEyelash-laptop (86.0.0.25) Elvin Eyelash 2 CesarCash-laptop (75.0.0.17) Cesar Cash 2 FeliciaFlash-desktop (75.0.0.68) Felicia Flash 2 JackJosh-desktop (75.0.0.38) Jack Josh 2 JonJosh-laptop (75.0.0.40) Jon Josh 2 SarahSash-laptop (75.0.0.48) Sarah Sash 2 Total Events 23 *Note: User names will be displayed in the above table only when Check Point Identity Awareness Software Blade is enabled and configured. Top Destination Countries The following map shows the distribution of detected bots and viruses according to their destination countries. In the case of bots, the destination country usually refers to the Command & Control center location. In the case of viruses, the destination country usually refers to the place where the virus was downloaded from. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 11
Bandwidth Analysis The following section summarized the bandwidth usage and web browsing profile of your organization during the time of analysis. Application Bandwidth Utilization During the course of the 3D Security Analysis, your company’s employees used significant corporate network resources for non-work activity. The following chart shows how bandwidth was used by your employees: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 12
Top Bandwidth Utilization by Applications and Websites In all, the analysis process identified that the following applications and websites are used within your network as well: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 13
Top Web Categories The following table shows the top 10 categories and number of hits associated with employee Internet browsing: Category Number of Hits % of Total Hits Social Networking 118 31% Webmail 50 13% Search Engines / Portals 34 9% Video Streaming 30 8% Browser Plugin 29 8% Multimedia 21 5% Network Utilities 20 5% Business Applications 18 5% Media Sharing 15 4% Other 47 12% Total 382 100% Network Bandwidth Utilization (MB) During the course of the 3D Security Analysis, your company’s employees used significant corporate network resources for non-work activity. The following chart shows how bandwidth was used by your employees: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 14
Social Networking Bandwidth (MB) The use of social networking sites has become common at the workplace and at home. Many businesses leverage social networking technologies for their marketing and sales efforts, and their recruiting programs. During the course of this project, and consistent with over-all market trends, the following social networking sites consumed the most network bandwidth: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 15
Remediation Recommendations This report addresses identified security events across multiple security areas and at varying levels of criticality. The table below reviews the most critical of these incidents and presents methods to mitigate their risks. Check Point provides multiple methods for addressing these threats and concerns. Relevant protections are noted for each event, with the Software Blades into which the defenses are incorporated. Web Security Event Remediation Recommendations Application Events Sopcast 2 Dropbox 70 Sugarsync 15 uTorrent 5 Vuze 2 Remediation Steps With the Application Control and URL Filtering Software Blades, you can activate, track and prevent the use of all the mentioned applications and Web sites. You can define a granular policy to allow certain applications to specific groups only. Use UserCheck to educate users about the organization Web browsing and application usage policies. Click for more information about Application Control and URL Filtering Software Blades. To maximize Web security on corporate laptops and desktops, use Check Point Anti-Malware & Program Control and WebCheck Endpoint Security Software Blades. Intrusion Prevention Event Remediation Recommendations Threat Events Microsoft Windows Remote Desktop protocol code execution (MS12-020) 2 Adobe Flash Player URL security domain checking code execution (APSB12-07) 70 Microsoft DNS server denial of service (MS12-017) 15 Interactive Data eSignal stack buffer overflow 5 Remediation Steps In Check Point IPS Software Blade, enable the following protection: Microsoft Windows Remote Desktop protocol code execution (MS12-020) In Check Point IPS Software Blade, enable the following protection: Adobe Flash Player URL security domain checking code execution (APSB12-07) In Check Point IPS Software Blade, enable the following protection: Microsoft DNS server denial of service (MS12-017) In Check Point IPS Software Blade, enable the following protection: Interactive Data eSignal stack buffer overflow Click for more information about Check Point IPS Security Gateway Software Blade. To maximize intrusions and attacks protection, use Check Point Firewall & Compliance Check Endpoint Security Software Blade. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 16
Data Loss Event Remediation Recommendations Data Events Data containing credit card numbers was sent outside the organization (PCI compliance violation). 17 Data containing programming language lines (Source Code) such as C, C++, C#, JAVA and more, was sent outside the organization. Indicates leaks of intellectual property. 14 Pay slip file was sent outside the organization. 16 International Bank Account Number (IBAN) was sent outside the organization. 61 Data containing Mergers and Acquisitions (M&A) plans was sent outside the organization (e.g., corporate strategy, corporate finance and more). 2 Email sent to several internal recipients and a single external one. Such emails are usually being sent unintentionally to a wrong external recipient. Remediation Steps To remediate the detected events, activate the DLP Software Blade. Configure DLP policy based on the detected DLP data type and choose an action (Detect/Prevent/Ask User, etc.). If you consider the detected data type to be sensitive information, the recommended action is prevent. 18 Use UserCheck to: • Educate users about the organization’s data usage policy • Provide users with instant feedback when their actions violate the data usage security policy Click for more information about DLP Software Blade. To maximize data loss protection on corporate laptops and desktops, use Check Point Full Disk Encryption and Media Encryption Endpoint Security Software Blades. Bot and Virus Event Remediation Recommendations Bot/Virus Name Events Backdoor.IRC.Zapchast.zwrc 8 Backdoor.Win32.Gbot.pzh 5 P2P-Worm.Win32.Palevo.ath 8 Backdoor.Win32.Hupigon.ozqk 6 Trojan-Downloader.JS.Expack.bn 1 Worm.Win32.AutoRun.duv 5 Email-Worm.Win32.Bagle.pac 7 Trojan-Downloader.JS.Agent.gco 25 Trojan-Downloader.Win32.Pendix.d 24 Worm.BAT.Autorun.gr 2 Remediation Steps To block traffic generated by the detected malware, enable AntiBot and Antivirus Software Blades and set the policy’s profile settings to Prevent mode. To start the remediation process of the infected machine, searchfor the detected malware in Check Point ThreatWiki to find additional remediation supporting information about the malware. This information can help you better understand the infection and its potential risks. Use UserCheck to educate users about the organization Web browsing and application usage policies. Click for more information about Check Point Anti-Bot and Antivirus Security Gateway Software Blades. To maximize bot and virus protection on corporate laptops and desktops, use Check Point Anti-Malware and WebCheck Endpoint Security Software Blades. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 17
Introducing Check Point 3D Security Check Point 3D Security redefines security as a 3-dimensional business process that combines policies, people and enforcement for stronger protection across all layers of security—including network, data and endpoints. To achieve the level of protection needed in the 21st century, security needs to grow from a collection of disparate technologies to an effective business process. With 3D Security, organizations can now implement a blueprint for security that goes beyond technology to ensure the integrity of all information security. Check Point 3D Security enables organizations to redefine security by integrating these dimensions into a business process: Policies that support business Security that involves people in Enforce, consolidate and control needs and transform security into a business process policy definition, education and incident remediation all layers of security—network, data, application, content and user The Check Point Application Control Software Blade provides the industry's strongest application security and identity control to organizations of all sizes. It enables IT teams to easily create granular policies—based on users or groups—to identify, block or limit usage of over 240,000 Web 2.0 applications and widgets. The Check Point URL Filtering Software Blade integrates with Application Control, allowing unified enforcement and management of all aspects of web security. URL Filtering provides optimized web security through full integration in the gateway to prevent bypass through external proxies; integration of policy enforcement with Application Control for full Web and Web 2.0 protection; and UserCheck empowers and educates users on Web usage policy in real time. The IPS Software Blade delivers complete and proactive intrusion prevention—all with the deployment and management advantages of a unified and extensible next-generation firewall solution. Check Point DLP Software Blade combines technology and processes to revolutionize Data Loss Prevention (DLP), helping businesses to pre-emptively protect sensitive information from unintentional loss, educating users on proper data handling policies and empowering them to remediate incidents in real-time. The Check Point Anti-Bot Software Blade detects bot-infected machines, prevents bot damages by blocking bot C&C communications, and integrates with other Software Blades to provide a comprehensive threat prevention solution on a single gateway. The Check Point Antivirus Software Blade stops viruses and other malware at the gateway before they affect users. Using a continually updated list of antivirus and anti-spyware signatures and anomalybased protections, the Antivirus Software Blade protects against threats transmitted through popular network protocols. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 18
About Check Point Software Technologies The mission of Check Point Software Technologies (www.checkpoint.com) is to secure the Internet. Check Point was founded in 1993, and has since developed technologies to secure communications and transactions over the Internet by enterprises and consumers. When the company was founded, risks and threats were limited and securing the Internet was relatively simple. A firewall and an antivirus solution generally provided adequate security for business transactions and communications over the Internet. Today, enterprises require many (in some cases 15 or more) point solutions to secure their information technology (IT) networks from the multitude of threats and potential attacks and are facing an increasingly complex IT security infrastructure. Check Point’s core competencies are developing security solutions to protect business and consumer transactions and communications over the Internet, and reducing the complexity in Internet security. We strive to solve the security maze by bringing “more, better and simpler” security solutions to our customers. Check Point develops markets and supports a wide range of software, as well as combined hardware and software products and services for IT security. We offer our customers an extensive portfolio of network and gateway security solutions, data and endpoint security solutions and management solutions. Our solutions operate under a unified security architecture that enables end-to-end security with a single line of unified security gateways, and allow a single agent for all endpoint security that can be managed from a single unified management console. This unified management allows for ease of deployment and centralized control and is supported by, and reinforced with, real-time security updates. Check Point was an industry pioneer with our FireWall-1 and our patented Stateful Inspection technology. Check Point has recently extended its IT security innovation with the development of our Software Blade architecture. The dynamic Software Blade architecture delivers secure, flexible and simple solutions that can be customized to meet the security needs of any organization or environment. Our products and services are sold to enterprises, service providers, small and medium sized businesses and consumers. Our Open Platform for Security (OPSEC) framework allows customers to extend the capabilities of our products and services with third-party hardware and security software applications. Our products are sold, integrated and serviced by a network of partners worldwide. Check Point customers include tens of thousands of businesses and organizations of all sizes including all Fortune 100 companies. Check Point’s award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft. Contact Check Point now www.checkpoint.com/contactus By phone in the US: 1-800-429-4391 option 5 or 1-650-628-2000 ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 19
CONTACT CHECK POINT Worldwide Headquarters 5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753 4555 | Fax: 972-3-624-1100 | email: info@checkpoint.com U.S. Headquarters 959 Skyway Rd. Ste. 300, San Carlos, CA 94070 | Tel: 800-429-4391 ; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com ©2003-2012 Check Point Software Technologies Ltd. All rights reserved. Check Point, AlertAdvisor, Application Intelligence, Check Point 2200, Check Point 4000 Appliances, Check Point 4200, Check Point 4600, Check Point 4800, Check Point 12000 Appliances, Check Point 12200, Check Point 12400, Check Point 12600, Check Point 21400, Check Point 6100 Security System, Check Point Anti-Bot Software Blade, Check Point Application Control Software Blade, Check Point Data Loss Prevention, Check Point DLP, Check Point DLP-1, Check Point Endpoint Security, Check Point Endpoint Security On Demand, the Check Point logo, Check Point Full Disk Encryption, Check Point GO, Check Point Horizon Manager, Check Point Identity Awareness, Check Point IPS, Check Point IPSec VPN, Check Point Media Encryption, Check Point Mobile, Check Point Mobile Access, Check Point NAC, Check Point Network Voyager, Check Point OneCheck, Check Point R75, Check Point Security Gateway, Check Point Update Service, Check Point WebCheck, ClusterXL, Confidence Indexing, ConnectControl, Connectra, Connectra Accelerator Card, Cooperative Enforcement, Cooperative Security Alliance, CoreXL, DefenseNet, DynamicID, Endpoint Connect VPN Client, Endpoint Security, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, Hybrid Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Clientless Security, Integrity SecureClient, InterSpect, IP Appliances, IPS-1, IPS Software Blade, IPSO, R75, Software Blade, IQ Engine, MailSafe, the More, better, Simpler Security logo, Multi-Domain Security Management, MultiSpect, NG, NGX, Open Security Extension, OPSEC, OSFirewall, Pointsec, Pointsec Mobile, Pointsec PC, Pointsec Protector, Policy Lifecycle Management,Power-1, Provider-1, PureAdvantage, PURE Security, the puresecurity logo, Safe@Home, Safe@Office, Secure Virtual Workspace, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlatform, SecurePlatform Pro, SecuRemote, SecureServer, SecureUpdate, SecureXL, SecureXL Turbocard, Security Management Portal, SecurityPower, Series 80 Appliance, SiteManager-1, Smart-1, SmartCenter, SmartCenter Power, SmartCenter Pro, SmartCenter UTM, SmartConsole, SmartDashboard, SmartDefense, SmartDefense Advisor, SmartEvent, Smarter Security, SmartLSM, SmartMap, SmartPortal, SmartProvisioning, SmartReporter, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SmartWorkflow, SMP, SMP On-Demand, SocialGuard, SofaWare, Software Blade Architecture, the softwareblades logo, SSL Network Extender, Stateful Clustering, Total Security, the totalsecurity logo, TrueVector, UserCheck, UTM-1, UTM-1 Edge, UTM-1 Edge Industrial, UTM-1 Total Security, VPN-1, VPN-1 Edge, VPN-1 MASS, VPN-1 Power, VPN-1 Power Multi-core, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VE, VPN-1 VSX, VSX, VSX-1, Web Intelligence, ZoneAlarm, ZoneAlarm Antivirus + Firewall, ZoneAlarm DataLock, ZoneAlarm Extreme Security, ZoneAlarm ForceField, ZoneAlarm Free Firewall, ZoneAlarm Pro Firewall, ZoneAlarm Internet Security Suite, ZoneAlarm Security Toolbar, ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. ZoneAlarm is a Check Point Software Technologies, Inc. Company. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943, 7,165,076, 7,540,013, 7,725,737 and 7,788,726 and may be protected by other U.S. Patents, foreign patents, or pending applications. October 5, 2012

Recomendados

CIS 502 Effective Communication/tutorialrank.com
CIS 502 Effective Communication/tutorialrank.com CIS 502 Effective Communication/tutorialrank.com
CIS 502 Effective Communication/tutorialrank.comjonhson263
 
CIS 502 Life of the Mind/newtonhelp.com   
CIS 502 Life of the Mind/newtonhelp.com   CIS 502 Life of the Mind/newtonhelp.com   
CIS 502 Life of the Mind/newtonhelp.com   bellflower6
 
Cis 502 Extraordinary Success/newtonhelp.com
Cis 502 Extraordinary Success/newtonhelp.com Cis 502 Extraordinary Success/newtonhelp.com
Cis 502 Extraordinary Success/newtonhelp.com amaranthbeg149
 
Cis 502Enhance teaching / snaptutorial.com
Cis 502Enhance teaching / snaptutorial.comCis 502Enhance teaching / snaptutorial.com
Cis 502Enhance teaching / snaptutorial.comStokesCope168
 
CIS 502 Education Redefined / snaptutorial.com
CIS 502 Education Redefined / snaptutorial.comCIS 502 Education Redefined / snaptutorial.com
CIS 502 Education Redefined / snaptutorial.comMcdonaldRyan201
 
CIS 502 Exceptional Education - snaptutorial.com
CIS 502 Exceptional Education - snaptutorial.com CIS 502 Exceptional Education - snaptutorial.com
CIS 502 Exceptional Education - snaptutorial.com donaldzs149
 
CIS 502 Education Specialist / snaptutorial.com
CIS 502 Education Specialist / snaptutorial.com CIS 502 Education Specialist / snaptutorial.com
CIS 502 Education Specialist / snaptutorial.comstevesonz128
 
Combating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption TechniqueCombating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption Techniquetheijes
 

Recomendados

CIS 502 Effective Communication/tutorialrank.com
CIS 502 Effective Communication/tutorialrank.com CIS 502 Effective Communication/tutorialrank.com
CIS 502 Effective Communication/tutorialrank.comjonhson263
 
CIS 502 Life of the Mind/newtonhelp.com   
CIS 502 Life of the Mind/newtonhelp.com   CIS 502 Life of the Mind/newtonhelp.com   
CIS 502 Life of the Mind/newtonhelp.com   bellflower6
 
Cis 502 Extraordinary Success/newtonhelp.com
Cis 502 Extraordinary Success/newtonhelp.com Cis 502 Extraordinary Success/newtonhelp.com
Cis 502 Extraordinary Success/newtonhelp.com amaranthbeg149
 
Cis 502Enhance teaching / snaptutorial.com
Cis 502Enhance teaching / snaptutorial.comCis 502Enhance teaching / snaptutorial.com
Cis 502Enhance teaching / snaptutorial.comStokesCope168
 
CIS 502 Education Redefined / snaptutorial.com
CIS 502 Education Redefined / snaptutorial.comCIS 502 Education Redefined / snaptutorial.com
CIS 502 Education Redefined / snaptutorial.comMcdonaldRyan201
 
CIS 502 Exceptional Education - snaptutorial.com
CIS 502 Exceptional Education - snaptutorial.com CIS 502 Exceptional Education - snaptutorial.com
CIS 502 Exceptional Education - snaptutorial.com donaldzs149
 
CIS 502 Education Specialist / snaptutorial.com
CIS 502 Education Specialist / snaptutorial.com CIS 502 Education Specialist / snaptutorial.com
CIS 502 Education Specialist / snaptutorial.comstevesonz128
 
Combating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption TechniqueCombating Software Piracy Using Code Encryption Technique
Combating Software Piracy Using Code Encryption Techniquetheijes
 
Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperNetIQ
 
Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Cybera Inc
 
Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Core Security
 
ITrust Whitepaper: Top 10 vulnerabilities
ITrust Whitepaper: Top 10 vulnerabilitiesITrust Whitepaper: Top 10 vulnerabilities
ITrust Whitepaper: Top 10 vulnerabilitiesITrust - Cybersecurity as a Service
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
 
Social Security Admin FISMA Audit
Social Security Admin FISMA AuditSocial Security Admin FISMA Audit
Social Security Admin FISMA AuditDavid Sweigert
 
Jib inc260425-2
Jib inc260425-2Jib inc260425-2
Jib inc260425-2Liberteks
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security ServicesRainer Mueller
 
Ransomeware : A High Profile Attack
Ransomeware : A High Profile AttackRansomeware : A High Profile Attack
Ransomeware : A High Profile AttackIRJET Journal
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Security
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterPatricia M Watson
 
Review on 3rd-party Cyber Risk Assessment and Scoring Tools
Review on 3rd-party Cyber Risk Assessment and Scoring ToolsReview on 3rd-party Cyber Risk Assessment and Scoring Tools
Review on 3rd-party Cyber Risk Assessment and Scoring ToolsNormShield
 
Security Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignSecurity Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignTing Yin
 
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 20122011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 2012Symantec
 
Heartland
HeartlandHeartland
Heartlandgrimesjo
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesJerry Harding
 
Cis 349 Extraordinary Success/newtonhelp.com
Cis 349 Extraordinary Success/newtonhelp.com Cis 349 Extraordinary Success/newtonhelp.com
Cis 349 Extraordinary Success/newtonhelp.com amaranthbeg147
 
Hands on Security - Disrupting the Kill Chain Breakout Session
Hands on Security - Disrupting the Kill Chain Breakout SessionHands on Security - Disrupting the Kill Chain Breakout Session
Hands on Security - Disrupting the Kill Chain Breakout SessionSplunk
 
End of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterEnd of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterAbdessabour Arous
 
Hands-On Security - Disrupting the Kill Chain
Hands-On Security - Disrupting the Kill ChainHands-On Security - Disrupting the Kill Chain
Hands-On Security - Disrupting the Kill ChainSplunk
 

Más contenido relacionado

La actualidad más candente

Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperNetIQ
 
Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Cybera Inc
 
Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Core Security
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
 
Social Security Admin FISMA Audit
Social Security Admin FISMA AuditSocial Security Admin FISMA Audit
Social Security Admin FISMA AuditDavid Sweigert
 
Jib inc260425-2
Jib inc260425-2Jib inc260425-2
Jib inc260425-2Liberteks
 
Ransomeware : A High Profile Attack
Ransomeware : A High Profile AttackRansomeware : A High Profile Attack
Ransomeware : A High Profile AttackIRJET Journal
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Security
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterPatricia M Watson
 
Review on 3rd-party Cyber Risk Assessment and Scoring Tools
Review on 3rd-party Cyber Risk Assessment and Scoring ToolsReview on 3rd-party Cyber Risk Assessment and Scoring Tools
Review on 3rd-party Cyber Risk Assessment and Scoring ToolsNormShield
 
Security Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignSecurity Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignTing Yin
 
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 20122011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 2012Symantec
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesJerry Harding
 
Cis 349 Extraordinary Success/newtonhelp.com
Cis 349 Extraordinary Success/newtonhelp.com Cis 349 Extraordinary Success/newtonhelp.com
Cis 349 Extraordinary Success/newtonhelp.com amaranthbeg147
 

La actualidad más candente (19)

Top Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White PaperTop Solutions and Tools to Prevent Devastating Malware White Paper
Top Solutions and Tools to Prevent Devastating Malware White Paper
 
Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2Clear Pci Vulnerability Scans Web2
Clear Pci Vulnerability Scans Web2
 
Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...
 
ITrust Whitepaper: Top 10 vulnerabilities
ITrust Whitepaper: Top 10 vulnerabilitiesITrust Whitepaper: Top 10 vulnerabilities
ITrust Whitepaper: Top 10 vulnerabilities
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet
 
Social Security Admin FISMA Audit
Social Security Admin FISMA AuditSocial Security Admin FISMA Audit
Social Security Admin FISMA Audit
 
Jib inc260425-2
Jib inc260425-2Jib inc260425-2
Jib inc260425-2
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
Ransomeware : A High Profile Attack
Ransomeware : A High Profile AttackRansomeware : A High Profile Attack
Ransomeware : A High Profile Attack
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion Guide
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise Chapter
 
Review on 3rd-party Cyber Risk Assessment and Scoring Tools
Review on 3rd-party Cyber Risk Assessment and Scoring ToolsReview on 3rd-party Cyber Risk Assessment and Scoring Tools
Review on 3rd-party Cyber Risk Assessment and Scoring Tools
 
Security Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web DesignSecurity Risk Assessment for Quality Web Design
Security Risk Assessment for Quality Web Design
 
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 20122011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
 
Heartland
HeartlandHeartland
Heartland
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security Practices
 
Cis 349 Extraordinary Success/newtonhelp.com
Cis 349 Extraordinary Success/newtonhelp.com Cis 349 Extraordinary Success/newtonhelp.com
Cis 349 Extraordinary Success/newtonhelp.com
 

Similar a 3D Security Report

Hands on Security - Disrupting the Kill Chain Breakout Session
Hands on Security - Disrupting the Kill Chain Breakout SessionHands on Security - Disrupting the Kill Chain Breakout Session
Hands on Security - Disrupting the Kill Chain Breakout SessionSplunk
 
End of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterEnd of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterAbdessabour Arous
 
Hands-On Security - Disrupting the Kill Chain
Hands-On Security - Disrupting the Kill ChainHands-On Security - Disrupting the Kill Chain
Hands-On Security - Disrupting the Kill ChainSplunk
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpJoann Davis
 
SplunkSummit 2015 - Splunking the Endpoint
SplunkSummit 2015 - Splunking the EndpointSplunkSummit 2015 - Splunking the Endpoint
SplunkSummit 2015 - Splunking the EndpointSplunk
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainSplunk
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainSplunk
 
Splunk for Security Workshop
Splunk for Security WorkshopSplunk for Security Workshop
Splunk for Security WorkshopSplunk
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainSplunk
 
Splunk for Security - Hands-On
Splunk for Security - Hands-On Splunk for Security - Hands-On
Splunk for Security - Hands-On Splunk
 
Men in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserMen in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserSource Conference
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearydrewz lin
 
Understanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksUnderstanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksCyphort
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainSplunk
 
smb-vulnerabilities-in-healthcare.pdf
smb-vulnerabilities-in-healthcare.pdfsmb-vulnerabilities-in-healthcare.pdf
smb-vulnerabilities-in-healthcare.pdfSoundariyaSathish
 
INSECURE Magazine - 35
INSECURE Magazine - 35INSECURE Magazine - 35
INSECURE Magazine - 35Felipe Prado
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesKai Wähner
 
Akila srinivasan microsoft-bug_bounty-(publish)
Akila srinivasan microsoft-bug_bounty-(publish)Akila srinivasan microsoft-bug_bounty-(publish)
Akila srinivasan microsoft-bug_bounty-(publish)PacSecJP
 
We cant hack ourselves secure
We cant hack ourselves secureWe cant hack ourselves secure
We cant hack ourselves secureEoin Keary
 
Anatomy of an Advanced Retail Breach
Anatomy of an Advanced Retail BreachAnatomy of an Advanced Retail Breach
Anatomy of an Advanced Retail BreachIBM Security
 

Similar a 3D Security Report (20)

Hands on Security - Disrupting the Kill Chain Breakout Session
Hands on Security - Disrupting the Kill Chain Breakout SessionHands on Security - Disrupting the Kill Chain Breakout Session
Hands on Security - Disrupting the Kill Chain Breakout Session
 
End of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterEnd of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse Center
 
Hands-On Security - Disrupting the Kill Chain
Hands-On Security - Disrupting the Kill ChainHands-On Security - Disrupting the Kill Chain
Hands-On Security - Disrupting the Kill Chain
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
 
SplunkSummit 2015 - Splunking the Endpoint
SplunkSummit 2015 - Splunking the EndpointSplunkSummit 2015 - Splunking the Endpoint
SplunkSummit 2015 - Splunking the Endpoint
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill Chain
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill Chain
 
Splunk for Security Workshop
Splunk for Security WorkshopSplunk for Security Workshop
Splunk for Security Workshop
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill Chain
 
Splunk for Security - Hands-On
Splunk for Security - Hands-On Splunk for Security - Hands-On
Splunk for Security - Hands-On
 
Men in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserMen in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the Browser
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-keary
 
Understanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksUnderstanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value Attacks
 
Hands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill ChainHands-On Security Breakout Session- Disrupting the Kill Chain
Hands-On Security Breakout Session- Disrupting the Kill Chain
 
smb-vulnerabilities-in-healthcare.pdf
smb-vulnerabilities-in-healthcare.pdfsmb-vulnerabilities-in-healthcare.pdf
smb-vulnerabilities-in-healthcare.pdf
 
INSECURE Magazine - 35
INSECURE Magazine - 35INSECURE Magazine - 35
INSECURE Magazine - 35
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
 
Akila srinivasan microsoft-bug_bounty-(publish)
Akila srinivasan microsoft-bug_bounty-(publish)Akila srinivasan microsoft-bug_bounty-(publish)
Akila srinivasan microsoft-bug_bounty-(publish)
 
We cant hack ourselves secure
We cant hack ourselves secureWe cant hack ourselves secure
We cant hack ourselves secure
 
Anatomy of an Advanced Retail Breach
Anatomy of an Advanced Retail BreachAnatomy of an Advanced Retail Breach
Anatomy of an Advanced Retail Breach
 

Más de Group of company MUK

Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportGroup of company MUK
 
CheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botCheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botGroup of company MUK
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintGroup of company MUK
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Group of company MUK
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data CenterGroup of company MUK
 
Check Point appliances brochure 2012
Check Point appliances brochure 2012Check Point appliances brochure 2012
Check Point appliances brochure 2012Group of company MUK
 

Más de Group of company MUK (20)

Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
 
Check Point Products RU
Check Point Products RUCheck Point Products RU
Check Point Products RU
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
 
Check Point SMB Proposition
Check Point SMB PropositionCheck Point SMB Proposition
Check Point SMB Proposition
 
Check Point Mobile Security
Check Point Mobile SecurityCheck Point Mobile Security
Check Point Mobile Security
 
Check Point Ddos protector
Check Point Ddos protectorCheck Point Ddos protector
Check Point Ddos protector
 
Check Point: Compliance Blade
Check Point: Compliance BladeCheck Point: Compliance Blade
Check Point: Compliance Blade
 
CheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving botCheckPoint: Anatomy of an evolving bot
CheckPoint: Anatomy of an evolving bot
 
Check Point Virtual Systems
Check Point Virtual SystemsCheck Point Virtual Systems
Check Point Virtual Systems
 
Check Point Threat emulation 2013
Check Point Threat emulation 2013Check Point Threat emulation 2013
Check Point Threat emulation 2013
 
Perfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security BlueprintPerfect Foundation for 2013 Security Blueprint
Perfect Foundation for 2013 Security Blueprint
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint
 
Check Point sizing security
Check Point sizing securityCheck Point sizing security
Check Point sizing security
 
Check Point: From Branch to Data Center
Check Point: From Branch to Data CenterCheck Point: From Branch to Data Center
Check Point: From Branch to Data Center
 
Check Point NGFW
Check Point NGFWCheck Point NGFW
Check Point NGFW
 
Check Point designing a security
Check Point designing a securityCheck Point designing a security
Check Point designing a security
 
Check Point Consolidation
Check Point ConsolidationCheck Point Consolidation
Check Point Consolidation
 
Check Point 2013
Check Point 2013Check Point 2013
Check Point 2013
 
Check Point appliances brochure 2012
Check Point appliances brochure 2012Check Point appliances brochure 2012
Check Point appliances brochure 2012
 
Check Point Report 2013 RU
Check Point Report 2013 RUCheck Point Report 2013 RU
Check Point Report 2013 RU
 

Último

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 

Último (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

3D Security Report

  • 1. SAMPLE REPORT Prepared by Check Point Software Technologies
  • 2. Contents Executive Summary………………………………………………………… 3 Web Security Events………………………………………………………… 4 Intrusion and Attack Events………………………………………………… 6 Data Loss Events…………………………………………………………… 8 Bot and Virus Events………………………………………………………… 9 Bandwidth Analysis………………………………………………………… 12 Remediation Recommendations………………………………………… 16 Web Security Event Remediation Recommendations……………… 16 Intrusion Prevention Event Remediation Recommendations…… 16 Data Loss Event Remediation Recommendations………………… 17 Bot and Virus Event Remediation Recommendations……………… 17 Introducing Check Point 3D Security…………………………………… 18 About Check Point Software Technologies……………………………… 19 ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 2
  • 3. Executive Summary This document provides the findings of a recent 3D Security Analysis of your infrastructure. The document represents a summary of these findings and presents a set of recommendations for addressing the discovered events. The analysis is based on data collected using the characteristics below: 3D Security Analysis Date 18/04/2012 In-Network Analysis Duration 5 hours Monitored Network Internal network facing the internet Deployment Type Check Point 4800 Appliance Release Version R75.40 Security Gateway Software Blades Identity Awareness, Application Control, URL Filtering, IPS, Data Loss Prevention, Anti-Virus and Anti-Bot Security Management Software Blades Pre-Defined 7 Blades with SmartEvent The following is a summary of the main high and critical risk security events detected: High and Critical Event Summary 8 High-Risk Application Events 288 Intrusion and Attack Events 103 Data Loss Events 42 Bot and Virus Events ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 3
  • 4. Web Security Events Top High Risk Applications and Sites Within the areas of Application Control and URL Filtering, the following items are of the highest risk level (the first column specifies the number of events related to the mentioned application/site): ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 4
  • 5. Top High-Risk Application Descriptions The following tables provide summary explanations of the top events found and their associated security or business risks. Application and Description Sopcast Sopcast is a media streaming application which allows media streaming via P2P networks. Sopcast allows users to broadcast media to other users or watchstreams broadcasted by other users. Events 2 Dropbox 70 Sugarsync 15 Dropbox is an application that allows the user to share files. SugarSync provides online backup, syncing, and sharing files from the user's PC and mobile devices. uTorrent uTorrent is a freeware closed source BitTorrent client that is designed to use minimal computer resources while offering functionality comparable to larger BitTorrent clients such as Vuze or BitComet. Torrent's development had started in 2005 by Ludvig Strigeus, a Swedish programmer, and since 2006 the code has been owned and maintained by BitTorrent, Inc. 5 Vuze Vuze (formerly Azureus) is a Java-based BitTorrent client that is used to transfer files via the BitTorrent protocol. The software provides users the ability to view, publish and share original DVD and HD quality video content as well. Vuze was released under the GNU General Public License. 2 Top Users of High-Risk Applications The following users were involved in the highest number of risky application and Web usage events: Users* Events Irma Whitewash 23 Ingrid Whitewash 21 Zachary Zest 16 Leif Lash 11 Ella Eyelash 9 Carlos Cash 5 Hope Hash 2 Evan Eyelash 1 Joe Roberts 1 *Note: User names will be displayed in the above table only when Check Point Identity Awareness Software Blade is enabled and configured. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 5
  • 6. Intrusion and Attack Events During the 3D Security Analysis, the Check Point solution identified a number of intrusion prevention-related events. Some of these events were categorized as critical. The following chart shows the distribution of events according to severity: Severity Event Name CVE* Events Microsoft Windows Remote Desktop protocol code execution (MS12-020) CVE-2012-0002 2 Adobe Flash Player URL security domain checking code execution (APSB12-07) CVE-2012-0772 70 Microsoft DNS server denial of service (MS12-017) CVE-2012-0006 15 Interactive Data eSignal stack buffer overflow CVE-2012-3494 5 Critical High Medium Total 50 *CVE (Common Vulnerabilities and Exposures) is a dictionary for publicly known security vulnerabilities. To find more information about specific IPS event, search the CVE ID using National Vulnerability Database CVE search Web page. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 6
  • 7. IPS Events by Country The following map shows the distribution of IPS events according to their origin countries. To mitigate attacks based on source or destination countries, create a policy using Check Point IPS Geo-protection feature. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 7
  • 8. Data Loss Events Your company data is one of the the most valuable assets to your organization. Any intentional or unintentional loss can cause damage to your organization. The following represents the characteristics of the data loss events that were identified during the course of the anlysis. Top Data Loss Events The following list summarizes the identified data loss activity and the number of times that the specific type of events occurred for different data types configured for the DLP Software Blade. Severity Data Events Critical Data containing credit card numbers was sent outside the organization (PCI compliance violation). 17 Data containing programming language lines (Source Code) such as C, C++, C#, JAVA and more, was sent outside the organization. Indicates leaks of intellectual property. 14 Pay slip file was sent outside the organization. 16 International Bank Account Number (IBAN) was sent outside the organization. 61 Data containing Mergers and Acquisitions (M&A) plans was sent outside the organization (e.g., corporate strategy, corporate finance and more). 2 Email sent to several internal recipients and a single external one. Such emails are usually being sent unintentionally to a wrong external recipient. 18 High Medium Total 128 Top Data Loss Events by Mail Sender This chart shows data leakage by mail sender on your network. Sender Events giovannicash@myBiz.com 5 jezebeljosh@myBiz.com 5 dantedash@myBiz.com 5 daphnedash@myBiz.com 4 johnjosh@myBiz.com 4 ericaeyelash@myBiz.com 4 javonjosh@myBiz.com 4 artash@myBiz.com 4 hernandohash@myBiz.com 4 ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 8
  • 9. Bot and Virus Events A bot is malicious software that invades your computer. Bots allow criminals to remotely control your computer to execute illegal activities such as stealing data, spreading spam, distributing malware or participating in Denial of Service attacks, without your knowledge. Bots are often used as tools in targeted attacks known as Advanced Persistent Threats or APTs. A botnet is a collection of such compromised computers. High and Critical Bot and Virus Events Summary The following table summarizes the total number of infected hosts involved in malicious activity and the number of Malware found (bots and viruses). Description Findings Hosts infected with bots 5 Hosts downloaded a malware 4 Hosts accessed a site/host known to contain malware 3 Different types of high and critical malware found 7 Traffic Sent and Received by Bots and Viruses The following amount of traffic was sent and received as a result of bot and virus activity. This traffic might indicate illegal activities executed remotely such as stealing data, spreading spam, distributing malware and participation in Denial of Service (DOS) attacks. 0.9 MB Total Sent 6.5 MB Total Received ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 9
  • 10. Top Bot and Virus Events During the 3D Security Analysis, the Check Point solution identified a number of malware-related events. The following table summarizes the top bots and viruses detected in your environment. Severity Bot/Virus Name Events Critical Backdoor.IRC.Zapchast.zwrc 8 Backdoor.Win32.Gbot.pzh 5 P2P-Worm.Win32.Palevo.ath 8 Backdoor.Win32.Hupigon.ozqk 6 Trojan-Downloader.JS.Expack.bn 1 Worm.Win32.AutoRun.duv 5 Email-Worm.Win32.Bagle.pac 7 Trojan-Downloader.JS.Agent.gco 25 Trojan-Downloader.Win32.Pendix.d 24 Worm.BAT.Autorun.gr 2 High Medium Total 91 More details about malware identified in this report can be found by searching Check Point ThreatWiki, Check Point's public malware database at threatwiki.checkpoint.com. Bot and Virus Activity The following chart shows the distribution of detected malware activity according to their infected hosts. Bots usually communicate with Command and Control (C&C) which is the bots’ remote operator server used to send data outside of the organization. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 10
  • 11. Top Hosts Involved in Malicious Activity From a host perspective, the following machines have the highest number of bots and virus events: Host User DierdreDash-desktop (125.0.0.63) Dierdre Dash 2 EvanEyelash-laptop (125.0.0.26) Evan Eyelash 2 LindaLash-laptop (125.0.0.80) Linda Lash 3 ArielAsh-laptop (86.0.0.57) Ariel Ash 2 ClarissaCash-desktop (86.0.0.62) Clarissa Cash 2 ElvinEyelash-laptop (86.0.0.25) Elvin Eyelash 2 CesarCash-laptop (75.0.0.17) Cesar Cash 2 FeliciaFlash-desktop (75.0.0.68) Felicia Flash 2 JackJosh-desktop (75.0.0.38) Jack Josh 2 JonJosh-laptop (75.0.0.40) Jon Josh 2 SarahSash-laptop (75.0.0.48) Sarah Sash 2 Total Events 23 *Note: User names will be displayed in the above table only when Check Point Identity Awareness Software Blade is enabled and configured. Top Destination Countries The following map shows the distribution of detected bots and viruses according to their destination countries. In the case of bots, the destination country usually refers to the Command & Control center location. In the case of viruses, the destination country usually refers to the place where the virus was downloaded from. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 11
  • 12. Bandwidth Analysis The following section summarized the bandwidth usage and web browsing profile of your organization during the time of analysis. Application Bandwidth Utilization During the course of the 3D Security Analysis, your company’s employees used significant corporate network resources for non-work activity. The following chart shows how bandwidth was used by your employees: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 12
  • 13. Top Bandwidth Utilization by Applications and Websites In all, the analysis process identified that the following applications and websites are used within your network as well: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 13
  • 14. Top Web Categories The following table shows the top 10 categories and number of hits associated with employee Internet browsing: Category Number of Hits % of Total Hits Social Networking 118 31% Webmail 50 13% Search Engines / Portals 34 9% Video Streaming 30 8% Browser Plugin 29 8% Multimedia 21 5% Network Utilities 20 5% Business Applications 18 5% Media Sharing 15 4% Other 47 12% Total 382 100% Network Bandwidth Utilization (MB) During the course of the 3D Security Analysis, your company’s employees used significant corporate network resources for non-work activity. The following chart shows how bandwidth was used by your employees: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 14
  • 15. Social Networking Bandwidth (MB) The use of social networking sites has become common at the workplace and at home. Many businesses leverage social networking technologies for their marketing and sales efforts, and their recruiting programs. During the course of this project, and consistent with over-all market trends, the following social networking sites consumed the most network bandwidth: ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 15
  • 16. Remediation Recommendations This report addresses identified security events across multiple security areas and at varying levels of criticality. The table below reviews the most critical of these incidents and presents methods to mitigate their risks. Check Point provides multiple methods for addressing these threats and concerns. Relevant protections are noted for each event, with the Software Blades into which the defenses are incorporated. Web Security Event Remediation Recommendations Application Events Sopcast 2 Dropbox 70 Sugarsync 15 uTorrent 5 Vuze 2 Remediation Steps With the Application Control and URL Filtering Software Blades, you can activate, track and prevent the use of all the mentioned applications and Web sites. You can define a granular policy to allow certain applications to specific groups only. Use UserCheck to educate users about the organization Web browsing and application usage policies. Click for more information about Application Control and URL Filtering Software Blades. To maximize Web security on corporate laptops and desktops, use Check Point Anti-Malware & Program Control and WebCheck Endpoint Security Software Blades. Intrusion Prevention Event Remediation Recommendations Threat Events Microsoft Windows Remote Desktop protocol code execution (MS12-020) 2 Adobe Flash Player URL security domain checking code execution (APSB12-07) 70 Microsoft DNS server denial of service (MS12-017) 15 Interactive Data eSignal stack buffer overflow 5 Remediation Steps In Check Point IPS Software Blade, enable the following protection: Microsoft Windows Remote Desktop protocol code execution (MS12-020) In Check Point IPS Software Blade, enable the following protection: Adobe Flash Player URL security domain checking code execution (APSB12-07) In Check Point IPS Software Blade, enable the following protection: Microsoft DNS server denial of service (MS12-017) In Check Point IPS Software Blade, enable the following protection: Interactive Data eSignal stack buffer overflow Click for more information about Check Point IPS Security Gateway Software Blade. To maximize intrusions and attacks protection, use Check Point Firewall & Compliance Check Endpoint Security Software Blade. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 16
  • 17. Data Loss Event Remediation Recommendations Data Events Data containing credit card numbers was sent outside the organization (PCI compliance violation). 17 Data containing programming language lines (Source Code) such as C, C++, C#, JAVA and more, was sent outside the organization. Indicates leaks of intellectual property. 14 Pay slip file was sent outside the organization. 16 International Bank Account Number (IBAN) was sent outside the organization. 61 Data containing Mergers and Acquisitions (M&A) plans was sent outside the organization (e.g., corporate strategy, corporate finance and more). 2 Email sent to several internal recipients and a single external one. Such emails are usually being sent unintentionally to a wrong external recipient. Remediation Steps To remediate the detected events, activate the DLP Software Blade. Configure DLP policy based on the detected DLP data type and choose an action (Detect/Prevent/Ask User, etc.). If you consider the detected data type to be sensitive information, the recommended action is prevent. 18 Use UserCheck to: • Educate users about the organization’s data usage policy • Provide users with instant feedback when their actions violate the data usage security policy Click for more information about DLP Software Blade. To maximize data loss protection on corporate laptops and desktops, use Check Point Full Disk Encryption and Media Encryption Endpoint Security Software Blades. Bot and Virus Event Remediation Recommendations Bot/Virus Name Events Backdoor.IRC.Zapchast.zwrc 8 Backdoor.Win32.Gbot.pzh 5 P2P-Worm.Win32.Palevo.ath 8 Backdoor.Win32.Hupigon.ozqk 6 Trojan-Downloader.JS.Expack.bn 1 Worm.Win32.AutoRun.duv 5 Email-Worm.Win32.Bagle.pac 7 Trojan-Downloader.JS.Agent.gco 25 Trojan-Downloader.Win32.Pendix.d 24 Worm.BAT.Autorun.gr 2 Remediation Steps To block traffic generated by the detected malware, enable AntiBot and Antivirus Software Blades and set the policy’s profile settings to Prevent mode. To start the remediation process of the infected machine, searchfor the detected malware in Check Point ThreatWiki to find additional remediation supporting information about the malware. This information can help you better understand the infection and its potential risks. Use UserCheck to educate users about the organization Web browsing and application usage policies. Click for more information about Check Point Anti-Bot and Antivirus Security Gateway Software Blades. To maximize bot and virus protection on corporate laptops and desktops, use Check Point Anti-Malware and WebCheck Endpoint Security Software Blades. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 17
  • 18. Introducing Check Point 3D Security Check Point 3D Security redefines security as a 3-dimensional business process that combines policies, people and enforcement for stronger protection across all layers of security—including network, data and endpoints. To achieve the level of protection needed in the 21st century, security needs to grow from a collection of disparate technologies to an effective business process. With 3D Security, organizations can now implement a blueprint for security that goes beyond technology to ensure the integrity of all information security. Check Point 3D Security enables organizations to redefine security by integrating these dimensions into a business process: Policies that support business Security that involves people in Enforce, consolidate and control needs and transform security into a business process policy definition, education and incident remediation all layers of security—network, data, application, content and user The Check Point Application Control Software Blade provides the industry's strongest application security and identity control to organizations of all sizes. It enables IT teams to easily create granular policies—based on users or groups—to identify, block or limit usage of over 240,000 Web 2.0 applications and widgets. The Check Point URL Filtering Software Blade integrates with Application Control, allowing unified enforcement and management of all aspects of web security. URL Filtering provides optimized web security through full integration in the gateway to prevent bypass through external proxies; integration of policy enforcement with Application Control for full Web and Web 2.0 protection; and UserCheck empowers and educates users on Web usage policy in real time. The IPS Software Blade delivers complete and proactive intrusion prevention—all with the deployment and management advantages of a unified and extensible next-generation firewall solution. Check Point DLP Software Blade combines technology and processes to revolutionize Data Loss Prevention (DLP), helping businesses to pre-emptively protect sensitive information from unintentional loss, educating users on proper data handling policies and empowering them to remediate incidents in real-time. The Check Point Anti-Bot Software Blade detects bot-infected machines, prevents bot damages by blocking bot C&C communications, and integrates with other Software Blades to provide a comprehensive threat prevention solution on a single gateway. The Check Point Antivirus Software Blade stops viruses and other malware at the gateway before they affect users. Using a continually updated list of antivirus and anti-spyware signatures and anomalybased protections, the Antivirus Software Blade protects against threats transmitted through popular network protocols. ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 18
  • 19. About Check Point Software Technologies The mission of Check Point Software Technologies (www.checkpoint.com) is to secure the Internet. Check Point was founded in 1993, and has since developed technologies to secure communications and transactions over the Internet by enterprises and consumers. When the company was founded, risks and threats were limited and securing the Internet was relatively simple. A firewall and an antivirus solution generally provided adequate security for business transactions and communications over the Internet. Today, enterprises require many (in some cases 15 or more) point solutions to secure their information technology (IT) networks from the multitude of threats and potential attacks and are facing an increasingly complex IT security infrastructure. Check Point’s core competencies are developing security solutions to protect business and consumer transactions and communications over the Internet, and reducing the complexity in Internet security. We strive to solve the security maze by bringing “more, better and simpler” security solutions to our customers. Check Point develops markets and supports a wide range of software, as well as combined hardware and software products and services for IT security. We offer our customers an extensive portfolio of network and gateway security solutions, data and endpoint security solutions and management solutions. Our solutions operate under a unified security architecture that enables end-to-end security with a single line of unified security gateways, and allow a single agent for all endpoint security that can be managed from a single unified management console. This unified management allows for ease of deployment and centralized control and is supported by, and reinforced with, real-time security updates. Check Point was an industry pioneer with our FireWall-1 and our patented Stateful Inspection technology. Check Point has recently extended its IT security innovation with the development of our Software Blade architecture. The dynamic Software Blade architecture delivers secure, flexible and simple solutions that can be customized to meet the security needs of any organization or environment. Our products and services are sold to enterprises, service providers, small and medium sized businesses and consumers. Our Open Platform for Security (OPSEC) framework allows customers to extend the capabilities of our products and services with third-party hardware and security software applications. Our products are sold, integrated and serviced by a network of partners worldwide. Check Point customers include tens of thousands of businesses and organizations of all sizes including all Fortune 100 companies. Check Point’s award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft. Contact Check Point now www.checkpoint.com/contactus By phone in the US: 1-800-429-4391 option 5 or 1-650-628-2000 ©2012 Check Point Software Technologies Ltd. All rights reserved Classification: [Customer Confidential] — For customer use only 19
  • 20. CONTACT CHECK POINT Worldwide Headquarters 5 Ha’Solelim Street, Tel Aviv 67897, Israel | Tel: 972-3-753 4555 | Fax: 972-3-624-1100 | email: info@checkpoint.com U.S. Headquarters 959 Skyway Rd. Ste. 300, San Carlos, CA 94070 | Tel: 800-429-4391 ; 650-628-2000 | Fax: 650-654-4233 | www.checkpoint.com ©2003-2012 Check Point Software Technologies Ltd. All rights reserved. Check Point, AlertAdvisor, Application Intelligence, Check Point 2200, Check Point 4000 Appliances, Check Point 4200, Check Point 4600, Check Point 4800, Check Point 12000 Appliances, Check Point 12200, Check Point 12400, Check Point 12600, Check Point 21400, Check Point 6100 Security System, Check Point Anti-Bot Software Blade, Check Point Application Control Software Blade, Check Point Data Loss Prevention, Check Point DLP, Check Point DLP-1, Check Point Endpoint Security, Check Point Endpoint Security On Demand, the Check Point logo, Check Point Full Disk Encryption, Check Point GO, Check Point Horizon Manager, Check Point Identity Awareness, Check Point IPS, Check Point IPSec VPN, Check Point Media Encryption, Check Point Mobile, Check Point Mobile Access, Check Point NAC, Check Point Network Voyager, Check Point OneCheck, Check Point R75, Check Point Security Gateway, Check Point Update Service, Check Point WebCheck, ClusterXL, Confidence Indexing, ConnectControl, Connectra, Connectra Accelerator Card, Cooperative Enforcement, Cooperative Security Alliance, CoreXL, DefenseNet, DynamicID, Endpoint Connect VPN Client, Endpoint Security, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, Hybrid Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Clientless Security, Integrity SecureClient, InterSpect, IP Appliances, IPS-1, IPS Software Blade, IPSO, R75, Software Blade, IQ Engine, MailSafe, the More, better, Simpler Security logo, Multi-Domain Security Management, MultiSpect, NG, NGX, Open Security Extension, OPSEC, OSFirewall, Pointsec, Pointsec Mobile, Pointsec PC, Pointsec Protector, Policy Lifecycle Management,Power-1, Provider-1, PureAdvantage, PURE Security, the puresecurity logo, Safe@Home, Safe@Office, Secure Virtual Workspace, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlatform, SecurePlatform Pro, SecuRemote, SecureServer, SecureUpdate, SecureXL, SecureXL Turbocard, Security Management Portal, SecurityPower, Series 80 Appliance, SiteManager-1, Smart-1, SmartCenter, SmartCenter Power, SmartCenter Pro, SmartCenter UTM, SmartConsole, SmartDashboard, SmartDefense, SmartDefense Advisor, SmartEvent, Smarter Security, SmartLSM, SmartMap, SmartPortal, SmartProvisioning, SmartReporter, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SmartWorkflow, SMP, SMP On-Demand, SocialGuard, SofaWare, Software Blade Architecture, the softwareblades logo, SSL Network Extender, Stateful Clustering, Total Security, the totalsecurity logo, TrueVector, UserCheck, UTM-1, UTM-1 Edge, UTM-1 Edge Industrial, UTM-1 Total Security, VPN-1, VPN-1 Edge, VPN-1 MASS, VPN-1 Power, VPN-1 Power Multi-core, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VE, VPN-1 VSX, VSX, VSX-1, Web Intelligence, ZoneAlarm, ZoneAlarm Antivirus + Firewall, ZoneAlarm DataLock, ZoneAlarm Extreme Security, ZoneAlarm ForceField, ZoneAlarm Free Firewall, ZoneAlarm Pro Firewall, ZoneAlarm Internet Security Suite, ZoneAlarm Security Toolbar, ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. ZoneAlarm is a Check Point Software Technologies, Inc. Company. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943, 7,165,076, 7,540,013, 7,725,737 and 7,788,726 and may be protected by other U.S. Patents, foreign patents, or pending applications. October 5, 2012