SlideShare una empresa de Scribd logo

Your Insurance Policy for Network Breaches

Savvius, Inc
Savvius, Inc

Network breaches are on the rise, and the consequences are getting more dire. Needless to say, you don't want to be the next Target.You've invested in security tools like firewalls and IPS systems. But today's stealthy attacks can still get through. When you suspect an attack, you need your insurance policy—network forensics. In this seminar, you'll learn how network forensics—network recording along with powerful search and analysis tools—can enable your in-house security team to track down, verify, and characterize attacks. You'll also learn about the requirements for effective forensics on today's 10G and 40G networks. And you'll learn some best practices for configuring captures to help you and your team pinpoint and remediate anomalous behavior that could signal an attack.

Tecnología
1 de 31
Descargar para leer sin conexión
www.wildpackets.com Use today’s webinar hashtag: #wp_networkforensics with any questions, comments, or feedback. Follow us @wildpackets Jay Botelho Director of Product Management WildPackets jbotelho@wildpackets.com Follow me @jaybotelho Security Attack Analysis for Finding and Stopping Network Attacks Your Insurance Policy for Network Breaches
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Administration • All callers are on mute – If you have problems, please let us know via the Chat window • There will be Q&A – Feel free to type a question at any time • Slides and recording will be available – Notification within 48 hours via a follow-up email 2
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Agenda • The Bad Guys Are Winning • IDS/IPS Is Not Enough • Security Attack Analysis with Network Forensics • You Can Take Back the Lead! 3
www.wildpackets.com The Bad Guys Are Winning
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 “The Bad Guys Are Winning”* • Cyber espionage up 3X • Insiders stealing intellectual property • Average time in 2012 to discover and resolve a data breach: 123 days • 86% of security professionals consider incident detection time too slow 5 * Wade Baker, principal author of the 2014 Verizon Data Breach Investigations Report
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Challenges • IDS/IPS and other tools raise alerts • But security teams need details – Who, what, where, when – Answers require network visibility • Network visibility declining overall – Last-generation network analysis tools can’t keep up with 10G, 40G, and 100G networks – Market trend for high-level stats such as NetFlow and traffic sampling leave security analysts with generalities not specifics 6
www.wildpackets.com IDS/IPS Detection and Prevention Aren’t Enough
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 WildPackets Attack Analysis • Benefits – Give security teams evidence and insight • A comprehensive record of network activity • Powerful search and filtering tools for zeroing in on anomalies and attack details – Enable security teams to act quickly • Find proof of attacks • Characterize attacks and stop them – Who, what, where, when • Solution: Packet Capture + Network Forensics – Record, store, and analyze traffic – Uncover and understand attacks so they can be stopped – Tools include deep packet inspection, searches, filters, graphs, etc. 8 Full visibility into everything going in and out of your network
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Key Capabilities WildPackets Attack Analysis 9 Node Activity Profile High Speed Packet Capture Visualization Transaction History Deep Packet Inspection Node-to-node Interaction
www.wildpackets.com Security Attack Analysis with Network Forensics
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Security Investigations with Network Forensics 11  Incident Response Verification  Pre-Zero Day Attack Forensics  Incident Path Tracking  Compliance with Security Regulations  Transaction Verification
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Incident Response Verification Applying Attack Intelligence and Deep Packet Inspection (DPI), WildPackets provides unprecedented visibility into network events, enabling security analysts to conduct full Root Cause Analysis (RCA) Attack AnalysisResults: Reduced MTTR for Attacks Reduce Impact of Attacks  Investigate  Confirm  Characterize  Resolve 12
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem At approximately 11:20am IDS/IPS reports an nmap decoy attack; a number of phony addresses were used by nmap as source IP’s in addition to the actual attack machine IP Use network forensics to rewind the attack, saving all packets from 5 minutes before to 5 minutes after the report for detailed network analysis
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 14Network Forensics – October 2013
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Pre-Zero Day Attack Forensics • Unprecedented opportunity to ask: – Has a newly recognized attack previously struck our network? If so, what happened? • Replay recorded network traffic to event detection systems to discover if the new incident had occurred previously and understand who and what was affected. • AKA “Retrospective Security Assurance” 15 IT begins recording network traffic Zero-Day attack strikes Updates to security tools recognize attack Security team replays traffic through attack signature
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem The internal security team has identified a previously undetected major security threat; the signature says it uses windows messenger service and has a UDP packet that contains “STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION…” Immediately identify any and all systems on the network that have potentially been affected by the threat, even before the threat was initially detected
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Incident Path Tracking Using built-in peer-to-peer analytics, WildPackets’ Incident Path Tracking can trace the sequence of conversations between every device on the network before and after the security event 17 Result: Identify the security attack, in this case “denial of service”, the source of the attack, and all the affected devices
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem Hundreds of users of a wireless network in a large auditorium find they cannot maintain a VPN connection, nor can they reliably connect to the Internet; everyone seems to be affected IDS/IPS reports no problems; assess overall network connectivity and look for anomalies
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Ensuring Compliance – Leaked Data 19 Result: Evidence of data breaches and details that help track down the particulars of security attacks Filter for patterns like SSNs and keywords
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem While reviewing the weekly network performance report clear text protocols were discovered which violate company the security policy Find FTP traffic and identify suspected users; analyze FTP traffic to see if sensitive data was transmitted.
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Transaction Review • Verify Transactions – Did they complete successfully? – Did they occur in the way an end user is alleging? 21
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem A customer refutes transactions that appear to be made by them, claiming a stolen credit card Isolate data from this customer; verify IP addresses in use and compare with previous, uncontested transactions
www.wildpackets.com You Can Take Back the Lead!
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Accelerate Incident Response and Remediation BEFORE Timeline of a Security Investigation without Attack Analysis • Disparate sources • Investigations can take days or weeks AFTER Timeline of a Security Investigation with Attack Analysis • Centralized repository with comprehensive data • Investigations are many times faster 24
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Security Best Practices • Best Practice #1: Capture Traffic at Every Location – Just as you wouldn’t leave a building entrance unguarded, don’t leave a network location unmonitored and unanalyzed. • Best Practice #2: Capture Traffic 24/7 – Some attacks strike at odd hours. • Best Practice #3: Configure Captures based on Anomalies – Understand what’s normal (e.g., email coming from your email server), and automatically capture traffic that’s abnormal (e.g., email coming from your FTP server). – Small capture files make it easy to zoom in on what’s wrong. 25
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Omnipliance Product Line 26 • Omnipliance TL: NOC or Data Center, 10G/40G, up to 128 TB with OmniStorage • Omnipliance MX: Corporate Campus, 1G/10G, up to 32 TB • Omnipliance CX: Branch Offices, 1G, up to 32 TB
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 More Power in a Smaller Footprint – Captures traffic up to 23Gbps of real-world traffic – Scales up to 128 TB of storage – Requires half the rack space and power of competitive solutions Greater Precision – Captures network traffic with no data loss, so you can analyze everything, not just samples or high-level statistics – Accurate metrics – Rich analytics help pinpoint and characterize anomalies – Enterprise-wide solution makes forensic analysis available at every location Better Price/Performance – Superior power and precision at a price significantly lower than other network forensics products. 27 The WildPackets Advantage
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 • Omnipliance TL with OmniAdapter 40G has a capture-to-disk rate of 25.33Gbps with no loss in storing the data • Omnipliance TL with OmniAdapter 10G has a capture-to-disk rate of 20.94Gbps with no packet loss • Capture-to-disk rate per 10G port of 10.47Gbps is the highest observed to date in testing of network analysis and recording appliances Faster Capture = More Complete Data 28
© 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Summary • We need to stop the “Bad Guys” from winning. – Improve capability to investigate attacks. • Attack Analysis = Packet Capture + Network Forensics – Provides comprehensive evidence of all attack activity within a set period. – Provides an irrefutable record of user, network, and application activity, including transactions. – Enables security teams to characterize and trace attacks. • WildPackets Omnipliances offer unmatched performance and precision for attack analysis. – Complements existing security toolset with performance network recording, storage, and analysis. 29
www.wildpackets.com Q&A Learn more: http://security.wildpackets.com sales@wildpackets.com +1 (925) 937-2500 Follow us on SlideShare! Check out today’s slides on SlideShare www.slideshare.net/wildpackets
www.wildpackets.com Thank You! WildPackets, Inc. 1340 Treat Boulevard, Suite 500 Walnut Creek, CA 94597 (925) 937-3200

Recomendados

Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksInformation Technology
 
Network Security
Network SecurityNetwork Security
Network SecurityVIKAS SINGH BHADOURIA
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Network Security
Network SecurityNetwork Security
Network SecurityRaymond Jose
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
Threats to a computer
Threats to a computer Threats to a computer
Threats to a computer FCA - Future Chartered Accountants
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2Education
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 

Recomendados

Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksInformation Technology
 
Network Security
Network SecurityNetwork Security
Network SecurityVIKAS SINGH BHADOURIA
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Network Security
Network SecurityNetwork Security
Network SecurityRaymond Jose
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
Threats to a computer
Threats to a computer Threats to a computer
Threats to a computer FCA - Future Chartered Accountants
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2Education
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Ch05 Network Defenses
Ch05 Network DefensesCh05 Network Defenses
Ch05 Network DefensesInformation Technology
 
Wireless network security threats countermeasure
Wireless network security threats countermeasureWireless network security threats countermeasure
Wireless network security threats countermeasureEdie II
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Securitydkp205
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Internet Security
Internet SecurityInternet Security
Internet SecurityPeter R. Egli
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and virusesAamlan Saswat Mishra
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical HackingSripati Mahapatra
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...wajug
 
Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threatsrashidalkamdah
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Network Security Research Paper
Network Security Research PaperNetwork Security Research Paper
Network Security Research PaperPankaj Jha
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewSam Bowne
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3Education
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
NTXISSACSC4 - Security for a New World
NTXISSACSC4 - Security for a New WorldNTXISSACSC4 - Security for a New World
NTXISSACSC4 - Security for a New WorldNorth Texas Chapter of the ISSA
 
Computer Security and Risks
Computer Security and RisksComputer Security and Risks
Computer Security and RisksMiguel Rebollo
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Securityprachi67
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgEric Vanderburg
 
Computer Networks- Network Basics
Computer Networks- Network BasicsComputer Networks- Network Basics
Computer Networks- Network BasicsTrinity Dwarka
 

Más contenido relacionado

La actualidad más candente

Wireless network security threats countermeasure
Wireless network security threats countermeasureWireless network security threats countermeasure
Wireless network security threats countermeasureEdie II
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Securitydkp205
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7AfiqEfendy Zaen
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical HackingSripati Mahapatra
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...wajug
 
Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threatsrashidalkamdah
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Network Security Research Paper
Network Security Research PaperNetwork Security Research Paper
Network Security Research PaperPankaj Jha
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewSam Bowne
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3Education
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Computer Security and Risks
Computer Security and RisksComputer Security and Risks
Computer Security and RisksMiguel Rebollo
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Securityprachi67
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 

La actualidad más candente (20)

Ch05 Network Defenses
Ch05 Network DefensesCh05 Network Defenses
Ch05 Network Defenses
 
Wireless network security threats countermeasure
Wireless network security threats countermeasureWireless network security threats countermeasure
Wireless network security threats countermeasure
 
Network Security
Network SecurityNetwork Security
Network Security
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Security
 
Network Security Chapter 7
Network Security Chapter 7Network Security Chapter 7
Network Security Chapter 7
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
 
Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threats
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network Security Research Paper
Network Security Research PaperNetwork Security Research Paper
Network Security Research Paper
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking Overview
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
NTXISSACSC4 - Security for a New World
NTXISSACSC4 - Security for a New WorldNTXISSACSC4 - Security for a New World
NTXISSACSC4 - Security for a New World
 
Computer Security and Risks
Computer Security and RisksComputer Security and Risks
Computer Security and Risks
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Security
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 

Destacado

Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgEric Vanderburg
 
Computer Networks- Network Basics
Computer Networks- Network BasicsComputer Networks- Network Basics
Computer Networks- Network BasicsTrinity Dwarka
 
PERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKS
PERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKSPERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKS
PERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKSJYoTHiSH o.s
 
Programación en OTcl
Programación en OTclProgramación en OTcl
Programación en OTclJesus Vilchez
 
Looking Ahead to Tcl 8.6
Looking Ahead to Tcl 8.6Looking Ahead to Tcl 8.6
Looking Ahead to Tcl 8.6ActiveState
 
The ActiveState of Tcl
The ActiveState of TclThe ActiveState of Tcl
The ActiveState of TclActiveState
 
Tcl tk
Tcl tkTcl tk
Tcl tkTiago
 
Zone Routing Protocol
Zone Routing ProtocolZone Routing Protocol
Zone Routing Protocolnitss007
 
Network Basics
Network BasicsNetwork Basics
Network Basicstmavroidis
 
Tcl corporate presentation 2015 campus 08-02-2016
Tcl corporate presentation 2015 campus 08-02-2016Tcl corporate presentation 2015 campus 08-02-2016
Tcl corporate presentation 2015 campus 08-02-2016geetha k
 
Dynamic source routing
Dynamic source routingDynamic source routing
Dynamic source routingAshraf Uddin
 
Routing in Manet
Routing in ManetRouting in Manet
Routing in Manetshiujinghan
 

Destacado (20)

Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
 
Computer Networks- Network Basics
Computer Networks- Network BasicsComputer Networks- Network Basics
Computer Networks- Network Basics
 
PERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKS
PERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKSPERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKS
PERFORMANCE STUDIES ON THE VARIOUS ROUTING PROTOCOLS IN AD-HOC NETWORKS
 
Programación en OTcl
Programación en OTclProgramación en OTcl
Programación en OTcl
 
Looking Ahead to Tcl 8.6
Looking Ahead to Tcl 8.6Looking Ahead to Tcl 8.6
Looking Ahead to Tcl 8.6
 
Caffe Latte Attack
Caffe Latte AttackCaffe Latte Attack
Caffe Latte Attack
 
Tcl tk howto
Tcl tk howtoTcl tk howto
Tcl tk howto
 
The ActiveState of Tcl
The ActiveState of TclThe ActiveState of Tcl
The ActiveState of Tcl
 
Tcl tk
Tcl tkTcl tk
Tcl tk
 
Zone Routing Protocol
Zone Routing ProtocolZone Routing Protocol
Zone Routing Protocol
 
Ad Hoc
Ad HocAd Hoc
Ad Hoc
 
20111126 ns2 installation
20111126 ns2 installation20111126 ns2 installation
20111126 ns2 installation
 
Networking basics
Networking basicsNetworking basics
Networking basics
 
Network Basics
Network BasicsNetwork Basics
Network Basics
 
Basics of network
Basics of networkBasics of network
Basics of network
 
Tcl corporate presentation 2015 campus 08-02-2016
Tcl corporate presentation 2015 campus 08-02-2016Tcl corporate presentation 2015 campus 08-02-2016
Tcl corporate presentation 2015 campus 08-02-2016
 
Ppt
PptPpt
Ppt
 
Ns2
Ns2Ns2
Ns2
 
Dynamic source routing
Dynamic source routingDynamic source routing
Dynamic source routing
 
Routing in Manet
Routing in ManetRouting in Manet
Routing in Manet
 

Similar a Your Insurance Policy for Network Breaches

All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
 
Virtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteVirtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteSplunk
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not MarketingArrowECS_CZ
 
Spirent: The Internet of Things: The Expanded Security Perimeter
Spirent: The Internet of Things: The Expanded Security Perimeter Spirent: The Internet of Things: The Expanded Security Perimeter
Spirent: The Internet of Things: The Expanded Security Perimeter Sailaja Tennati
 
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programBhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programAPNIC
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network ForensicsSavvius, Inc
 
SIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibilitySIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibilityAlienVault
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applicationswebhostingguy
 
Preparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissancePreparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissanceCloudera, Inc.
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Priyanka Aash
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Cloudera, Inc.
 
Network Vulnerability and Patching
Network Vulnerability and PatchingNetwork Vulnerability and Patching
Network Vulnerability and PatchingEmmanuel Udeagha B.
 
iotsecurity-171108154118.pdf
iotsecurity-171108154118.pdfiotsecurity-171108154118.pdf
iotsecurity-171108154118.pdfKerimBozkanli
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and HealthcareJonathon Coulter
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglyAlgoSec
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 

Similar a Your Insurance Policy for Network Breaches (20)

All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 
Virtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - DeloitteVirtual Gov Day - Security Breakout - Deloitte
Virtual Gov Day - Security Breakout - Deloitte
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
 
Spirent: The Internet of Things: The Expanded Security Perimeter
Spirent: The Internet of Things: The Expanded Security Perimeter Spirent: The Internet of Things: The Expanded Security Perimeter
Spirent: The Internet of Things: The Expanded Security Perimeter
 
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting programBhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
Bhutan Cybersecurity Week 2021: APNIC vulnerability reporting program
 
Wired and Wireless Network Forensics
Wired and Wireless Network ForensicsWired and Wireless Network Forensics
Wired and Wireless Network Forensics
 
SIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibilitySIEM-plifying security monitoring: A different approach to security visibility
SIEM-plifying security monitoring: A different approach to security visibility
 
Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applications
 
Preparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissancePreparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity Renaissance
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
 
Network Vulnerability and Patching
Network Vulnerability and PatchingNetwork Vulnerability and Patching
Network Vulnerability and Patching
 
iotsecurity-171108154118.pdf
iotsecurity-171108154118.pdfiotsecurity-171108154118.pdf
iotsecurity-171108154118.pdf
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and Healthcare
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the Ugly
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 

Más de Savvius, Inc

Introducing Savvius Vigil
Introducing Savvius VigilIntroducing Savvius Vigil
Introducing Savvius VigilSavvius, Inc
 
Long Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkLong Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkSavvius, Inc
 
Network Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsNetwork Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsSavvius, Inc
 
Network Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekNetwork Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekSavvius, Inc
 
Why Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisWhy Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisSavvius, Inc
 
Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Savvius, Inc
 
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersYou Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersSavvius, Inc
 
Are you ready for 802.11ac?
Are you ready for 802.11ac?Are you ready for 802.11ac?
Are you ready for 802.11ac?Savvius, Inc
 
Are You Missing Something?
Are You Missing Something?Are You Missing Something?
Are You Missing Something?Savvius, Inc
 
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Savvius, Inc
 
Managing a Widely Distributed Network
Managing a Widely Distributed Network Managing a Widely Distributed Network
Managing a Widely Distributed Network Savvius, Inc
 
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...Savvius, Inc
 
WildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewWildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewSavvius, Inc
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisSavvius, Inc
 
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Savvius, Inc
 
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Savvius, Inc
 
The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring Savvius, Inc
 
802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint GroupSavvius, Inc
 
Omnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise AffordableOmnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise AffordableSavvius, Inc
 
Capturing 802.11ac Data
Capturing 802.11ac DataCapturing 802.11ac Data
Capturing 802.11ac DataSavvius, Inc
 

Más de Savvius, Inc (20)

Introducing Savvius Vigil
Introducing Savvius VigilIntroducing Savvius Vigil
Introducing Savvius Vigil
 
Long Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and SplunkLong Term Reporting with Savvius and Splunk
Long Term Reporting with Savvius and Splunk
 
Network Forensics Backwards and Forwards
Network Forensics Backwards and ForwardsNetwork Forensics Backwards and Forwards
Network Forensics Backwards and Forwards
 
Network Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with OmnipeekNetwork Analysis Tips & Tricks with Omnipeek
Network Analysis Tips & Tricks with Omnipeek
 
Why Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet AnalysisWhy Every Engineer Needs WLAN Packet Analysis
Why Every Engineer Needs WLAN Packet Analysis
 
Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2Bright talk voip vofi webinar jan2015-v2
Bright talk voip vofi webinar jan2015-v2
 
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the AnswersYou Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
You Suspect a Security Breach. Network Forensic Analysis Gives You the Answers
 
Are you ready for 802.11ac?
Are you ready for 802.11ac?Are you ready for 802.11ac?
Are you ready for 802.11ac?
 
Are You Missing Something?
Are You Missing Something?Are You Missing Something?
Are You Missing Something?
 
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
 
Managing a Widely Distributed Network
Managing a Widely Distributed Network Managing a Widely Distributed Network
Managing a Widely Distributed Network
 
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
VoIP Monitoring and Analysis - Still Top of Mind in Network Performance Monit...
 
WildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper PreviewWildPackets EMA Whitepaper Preview
WildPackets EMA Whitepaper Preview
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN Analysis
 
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
Network Network Visibility - The Key to Rapidly Troubleshooting Network Perfo...
 
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
Wireless Network Analysis 101 VoFi (Voice over Wi-Fi)
 
The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring The Changing Landscape in Network Performance Monitoring
The Changing Landscape in Network Performance Monitoring
 
802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group802.11ac: Technologies and Deployment Strategies with FarPoint Group
802.11ac: Technologies and Deployment Strategies with FarPoint Group
 
Omnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise AffordableOmnipliance family - Powerful Precise Affordable
Omnipliance family - Powerful Precise Affordable
 
Capturing 802.11ac Data
Capturing 802.11ac DataCapturing 802.11ac Data
Capturing 802.11ac Data
 

Último

4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 

Último (20)

4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 

Your Insurance Policy for Network Breaches

  • 1. www.wildpackets.com Use today’s webinar hashtag: #wp_networkforensics with any questions, comments, or feedback. Follow us @wildpackets Jay Botelho Director of Product Management WildPackets jbotelho@wildpackets.com Follow me @jaybotelho Security Attack Analysis for Finding and Stopping Network Attacks Your Insurance Policy for Network Breaches
  • 2. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Administration • All callers are on mute – If you have problems, please let us know via the Chat window • There will be Q&A – Feel free to type a question at any time • Slides and recording will be available – Notification within 48 hours via a follow-up email 2
  • 3. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Agenda • The Bad Guys Are Winning • IDS/IPS Is Not Enough • Security Attack Analysis with Network Forensics • You Can Take Back the Lead! 3
  • 5. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 “The Bad Guys Are Winning”* • Cyber espionage up 3X • Insiders stealing intellectual property • Average time in 2012 to discover and resolve a data breach: 123 days • 86% of security professionals consider incident detection time too slow 5 * Wade Baker, principal author of the 2014 Verizon Data Breach Investigations Report
  • 6. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Challenges • IDS/IPS and other tools raise alerts • But security teams need details – Who, what, where, when – Answers require network visibility • Network visibility declining overall – Last-generation network analysis tools can’t keep up with 10G, 40G, and 100G networks – Market trend for high-level stats such as NetFlow and traffic sampling leave security analysts with generalities not specifics 6
  • 8. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 WildPackets Attack Analysis • Benefits – Give security teams evidence and insight • A comprehensive record of network activity • Powerful search and filtering tools for zeroing in on anomalies and attack details – Enable security teams to act quickly • Find proof of attacks • Characterize attacks and stop them – Who, what, where, when • Solution: Packet Capture + Network Forensics – Record, store, and analyze traffic – Uncover and understand attacks so they can be stopped – Tools include deep packet inspection, searches, filters, graphs, etc. 8 Full visibility into everything going in and out of your network
  • 9. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Key Capabilities WildPackets Attack Analysis 9 Node Activity Profile High Speed Packet Capture Visualization Transaction History Deep Packet Inspection Node-to-node Interaction
  • 11. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Security Investigations with Network Forensics 11  Incident Response Verification  Pre-Zero Day Attack Forensics  Incident Path Tracking  Compliance with Security Regulations  Transaction Verification
  • 12. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Incident Response Verification Applying Attack Intelligence and Deep Packet Inspection (DPI), WildPackets provides unprecedented visibility into network events, enabling security analysts to conduct full Root Cause Analysis (RCA) Attack AnalysisResults: Reduced MTTR for Attacks Reduce Impact of Attacks  Investigate  Confirm  Characterize  Resolve 12
  • 13. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem At approximately 11:20am IDS/IPS reports an nmap decoy attack; a number of phony addresses were used by nmap as source IP’s in addition to the actual attack machine IP Use network forensics to rewind the attack, saving all packets from 5 minutes before to 5 minutes after the report for detailed network analysis
  • 14. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 14Network Forensics – October 2013
  • 15. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Pre-Zero Day Attack Forensics • Unprecedented opportunity to ask: – Has a newly recognized attack previously struck our network? If so, what happened? • Replay recorded network traffic to event detection systems to discover if the new incident had occurred previously and understand who and what was affected. • AKA “Retrospective Security Assurance” 15 IT begins recording network traffic Zero-Day attack strikes Updates to security tools recognize attack Security team replays traffic through attack signature
  • 16. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem The internal security team has identified a previously undetected major security threat; the signature says it uses windows messenger service and has a UDP packet that contains “STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION…” Immediately identify any and all systems on the network that have potentially been affected by the threat, even before the threat was initially detected
  • 17. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Incident Path Tracking Using built-in peer-to-peer analytics, WildPackets’ Incident Path Tracking can trace the sequence of conversations between every device on the network before and after the security event 17 Result: Identify the security attack, in this case “denial of service”, the source of the attack, and all the affected devices
  • 18. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem Hundreds of users of a wireless network in a large auditorium find they cannot maintain a VPN connection, nor can they reliably connect to the Internet; everyone seems to be affected IDS/IPS reports no problems; assess overall network connectivity and look for anomalies
  • 19. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Ensuring Compliance – Leaked Data 19 Result: Evidence of data breaches and details that help track down the particulars of security attacks Filter for patterns like SSNs and keywords
  • 20. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem While reviewing the weekly network performance report clear text protocols were discovered which violate company the security policy Find FTP traffic and identify suspected users; analyze FTP traffic to see if sensitive data was transmitted.
  • 21. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Transaction Review • Verify Transactions – Did they complete successfully? – Did they occur in the way an end user is alleging? 21
  • 22. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Action Problem A customer refutes transactions that appear to be made by them, claiming a stolen credit card Isolate data from this customer; verify IP addresses in use and compare with previous, uncontested transactions
  • 24. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Accelerate Incident Response and Remediation BEFORE Timeline of a Security Investigation without Attack Analysis • Disparate sources • Investigations can take days or weeks AFTER Timeline of a Security Investigation with Attack Analysis • Centralized repository with comprehensive data • Investigations are many times faster 24
  • 25. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Security Best Practices • Best Practice #1: Capture Traffic at Every Location – Just as you wouldn’t leave a building entrance unguarded, don’t leave a network location unmonitored and unanalyzed. • Best Practice #2: Capture Traffic 24/7 – Some attacks strike at odd hours. • Best Practice #3: Configure Captures based on Anomalies – Understand what’s normal (e.g., email coming from your email server), and automatically capture traffic that’s abnormal (e.g., email coming from your FTP server). – Small capture files make it easy to zoom in on what’s wrong. 25
  • 26. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Omnipliance Product Line 26 • Omnipliance TL: NOC or Data Center, 10G/40G, up to 128 TB with OmniStorage • Omnipliance MX: Corporate Campus, 1G/10G, up to 32 TB • Omnipliance CX: Branch Offices, 1G, up to 32 TB
  • 27. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 More Power in a Smaller Footprint – Captures traffic up to 23Gbps of real-world traffic – Scales up to 128 TB of storage – Requires half the rack space and power of competitive solutions Greater Precision – Captures network traffic with no data loss, so you can analyze everything, not just samples or high-level statistics – Accurate metrics – Rich analytics help pinpoint and characterize anomalies – Enterprise-wide solution makes forensic analysis available at every location Better Price/Performance – Superior power and precision at a price significantly lower than other network forensics products. 27 The WildPackets Advantage
  • 28. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 • Omnipliance TL with OmniAdapter 40G has a capture-to-disk rate of 25.33Gbps with no loss in storing the data • Omnipliance TL with OmniAdapter 10G has a capture-to-disk rate of 20.94Gbps with no packet loss • Capture-to-disk rate per 10G port of 10.47Gbps is the highest observed to date in testing of network analysis and recording appliances Faster Capture = More Complete Data 28
  • 29. © 2014 WildPackets, Inc.Security Attack Analysis – May 2014 Summary • We need to stop the “Bad Guys” from winning. – Improve capability to investigate attacks. • Attack Analysis = Packet Capture + Network Forensics – Provides comprehensive evidence of all attack activity within a set period. – Provides an irrefutable record of user, network, and application activity, including transactions. – Enables security teams to characterize and trace attacks. • WildPackets Omnipliances offer unmatched performance and precision for attack analysis. – Complements existing security toolset with performance network recording, storage, and analysis. 29
  • 30. www.wildpackets.com Q&A Learn more: http://security.wildpackets.com sales@wildpackets.com +1 (925) 937-2500 Follow us on SlideShare! Check out today’s slides on SlideShare www.slideshare.net/wildpackets
  • 31. www.wildpackets.com Thank You! WildPackets, Inc. 1340 Treat Boulevard, Suite 500 Walnut Creek, CA 94597 (925) 937-3200