SlideShare una empresa de Scribd logo

Targeted Defense for Malware & Targeted Attacks

Imperva
Imperva

Sophisticated attacks leverage social engineering techniques and malware to compromise those individuals already on the inside of your enterprise, and then steal your data. By targeting your trusted employees, attackers can circumvent conventional defenses like firewalls and IPS solutions to penetrate your network and compromise your data center. This presentation will examine why attackers looking to steal sensitive data targeted your data center; explain how targeted attacks, often using spear phishing and malware, consistently defy perimeter and endpoint defenses; and present an eight step incident response model to help prevent, detect, and respond to targeted attacks.

Tecnología
1 de 36
Descargar para leer sin conexión
© 2013 Imperva, Inc. All rights reserved. Targeted Defense for Malware and Targeted Attacks Confidential1 Barry Shteiman Senior Security Strategist
© 2013 Imperva, Inc. All rights reserved. Contents Confidential2 §  Compromised Insider §  Incident Analysis §  Anatomy of an Attack §  Current Controls §  Reclaiming Security
© 2013 Imperva, Inc. All rights reserved. Compromised Insider Confidential3 Defining the Threat Landscape
© 2013 Imperva, Inc. All rights reserved. Confidential4 “There are two types of companies: companies that have been breached and companies that don’t know they’ve been breached.” Shawn Henry, Former FBI Executive Assistant Director NY Times, April 2012
© 2013 Imperva, Inc. All rights reserved. Insider Threat Defined Confidential5 Risk that the access rights of a trusted person will be used to view, take or modify data or intellectual property. Possible causes: §  Accident §  Malicious intent §  Compromised device
© 2013 Imperva, Inc. All rights reserved. A person with no malicious motivation who becomes an unknowing accomplice of third parties who gain access to their device and/or user credentials. 6 Compromised Insider Defined Confidential
© 2013 Imperva, Inc. All rights reserved. Malicious Vs. Compromised Potential Confidential7 1% < 100% Source: http://edocumentsciences.com/defend-against-compromised-insiders
© 2013 Imperva, Inc. All rights reserved. Look Who Made the Headlines Confidential8 Hackers steal sensitive data related to a planned 2.4B acquisition. Hacker stole 4-million Social Security numbers and bank account information from state tax payers and businesses
© 2013 Imperva, Inc. All rights reserved. Know Your Attacker Confidential9 Governments •  Stealing Intellectual Property (IP) and raw data, Espionage •  Motivated by: Policy, Politics and Nationalism Industrialized hackers •  Stealing IP and data •  Motivated by: Profit Hacktivists •  Exposing IP and data, and compromising the infrastructure •  Motivated by: Political causes, ideology, personal agendas
© 2013 Imperva, Inc. All rights reserved. What Attackers Are After Confidential10 Source: Verizon Data Breach Report, 2013
© 2013 Imperva, Inc. All rights reserved. Data & IP 11 Two Paths, One Goal User with access rights (or his/her device) Hacking (various) used in 52% of breaches Online Application Malware (40%) Social Engineering (29%) Servers 54% Confidential Users (devices) 71% People 29% Source: Verizon Data Breach Report, 2013
© 2013 Imperva, Inc. All rights reserved. Incident Analysis Confidential12 The South Carolina Data Breach
© 2013 Imperva, Inc. All rights reserved. What Happened? Confidential13 4M Individual Records Stolen in a Population of 5M 80%.
© 2013 Imperva, Inc. All rights reserved. A Targeted Database Attack Confidential14 12-Sept-12 - 14-Sept-12 Attacker steals the entire database 27-Aug-12 Attacker logs in remotely and accesses the database 13-Aug-12 Attacker steals login credentials via phishing email & malware 29-Aug-12 - 11-Sept-12 Additional reconnaissance, more credentials stolen
© 2013 Imperva, Inc. All rights reserved. The Anatomy of an Attack How Does It Work 15 Confidential
© 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential16 Spear Phishing
© 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential17 Spear Phishing C&C Comm
© 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential18 Spear Phishing C&C Comm Data Dump & Analysis
© 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential19 Spear Phishing C&C Comm Data Dump & Analysis Broaden Infection
© 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential20 Spear Phishing C&C Comm Data Dump & Analysis Broaden Infection Main Data Dump
© 2013 Imperva, Inc. All rights reserved. Wipe Evidence Anatomy of an Attack Confidential21 Spear Phishing C&C Comm Data Dump & Analysis Broaden Infection Main Data Dump
© 2013 Imperva, Inc. All rights reserved. Searching on Social Networks… Confidential22
© 2013 Imperva, Inc. All rights reserved. …The Results Confidential23
© 2013 Imperva, Inc. All rights reserved. Next: Phishing and Malware Confidential24 How easy is it? §  A three-month BlackHole license, with Support included, is US$700 Specialized Frameworks and Hacking tools, such as BlackHole 2.0, allow easy setup for Host Hijacking and Phishing.
© 2013 Imperva, Inc. All rights reserved. Drive-by Downloads Are Another Route Confidential25 September 2012 “iPhone 5 Images Leak” was caused by a Trojan Download Drive-By
© 2013 Imperva, Inc. All rights reserved. Cross Site Scripting Is Yet Another Path Confidential26 Persistent XSS Vulnerable Sites provide the Infection Platform GMAIL, June 2012 TUMBLR, July 2012
© 2013 Imperva, Inc. All rights reserved. The Human Behavior Factor Confidential27 Source: Google Research Paper “Alice in Warningland”, July 2013
© 2013 Imperva, Inc. All rights reserved. Current Controls Confidential28 Won’t the NGFW/IPS/AV Stop It?
© 2013 Imperva, Inc. All rights reserved. What Are the Experts Saying? Confidential29 “Flame was a failure for the antivirus industry. We really should have been able to do better. But we didn’t. We were out of our league, in our own game.” Mikko Hypponen, F-Secure, Chief Research Officer Source: http://www.wired.com/threatlevel/2012/06/internet-security-fail/
© 2013 Imperva, Inc. All rights reserved. Security Threats Have Evolved… Confidential30 20132001 AntiVirus Firewall IPS AntiVirus Firewall IPS Sources: Gartner, Imperva analysis
© 2013 Imperva, Inc. All rights reserved. Security Redefined Confidential31 Forward Thinking
© 2013 Imperva, Inc. All rights reserved. The DISA Angle Confidential32 “In the past, we’ve all been about protecting our networks—firewall here, firewall there, firewall within a service, firewall within an organization, firewalls within DISA. We’ve got to remove those and go to protecting the data” Lt. Gen. Ronnie Hawkins JR – DISA. AFCEA, July 2012
© 2013 Imperva, Inc. All rights reserved. Rebalance Your Security Portfolio Confidential33
© 2013 Imperva, Inc. All rights reserved. Assume You Can Be Breached Confidential34
© 2013 Imperva, Inc. All rights reserved. Incident Response Phases for Targeted Attacks Confidential35 Reduce Risk Prevent Compromise Detection Containment Insulate sensitive data Password Remediation Device Remediation Post-incident Analysis Size Up the Target Compromise A User Initial Exploration Solidify Presence Impersonate Privileged User Steal Confidential Data Cover Tracks
© 2013 Imperva, Inc. All rights reserved. www.imperva.com 36 Confidential

Recomendados

Targeted attacks
Targeted attacksTargeted attacks
Targeted attacksBarry Shteiman
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionObserveIT
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictionscentralohioissa
 
5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP System5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP SystemMichael Cunningham
 
Jerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTJerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTcentralohioissa
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the BattlefieldPhil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
 

Recomendados

Targeted attacks
Targeted attacksTargeted attacks
Targeted attacksBarry Shteiman
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionObserveIT
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictionscentralohioissa
 
5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP System5 Types of Insider Threats and How to Detect them in Your ERP System
5 Types of Insider Threats and How to Detect them in Your ERP SystemMichael Cunningham
 
Jerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTJerod Brennen - What You Need to Know About OSINT
Jerod Brennen - What You Need to Know About OSINTcentralohioissa
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the BattlefieldPhil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
 
Security researcher
Security researcherSecurity researcher
Security researcherNoumanShah20
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligencecentralohioissa
 
IRP on a Budget
IRP on a BudgetIRP on a Budget
IRP on a BudgetSean D. Goodwin
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityDavid Mai, MBA
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCybera Inc.
 
Whitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppWhitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppEric Zhuo
 
Insider theft detection
Insider theft detection Insider theft detection
Insider theft detection SumanthKommineni
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsObserveIT
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9UISGCON
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?ObserveIT
 
Pen testing and how does it help strengthen cybersecurity
Pen testing and how does it help strengthen cybersecurityPen testing and how does it help strengthen cybersecurity
Pen testing and how does it help strengthen cybersecurityTestingXperts
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber AttackersSirius
 
Covert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageCovert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageLeMeniz Infotech
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsRecorded Future
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing ProfessionalsTechWell
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber securityShri ramswaroop college of engineering and management
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
CLASSROOM MANAGEMENT
CLASSROOM MANAGEMENTCLASSROOM MANAGEMENT
CLASSROOM MANAGEMENTCrezza Basis
 
TLS/SSL Protocol Design
TLS/SSL Protocol DesignTLS/SSL Protocol Design
TLS/SSL Protocol DesignNate Lawson
 

Más contenido relacionado

La actualidad más candente

Security researcher
Security researcherSecurity researcher
Security researcherNoumanShah20
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligencecentralohioissa
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityDavid Mai, MBA
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCybera Inc.
 
Whitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppWhitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppEric Zhuo
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsObserveIT
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9UISGCON
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?ObserveIT
 
Pen testing and how does it help strengthen cybersecurity
Pen testing and how does it help strengthen cybersecurityPen testing and how does it help strengthen cybersecurity
Pen testing and how does it help strengthen cybersecurityTestingXperts
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber AttackersSirius
 
Covert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageCovert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageLeMeniz Infotech
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsRecorded Future
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing ProfessionalsTechWell
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 

La actualidad más candente (20)

Security researcher
Security researcherSecurity researcher
Security researcher
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligence
 
IRP on a Budget
IRP on a BudgetIRP on a Budget
IRP on a Budget
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
 
Whitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppWhitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6pp
 
Insider theft detection
Insider theft detection Insider theft detection
Insider theft detection
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?
 
Pen testing and how does it help strengthen cybersecurity
Pen testing and how does it help strengthen cybersecurityPen testing and how does it help strengthen cybersecurity
Pen testing and how does it help strengthen cybersecurity
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers
 
Covert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakageCovert compositional analysis of android inter app permission leakage
Covert compositional analysis of android inter app permission leakage
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel Cards
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing Professionals
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
 

Destacado

CLASSROOM MANAGEMENT
CLASSROOM MANAGEMENTCLASSROOM MANAGEMENT
CLASSROOM MANAGEMENTCrezza Basis
 
TLS/SSL Protocol Design
TLS/SSL Protocol DesignTLS/SSL Protocol Design
TLS/SSL Protocol DesignNate Lawson
 
TLS Optimization
TLS OptimizationTLS Optimization
TLS OptimizationNate Lawson
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesImperva
 
Risk Assessment Cybersecurity Project at Utica College
Risk Assessment Cybersecurity Project at Utica CollegeRisk Assessment Cybersecurity Project at Utica College
Risk Assessment Cybersecurity Project at Utica CollegeJeff Macharyas
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Ulf Mattsson
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public SectorScott Geye
 
Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)Martin Cabrera
 
HPE Cyber Risk Report 2016 InfoGraphic
HPE Cyber Risk Report 2016 InfoGraphicHPE Cyber Risk Report 2016 InfoGraphic
HPE Cyber Risk Report 2016 InfoGraphicTim Grieveson
 
Risk assessment presentation
Risk assessment presentationRisk assessment presentation
Risk assessment presentationmmagario
 

Destacado (12)

CLASSROOM MANAGEMENT
CLASSROOM MANAGEMENTCLASSROOM MANAGEMENT
CLASSROOM MANAGEMENT
 
TLS/SSL Protocol Design
TLS/SSL Protocol DesignTLS/SSL Protocol Design
TLS/SSL Protocol Design
 
TLS Optimization
TLS OptimizationTLS Optimization
TLS Optimization
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
 
Malware Incident Response
Malware Incident ResponseMalware Incident Response
Malware Incident Response
 
Incident response
Incident responseIncident response
Incident response
 
Risk Assessment Cybersecurity Project at Utica College
Risk Assessment Cybersecurity Project at Utica CollegeRisk Assessment Cybersecurity Project at Utica College
Risk Assessment Cybersecurity Project at Utica College
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector
 
Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)Network DDoS Incident Response Cheat Sheet (by SANS)
Network DDoS Incident Response Cheat Sheet (by SANS)
 
HPE Cyber Risk Report 2016 InfoGraphic
HPE Cyber Risk Report 2016 InfoGraphicHPE Cyber Risk Report 2016 InfoGraphic
HPE Cyber Risk Report 2016 InfoGraphic
 
Risk assessment presentation
Risk assessment presentationRisk assessment presentation
Risk assessment presentation
 

Similar a Targeted Defense for Malware & Targeted Attacks

Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised InsiderImperva
 
Assessing the Effectiveness of Antivirus Solutions
Assessing the Effectiveness of Antivirus SolutionsAssessing the Effectiveness of Antivirus Solutions
Assessing the Effectiveness of Antivirus SolutionsImperva
 
Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option Seculert
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database ThreatsImperva
 
The Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat IntelligenceThe Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat IntelligenceImperva
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test ProfessionalsTechWell
 
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSREAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSForgeRock
 
vip_day_2._1130_cloud
vip_day_2._1130_cloudvip_day_2._1130_cloud
vip_day_2._1130_cloudNicholas Chia
 
Top Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessTop Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessSymantec
 
Evaluate Top Seven Risks of Enterprise Mobility
Evaluate Top Seven Risks of Enterprise MobilityEvaluate Top Seven Risks of Enterprise Mobility
Evaluate Top Seven Risks of Enterprise MobilityRapidSSLOnline.com
 
Hiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesHiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesImperva
 
Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecuritySubho Halder
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical HackingKevin Chakre
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing ProfessionalsTechWell
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
Myths and Realities of Cloud Data Security
Myths and Realities of Cloud Data SecurityMyths and Realities of Cloud Data Security
Myths and Realities of Cloud Data SecurityMichael Krouze
 
Protecting your Data in Google Apps
Protecting your Data in Google AppsProtecting your Data in Google Apps
Protecting your Data in Google AppsElastica Inc.
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013Imperva
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanShwetank Jayaswal
 

Similar a Targeted Defense for Malware & Targeted Attacks (20)

Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised Insider
 
Assessing the Effectiveness of Antivirus Solutions
Assessing the Effectiveness of Antivirus SolutionsAssessing the Effectiveness of Antivirus Solutions
Assessing the Effectiveness of Antivirus Solutions
 
Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database Threats
 
The Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat IntelligenceThe Value of Crowd-Sourced Threat Intelligence
The Value of Crowd-Sourced Threat Intelligence
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted Attacks
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test Professionals
 
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSREAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
 
vip_day_2._1130_cloud
vip_day_2._1130_cloudvip_day_2._1130_cloud
vip_day_2._1130_cloud
 
Top Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessTop Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your business
 
Evaluate Top Seven Risks of Enterprise Mobility
Evaluate Top Seven Risks of Enterprise MobilityEvaluate Top Seven Risks of Enterprise Mobility
Evaluate Top Seven Risks of Enterprise Mobility
 
Hiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known VulnerabilitiesHiding in Plain Sight: The Danger of Known Vulnerabilities
Hiding in Plain Sight: The Danger of Known Vulnerabilities
 
Unicom Conference - Mobile Application Security
Unicom Conference - Mobile Application SecurityUnicom Conference - Mobile Application Security
Unicom Conference - Mobile Application Security
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
 
Security Testing for Testing Professionals
Security Testing for Testing ProfessionalsSecurity Testing for Testing Professionals
Security Testing for Testing Professionals
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
Myths and Realities of Cloud Data Security
Myths and Realities of Cloud Data SecurityMyths and Realities of Cloud Data Security
Myths and Realities of Cloud Data Security
 
Protecting your Data in Google Apps
Protecting your Data in Google AppsProtecting your Data in Google Apps
Protecting your Data in Google Apps
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
 

Más de Imperva

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
API Security Survey
API Security SurveyAPI Security Survey
API Security SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Imperva
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesImperva
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchImperva
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged VendorsImperva
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet SophisticationImperva
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made EasyImperva
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceImperva
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyImperva
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR PlanImperva
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataImperva
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 

Más de Imperva (20)

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
API Security Survey
API Security SurveyAPI Security Survey
API Security Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over Lunch
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet Sophistication
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made Easy
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense Report
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat Intelligence
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR Plan
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your Data
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data Security
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
 

Último

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Último (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Targeted Defense for Malware & Targeted Attacks

  • 1. © 2013 Imperva, Inc. All rights reserved. Targeted Defense for Malware and Targeted Attacks Confidential1 Barry Shteiman Senior Security Strategist
  • 2. © 2013 Imperva, Inc. All rights reserved. Contents Confidential2 §  Compromised Insider §  Incident Analysis §  Anatomy of an Attack §  Current Controls §  Reclaiming Security
  • 3. © 2013 Imperva, Inc. All rights reserved. Compromised Insider Confidential3 Defining the Threat Landscape
  • 4. © 2013 Imperva, Inc. All rights reserved. Confidential4 “There are two types of companies: companies that have been breached and companies that don’t know they’ve been breached.” Shawn Henry, Former FBI Executive Assistant Director NY Times, April 2012
  • 5. © 2013 Imperva, Inc. All rights reserved. Insider Threat Defined Confidential5 Risk that the access rights of a trusted person will be used to view, take or modify data or intellectual property. Possible causes: §  Accident §  Malicious intent §  Compromised device
  • 6. © 2013 Imperva, Inc. All rights reserved. A person with no malicious motivation who becomes an unknowing accomplice of third parties who gain access to their device and/or user credentials. 6 Compromised Insider Defined Confidential
  • 7. © 2013 Imperva, Inc. All rights reserved. Malicious Vs. Compromised Potential Confidential7 1% < 100% Source: http://edocumentsciences.com/defend-against-compromised-insiders
  • 8. © 2013 Imperva, Inc. All rights reserved. Look Who Made the Headlines Confidential8 Hackers steal sensitive data related to a planned 2.4B acquisition. Hacker stole 4-million Social Security numbers and bank account information from state tax payers and businesses
  • 9. © 2013 Imperva, Inc. All rights reserved. Know Your Attacker Confidential9 Governments •  Stealing Intellectual Property (IP) and raw data, Espionage •  Motivated by: Policy, Politics and Nationalism Industrialized hackers •  Stealing IP and data •  Motivated by: Profit Hacktivists •  Exposing IP and data, and compromising the infrastructure •  Motivated by: Political causes, ideology, personal agendas
  • 10. © 2013 Imperva, Inc. All rights reserved. What Attackers Are After Confidential10 Source: Verizon Data Breach Report, 2013
  • 11. © 2013 Imperva, Inc. All rights reserved. Data & IP 11 Two Paths, One Goal User with access rights (or his/her device) Hacking (various) used in 52% of breaches Online Application Malware (40%) Social Engineering (29%) Servers 54% Confidential Users (devices) 71% People 29% Source: Verizon Data Breach Report, 2013
  • 12. © 2013 Imperva, Inc. All rights reserved. Incident Analysis Confidential12 The South Carolina Data Breach
  • 13. © 2013 Imperva, Inc. All rights reserved. What Happened? Confidential13 4M Individual Records Stolen in a Population of 5M 80%.
  • 14. © 2013 Imperva, Inc. All rights reserved. A Targeted Database Attack Confidential14 12-Sept-12 - 14-Sept-12 Attacker steals the entire database 27-Aug-12 Attacker logs in remotely and accesses the database 13-Aug-12 Attacker steals login credentials via phishing email & malware 29-Aug-12 - 11-Sept-12 Additional reconnaissance, more credentials stolen
  • 15. © 2013 Imperva, Inc. All rights reserved. The Anatomy of an Attack How Does It Work 15 Confidential
  • 16. © 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential16 Spear Phishing
  • 17. © 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential17 Spear Phishing C&C Comm
  • 18. © 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential18 Spear Phishing C&C Comm Data Dump & Analysis
  • 19. © 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential19 Spear Phishing C&C Comm Data Dump & Analysis Broaden Infection
  • 20. © 2013 Imperva, Inc. All rights reserved. Anatomy of an Attack Confidential20 Spear Phishing C&C Comm Data Dump & Analysis Broaden Infection Main Data Dump
  • 21. © 2013 Imperva, Inc. All rights reserved. Wipe Evidence Anatomy of an Attack Confidential21 Spear Phishing C&C Comm Data Dump & Analysis Broaden Infection Main Data Dump
  • 22. © 2013 Imperva, Inc. All rights reserved. Searching on Social Networks… Confidential22
  • 23. © 2013 Imperva, Inc. All rights reserved. …The Results Confidential23
  • 24. © 2013 Imperva, Inc. All rights reserved. Next: Phishing and Malware Confidential24 How easy is it? §  A three-month BlackHole license, with Support included, is US$700 Specialized Frameworks and Hacking tools, such as BlackHole 2.0, allow easy setup for Host Hijacking and Phishing.
  • 25. © 2013 Imperva, Inc. All rights reserved. Drive-by Downloads Are Another Route Confidential25 September 2012 “iPhone 5 Images Leak” was caused by a Trojan Download Drive-By
  • 26. © 2013 Imperva, Inc. All rights reserved. Cross Site Scripting Is Yet Another Path Confidential26 Persistent XSS Vulnerable Sites provide the Infection Platform GMAIL, June 2012 TUMBLR, July 2012
  • 27. © 2013 Imperva, Inc. All rights reserved. The Human Behavior Factor Confidential27 Source: Google Research Paper “Alice in Warningland”, July 2013
  • 28. © 2013 Imperva, Inc. All rights reserved. Current Controls Confidential28 Won’t the NGFW/IPS/AV Stop It?
  • 29. © 2013 Imperva, Inc. All rights reserved. What Are the Experts Saying? Confidential29 “Flame was a failure for the antivirus industry. We really should have been able to do better. But we didn’t. We were out of our league, in our own game.” Mikko Hypponen, F-Secure, Chief Research Officer Source: http://www.wired.com/threatlevel/2012/06/internet-security-fail/
  • 30. © 2013 Imperva, Inc. All rights reserved. Security Threats Have Evolved… Confidential30 20132001 AntiVirus Firewall IPS AntiVirus Firewall IPS Sources: Gartner, Imperva analysis
  • 31. © 2013 Imperva, Inc. All rights reserved. Security Redefined Confidential31 Forward Thinking
  • 32. © 2013 Imperva, Inc. All rights reserved. The DISA Angle Confidential32 “In the past, we’ve all been about protecting our networks—firewall here, firewall there, firewall within a service, firewall within an organization, firewalls within DISA. We’ve got to remove those and go to protecting the data” Lt. Gen. Ronnie Hawkins JR – DISA. AFCEA, July 2012
  • 33. © 2013 Imperva, Inc. All rights reserved. Rebalance Your Security Portfolio Confidential33
  • 34. © 2013 Imperva, Inc. All rights reserved. Assume You Can Be Breached Confidential34
  • 35. © 2013 Imperva, Inc. All rights reserved. Incident Response Phases for Targeted Attacks Confidential35 Reduce Risk Prevent Compromise Detection Containment Insulate sensitive data Password Remediation Device Remediation Post-incident Analysis Size Up the Target Compromise A User Initial Exploration Solidify Presence Impersonate Privileged User Steal Confidential Data Cover Tracks
  • 36. © 2013 Imperva, Inc. All rights reserved. www.imperva.com 36 Confidential

Notas del editor

  1. Barry: “Less than 1% of your employees may be malicious insiders, but 100% of your employees have the potential to be compromised insiders.”
  2. 2013 VDBIRMalware 40% of breachesSocial 29%Hacking 52%Assets compromisedServers 54User (devices) 71People 29
  3. Anna Kournikova virus author stands trialLenient sentence in prospectBy John LeydenPosted in Security, 14th September 2001 13:58 GMTThe author of the infamous Anna Kournikova email worm has appeared in court in the Netherlands with prosecutors calling for a lenient sentence for his admitted crime.Lawyers for 20-year old Jan de Wit have called for the dismissal of charges against him, arguing that the worm caused minimal damange. The FBI submitted evidence to the Dutch court, suggesting that $166,000 in damages was caused by the worm, based on reports of damage from 55 firms