SlideShare una empresa de Scribd logo

Malware Defense-in-Depth 2.0

Descargar como PPTX, PDF
A
Ayed Al Qartah
Tecnología
1 de 16
Malware Defense-in-Depth 2.0A practical  approach to secure your enterprise against viruses,  worms and rootkits Aa’edAlqarta
The Problem Security defenses can’t keep up with latest threats Malware is penetrating the network and infecting computers Antivirus software is not a silver bullet for all threats We are losing the war against malware
What is a Malware? According to NIST, “Malware (NIST, 2005) refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system (OS) or of otherwise annoying or disrupting the victim.” NIST: National Institute of Standards and Technology 4
Types of Malwares Viruses Worms Backdoors Spywares Bots “Botnets” Rootkits Ransomware
Top Malware Targets
Attack Anatomy Attackers discover vulnerabilities and write exploits for them (e.x JS) They infect web sites to attack visitors A visitor browse the site and immediately get infected A virus will be installed in the background and infect the client software Infected computers will attack internal clean machines (Workstations/Servers)
Web URL Filtering Enable AV scanning for malicious files/URLs Block access to malicious categories (Porn/Hacking/Downloads/Video/P2P/Torrent/Blogs/Infected Hosts/IM) Block downloads of executables (exe/dll/com) Inspect SSL traffic for malicious traffic
Application Control (Whitelisting) Allow business approved applications only Office, Accounting, Finance, …etc Protect critical system files from modifications Block any unapproved applications (including malwares) The ability to block zero-day malware if AV is not detecting it Monitoring of all applications usage in the net
Device Control Block the usage of removable drives (Flash / IPod / H.D / Camera) If you should allow Flash drives in the network: ,[object Object]
Disable “Autorun” and block exe/Autorun.inf,[object Object]
FW Best Practices No “Any Any” rules Out-bound SMTP for Exchange servers only HTTP/HTTPS/FTP are a good start for end user Block Infected computers Enabled outbound denied logging
Case Study: Conficker/Downadup Windows Server service vulnerability (MS08-067) W32.Downadup A, B, C, E Propagates through network file shares, flash disks Disables User Accounts in AD Blocks access to security sites and MS updates Stops security tools and softwares “self-protection”
Summary Use a good antivirus which has a high detection rate Patch OS + 3rd party applications Use Application Whitelisting + Device Control Block access to malicious, media, downloads, and blogs Network segmentations Web content filtering policy
Thank You E-mail me: a.qarta@gmail.com http://extremesecurity.blogspot.com

Recomendados

Application'sand security
Application'sand securityApplication'sand security
Application'sand securityarun nalam
 
Anti Virus Software
Anti Virus SoftwareAnti Virus Software
Anti Virus SoftwarePradeepkrajyaguru
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Computer virus
Computer virusComputer virus
Computer virusSeethaDinesh
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Worm
WormWorm
WormS.M. Towhidul Islam
 
What Is An Antivirus Software?
What Is An Antivirus Software?What Is An Antivirus Software?
What Is An Antivirus Software?culltdueet65
 

Recomendados

Application'sand security
Application'sand securityApplication'sand security
Application'sand securityarun nalam
 
Anti Virus Software
Anti Virus SoftwareAnti Virus Software
Anti Virus SoftwarePradeepkrajyaguru
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Computer virus
Computer virusComputer virus
Computer virusSeethaDinesh
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwareShreya Singireddy
 
Worm
WormWorm
WormS.M. Towhidul Islam
 
What Is An Antivirus Software?
What Is An Antivirus Software?What Is An Antivirus Software?
What Is An Antivirus Software?culltdueet65
 
Antivirus!!
Antivirus!!Antivirus!!
Antivirus!!amoY91
 
Maranan chap2 lab2
Maranan chap2 lab2Maranan chap2 lab2
Maranan chap2 lab2maranan_zyra
 
Chap 2 lab 2
Chap 2 lab 2Chap 2 lab 2
Chap 2 lab 2Elma Valdehueza
 
Anti virus
Anti virusAnti virus
Anti virusMarlon San Luis
 
Program Threats
Program ThreatsProgram Threats
Program Threatsguestab0ee0
 
Trojan horse nitish nagar
Trojan horse nitish nagarTrojan horse nitish nagar
Trojan horse nitish nagarNitish Nagar
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02hiiraa
 
Ekwik technology
Ekwik technology Ekwik technology
Ekwik technology roman reigns
 
Pahdi yadav antivirus
Pahdi yadav antivirusPahdi yadav antivirus
Pahdi yadav antivirusfernando_bruaj
 
Lab 2
Lab 2Lab 2
Lab 2novelinbabate2
 
Computer virus
Computer virusComputer virus
Computer virusvazhichal12
 
system Security
system Security system Security
system Security Gaurav Mishra
 
R esearch report with footnote
R esearch report with footnoteR esearch report with footnote
R esearch report with footnoteGuevarra Institute of Technology
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwarekhalid umer
 
Anti virus
Anti virusAnti virus
Anti virusMuhammad Sohaib Afzaal
 
Mjtanasas1
Mjtanasas1Mjtanasas1
Mjtanasas1mj tanasas
 
Dungogan chap 2 lab 2
Dungogan chap 2 lab 2Dungogan chap 2 lab 2
Dungogan chap 2 lab 2ricky098
 
Zamayla chap 2 lab 2
Zamayla chap 2 lab 2Zamayla chap 2 lab 2
Zamayla chap 2 lab 2zamayla143
 
Ahmad Pussycat Dolls
Ahmad Pussycat DollsAhmad Pussycat Dolls
Ahmad Pussycat Dollsmastermind07
 
llagas j.
llagas j.llagas j.
llagas j.jenevie_llagas
 
Real Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXReal Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXDilip Jaiswal
 
MR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareMR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareFFRI, Inc.
 

Más contenido relacionado

La actualidad más candente

Antivirus!!
Antivirus!!Antivirus!!
Antivirus!!amoY91
 
Maranan chap2 lab2
Maranan chap2 lab2Maranan chap2 lab2
Maranan chap2 lab2maranan_zyra
 
Trojan horse nitish nagar
Trojan horse nitish nagarTrojan horse nitish nagar
Trojan horse nitish nagarNitish Nagar
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02hiiraa
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus softwarekhalid umer
 
Dungogan chap 2 lab 2
Dungogan chap 2 lab 2Dungogan chap 2 lab 2
Dungogan chap 2 lab 2ricky098
 
Zamayla chap 2 lab 2
Zamayla chap 2 lab 2Zamayla chap 2 lab 2
Zamayla chap 2 lab 2zamayla143
 
Ahmad Pussycat Dolls
Ahmad Pussycat DollsAhmad Pussycat Dolls
Ahmad Pussycat Dollsmastermind07
 

La actualidad más candente (20)

Antivirus!!
Antivirus!!Antivirus!!
Antivirus!!
 
Maranan chap2 lab2
Maranan chap2 lab2Maranan chap2 lab2
Maranan chap2 lab2
 
Chap 2 lab 2
Chap 2 lab 2Chap 2 lab 2
Chap 2 lab 2
 
Anti virus
Anti virusAnti virus
Anti virus
 
Program Threats
Program ThreatsProgram Threats
Program Threats
 
Trojan horse nitish nagar
Trojan horse nitish nagarTrojan horse nitish nagar
Trojan horse nitish nagar
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02
 
Ekwik technology
Ekwik technology Ekwik technology
Ekwik technology
 
Pahdi yadav antivirus
Pahdi yadav antivirusPahdi yadav antivirus
Pahdi yadav antivirus
 
Lab 2
Lab 2Lab 2
Lab 2
 
Computer virus
Computer virusComputer virus
Computer virus
 
system Security
system Security system Security
system Security
 
R esearch report with footnote
R esearch report with footnoteR esearch report with footnote
R esearch report with footnote
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus software
 
Anti virus
Anti virusAnti virus
Anti virus
 
Mjtanasas1
Mjtanasas1Mjtanasas1
Mjtanasas1
 
Dungogan chap 2 lab 2
Dungogan chap 2 lab 2Dungogan chap 2 lab 2
Dungogan chap 2 lab 2
 
Zamayla chap 2 lab 2
Zamayla chap 2 lab 2Zamayla chap 2 lab 2
Zamayla chap 2 lab 2
 
Ahmad Pussycat Dolls
Ahmad Pussycat DollsAhmad Pussycat Dolls
Ahmad Pussycat Dolls
 
llagas j.
llagas j.llagas j.
llagas j.
 

Destacado

Real Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXReal Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXDilip Jaiswal
 
MR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareMR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareFFRI, Inc.
 
defense_in_depth_version_12
defense_in_depth_version_12defense_in_depth_version_12
defense_in_depth_version_12Alen Schulze
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoNetwork Performance Channel GmbH
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy BeyondTrust
 
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete CheslockBringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete CheslockThreat Stack
 
Dealing with Linux Malware
Dealing with Linux MalwareDealing with Linux Malware
Dealing with Linux MalwareMichael Boelen
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 

Destacado (10)

Real Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUXReal Time Malware Defense System in LINUX
Real Time Malware Defense System in LINUX
 
MR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux MalwareMR201501 Latest trends in Linux Malware
MR201501 Latest trends in Linux Malware
 
defense_in_depth_version_12
defense_in_depth_version_12defense_in_depth_version_12
defense_in_depth_version_12
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
 
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete CheslockBringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock
 
Dealing with Linux Malware
Dealing with Linux MalwareDealing with Linux Malware
Dealing with Linux Malware
 
Linux Malware Analysis
Linux Malware Analysis Linux Malware Analysis
Linux Malware Analysis
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 

Similar a Malware Defense-in-Depth 2.0

Battling Malware In The Enterprise
Battling Malware In The EnterpriseBattling Malware In The Enterprise
Battling Malware In The EnterpriseAyed Al Qartah
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Viruses,antiviruses & firewalls
Viruses,antiviruses & firewallsViruses,antiviruses & firewalls
Viruses,antiviruses & firewallsJay Shah
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Security threats explained
Security threats explained Security threats explained
Security threats explained Abhijeet Karve
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part Onebackdoor
 
Antivirus programs
Antivirus programsAntivirus programs
Antivirus programsAnuj Pawar
 
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand..."Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...eLiberatica
 
Computer viruses and antiviruses
Computer viruses and antivirusesComputer viruses and antiviruses
Computer viruses and antivirusesSanguine_Eva
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPTEva Harshita
 
Issues and precautions related to ict
Issues and precautions related to ictIssues and precautions related to ict
Issues and precautions related to ictmakanaya
 
Computer viruses
Computer virusesComputer viruses
Computer virusesMDAZAD53
 
Antivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by IlakiaAntivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by IlakiaILAKIA
 

Similar a Malware Defense-in-Depth 2.0 (20)

Battling Malware In The Enterprise
Battling Malware In The EnterpriseBattling Malware In The Enterprise
Battling Malware In The Enterprise
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Viruses,antiviruses & firewalls
Viruses,antiviruses & firewallsViruses,antiviruses & firewalls
Viruses,antiviruses & firewalls
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Technical Report Writing Presentation
Technical Report Writing PresentationTechnical Report Writing Presentation
Technical Report Writing Presentation
 
Security threats explained
Security threats explained Security threats explained
Security threats explained
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
 
Antivirus programs
Antivirus programsAntivirus programs
Antivirus programs
 
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand..."Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
"Viruses Exploits Rootkits the Dilemma of a Linux Product Manager" by Alexand...
 
Computer viruses and antiviruses
Computer viruses and antivirusesComputer viruses and antiviruses
Computer viruses and antiviruses
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPT
 
Issues and precautions related to ict
Issues and precautions related to ictIssues and precautions related to ict
Issues and precautions related to ict
 
Firewall
FirewallFirewall
Firewall
 
Mitppt
MitpptMitppt
Mitppt
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
 
Virus and antivirus
Virus and antivirusVirus and antivirus
Virus and antivirus
 
Antivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by IlakiaAntivirus programs and Security Teams in E-Commerce by Ilakia
Antivirus programs and Security Teams in E-Commerce by Ilakia
 

Último

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Último (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Malware Defense-in-Depth 2.0

  • 1. Malware Defense-in-Depth 2.0A practical  approach to secure your enterprise against viruses,  worms and rootkits Aa’edAlqarta
  • 2. The Problem Security defenses can’t keep up with latest threats Malware is penetrating the network and infecting computers Antivirus software is not a silver bullet for all threats We are losing the war against malware
  • 3.
  • 4. What is a Malware? According to NIST, “Malware (NIST, 2005) refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system (OS) or of otherwise annoying or disrupting the victim.” NIST: National Institute of Standards and Technology 4
  • 5. Types of Malwares Viruses Worms Backdoors Spywares Bots “Botnets” Rootkits Ransomware
  • 7. Attack Anatomy Attackers discover vulnerabilities and write exploits for them (e.x JS) They infect web sites to attack visitors A visitor browse the site and immediately get infected A virus will be installed in the background and infect the client software Infected computers will attack internal clean machines (Workstations/Servers)
  • 8. Web URL Filtering Enable AV scanning for malicious files/URLs Block access to malicious categories (Porn/Hacking/Downloads/Video/P2P/Torrent/Blogs/Infected Hosts/IM) Block downloads of executables (exe/dll/com) Inspect SSL traffic for malicious traffic
  • 9. Application Control (Whitelisting) Allow business approved applications only Office, Accounting, Finance, …etc Protect critical system files from modifications Block any unapproved applications (including malwares) The ability to block zero-day malware if AV is not detecting it Monitoring of all applications usage in the net
  • 10.
  • 11.
  • 12. FW Best Practices No “Any Any” rules Out-bound SMTP for Exchange servers only HTTP/HTTPS/FTP are a good start for end user Block Infected computers Enabled outbound denied logging
  • 13. Case Study: Conficker/Downadup Windows Server service vulnerability (MS08-067) W32.Downadup A, B, C, E Propagates through network file shares, flash disks Disables User Accounts in AD Blocks access to security sites and MS updates Stops security tools and softwares “self-protection”
  • 14.
  • 15. Summary Use a good antivirus which has a high detection rate Patch OS + 3rd party applications Use Application Whitelisting + Device Control Block access to malicious, media, downloads, and blogs Network segmentations Web content filtering policy
  • 16. Thank You E-mail me: a.qarta@gmail.com http://extremesecurity.blogspot.com