Enviar búsqueda
Cargar
Enhanced threat intelligene for s ps v3
•
1 recomendación
•
556 vistas
Neil King
Seguir
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 16
Descargar ahora
Descargar para leer sin conexión
Recomendados
Top 20 Public Bug Bounty Programs
Top 20 Public Bug Bounty Programs
HackerOne
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
Blue Coat
CAS MAA Infographic
CAS MAA Infographic
Blue Coat
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
Blue Coat
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
Blue Coat
Meet the hackers powering the world's best bug bounty programs
Meet the hackers powering the world's best bug bounty programs
HackerOne
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101
Blue Coat
Recomendados
Top 20 Public Bug Bounty Programs
Top 20 Public Bug Bounty Programs
HackerOne
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
Blue Coat
CAS MAA Infographic
CAS MAA Infographic
Blue Coat
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
Blue Coat
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
Blue Coat
Meet the hackers powering the world's best bug bounty programs
Meet the hackers powering the world's best bug bounty programs
HackerOne
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101
Blue Coat
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
HackerOne
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDR
Netpluz Asia Pte Ltd
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
Ransomware: A Perilous Malware
Ransomware: A Perilous Malware
HTS Hosting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Force 3
Detect Threats Faster
Detect Threats Faster
Force 3
CeBIT 2015 Presentation
CeBIT 2015 Presentation
Cyren, Inc
Settle the Score
Settle the Score
Bill Creasey
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
ThreatConnect
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
CrowdStrike
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016
NowSecure
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
Inspiring Women
9 Top Bug Bounty Programs
9 Top Bug Bounty Programs
HackerOne
Anatomy of an Attack
Anatomy of an Attack
Cisco Canada
Cisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cisco Security
Fraud management in cloud simulation
Fraud management in cloud simulation
Syniverse
How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)
Scott Sutherland
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?
Skybox Security
Más contenido relacionado
La actualidad más candente
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
HackerOne
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDR
Netpluz Asia Pte Ltd
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
Ransomware: A Perilous Malware
Ransomware: A Perilous Malware
HTS Hosting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Force 3
Detect Threats Faster
Detect Threats Faster
Force 3
CeBIT 2015 Presentation
CeBIT 2015 Presentation
Cyren, Inc
Settle the Score
Settle the Score
Bill Creasey
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
ThreatConnect
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
CrowdStrike
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016
NowSecure
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
Inspiring Women
9 Top Bug Bounty Programs
9 Top Bug Bounty Programs
HackerOne
Anatomy of an Attack
Anatomy of an Attack
Cisco Canada
Cisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cisco Security
Fraud management in cloud simulation
Fraud management in cloud simulation
Syniverse
La actualidad más candente
(20)
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDR
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Ransomware: A Perilous Malware
Ransomware: A Perilous Malware
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Holy Threat Intelligence AMPman! We Need Endpoint Security!
Detect Threats Faster
Detect Threats Faster
CeBIT 2015 Presentation
CeBIT 2015 Presentation
Settle the Score
Settle the Score
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
The Security Industry is Suffering from Fragmentation, What Can Your Organiza...
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016
The Small Business Cyber Security Best Practice Guide
The Small Business Cyber Security Best Practice Guide
9 Top Bug Bounty Programs
9 Top Bug Bounty Programs
Anatomy of an Attack
Anatomy of an Attack
Cisco Web and Email Security Overview
Cisco Web and Email Security Overview
Fraud management in cloud simulation
Fraud management in cloud simulation
Similar a Enhanced threat intelligene for s ps v3
How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)
Scott Sutherland
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?
Skybox Security
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
Skybox Security
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Norm Barber
Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option
Seculert
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
MenloSecurity
Cisco Live Cancun PR Session
Cisco Live Cancun PR Session
Felipe Lamus
Cybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar Associations
NowSecure
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk
WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)
Jeremiah Grossman
Reading the Security Tea Leaves
Reading the Security Tea Leaves
Ed Bellis
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App Security
Cygnet Infotech
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)
IndusfacePvtLtd
2 factor authentication beyond password : enforce advanced security with au...
2 factor authentication beyond password : enforce advanced security with au...
NetwayClub
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
Scalar Decisions
Building an Android Scale Incident Response Process
Building an Android Scale Incident Response Process
Priyanka Aash
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz Asia Pte Ltd
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
IBM Security
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
CA Technologies
Similar a Enhanced threat intelligene for s ps v3
(20)
How to Build and Validate Ransomware Attack Detections (Secure360)
How to Build and Validate Ransomware Attack Detections (Secure360)
Is Your Vulnerability Management Program Keeping Pace With Risks?
Is Your Vulnerability Management Program Keeping Pace With Risks?
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Why Depending On Malware Prevention Alone Is No Longer An Option
Why Depending On Malware Prevention Alone Is No Longer An Option
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
Cisco Live Cancun PR Session
Cisco Live Cancun PR Session
Cybersecurity Fundamentals for Bar Associations
Cybersecurity Fundamentals for Bar Associations
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)
Reading the Security Tea Leaves
Reading the Security Tea Leaves
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App Security
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)
2 factor authentication beyond password : enforce advanced security with au...
2 factor authentication beyond password : enforce advanced security with au...
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
Building an Android Scale Incident Response Process
Building an Android Scale Incident Response Process
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
Último
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vázquez
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
The Digital Insurer
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
SynarionITSolutions
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
Último
(20)
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Enhanced threat intelligene for s ps v3
1.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. ENHANCED THREAT INTELLIGENCE May 14, 2014 Neil King, VP Security Analytics
2.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Threat Intelligence Landscape: Wild West 2
3.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Threat Intelligence Taxonomy 3 Threat Category Botnet, Malware, Phishing, Mobile, Policy-based, Vulnerabilities Threat Entity IP Address, Domain, URL, File, Application Providers Anti-virus, Network Security, Threat Intelligence Specialists, Non-commercial Delivery Blocklists, Reports, News/Blogs
4.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. URL Feed Comparison 4 Amongst VirusTotal URL feeds there is little overlap across threat feeds….
5.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Number of Detections per Threat 5 A majority of threats are detected by 1-2 engines 0 50000 100000 150000 200000 250000 300000 350000 400000 450000 1 2 3 4 5 6 7 8 9 10 11+
6.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Detection Fragmentation – Full Feeds 6 Vendor'1 Vendor'2 Vendor'3 Vendor'4 Vendor'5 Vendor'6 Vendor'7 Vendor'8 Vendor'9 Vendor'10 Vendor'1 100% 1.40% 0.30% 0.13% 16.33% 6.27% 10.83% 7.57% 0.03% 45.50% Vendor'2 0.66% 100% 0% 51.33% 34.89% 40.87% 0.03% 3.50% 1.79% 40.27% Vendor'3 0.00% 0% 100% 0% 0% 0.01% 0% 0.32% 0.03% 0.01% Vendor'4 0.05% 9.89% 0% 100% 0.02% 11.90% 0% 0% 0.07% 0.57% Vendor'5 21.40% 0.74% 0% 0.05% 100% 2.42% 9.35% 7.07% 0.09% 27.07% Vendor'6 0.35% 0.89% 0.06% 1.62% 0.30% 100% 0.19% 1.34% 0.38% 2.31% Vendor'7 4.97% 0.03% 0% 0% 4.97% 0.20% 100% 0.03% 0% 26.60% Vendor'8 0.06% 0.07% 0.27% 0% 0.23% 0.35% 0.00% 100% 0.06% 0.64% Vendor'9 0.26% 1.99% 0.17% 0.26% 0.26% 2.95% 0% 3.38% 100% 2.86% Vendor'10 9.93% 0.99% 0.03% 0.25% 10.11% 4.55% 6.17% 5.40% 0.24% 100%
7.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Context Fragmentation 7 Vendor 1 Vendor 2 Vendor 3 Vendor 4 Vendor 5 Vendor 6 Vendor 7 Vendor 8 Vendor 9 Vendor 10 Domain URL IP Category Risk Score Last Seen Malware Name File Hash Hash Type ASN Country Available Derived Not available
8.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. IP Addresses and URLs are great, but what about Mobile Application Reputation? 8
9.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Some challenges & opportunities for addressing mobile application threats 9 Anti-virus Application + See all traffic - Most subscribers don’t have AV App Store Protection + Centralized protection for specific App Store - Miss app downloads from alternative App Stores Mobile Networks + Opportunity protect downloads from all app stores + Can protect users that don’t have AV
10.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Identify Mobile Application Downloads…. 10 ~ Billion events ~ 15,000 APKs downloads From ~600 unique URLs Risky APKs
11.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. …and Associate APK reputations with URLs 11 We tried downloading some APKs (~36) and scanning them with Norton Security & Antivirus for Android with the following results Available Context • Package Name • Security Score • Threat Category • APK risks (Location, AdLibrary, device information) • Destination of leaked information • Battery impact • Network impact • First Seen (Application, Application Signer) • More 5% 42%53% Malicious Not Malicious Greyware
12.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Symantec Mobile Insight Metrics Norton Mobile Insight 747,109 Signers (Publishers) Majority of Bad Actors Russia China Stores Crawled Continuously 200+
13.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. Threat Intelligence Requirements: 7 Cs 13 Coverage Broad coverage of threats increases likelihood of identifying malicious events Criticality Identify the highest impact threats Confidence Understanding the confidence level helps prioritize threats, and reduce false positives Context Understanding context, can help prioritize threats and accelerate investigations Current Threats change rapidly so intelligence needs to be current Customization Ability for companies to add specific threats and adjust weightings to apply to their specific situation Convenience Simplifying the aggregation, enhancement and application of threat intelligence
14.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. 14 Our Approach to Enhanced Threat Intelligence Threat Intelligence Guavus Customer Threat Summary Enhancement & Normalization Enhanced Threat Feed • Domain • URL • IP Address • Threat Name • APK Enhancement • Threat Category • Risk Score Research / Investigation • Full Description • Trending • Geography • Associated IPs • Associated URLs • Associated Threat Names
15.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. 15 How can Service Providers Utilize ETI? Network Data Analytics Platform Enhanced Threat Intelligence Feed URL Rep IP Rep App Rep Use Cases Threat Detection Threat Prioritization Threat Investigation DPI Netflow Other
16.
Guavus Confidential –
Do Not Distribute © 2013 Guavus, Inc. All rights reserved. 16 Contact: Neil King neil.king@guavus.com www.linkedin.com/pub/neil-king/0/871/3a8/ Thanks for your time
Descargar ahora