Más contenido relacionado La actualidad más candente (20) Similar a Evolución de la Ciber Seguridad (20) Más de Cristian Garcia G. (20) Evolución de la Ciber Seguridad3. EL DÍA a DÍA DE UN OFICIAL DE SEGURIDAD
3 | © 2018 Palo Alto Networks. All Rights Reserved.
RISK
SPEED
4. 4 | © 2018 Palo Alto Networks. All Rights Reserved.
6. 6
6 | © 2015, Palo Alto Networks. Confidential and
Proprietary.
Evolución de las amenazas
DOS viruses
Eg: Brain (1986),
Jerusalem (1987), Morris
(1988) y Michelangelo
(1991)
1986-1995 1995-1999
Distribución por
internet
Propagación a través de
correo electrónico y el
impacto llega a usuarios
en hogares
2000-2005
Malware masivo
(1999-2005)
Eg:
Loveleter (2000),
Anna Kournikova (2001),
MyDoom (2004),
Sony rootkit (2005)
2005-2010
Malware for profit
(2005-2010)
Botnets para injección de
codigo, robar credenciales de
FTP, primeros malware para
controlar maquinaria industrial
Eg:
Stuxnet (2010)
2010+
Targeted Breaches
& APTs
Ciber-crimen
Malware para Macs,
Android e IOT
Ransomware
8. 8 8 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Evolución de la Seguridad
IDS
1985 1994
Stateful
Firewall
2007
NGFW
2004
Sandbox
1987
Anti Virus
Año 2018- qué
sigue?
- Nube pública y
privada
- IoT
- Machine learning
- Automatización
Defence
in
Depth
1991
10. 10 | © 2017, Palo Alto Networks. All Rights Reserved.
3 EVOLUCIONES
11. Al Principio…
11 | © 2015, Palo Alto Networks. Confidential and Proprietary.
IMDLPIPS ProxyURLAV
Internet/WANOrganizational
Network
UTM
12. PALO ALTO NETWORKS SECURITY OPERATING PLATFORM
12 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
EVOLUTION I
NETWORK SECURITY
CLOUD-DELIVERED SECURITY SERVICES
Threat Prevention URL Filtering Malware Analysis
THREAT DATA
13. Wildfire
Bare
Metal
Analysis
Static
Analysis
Dynamic
Analysis
Dynamic
Unpacking
Detect known exploits,
malware, and variants
Find new zero-day
exploits & malware
through execution
Heuristic Engine
Steer evasive malware
to bare metal
Identify VM-aware
threats using hardware
systems
Memory analysis
Machine learning
File anomalies
Malicious patterns
Known malicious code
Custom hypervisor
Behavioral scoring
Multi-version analysis
Full dynamic analysis
Real desktop hardware
No virtual environment
No hypervisor
© 2018, Palo Alto Networks. All Rights Reserved.
14. 14 | © 2018, Palo Alto Networks, Inc. All Rights Reserved.
LO DESCONOCIDO
15. 15 | © 2018, Palo Alto Networks, Inc. All Rights Reserved.
LO CONOCIDO
17. HERRAMIENTAS DESCONECTADAS NO PROVEEN SEGURIDAD DE FORMA
EFECTIVA EN EL PERIMETRO TRADICIONAL
URL/IP
Sandbox
AV
IPS
Forensics
UBA
Threat Intel
HIPS
EDR
Endpoint AV
MFA
Orchestration
17 | © 2018 Palo Alto Networks. All Rights Reserved.
18. NO EXISTE EL PERIMETRO
HERRAMIENTAS ISLADAS SON TOTALMENTE INEFECTIVAS PARA NUESTRA
ERA DIGITAL
URL/IP
Sandbox
Forensics
UBA
Threat Intel
HIPS
EDR
Endpoint AV
MFA
Orchestration
BRANCH MOBILE
SaaS PUBLIC CLOUD
SaaS Security Cloud SecuritySaaS Security Cloud Security
Branch Security Mobile Security
Branch Security Mobile Security
SaaS Security Cloud Security
Branch Security Mobile Security
SaaS Security Cloud Security
Branch Security Mobile Security
Proxy
AV
IPS
18 | © 2018 Palo Alto Networks. All Rights Reserved.
19. PALO ALTO NETWORKS SECURITY OPERATING PLATFORM
19 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
EVOLUTION IEVOLUTION II
NETWORK SECURITY
ADVANCED ENDPOINT
PROTECTION
CLOUD SECURITY
CLOUD-DELIVERED SECURITY SERVICES
Threat Prevention URL Filtering Malware Analysis
THREAT DATA
20. 20 | © 2018, Palo Alto Networks. All Rights Reserved.
21. LA ANATOMIA DE UN ATAQUE EXITOSO
Connectivity
rate change
Vulnerability
Exploit
Malware
Installation
Command
and Control
Lateral
Movement
Data
Exfiltration
Repeated access
to an unusual site
Unusually
large upload
• Ocurre en segundos o minutos
• Involucra un numero menor de acciones en la red
• Puede ser identificado por IoCs
• Ocurre durante días, semanas o meses
• Involucra un gran numero de acciones en la red
• Dificilmente identificado por IoCs
22. 23 | © 2018, Palo Alto Networks, Inc. All Rights Reserved.
INTELIGENCIA ARTIFICIAL
23. EVOLUTION II
EVOLUTION III
PALO ALTO NETWORKS APPS 3rd PARTY PARTNER APPS CUSTOMER APPS
CLOUD-DELIVERED SECURITY SERVICES
Threat Prevention URL Filtering Malware Analysis
24 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
APPLICATION FRAMEWORK & LOGGING SERVICE
NETWORK SECURITY
ADVANCED ENDPOINT
PROTECTION
CLOUD SECURITY
24. STOP ADVANCED THREATS WITH MAGNIFIER
NETWORK
MAGNIFIER
Behavioral Analytics
ENDPOINT CLOUD
25 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
MACHINE LEARNING
• Automatically detect
attacks using rich data
• Accelerate investigations
with endpoint analysis
• Achieve scalability and
agility as a cloud-delivered
application
THREAT DATA & LOGS
25. JOIN THE GROWING ECOSYSTEM
26 | © 2018, Palo Alto Networks. All Rights Reserved.
26. GRACIAS
Fernando Gamero, Sales Engineer, Perú y Ecuador
fgamero@paloaltonetworks.com
Kenneth Tovar, Regional Sales Manager, Perú y Ecuador
ktovar@paloaltonetworks.com