SlideShare una empresa de Scribd logo

Malware Defense-in-Depth 2.0

Descargar como PPTX, PDF
A
Ayed Al Qartah
Tecnología
1 de 16
Malware Defense-in-Depth 2.0A practical  approach to secure your enterprise against viruses,  worms and rootkits Aa’edAlqarta
The Problem Security defenses can’t keep up with latest threats Malware is penetrating the network and infecting computers Antivirus software is not a silver bullet for all threats We are losing the war against malware
What is a Malware? According to NIST, “Malware (NIST, 2005) refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system (OS) or of otherwise annoying or disrupting the victim.” NIST: National Institute of Standards and Technology 4
Types of Malwares Viruses Worms Backdoors Spywares Bots “Botnets” Rootkits Ransomware
Top Malware Targets
Attack Anatomy Attackers discover vulnerabilities and write exploits for them (e.x JS) They infect web sites to attack visitors A visitor browse the site and immediately get infected A virus will be installed in the background and infect the client software Infected computers will attack internal clean machines (Workstations/Servers)
Web URL Filtering Enable AV scanning for malicious files/URLs Block access to malicious categories (Porn/Hacking/Downloads/Video/P2P/Torrent/Blogs/Infected Hosts/IM) Block downloads of executables (exe/dll/com) Inspect SSL traffic for malicious traffic
Application Control (Whitelisting) Allow business approved applications only Office, Accounting, Finance, …etc Protect critical system files from modifications Block any unapproved applications (including malwares) The ability to block zero-day malware if AV is not detecting it Monitoring of all applications usage in the net
Device Control Block the usage of removable drives (Flash / IPod / H.D / Camera) If you should allow Flash drives in the network: ,[object Object]
Disable “Autorun” and block exe/Autorun.inf,[object Object]
FW Best Practices No “Any Any” rules Out-bound SMTP for Exchange servers only HTTP/HTTPS/FTP are a good start for end user Block Infected computers Enabled outbound denied logging
Case Study: Conficker/Downadup Windows Server service vulnerability (MS08-067) W32.Downadup A, B, C, E Propagates through network file shares, flash disks Disables User Accounts in AD Blocks access to security sites and MS updates Stops security tools and softwares “self-protection”
Summary Use a good antivirus which has a high detection rate Patch OS + 3rd party applications Use Application Whitelisting + Device Control Block access to malicious, media, downloads, and blogs Network segmentations Web content filtering policy
Thank You E-mail me: a.qarta@gmail.com http://extremesecurity.blogspot.com

Recomendados

Application'sand security
Application'sand securityApplication'sand security
Application'sand securityarun nalam
 
Anti Virus Software
Anti Virus SoftwareAnti Virus Software
Anti Virus SoftwarePradeepkrajyaguru
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Computer virus
Computer virusComputer virus
Computer virusSeethaDinesh
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Worm
WormWorm
WormS.M. Towhidul Islam
 
What Is An Antivirus Software?
What Is An Antivirus Software?What Is An Antivirus Software?
What Is An Antivirus Software?culltdueet65
 

Recomendados

Application'sand security
Application'sand securityApplication'sand security
Application'sand securityarun nalam
 
Anti Virus Software
Anti Virus SoftwareAnti Virus Software
Anti Virus SoftwarePradeepkrajyaguru
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Computer virus
Computer virusComputer virus
Computer virusSeethaDinesh
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Worm
WormWorm
WormS.M. Towhidul Islam
 
What Is An Antivirus Software?
What Is An Antivirus Software?What Is An Antivirus Software?
What Is An Antivirus Software?culltdueet65
 
Antivirus!!
Antivirus!!Antivirus!!
Antivirus!!amoY91
 
Maranan chap2 lab2
Maranan chap2 lab2Maranan chap2 lab2
Maranan chap2 lab2maranan_zyra
 
Chap 2 lab 2
Chap 2 lab 2Chap 2 lab 2
Chap 2 lab 2Elma Valdehueza
 
Anti virus
Anti virusAnti virus
Anti virusMarlon San Luis
 
Program Threats
Program ThreatsProgram Threats
Program Threatsguestab0ee0
 
Trojan horse nitish nagar
Trojan horse nitish nagarTrojan horse nitish nagar
Trojan horse nitish nagarNitish Nagar
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02hiiraa
 
Ekwik technology
Ekwik technology Ekwik technology
Ekwik technology roman reigns
 
Pahdi yadav antivirus
Pahdi yadav antivirusPahdi yadav antivirus
Pahdi yadav antivirusfernando_bruaj
 
Lab 2
Lab 2Lab 2
Lab 2novelinbabate2
 
Computer virus
Computer virusComputer virus
Computer virusvazhichal12
 
system Security
system Security system Security
system Security Gaurav Mishra
 
R esearch report with footnote
R esearch report with footnoteR esearch report with footnote
R esearch report with footnoteGuevarra Institute of Technology
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwarekhalid umer
 
Anti virus
Anti virusAnti virus
Anti virusMuhammad Sohaib Afzaal
 
Mjtanasas1
Mjtanasas1Mjtanasas1
Mjtanasas1mj tanasas
 
Dungogan chap 2 lab 2
Dungogan chap 2 lab 2Dungogan chap 2 lab 2
Dungogan chap 2 lab 2ricky098
 
Zamayla chap 2 lab 2
Zamayla chap 2 lab 2Zamayla chap 2 lab 2
Zamayla chap 2 lab 2zamayla143
 
Ahmad Pussycat Dolls
Ahmad Pussycat DollsAhmad Pussycat Dolls
Ahmad Pussycat Dollsmastermind07
 
llagas j.
llagas j.llagas j.
llagas j.jenevie_llagas
 
Real Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXReal Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXDilip Jaiswal
 
MR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareMR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareFFRI, Inc.
 

Más contenido relacionado

La actualidad más candente

Antivirus!!
Antivirus!!Antivirus!!
Antivirus!!amoY91
 
Maranan chap2 lab2
Maranan chap2 lab2Maranan chap2 lab2
Maranan chap2 lab2maranan_zyra
 
Trojan horse nitish nagar
Trojan horse nitish nagarTrojan horse nitish nagar
Trojan horse nitish nagarNitish Nagar
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02hiiraa
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwarekhalid umer
 
Dungogan chap 2 lab 2
Dungogan chap 2 lab 2Dungogan chap 2 lab 2
Dungogan chap 2 lab 2ricky098
 
Zamayla chap 2 lab 2
Zamayla chap 2 lab 2Zamayla chap 2 lab 2
Zamayla chap 2 lab 2zamayla143
 
Ahmad Pussycat Dolls
Ahmad Pussycat DollsAhmad Pussycat Dolls
Ahmad Pussycat Dollsmastermind07
 

La actualidad más candente (20)

Antivirus!!
Antivirus!!Antivirus!!
Antivirus!!
 
Maranan chap2 lab2
Maranan chap2 lab2Maranan chap2 lab2
Maranan chap2 lab2
 
Chap 2 lab 2
Chap 2 lab 2Chap 2 lab 2
Chap 2 lab 2
 
Anti virus
Anti virusAnti virus
Anti virus
 
Program Threats
Program ThreatsProgram Threats
Program Threats
 
Trojan horse nitish nagar
Trojan horse nitish nagarTrojan horse nitish nagar
Trojan horse nitish nagar
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02
 
Ekwik technology
Ekwik technology Ekwik technology
Ekwik technology
 
Pahdi yadav antivirus
Pahdi yadav antivirusPahdi yadav antivirus
Pahdi yadav antivirus
 
Lab 2
Lab 2Lab 2
Lab 2
 
Computer virus
Computer virusComputer virus
Computer virus
 
system Security
system Security system Security
system Security
 
R esearch report with footnote
R esearch report with footnoteR esearch report with footnote
R esearch report with footnote
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus software
 
Anti virus
Anti virusAnti virus
Anti virus
 
Mjtanasas1
Mjtanasas1Mjtanasas1
Mjtanasas1
 
Dungogan chap 2 lab 2
Dungogan chap 2 lab 2Dungogan chap 2 lab 2
Dungogan chap 2 lab 2
 
Zamayla chap 2 lab 2
Zamayla chap 2 lab 2Zamayla chap 2 lab 2
Zamayla chap 2 lab 2
 
Ahmad Pussycat Dolls
Ahmad Pussycat DollsAhmad Pussycat Dolls
Ahmad Pussycat Dolls
 
llagas j.
llagas j.llagas j.
llagas j.
 

Destacado

Real Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXReal Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXDilip Jaiswal
 
MR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareMR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareFFRI, Inc.
 
defense_in_depth_version_12
defense_in_depth_version_12defense_in_depth_version_12
defense_in_depth_version_12Alen Schulze
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoNetwork Performance Channel GmbH
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy BeyondTrust
 
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete CheslockBringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete CheslockThreat Stack
 
Dealing with Linux Malware
Dealing with Linux MalwareDealing with Linux Malware
Dealing with Linux MalwareMichael Boelen
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 

Destacado (10)

Real Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXReal Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUX
 
MR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareMR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux Malware
 
defense_in_depth_version_12
defense_in_depth_version_12defense_in_depth_version_12
defense_in_depth_version_12
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
 
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete CheslockBringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
 
Dealing with Linux Malware
Dealing with Linux MalwareDealing with Linux Malware
Dealing with Linux Malware
 
Linux Malware Analysis
Linux Malware Analysis Linux Malware Analysis
Linux Malware Analysis
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 

Similar a Malware Defense-in-Depth 2.0

Battling Malware In The Enterprise
Battling Malware In The EnterpriseBattling Malware In The Enterprise
Battling Malware In The EnterpriseAyed Al Qartah
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Viruses,antiviruses & firewalls
Viruses,antiviruses & firewallsViruses,antiviruses & firewalls
Viruses,antiviruses & firewallsJay Shah
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Security threats explained
Security threats explained Security threats explained
Security threats explained Abhijeet Karve
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part Onebackdoor
 
Antivirus programs
Antivirus programsAntivirus programs
Antivirus programsAnuj Pawar
 
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand..."Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...eLiberatica
 
Computer viruses and antiviruses
Computer viruses and antivirusesComputer viruses and antiviruses
Computer viruses and antivirusesSanguine_Eva
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPTEva Harshita
 
Issues and precautions related to ict
Issues and precautions related to ictIssues and precautions related to ict
Issues and precautions related to ictmakanaya
 
Computer viruses
Computer virusesComputer viruses
Computer virusesMDAZAD53
 
Antivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by IlakiaAntivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by IlakiaILAKIA
 

Similar a Malware Defense-in-Depth 2.0 (20)

Battling Malware In The Enterprise
Battling Malware In The EnterpriseBattling Malware In The Enterprise
Battling Malware In The Enterprise
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Viruses,antiviruses & firewalls
Viruses,antiviruses & firewallsViruses,antiviruses & firewalls
Viruses,antiviruses & firewalls
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Technical Report Writing Presentation
Technical Report Writing PresentationTechnical Report Writing Presentation
Technical Report Writing Presentation
 
Security threats explained
Security threats explained Security threats explained
Security threats explained
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
 
Antivirus programs
Antivirus programsAntivirus programs
Antivirus programs
 
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand..."Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
 
Computer viruses and antiviruses
Computer viruses and antivirusesComputer viruses and antiviruses
Computer viruses and antiviruses
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPT
 
Issues and precautions related to ict
Issues and precautions related to ictIssues and precautions related to ict
Issues and precautions related to ict
 
Firewall
FirewallFirewall
Firewall
 
Mitppt
MitpptMitppt
Mitppt
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
 
Virus and antivirus
Virus and antivirusVirus and antivirus
Virus and antivirus
 
Antivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by IlakiaAntivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by Ilakia
 

Último

unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Último (20)

unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 

Malware Defense-in-Depth 2.0

  • 1. Malware Defense-in-Depth 2.0A practical  approach to secure your enterprise against viruses,  worms and rootkits Aa’edAlqarta
  • 2. The Problem Security defenses can’t keep up with latest threats Malware is penetrating the network and infecting computers Antivirus software is not a silver bullet for all threats We are losing the war against malware
  • 3.
  • 4. What is a Malware? According to NIST, “Malware (NIST, 2005) refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system (OS) or of otherwise annoying or disrupting the victim.” NIST: National Institute of Standards and Technology 4
  • 5. Types of Malwares Viruses Worms Backdoors Spywares Bots “Botnets” Rootkits Ransomware
  • 7. Attack Anatomy Attackers discover vulnerabilities and write exploits for them (e.x JS) They infect web sites to attack visitors A visitor browse the site and immediately get infected A virus will be installed in the background and infect the client software Infected computers will attack internal clean machines (Workstations/Servers)
  • 8. Web URL Filtering Enable AV scanning for malicious files/URLs Block access to malicious categories (Porn/Hacking/Downloads/Video/P2P/Torrent/Blogs/Infected Hosts/IM) Block downloads of executables (exe/dll/com) Inspect SSL traffic for malicious traffic
  • 9. Application Control (Whitelisting) Allow business approved applications only Office, Accounting, Finance, …etc Protect critical system files from modifications Block any unapproved applications (including malwares) The ability to block zero-day malware if AV is not detecting it Monitoring of all applications usage in the net
  • 10.
  • 11.
  • 12. FW Best Practices No “Any Any” rules Out-bound SMTP for Exchange servers only HTTP/HTTPS/FTP are a good start for end user Block Infected computers Enabled outbound denied logging
  • 13. Case Study: Conficker/Downadup Windows Server service vulnerability (MS08-067) W32.Downadup A, B, C, E Propagates through network file shares, flash disks Disables User Accounts in AD Blocks access to security sites and MS updates Stops security tools and softwares “self-protection”
  • 14.
  • 15. Summary Use a good antivirus which has a high detection rate Patch OS + 3rd party applications Use Application Whitelisting + Device Control Block access to malicious, media, downloads, and blogs Network segmentations Web content filtering policy
  • 16. Thank You E-mail me: a.qarta@gmail.com http://extremesecurity.blogspot.com