Scalar Security Roadshow - Vancouver Presentation

2. Purpose of today’s session: Provide insights on how Scalar and our partners address today’s complex security challenges © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 2

3. Gartner report highlights 3 • Security spend as % of IT budgets increased • Strong correlation between Security budget and maturity • Emphasis on network, applications and endpoint • Insufficient investment in people and process © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. September 25, 2014

11. Top tier technical talent. • Engineers average 15 years of experience • World-class experts from some of the leading organizations in the industry • Dedicated teams: PMO, finance, sales and operations • Canadian Authorized Training Centres • We employ and retain top talent © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 11

12. Top awards. • Brocade Partner of the Year ~ Innovation • Cisco Partner of the Year ~ Data Centre & Virtualization • NetApp Partner of the Year ~ Central Canada • VMware Global Emerging Products Partner of the Year • F5 VAR Partner of the Year ~ North America • Palo Alto Networks Rookie of the Year © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 12

17. FirePOWER Rob Bleeker Security Consulting Systems Engineer CCIE# 29033, [CCN|I|D|P], SFCE, CEH SECURITY

18. SECURITY Agenda: • New Security Model and Global Intelligence • The POWER in FirePOWER • FirePOWER Appliance • ASA with FirePOWER Services © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18

19. The New Security Model BEFORE Discover Enforce Harden AFTER Scope Contain Remediate Attack Continuum DURING Detect Block Defend Network Endpoint Mobile Virtual Cloud Point in Time Continuous © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19

20. Cyber Attack Chain Recon Weaponization Deliver Exploit Install CnC Actions BEFORE Discover Enforce Harden AFTER Scope Contain Remediate During Detect Block Prevent NGIPS Web Security Email Security Visibility and Context Firewall NGFW VPN UTM NAC + Identity Services Advanced Malware Protection Network Behavior Analysis © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20

21. CiscoSecurity Intelligence Operation (SIO) More Than $100 24 Hours Daily More Than 40 Million OPERATIONS SPENT IN DYNAMIC RESEARCH AND DEVELOPMENT 0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 Cisco1100001110001110 ® SIO 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 11000 111010011101 0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 11000 111010011101 Email Devices WWW Web LANGUAGES IPS Networks Endpoints More Than 80 PH.D, CCIE, CISSP, MSCE Cloud IPS AnyConnect® ESA ASA WWW WSA Information More Than 800 ENGINEERS, TECHNICIANS, AND RESEARCHERS Actions Visibility Control 1.6 Million GLOBAL SENSORS 100 TB DATA RECEIVED PER DAY 40% WORLDWIDE EMAIL TRAFFIC 13 Billion WEB REQUESTS More Than 150 Million DEPLOYED ENDPOINTS 3 to 5 MINUTE UPDATES More Than 200 PARAMETERS TRACKED More Than 5500 IPS SIGNATURES PRODUCED More Than 70 PUBLICATIONS PRODUCED More Than 8 Million RULES PER DAY © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21

22. Collective Security Intelligence Malware Protection IPS Rules Reputation Feeds Vulnerability Database Updates Sourcefire AEGIS™ Program Private and Public Threat Feeds Sandnets Sourcefire VRT® (Vulnerability Research Team) Sandboxing Machine Learning Infrastructure FireAMP™ Community Honeypots File Samples Big Data (>380,000 per Day) Advanced Microsoft and Industry Disclosures SPARK Program Snort and ClamAV Open Source Communities © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22

24. About Sourcefire Mission: To be the leading provider of intelligent cybersecurity solutions for the enterprise. • Founded in 2001 by Snort Creator, Martin Roesch, CTO • Headquarters: Columbia, MD • Focus on enterprise and government customers • Global Security Alliance ecosystem • NASDAQ: FIRE Leading in NSS for NGFW, NGIPS, BDS (Advanced Malware Protection) © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24

25. Integrated Threat Defense Across the Attack Continuum BEFORE Control Enforce Harden Attack Continuum DURING AFTER Detect Block Defend Scope Contain Remediate Firewall / VPN Granular App Control Modern Threat Control Advanced Malware Protection Retrospective Security IoCs / Incident Response NGIPS Security Intelligence Web Security Visibility and Automation © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25

26. FireSIGHT™ Management Center: Full Stack Visibility CATEGORIES EXAMPLES FirePOWER Services TYPICAL IPS TYPICAL NGFW Threats Attacks, Anomalies ✔ ✔ ✔ Users AD, LDAP, POP3 ✔ ✗ ✔ Web Applications Facebook Chat, Ebay ✔ ✗ ✔ Application Protocols HTTP, SMTP, SSH ✔ ✗ ✔ File Transfers PDF, Office, EXE, JAR ✔ ✗ ✔ Malware Conficker, Flame ✔ ✗ ✗ Command & Control Servers C&C Security Intelligence ✔ ✗ ✗ Client Applications Firefox, IE6, BitTorrent ✔ ✗ ✗ Network Servers Apache 2.3.1, IIS4 ✔ ✗ ✗ Operating Systems Windows, Linux ✔ ✗ ✗ Routers & Switches Cisco, Nortel, Wireless ✔ ✗ ✗ Mobile Devices iPhone, Android, Jail ✔ ✗ ✗ Printers HP, Xerox, Canon ✔ ✗ ✗ VoIP Phones Cisco phones ✔ ✗ ✗ Virtual Machines VMware, Xen, RHEV ✔ ✗ ✗ Contextual Information Superiority Awareness © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26

27. Impact Assessment IMPACT Correlates all intrusion events to an impact of the attack against the target FLAG ADMINISTRATOR ACTION WHY Act Immediately, Vulnerable Event corresponds to vulnerability mapped to host Investigate, Potentially Vulnerable Relevant port open or protocol in use, but no vuln mapped Good to Know, Currently Not Vulnerable Relevant port not open or protocol not in use Good to Know, Unknown Target Monitored network, but unknown host Good to Know, Unknown Network Unmonitored network © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27

31. Indications of Compromise (IoCs) IPS Events Malware Backdoors CnC Connections Exploit Kits Admin Privilege Escalations Web App Attacks SI Events Connections to Known CnC IPs Malware Events Malware Detections Malware Executions Office/PDF/Java Compromises Dropper Infections © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31

32. FirePOWER Services: Application Control • Control access for applications, users and devices • “Employees may view Facebook, but only Marketing may post to it” • “No one may use peer-to-peer file sharing apps” Over 3,000 apps, devices, and more! © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32

33. …Yet Another Open Source Success Story • OpenAppID • Open source application detection and control Application-focused detection language tied to Snort engine Enhances coverage and efficacy and accelerates development of application detectors Empowers the community to share detectors for greater protection Already over 1300 OpenAppID Detectors Ties into a Snort Pre-processor for maximum performance and integration Detection of applications on the network Reporting on the usage statistics of apps (traffic) Blocking of applications by policy Extensions to the Snort rule language to enable application specification Reporting of an “App Name” along with Security events (e.g. IPS/AMP) © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33

35. FirePOWER Services: Advanced Malware Malware Alert! Available In Defense Center 1) File Capture Collective Security Intelligence Sandbox 3) Send to Sandbox 2) File Storage 4) Execution Report Network Traffic © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35

36. Reduced Cost and Complexity • Multilayered protection in a single device • Highly scalable for branch, internet edge, and data centers • Automates security tasks oImpact assessment oPolicy tuning oUser identification • Integrate transparently with third-party security solutions through eStreamer API © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36

38. Setting the New Standard for Advanced Threat Protection Sourcefire FirePOWER™ • Industry-best Intrusion Prevention • Real-time Contextual Awareness • Full Stack Visibility • Intelligent Security Automation with FireSIGHT™ • Unparalleled Performance and Scalability • Easily add Application Control, URL Filtering and Advanced Malware Protection with optional subscription licenses © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38

39. Platforms and Places in the Network IPS Performance and Scalability FirePOWER 7100 Series 500 Mbps – 1 Gbps FirePOWER 7120/7125/8120 1 Gbps - 2 Gbps FirePOWER 8100/8200 2 Gbps - 10 Gbps FirePOWER 8200 Series 10 Gbps – 40 Gbps FirePOWER 7000 Series 50 Mbps – 250 Mbps FirePOWER 8300 Series 15 Gbps – 60 Gbps SOHO Branch Office Internet Edge Campus Data Center © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39

40. FirePOWER Feature Summary NGIPS • IPS Detection and Prevention • Security Updates • Reports, Alerts, and Dashboards • Centralized Policy Management • Custom IPS Rule Creation • Automated Impact Assessment • Automated Tuning • FireSIGHT Network & User Intelligence • IT Policy Compliance Whitelists • File Type Determination • Network Behavior Analysis You can ADD additional license • Application Control • User and User Group Control • Stateful Firewall Inspection Switching and Routing • Network Address Translation • URL Filtering • File Blocking • Advanced Malware Protection Virtual Appliances for VMWare and XEN

42. FirePOWER Services for ASA: Components FirePOWER Services Blade ASA 5585-X • Models: ASA 5585-X-10, ASA 5585-X- 20, ASA 5585-X-40, ASA 5585-X-60 • New FirePOWER Services Hardware Module Required • Licenses and Subscriptions • Models: ASA 5512-X, 5515-X, 5525-X, 5545-X, and 5555-X • SSD Drive Required • FirePOWER Services Software Module • Licenses and Subscriptions © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42

43. Superior Multilayered Protection • World’s most widely deployed, enterprise-class ASA stateful firewall • Granular Application Visibility and Control (AVC) • Industry-leading FirePOWER Next-Generation IPS (NGIPS) • Reputation- and category-based URL filtering • Advanced malware protection Cisco Collective Security Intelligence Enabled FireSIGHT Analytics & Automation CISCO ASA WWW URL Filtering (subscription) Identity-Policy Control & VPN Advanced Malware Protection (subscription) Intrusion Prevention (subscription) Application Visibility &Control Clustering & High Availability Network Firewall Routing | Switching Built-in Network Profiling © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43

44. ASA and FirePOWER Features • IPS Detection and Prevention • Security Updates • Reports, Alerts, and Dashboards • Centralized Policy Management • Custom IPS Rule Creation • Automated Impact Assessment • Automated Tuning • FireSIGHT Network & User Intelligence • IT Policy Compliance Whitelists • File Type Determination • Network Behavior Analysis • Application Control • User and User Group Control • Stateful Firewall Inspection Switching and Routing • Network Address Translation • URL Filtering • File Blocking • Advanced Malware Protection • Identity-Based Firewall for enhanced user ID awareness. • Highly Secure remote access (IPSEC and SSL) • Proactive, near-real-time protection against Internet threats • Integrates with other essential network security tech • Supports Cisco TrustSec security group tags (SGTs) and • Extensive stateful inspection engine, • Site-to-site VPN, NAT, IPv6, • Dynamic Routing (including BGP) • HA, Clustering • Protection from botnets • Delivers high availability for high-resiliency application • Change of Authorization (CoA) © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44

45. Q & A

46. The Perimeter is Dead, Long Live the Perimeter Buu Lam Field Systems Engineer

47. What is The Perimeter?

48. pe·rim·e·ter 1.the continuous line forming the boundary of a closed geometric figure. "the perimeter of a rectangle" synonyms: circumference, outside, outer edge "the perimeter of a circle" the outermost parts or boundary of an area or object. "the perimeter of the garden" synonyms: boundary, border, limits, bounds, confines, edge, margin, fringe(s), periphery, borderline, verge; More a defended boundary of a military position or base. In Networking we call it…DMZ

49. Defense in Depth?

50. Defense in depth The principle of defense-in-depth is that layered security mechanisms increase security of the system as a whole. If an attack causes one security mechanism to fail, other mechanisms may still provide the necessary security to protect the system……Implementing a defense-in-depth strategy can add to the complexity of an application, which runs counter to the “simplicity” principle often practiced in security. That is, one could argue that adding new protection functionality adds additional complexity that might bring new risks with it. https://www.owasp.org/index.php/Defense_in_depth

51. What’s a Perimeter without a

52. Perimeter Security Technologies A long time ago… and then… present day… and now with F5! Firewalls started out as proxies Stateless filters accelerated firewalls, but weakened security Stateful firewalls added security with deep inspection, but still fall short of proxies F5 brings full proxy back to firewalls: highest security matched by a high-scale and high-performance architecture F5 Agility 2014 52

53. Protecting against Threats is challenging Webification of apps Device proliferation 71% of internet experts predict most people will do work via web or mobile by 2020. 95%of workers use at least one personal device for work. 130 millionenterprises will use mobile apps by 2014 Evolving security threats Shifting perimeter 58%of all e-theft tied to activist groups. 81%of breaches involved hacking 80%of new apps will target the cloud. 72%IT leaders have or will move applications to the cloud. F5 Agility 2014 53

54. Evolving Security Threat Landscape F5 Agility 2014 54

55. More sophisticated attacks are multi-layer Application SSL DNS Network F5 Agility 2014 55

56. Its all about the Application.

57. BIG-IP Application Security Manager BIG-IP ® ASM™ protects the applications your business relies on most and scales to meet changing demands. Multiple deployment options Visibility and analysis Comprehensive protections • Standalone or ADC add-on • Appliance or Virtual edition • Manual or automatic policy building • 3rd party DAST integration • Visibility and analysis • High speed customizable syslog • Granular attack details • Expert attack tracking and profiling • Policy & compliance reporting • Integrates with SIEM software • Full HTTP/S request logging • Granular rules on every HTTP element • Client side parameter manipulation protection • Response checks for error & data leakage • AV integrations F5 Agility 2014 57

58. Comprehensive Protections BIG-IP ASM extends protection to more than application vulnerabilities L7 DDOS Web Scraping Web bot identification XML filtering, validation & mitigation XML Firewall Geolocation blocking ICAP anti-virus Integration ASM F5 Agility 2014 58

59. Network Threats Application Threats 90% of security investment focused here Yet 75% of attacks are focused here Attack Vectors TCP SYN Flood TCP Conn Flood DNS Flood HTTP GET Flood Attack Vectors HTTP Slow Loris DNS Cache Poison SQL Injection Cross Site Scripting F5 Agility 2014 59

60. Unique full-proxy architecture WAF WAF Slowloris atXtaScSk iRule leakage iRule iRule HTTP SSL TCP HTTP SSL TCP iRule iRule iRule SSL renegotiation SYN flood ICMP flood Data Network Firewall F5 Agility 2014 60

61. Who are you? AAA

62. Who’s Requesting Access? Employees Partner Customer Administrator Manage access based on identity IT challenged to: • Control access based on user-type and role • Unify access to all applications (mobile, VDI, Web, client-server, SaaS) • Provide fast authentication and SSO • Audit and report access and application metrics F5 Agility 2014 62

63. Security at the Critical Point in the Network Physical Virtual Cloud Storage Total Application Delivery Networking Services Clients Remote access SSL VPN APP firewall F5 Agility 2014 63

64. BIG-IP APM Use Cases Secure Web Gateway Accelerated Remote Access Internet Apps Enterprise Data & Apps Federation Cloud, SaaS, and Partner Apps Internet App Access Management BIG-IP APM OAM VDI Exchange Sharepoint F5 Agility 2014 64

65. Which Threat mitigation to use? Content Delivery Network Carrier Service Provider Cloud-based DDoS Service Cloud/Hosted Service Network firewall with SSL inspection Web Application Firewall On-premise DDoS solution Intrusion Detection/Prevention On-Premise Defense F5 Agility 2014 65

66. All of the above

67. Full Proxy Security Client / Server Web application Application Session Network Physical Application health monitoring and performance anomaly detection HTTP proxy, HTTP DDoS and application security SSL inspection and SSL DDoS mitigation L4 Firewall: Full stateful policy enforcement and TCP DDoS mitigation Client / Server Web application Application Session Network Physical F5 Agility 2014 67

68. F5 Provides Complete Visibility and Control Across Applications and Users DNS Web Access Intelligent Services Platform Users Securing access to applications from anywhere Resources Protecting your applications regardless of where they live Dynamic Threat Defense DDoS Protection Protocol Security Network Firewall TMOS F5 Agility 2014 68

69. PROTECTING THE DATA CENTER Use case Load Balancer Firewall/VPN • Consolidation of firewall, app security, traffic management Network DDoS DNS Security Balancer & SSL • Protection for data centers and application servers Application DDoS Web Application Firewall Load • High scale for the most common inbound protocols Before f5 with f5 Web Access Management F5 Agility 2014 69

70. F5 Bringing deep application fluency to Perimeter security One platform SSL inspection Traffic management DNS security Access control Application security Network firewall EAL2+ EAL4+ (in process) DDoS mitigation F5 Agility 2014 70

71. How do I implement perimeter Security with F5?

72. Reference Architectures DDoS Protection S/Gi Network Simplificatio n Security for Service Providers Application Services LTE Roaming Migration to Cloud DevOps Secure Mobility DNS Cloud Federation Cloud Bursting F5 Agility 2014 72

73. Application (7) Presentation (6) Increasing difficulty of attack detection DDoS MITIGATION Physical (1) Data Link (2) Network (3) Transport (4) Session (5) Network attacks Session attacks Application attacks OWASP Top 10 (SQL Injection, XSS, CSRF, etc.), Slowloris, Slow Post, HashDos, GET Floods SYN Flood, Connection Flood, UDP Flood, Push and ACK Floods, Teardrop, ICMP Floods, Ping Floods and Smurf Attacks BIG-IP ASM Positive and negative policy reinforcement, iRules, full proxy for HTTP, server performance anomaly detection DNS UDP Floods, DNS Query Floods, DNS NXDOMAIN Floods, SSL Floods, SSL Renegotiation BIG-IP LTM and GTM High-scale performance, DNS Express, SSL termination, iRules, SSL renegotiation validation BIG-IP AFM SynCheck, default-deny posture, high-capacity connection table, full-proxy traffic visibility, rate-limiting, strict TCP forwarding. Packet Velocity Accelerator (PVA) is a purpose-built, customized hardware solution that increases scale by an order of magnitude above software-only solutions. OSI stack F5 mitigation technologies OSI stack F5 mitigation technologies F5 Agility 2014 73

76. Up 294% $30B No! Security Spending — ’05–’14 Are breaches going down? Up 390% Malware/Breaches — ’05–’14 Source: Gartner, Idtheftcenter, $30B is a Gartner figure for 2014 3 The IT Security Paradox © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

77. “Anti-virus is dead. It catches only 45% of cyber-attacks.” Brian Dye SVP, Symantec 71% of all breaches are from the endpoint! The Endpoint Problem  Polymorphic  Targeted  … Pattern Matching  Only known  Many ???  Costly remediation Advanced Threats Ineffective Detection 5 The Problem © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

78.  Polymorphic  Targeted  Zero Day Pattern-Matching  Only known  Many false positives  Costly remediation 71% of all breaches start on the endpoint! Advanced Threats Ineffective Detection The Endpoint Problem Source: Verizon Data Breach Report 4 The Problem © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

79. Advanced Attacks Evade Legacy Defenses Threats 80 Network Detection Based Firewall IPS Web & Email Gateways Endpoint Detection Based PC Firewall PC Anti-virus © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

80. 81 $25B $20B $15B $10B $5B $0 Citigroup Washington Post Restaurant Depot Scribd Ubuntu Bethesda Game Studios Michael’s Stores Virginia LexisNexis Sega University of Wisconsin – Milwaukee Sony Pictures Betfair Seacoast Radiology, PA Three Iranian banks KT Corp. Ohio Medicaid State Puerto Rico Department of Health Sony Online EntertainmentSouthern Sony PSN California Medical-Legal Consultants San Francisco Public Utilities Commission Writerspace .com Network Solutions University of California Berkeley Prescription Monitoring Program Heartland University RockYou! Drupal Yahoo Japan South Africa Police Living Social Central Hudson Gas & Electric Nintendo Washington State court system Evernote RBS Worldpay Auction. com.kr Virginia Dept. of Health Ameritrade Hannaford Brothers Supermarket Monster. Processors International CheckFree Corporation TD com Chain TK/ TJ Maxx Yahoo Blizzard Data KDDI Gawker .com Global Payments US Federal Reserve Bank of Clevelan d Ankle & Foot Center of Tampa Bay, AT&T Ubisoft Inc. Significant Data Breaches Source: Idtheftcenter.org Updated 6/16/14 | WW Security Spend Source: Gartner, Red bubbles illustrative only to depict the 71% Application Whitelisting Host Intrusion Prevention Endpoint Sandboxing Host Web Filtering Cloud-based AV detection Network Sandboxing Target AOL Cardsystems Solutions Inc. AOL NASDAQ Twitter Sutherland Healthcare Neiman Marcus Ebay Aaron Brothers Mac Rumour s .Com Neiman Marcus Home Depot America 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 n Express PF Changs Paytime Adobe Snapch at 2013 614 reported breaches 91,982,172 records Recent Security Timeline © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

81. 82 $25B $20B $15B $10B $5B $0 Application Whitelisting Host Intrusion Prevention Endpoint Sandboxing Host Web Filtering Cloud-based AV detection Network Sandboxing Breaches Starting from the Endpoint 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 Significant Data Breaches Source: Idtheftcenter.org Updated 6/16/14 | WW Security Spend Source: Gartner, Red bubbles illustrative only to depict the 71% 2013 614 reported breaches 91,982,172 records Recent Security Timeline © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

82. Bromium—Pioneer and Innovator Redefining security with isolation technology Transforming the legacy security model Global, top investors, leaders of Xen Top tier customers across every vertical 8 © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

83. 84 Core Technology Hardware isolates each untrusted Windows task Lightweight, fast, hidden, with an unchanged native UX Microvisor Based on Xen with a small, secure code base Industry-standard desktop, laptop hardware Hardware Virtualization Hardware Security Features © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

84. Isolate all end user tasks – browsing, opening emails, files… Utilize micro-virtualization and the CPU to hardware isolate Across major threat vectors— Web, email, USB, shares… Seamless user experience on standard PCs 85 How Bromium Solves The Problem © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

85. Bromium vSentry OS Anti-virus, sandbox and other security tools OS Kernel  Today’s signature and behavioral techniques miss many attacks  They almost always leave endpoints corrupted, requiring re-imaging Hardware-isolated Micro VMs  All user tasks and malware are isolated in a super-efficient micro-VM  All micro-VMs destroyed, elimi-nating all traces of malware with them Hardware Applications tab tab OS Hardware Traditional Endpoint Security O S O S O S O S 10 Different from Traditional Security © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

86. LAVA Understanding the Kill Chain WHO Is the Target WHERE Is the Attacker WHAT WHAT Is the Goal WHAT Is the Technique Is the Intent 24 © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

87. Java Legacy App Support Off Net Patching Laptop Users High Value Targets Threat Intelligence Secure Browsing 12 Use Cases © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

88. 89 Why Customers Deploy Bromium Defeat Attacks  Eliminate compromises on the endpoint  Deliver protection in the office or on the road Streamline IT  Reduce operational costs  Dramatically increase IT productivity Empower End Users  Remove the burden of security from users  Enable users to click on anything…anywhere © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

89. Summary The attack landscape has fundamentally changed; perimeter evaporating in the cloud and mobile era Current ‘detection’ defenses are ineffective; endpoint is the weakest link Bromium is redefining endpoint security with micro-virtualization Enormous benefits in defeating attacks, streamlining IT and empowering users 90 © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience.

93. What Do We Know? • The Internet wants all your information • Law is not a deterrent • Little risk for huge gains • Patience = Success • Users will still click on anything …It is going to get worse © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 94

98. Recap • Reduce complexity – simplify • Apply security at the infrastructure, applications and endpoint • Augment technology with people and process • Spend on security vs. compliance • Gain visibility through effective security operations © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 99

104. Improved Intelligence Scalar has the tools and experience to manage security The SIEM is the heart and brain of the SOC. It moves data around in a quickly complex and technical analyses landscape. it with continually updated intelligence. Users Servers End Points Firewalls IPS VS AV/AM/AS SIEM SOC Tools Scalar SOC © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 105

105. What is SIEM? A solution which gathers, analyzes, and presents security information. • Log Management • Security Event Correlation and Analysis • Security Alerting & Reporting © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 106

107. Managed SIEM & Incident Response Real-time security event monitoring and intelligent incident response • 24 x 7 Security Alert & System Availability Monitoring • Security Incident Analysis & Response • Infrastructure Incident, Change, Patch, and Configuration Management © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 108

108. What should I look for in a provider? • Breadth and Depth of Technical Capability • Flexibility in Deployment, Reporting, and Engagement Options • Experience with Customers in Diverse Industries • A Partner Model © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 109

110. Proof of Value 4 Week Trial • Dashboard for Real-time Data • Weekly Security Report • Detailed Final Summary Report • Seamless Continuation into Full Service © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 111

118. What’s next? Looking for more info on security? Rob Stonehouse, Scalar’s Chief Security Architect, discusses security beyond compliance on our blog here. © 2014 Scalar Decisions Inc. Not for distribution outside of intended audience. 119

Scalar Security Roadshow - Vancouver Presentation

Estás leyendo una previsualización.

Eche un vistazo a continuación

Scalar Security Roadshow - Vancouver Presentation

Más Contenido Relacionado

Presentaciones para usted (20)

A los espectadores también les gustó (20)

Similares a Scalar Security Roadshow - Vancouver Presentation (20)

Más de Scalar Decisions (20)

Más reciente (20)