CyberDen 2020

Information about CyberDen 2020

Published on February 14, 2020

Author: FahadAlHasan1

Source: slideshare.net

Content

1. Agenda Lunch Pitches, Round 1 Break Pitches, Round 2 Exhibition & Networking Close 1.00pm 1.45pm 2.45pm 3.00pm 4.15pm 5.00pm

2. Protecting and Optimizing Your Email Oliver Tribe Sr Enterprise Account Manager The Power of Email Authentication

3. Agari Secure Email Cloud ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.5

4. Email Scams Continue to Plague Businesses

5. Two Mega Trends Re-Shaping Email Security Defenses Advanced Email Attacks #1 Cybersecurity Problem Email continues to be the most common vector (96%) – Verizon 2018 Data Breach Investigations Report Migration to Cloud Mail Redefining Email Architectures By 2021, more than 70% of business users will be provisioned with cloud office capabilities. – Gartner 2017 Market Guide for Secure Email Gateways ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.7

6. Decline in Email Security Efficiency Criminals continue to exploit gaps in your security YoY rise in BEC victim losses88% Victims lost 92x more in BEC scams than ransomware & malware combined 22% of employees will click on a phishing campaign

7. The Digital Marketer’s Dilemma… ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary. Sources: 1. Data and Marketing Assoc 2018 2. Verizon, 2018 96% Cyberattacks start with email2 3,800% Average ROI for email marketing1 …ALSO THE TOP VECTOR FOR CYBERCRIMINALS EMAIL: THE BEST, MOST PROFITABLE WAY FOR BRANDS TO REACH CONSUMERS…

8. Email is Powerful and Efficient ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.10

9. However, Email Has a Basic Flaw: The Sender Can Be Faked • Criminals can impersonate someone you trust and steal your credentials, information, or money • They trick you into falling for ransomware ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.11

10. 2018 Account Takeover Identity Impersonation Attacks Have Changed the Rules Sources: CSOonline.com, Cybersecurity ventures, Nucleus Research, FBI I3C (Jan ‘15 – Dec ‘16) $ 2000s 2015 Spam Email Malware Spear Phishing Social Eng Attacks Business Email Compromise 2017 Content Deception Identity Deception Zero Day Attacks 30% open malicious emails 13% click on malicious attachments 3:45 until first user is compromised From: CEO Name [email protected] To: CFO NAME ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.12

11. Impersonation Techniques ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.

12. Impostor Authentic Spoof Look-alike Domain Display Name Deception Account OwnerAccount Takeover Sender Phishing Threat Landscape Business Email Compromise Traditional Phishing EmployeeVEC ScarewareProblem Customer Importance Problem Example VEC From: “Rama <[email protected]>” Subject:Can you please send me your 2020 financial plan? BEC From: “Pat Peterson <[email protected]>” Subject: Raymond, please pay this invoice Employee From: “Pat Peterson <[email protected]>” Subject: Raymond, please pay this invoice Traditional Phish From: “MS File Share <[email protected]>” Subject:Open this file shared from Microsoft Onedrive Scareware From: “Aʼnonymer Hʌcker <[email protected]>” Send me bitcoin or I’ll post your naked pictures on social media

13. BEC – Now the #1 Reason for Cyber Insurance Claims ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.15 https://www.thesslstore.com/blog/the-dirty-dozen-the-12-most-costly-phishing-attack-examples/

14. BEC – Now the #1 Reason for Cyber Insurance Claims ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.16 https://www.thesslstore.com/blog/the-dirty-dozen-the-12-most-costly-phishing-attack-examples/

15. Cyber Criminals are operating like a Modern Enterprise ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.

16. Email Authentication and Identity-based Detection: Digital ID for Your Brand that Improves Customer Experience IMPROVED DELIVERABILTY BETTER ENGAGEMENTMORE CONFIDENCE TOTAL VISIBILITY Blocks unauthorized emails attempting to use your domain

17. Thank You Oliver Tribe [email protected] M: 07501 520 620 ©2019 Agari Data, Inc. All rights reserved. Confidential and Proprietary.19

18. AUTOMATED TARGETED THREAT INTELLIGENCE February 2020 – David Marlow

19. • About Blueliv • The Evolution of Threat Intelligence • Adding value to your business • CTI delivered by Blueliv • Use case • Blueliv product • Threat landscape trends in 2020 SECON CYBERDEN AGENDA 22

20. 23 ABOUT BLUELIV SECON CYBERDEN Blueliv is Europe’s leading cyberthreat intelligence provider, headquartered in Barcelona, Spain. We look beyond your perimeter, scouring the open, deep and dark web to deliver fresh, automated and actionable threat intelligence to protect the enterprise and manage your digital risk. Intelligence modules are scalable, easy to deploy and easy to use, maximizing security resource while accelerating threat detection, incident response performance and forensic investigations.

21. THE EVOLUTION OF THREAT INTELLIGENCE SECON CYBERDEN Threat Intelligence 1.0 Generic, report driven intelligence about malicious activity, usually historical 10-15yrs ago Threat Intelligence 1.5 Vertical-based threat intelligence, largely report driven, built manually by analysts and delivered as a single, feature-rich platform 5-10yrs ago Threat Intelligence 2.0 Targeted threat intelligence, delivered automatically and continuously in near real- time. Limited human intervention allows for scale and speed. Modular to enable customers to prioritise tasks Past 5yrs 24

22. 25 HOW DO WE ADD VALUE TO YOUR BUSINESS SECON CYBERDEN • Increase Security maturity for external threats and help plug gaps by tracking where the breach originated • Loss of Intellectual Property, Fines and Reputational Damage, Potential to reduce GDPR fines by demonstrating you have a proactive approach to external threats • Despite massive investments in Endpoint Protection, Data Loss Prevention, Firewalls etc breaches and leaks still happen. Blueliv help understand the blind spots • Automated solution – so you don’t have continuously search, rest assured that we are looking out for your digital assets online – focus on remediation and reduce potential harm and losses

23. THREAT INTELLIGENCE DELIVERED BY BLUELIV 26 Big Data Algorithms Proprietary intelligence Blueliv Community Third Parties Internet Deep Web Dark Web Partners Public sources Experts Organization s Malware sharing Malware sharing Web Crawlers Sinkholing Honeypots Malware Reversal 2. PROCESSING1. INFORMATION GATHERING 3. INFORMATION DELIVERY + REMEDIATION Enriched data Threat Compass Threat Exchange Network MRTI Data Feed SECON CYBERDEN

24. THREAT INTELLIGENCE DELIVERED BY BLUELIV 27 Retrieve in compromised credentials in real time Track illegitimate entities and domains Recover stolen card information in real- time Track malicious activities in the underground Discover your sensitive data leaked in the wild Be armed with continuously updated, intuitive threat intelligence Detect malware & analyze suspicious executable files Detect and monitor false, infected, modified or copied apps Monitor your organization’s digital footprint Monitor global social- borne hacktivism operations CREDENTIALS DOMAIN PROTECTION CREDIT CARD THEFT DARK WEB DATA LEAKAGE HACKTIVISM SOCIAL MEDIA ROGUE MOBILE APPS MALWARE THREAT CONTEXT SECON CYBERDEN

25. USE CASE: PROACTIVE EXTERNAL THREAT INTEL 28 • Gain visibility on external cyber-threats that can affect your assets, brand, employees and even customers. • Discover compromised devices and credentials, leaked information and rogue mobile applications. • Empower your response and investigation activities with access to contextualized information. • Enjoy these benefits in a frictionless and automated way, reducing you FTE needs to cover much more ground. • CISO • IT Security Manager • Threat Intelligence Manager • SOC Team • Fraud Manager • GRC/IP/Brand Manager • MRTI • Botnets and C&C • Targeted Malware • Credit Card Theft • Rogue Mobile App • Media Tracker • Hacktivism • Data Leakage • Phishing & Cybersquatting • Brand Abuse • Dark Web • Threat Actors Role Blueliv Technology that can be used Use Case SECON CYBERDEN

26. DASHBOARD 29 SECON CYBERDEN

27. MODULAR - CREDENTIALS 30 SECON CYBERDEN

28. THREAT CONTEXT – MALWARE HUNTING 31 SECON CYBERDEN

29. • Cyberthreats becoming increasingly diverse, sophisticated and malicious • More mirroring the Commercial world – dark web black Friday sale – reduced price, 24x7 support, crowd funding, gamification, customer satisfaction scores, Uptime for Dark Web Markets • Skills shortage – products being simpler to use so employees are more productive • Account checking Armageddon – password hygiene • Remote Access Trojans (RATS) – increased sophisticated – man in the middle, uninstalling AV • Increased usage in Monero Cryptocurrency • Increase in Ransomware and mobile attacks – companies are still paying up WHAT ARE WE SEEING IN 2020 32 SECON CYBERDEN

30. We would welcome your investment and as next steps are happy to provide follow up meeting and a demonstration Thank You

31. Mark Draper EMEA Channel Director 35 Top WAN Transformation Challenges For The Global Enterprise

32. Cato Networks 36Network at the Speed of NOW

33. Market Opportunity 37Network at the Speed of NOW • SD-WAN solutions help organizations in simplifying the WAN and branch networks, significantly improves WAN performance, reduces Capex and Opex, and provides higher agility of WAN management • Software-defined wide-area network market is expected to grow significantly in the next 3 to 4 years • Market size anticipated to be $12.11 billion by 2023 • The market is expected to grow at a compound annual growth rate (CAGR) of 56.1% from 2018-2023.

34. Remote Sites Private Cloud On-Prem Data Center SaaS Applications Public Cloud Users Partners Customers Employees Customers Revenue Partners Unknown Applications IP IP Unknown Applications Unknown Network Data Users Threats Tools The Current Network Landscape

35. The WAN is Incompatible with Today’s Business Needs 39 Cloud, Mobility and Globalization drastically changing traffic patterns Network at the Speed of NOW Security Appliances Legacy WAN

36. Digital Transformation 40 The Most Impactful IT Trend on Business Network at the Speed of NOW

37. 41Network at the Speed of NOW Digital Transformation The Most Impactful IT Trend on Business

38. 42Network at the Speed of NOW • The rise of cloud applications and mobile workforces is changing the shape of business. Today, applications are hosted in on-premise data centers, private & public clouds, or consumed as a subscription-based Software-as-a- service (SaaS) offering. (Salesforce.com, Workday, Office365, Box and Dropbox) • The Wide Area Network (WAN) and network security appliances were built to connect and secure static and physical locations - not today’s mobile-first and cloud-centric networks. • Legacy WAN and Network Security Appliances are Incompatible with the Modern Enterprise. The WAN is Incompatible with Today’s Business Needs  Cloud, Mobility and Globalization drastically changing traffic patterns

39. Mobile Users Point solutions? You can’t patch your way to a better network DC Cloud Global Branch Legacy Network Branch | 43 MPLS Mobile VPN/SDP Network Security

40. Cloud-Native Convergence Drives WAN Transformation | 44 MPLS Network Security Mobile VPN/SDP ALL-IN-1 Faster Innovation Better Service Lower Costs

41. Cato Keeps it Simple Connect. Secure. Run | 45 Secure. Protect all traffic with built-in security as a service Connect. End-to-end optimized connectivity for all locations, clouds, and users Run. One console for all network and security policies and analytics BranchHQ/DC Cloud Mobile

42. Service 46Network at the Speed of NOW

43. One Network 47 Global SD-WAN Network at the Speed of NOW CatoCloud Routing Reliability Optimization Encryption • Global, SLA-backed backbone of Points of Presence (PoPs) • Network Optimization – Last Mile, Middle Mile, Cloud Optimization • Secure Tunnels Overlay connects all resources to the backbone • MPLS Augmentation with core SD-WAN capabilities • MPLS Replacement with SLA-backed backbone • Connects Cloud Data Center and Mobile Users to the WAN • Managed service by Cato: Intelligent Last-Mile Management (ILMM) (2) MPLS Replacement SLA-backed Backbone Last-Mile Management Branch Cato Socket HQ Cato Client Mobile Users Agentless Cloud Data Center Network Security SD-WAN (1) MPLS Augmentation or Enhanced Internet WAN Policy Based Routing, Active/Active, Packet Loss Mitigation MPLS PoPs Map Cato SocketILMM

44. Next Generation Firewall VPN Secure Web Gateway Secure Cloud and Mobile Access Advanced Threat Prevention Network Forensics • Enterprise grade security available everywhere (local secure Internet exit) • Elastic and agile: scale up, seamlessly updated • Cloud traffic visibility accelerates defense adaptation • Appliance elimination in remote locations and datacenters • Managed Threat Detection and Response (MDR) Service by Cato One Security 48 Built-in Network Security Network at the Speed of NOW CatoCloud Routing Reliability Optimization Encryption Branch Cato Socket HQ Cato Client Mobile Users Agentless Cloud Data Center Network Security SD-WAN MPLS Network and Security ManagementManaged Detection and Response

45. Cato Management Application 49Network at the Speed of NOW

46. NG Firewall Secure Web Gateway Advanced Threat Prevention Cloud and Mobile Security Cloud Optimization WAN Optimization Global Route Optimization Self-healing Architecture Cato Cloud: The Network for the Digital Business | 50 Branch Datacenter Edge SD-WAN • Active / Active / Active • Dynamic Path Selection • Application- and User Aware QoS • Packet Loss Mitigation IPSec Internet MPLS Hybrid/Multi Cloud Agentless Mobile Client/Clientless SDP Flexible Management • Self-service • Co-managed • Fully managed PoP Converged Network & Security

47. A New Networking & Security Architecture for the Business | 51

48. Experience WAN Transformation with Cato Networks. | 52

49. Andrew Thompson Software security for DevOps and beyond

50. 3Things to remember THE PITCH Software Security for Devops and beyond • Trends in Software Development – Shortening Delivery Cycle and Machine Learning in Testing • Maslow Hierarchy of Needs – Software Version • Addressing these requirements

51. are predictable Trends in AppSec

52. Advances in development always precede advancesinAppSec ApplicationDevelopment ApplicationSecurity Starting point Peak of inflated expectations

53. Advances in development always precede advancesinAppSec 1996 Advances in dev Web Apps 1999 Sec protection WAFs 2003 Security from the source SAST

54. Advances in development always precede advancesinAppSec 1996 Advances in dev Web Apps 1999 Sec protection WAFs 2003 Security from the source SAST 2004 Advances in dev Open source by enterprises 2011 Sec protection Sec by risk 2015 Security from the source Sec by dev

55. we need to understand current Dev trends To predict future Sec trends Proprietary & Confidential | All Rights Reserved

56. 2007 Advances in dev Infrastructure as code 2010 Sec protection Cloud infrastructure protection ??? Security from the source ??? Network Servers services = DevITTrend 1 : Infrastructure as code Trend 2: Trend 3: Trend 4: Proprietary & Confidential | All Rights Reserved

57. 2013 Advances in dev Containers dockers 2015 Sec protection Containers dockers security ??? Security from the source ??? Apps >> ContainersDirectly on OSTrend 1 : Infrastructure as code Trend 2: Containers dockers Trend 3: Trend 4: Proprietary & Confidential | All Rights Reserved

58. 2013 Advances in dev Microservices 2017 Sec protection API security protection ??? Security from the source ??? Microservices >> APIMonolithTrend 1 : Infrastructure as code Trend 2: Containers dockers Trend 3: APIs Trend 4: Proprietary & Confidential | All Rights Reserved

59. Trend 1 : Infrastructure as code Trend 2: Containers dockers Trend 3: APIs Trend 4: git is the new norm Ops through git is the new norm >> using git for sec scans Build Test Deploy Build Test Deploy Proprietary & Confidential | All Rights Reserved

60. Needs Maslow’s Hierarchy of

61. / Maslow Hierarchy of needs Proprietary & Confidential | All Rights Reserved | 66 Self- actualization Esteem Love / Belonging Safety Physiological

62. / Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 67

63. / Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 68 Project Management - Know your Software Exposure KPIs Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management

64. / Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 69 Project Management - Know your Software Exposure KPIs CI plugins IDE plugins Mass onboarding (Github / Gitlab / Bitbucket) Defect management (JIRA) CI/CD Automation SDLC Integration Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management

65. / Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 70 Project Management - Know your Software Exposure KPIs CI/CD Automation SDLC Integration Self-Service AST Automation with Zero Configuration Commit Or Pull request Issues Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management

66. / Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 71 Project Management - Know your Software Exposure KPIs CI/CD Automation SDLC Integration Self-Service AST Automation with Zero Configuration Unified Policy Management Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management

67. / Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 72 Project Management - Know your Software Exposure KPIs CI/CD Automation SDLC Integration Self-Service AST Automation with Zero Configuration Unified Policy Management Vulnerability Detection and Correlation SAST  SCA  IAST  Training Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management

68. / Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 73 Project Management - Know your Software Exposure KPIs CI/CD Automation SDLC Integration Self-Service AST Automation with Zero Configuration Unified Policy Management Vulnerability Detection and Correlation Automatic Prioritization Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management

69. / Maslow Hierarchy of needs – For Software Security Proprietary & Confidential | All Rights Reserved | 74 Project Management - Know your Software Exposure KPIs CI/CD Automation SDLC Integration Self-Service AST Automation with Zero Configuration Unified Policy Management Vulnerability Detection and Correlation Automatic Prioritization Remediate - What And How To Fix Best Fix & Codebashing – How To Fix Remediation Prioritization Correlations Policy CI/CD Automation User & Project Management

70. Solutions Checkmarx

71. / Proprietary & Confidential | All Rights Reserved | 76 About Checkmarx The world's top organizations choose Checkmarx to manage their software exposure Gartner Magic Quadrant Leader 2019 for Application Security Testing 700 employees 60% year-over-year growth deployed in 70+ countries Trusted by 1,400+ of the world’s largest organizations

72. / Proprietary & Confidential | All Rights Reserved | 77 Checkmarx Software Security Platform

73. / Security in a SDLC & DevOps Environment Proprietary & Confidential | All Rights Reserved | 78 IDEs Source Code Management Solutions Build/CI Solutions Defect Tracking Dashboarding Dev OpsCLI, Web Services API Data Export API

74. / Proprietary & Confidential | All Rights Reserved | 79 And the future ?

75. Securing software takes more than a tool

76. / Come and have a chat To hear more about how we translate our philosophy and upcoming trends into actionable security Proprietary & Confidential | All Rights Reserved | 81

77. www.checkmarx.com / Thank You [email protected] [email protected]

78. Break Take a breather for 15 mins

79. www.egress.com © Egress Software Technologies Ltd. All rights reserved. Mark Lendon, VP of Sales Will Renwick, Account Executive 13th February 2020 Predicting the unpredictable: Preventing email data breaches Egress Software Technologies

80. www.egress.com © Egress Software Technologies Ltd. All rights reserved. Human Layer Security – Category Leader Founded in 2007 3000 clients and 6 million users Global offices An industry leader One of the fastest growing UK SaaS businesses $40m growth equity funding Highest level industry certifications Key strategic partnerships

81. www.egress.com © Egress Software Technologies Ltd. All rights reserved. • Firewalls • Authentication • Disk Encryption In the 2000s…

82. www.egress.com © Egress Software Technologies Ltd. All rights reserved. • Spam • Malware • Data Loss Prevention In the 2010s…

83. www.egress.com © Egress Software Technologies Ltd. All rights reserved. 95% of breaches will be human activated… In the 2020s???

84. 90 Mis-directed emails are the most underreported security threats to your business

85. www.egress.com © Egress Software Technologies Ltd. All rights reserved. • More mistakes happen during repetitive tasks • Roles that have similar tasks are more prone to mistakes • While a data breach may not necessarily be caused, it can certainly involve an embarrassing conversation! Sent an email or attachment to the wrong person?

86. www.egress.com © Egress Software Technologies Ltd. All rights reserved. Insider threat: a disconnect The market challenge 79% of IT leaders: my employees have put company data at risk accidently Human error to blame The risk is on email 92% of employees: we haven’t accidentally broken data sharing policy 60% of data breach incidents are the result of human error (ICO research) 74% of information shared by staff contains sensitive data 61% of this sensitive data is shared via plain text email! 50% of these incidents are the result of incorrect disclosure

87. www.egress.com © Egress Software Technologies Ltd. All rights reserved. • Deeply understands human behaviour • Contextual machine learning • Detect anomalies and prevent data breaches Human Layer Security

88. www.egress.com © Egress Software Technologies Ltd. All rights reserved. Intelligent Email Security Analyse and measure the risk of sharing sensitive data Investigate Apply the right level of protection when sharing sensitive data Protect Remove the risk of accidental or malicious data breaches Prevent 01 0302

89. 95 The misdirected email is one of the biggest security threats to your business… …and Egress removes that risk from the table.

90. 96

91. www.egress.com © Egress Software Technologies Ltd. All rights reserved. Thank you for your time E: [email protected] | T: +44 (0) 2076248500 | W: www.egress.com | Twitter: @EgressSoftware

92. "Protecting your business does not stop at these four walls" •Traditional protection perimeters are expanding and sometimes dissolving completely. •How do you provide protection beyond the perimeter for your business brand. •How do you provide protection beyond the perimeter for your customers.

93. 10 0 ©2019 Mimecast. All Rights Reserved 10 0

94. 10 1 ©2019 Mimecast. All Rights Reserved

95. 10 2 ©2019 Mimecast. All Rights Reserved 10 2

96. 10 3 ©2019 Mimecast. All Rights Reserved 10 3

97. 10 4 ©2019 Mimecast. All Rights Reserved 10 4

98. 10 5 ©2019 Mimecast. All Rights Reserved 10 5

99. 10 6 ©2019 Mimecast. All Rights Reserved 10 6

100. 10 7 ©2019 Mimecast. All Rights Reserved 10 7

101. Zone 1 The Established Perimeter | Secure EmailGateway | Targeted Threat Protection | DataLoss Prevention Zone 2 Inside the Perimeter | Inside Email Protection | Security Awareness Training | Quarantine& Remediation Zone 3 Beyond the Perimeter | Global Threat Intelligence | Proactive Risk Hunting | Brand& Domain Protection Mimecast Email Security 3.0 From Perimeter to Pervasive API / Security Eco-system Across the Perimeter | Connected Ecosystem | CustomIntegration | MaximizedSecurity Investment

102. 10 9 ©2019 Mimecast. All Rights Reserved Cometalk withme abouttrust

103. CONTROL ACCESS PROTECT ENDPOINTS SECURE PASSWORDS 3 Key Steps to PAM Maturity Scott Shields

104. 85% O R G A N I Z A T I O N S Fail to meet even basic PAM security hygiene

105. PAM Gartner Ranks CISO’s #1 Security Priority On Gartner’s List of Top 6 Security Projects THYCOTIC ADRESSES 4  #1 – Privilege Account Management  #3 – Anti-phishing  #4 – Application Control  #6 – Detection & Response

106. Privileged Access Management Maturity Model

107. MATURITYLEVEL ADAPTIVE INTELLIGENT4 SECURITYPOSTURE BEGINNERS LEADERS ANALOG1 BASIC2 High risk to architecture & operations CRITICAL RISK THRESHOLD Low risk to architecture & operations ADVANCED3 PAM Maturity Model

108. MATURITYLEVEL ADAPTIVE INTELLIGENT4 SECURITYPOSTURE BEGINNERS LEADERS ANALOG1 BASIC2 High risk to architecture & operations Low risk to architecture & operations  Paper-based password & credential tracking  Default password use  No password rotation  No or minimal password complexity requirements  Automated privileged account discovery  Password vaulting  Non-default password use  Multi-factor authentication  Automated password rotation & randomization  Password hiding  Privileged session proxying  Dual control & 4-eyes protocols  Session monitoring  Immutable privileged activity auditing  Endpoint Least Privilege & application control  Automated anomoly detection & remediation  Automated privileged account lifecycle management  DevOps workflow privileged account management FEATURES ADVANCED3 PAM Maturity Model

109. MATURITYLEVEL ADAPTIVE INTELLIGENT4 SECURITYPOSTURE BEGINNERS LEADERS ANALOG1 BASIC2 High risk to architecture & operations Low risk to architecture & operations  Paper-based password & credential tracking  Default password use  No password rotation  No or minimal password complexity requirements  Automated privileged account discovery  Password vaulting  Non-default password use  Multi-factor authentication  Automated password rotation & randomization  Password hiding  Privileged session proxying  Dual control & 4-eyes protocols  Session monitoring  Immutable privileged activity auditing  Endpoint Least Privilege & application control  Automated anomoly detection & remediation  Automated privileged account lifecycle management  DevOps workflow privileged account management FEATURES ADVANCED3 PAM Maturity Model

110. MATURITYLEVEL ADAPTIVE INTELLIGENT4 SECURITYPOSTURE BEGINNERS LEADERS ANALOG1 BASIC2 High risk to architecture & operations Low risk to architecture & operations  Paper-based password & credential tracking  Default password use  No password rotation  No or minimal password complexity requirements  Automated privileged account discovery  Password vaulting  Non-default password use  Multi-factor authentication  Automated password rotation & randomization  Password hiding  Privileged session proxying  Dual control & 4-eyes protocols  Session monitoring  Immutable privileged activity auditing  Endpoint Least Privilege & application control  Automated anomoly detection & remediation  Automated privileged account lifecycle management  DevOps workflow privileged account management FEATURES ADVANCED3 PAM Maturity Model

111. MATURITYLEVEL ADAPTIVE INTELLIGENT4 SECURITYPOSTURE BEGINNERS LEADERS ANALOG1 BASIC2 High risk to architecture & operations CRITICAL RISK THRESHOLD Low risk to architecture & operations  Paper-based password & credential tracking  Default password use  No password rotation  No or minimal password complexity requirements  Automated privileged account discovery  Password vaulting  Non-default password use  Multi-factor authentication  Automated password rotation & randomization  Password hiding  Privileged session proxying  Dual control & 4-eyes protocols  Session monitoring  Immutable privileged activity auditing  Endpoint Least Privilege & application control  Automated anomoly detection & remediation  Automated privileged account lifecycle management  DevOps workflow privileged account management FEATURES ADVANCED3 PAM Maturity Model

112. You can’t protect what you don’t know exist Discover

113. Protect, Rotate and encrypt all privileged credentials Secure

114. True RBAC + Workflow controls + Analytics and Audit control Control Access

115. PRIVILEGED ACCOUNT MANAGEMENT SECRET SERVER ENDPOINT APPLICATION CONTROL PRIVILEGE MANAGER ANALYTICS PRIVILEGED BEHAVIOUR ANALYTICS SERVICE ACCOUNT GOVERNANCE ACCOUNT LIFECYCLE MANAGER DYNAMIC SECRETS MANAGEMENT DEVOPS SECRETS VAULT

116. Questions?

117. Questions?Thank You!

118. 134 134 It’s a Digital World. Engage Securely.

119. 135 #WHOAMI Gavin Cameron ZeroFOX Regional Sales Director, UK 13 Years in Cybersecurity

120. • Defining your Digital "Perimeter" & Risks • Leverage the ZeroFOX Platform for real-time Digital Visibility, Intelligence & Protection • Defend and Remediate your Digital Risks with ZeroFOX Takedown as a Service™ AGENDA

121. 137 Our Mission ZeroFOX exists to protect people and organisations in the quickly expanding digital world. Our Reach Presence in United States, United Kingdom, Canada, Chile and India, with customers in over 25 countries, providing best in class SaaS platform, support and services to organizations of all verticals and sizes. About ZeroFOX It’s a Digital World. Engage Securely.

122. 138 Understand your Digital "Perimeter" & Risks

123. 139 Impersonations Social Accounts Fake Domains Fake Websites Fraudulent Email Securing Your Everchanging “Perimeter” Public Platforms Virtualization The Good Ole Days Cloud Computing Forums, Blogs, News & Reviews Code Sharing Web Marketplaces Social Media Email & Slack Deep & Dark Web Domain Registries Mobile App Stores

124. 140 Securing Your Everchanging “Perimeter” Impersonations Social Accounts Fake Domains Fake Websites Fraudulent Email Partners Customers Employees

125. 141 360° Visibility into risks on social and digital channels outside your firewall 15 seconds Average time to alert, saving internal teams valuable time spent searching for risks manually 6+ hours Saved per week on manual identification of impersonations on average Phishing/SMiShing and Malware Account Hacking Domain Spoofing Piracy and Counterfeit Goods Customer Scams Trademark Infringements Brand & Executive Impersonators Reputation Damage Information Leakage Offensive Content Compliance Violations Physical Violence TM Risks Beyond Your “Perimeter”

126. 142 Real-time Digital Visibility, Threat Intelligence & Protection

127. 143SLIDE / Identify Risks on digital platforms Protect & Monitor What matters to your organization Gain Intelligence & Remediate Threats to your brand, customers, execs, employees and business Identify Digital Channel Exposure Define Your Digital Assets Brands | Domains | Executives | Data | Employees | Locations Machine-Driven Monitoring & Analysis AI-Based| Alerts | Reporting Human-Driven Analysis ZeroFOX OnWatch™ Threat Intelligence & Remediation ZeroFOX Alpha Team Takedown-as-a-Service™ Complete Digital Visibility, Intelligence & Protection Digital Protection Strategy

128. 144 Defend & Remediate with Takedown as-a-Service

129. Remediate all threats to your brand and org. Hide, block, delete and remove offending profiles and posts Identify and remove threats Mitigate threats to your brand, business, people and locations across social media, mobile, web, email, marketplaces, domains and more Save time and resources Reduce time spent identifying, investigating and mitigating threats manually — rely on ZeroFOX to act on your behalf Increase reach and effectiveness Strengthen your digital visibility and protection by not only identifying threats, but taking action against those threats 145

130. Thank you

131. 148

132. Sophos Security for the Public Cloud David Okeyode – Public Cloud Security Architect 3xMCSE | MCT | VCP | CCNP | AWS SA-Pro @asegunlolu asegunlolu Is YOUR head in the Clouds? Jon Hope - Senior Sales Engineer @JonHope_Sophos

133. 3% 11% 12% 17% 19% 52% 61% 6% 8% 9% 16% 22% 16% 16% 8% 7% 6% 13% 14% 9% 7% Alibaba Oracle Cloud IBM Cloud Vmware Cloud on AWS Google Cloud Azure AWS Currently use Experimenting Plan to use Public Cloud Adoption % of All Respondants Source: RightScale, 2019 State of the Cloud Report from Flexera 150

134. Growing at 6x rate of general IT spending through 2020* 151 Source IDC, “The Salesforce Economy,” September 2016, salesforce.com.

135. 152

136. 153

137. Responsibility IaaS Data classification & accountability Client & end-point protection Identity & access management Application level controls Network controls Host infrastructure Physical security SaaSPaaSOn-prem Division of Responsibility Source: Microsoft TechNet – Shared Responsibilities for Cloud Computing Platform provider is responsible for the security ‘of’ the Cloud The Customer is responsible for security ‘in’ the Cloud Customer Cloud provider Who’s Problem is it Anyway? YOU are

138. 155

139. Sophos Solutions For Public Cloud Security 156

140. Sophos Server Protection 157

141. Sophos Server Protection • Prevents attacks by: o Reducing the attack surface o Identifying malware before it runs • Detects malicious activity: o Hacking and exploit attempts o Ransomware and malware • Responds by: o Allowing for automated or manual removal o Providing Root Cause Analysis Responsibility IaaS Data classification & accountability Client & end-point protection Identity & access management Application level controls Network controls Host infrastructure Physical security SaaSPaaSOn-prem Source: Microsoft TechNet – Shared Responsibilities for Cloud Computing Customer Cloud provider

142. Ransomware 159

143. Ransomware Behavior Protection CryptoGuard – File Protection • Takes just in time file cache • Identifies malicious file encryption behavior • Isolates malicious process • Automatically rolls back affected files WipeGuard – Disk & Boot Protection • Prevents malicious tampering with system areas of disk • Stops malicious processes • Proven effective during NotPetya DATA PARTITION WIPEGUARD CRYPTOGUARD MBR SYSTEM INFORMATION .DOC .JPG .XLSX DISK LAYOUT 160

144. Sophos Firewall 161

145. Azure Network Security Best Practices 162

146. • Illuminates hidden risk: o Exposing suspect users and apps o Rich on-device reporting • Protects against malware: o Pedigree IPS plus Dual A/V o Sandboxes unknown content • Responds by: o Denying the hacker o Automated isolation of compromised servers o Lateral movement prevention Responsibility IaaS Data classification & accountability Client & end-point protection Identity & access management Application level controls Network controls Host infrastructure Physical security On-prem Source: Microsoft TechNet – Shared Responsibilities for Cloud Computing Customer Cloud provider Sophos Firewall On-prem SaaSPaaS

147. Web Server Security 164

148. Sophos Firewall: WAF and IPS Single Solution Inbound Request No Yes Route to Destination GEO IP Filtering SSL TerminationInbound DoS & IPS Proxy request on behalf of sender URL Based Routing (+ Access Control) Http/Https Protocol Anomaly Detection RPC Traffic? RPC Protocol Filter SSL Re-EncryptionQOS OWASP “10” Cookie Tampering Detection URL Hardening & Session Handling Reverse Proxy Authentication (w/MFA) Request Redirection Reverse Proxy Authentication (w/MFA) OWASP “10” Content Inspection File Type Detection & Enforcement Load Balancing and Failover Routing Request Rewriting IPS

149. 166

150. Security Heartbeat™ Synchronized Security in The Public Cloud Security Heartbeat™ Servers XG Firewall Sophos Central Internet XG Firewall Servers Availability Zone Availability Zone 167

151. Born in the cloud 168

152. Sophos Central-Single Pane of Glass Management 169 Allows partners to manage multiple customer installations Endpoint Protection Email Security Web Gateway Server Protection Encryption Mobile Protection Wireless Allows users to access email, mobile, and encryption features Reseller Dashboard Customer Admin User Self Service Firewall Management

153. Sophos Intercept X for Server and Endpoint Manage all your Firewalls, Servers and Endpoints from a single interface Hybridenvironment CorporateDatacentre 170

154. Sophos Central Cloud Workload Discovery 172 Auto-Scaling Versioning Encryption AWSS3 permissions IdentifyAWS S3 configurations violating company policy

155. New Threats 174

156. Public Cloud Security Breaches of cloud security failures will be the customer’s fault 95% SIX MILLION PII RECORDS 20 THOUSAND CUSTOMER RECORDS 200K CUSTOMER CALL RECORDINGS EXPOSED 175 Source: There's a Hole in 1,951 Amazon S3 Buckets, Rapid 7 LARGE DISCOUNT BROKERAGE FIRM TELETEXT HOLIDAYS TELECOMMUNICATIONS COMPANY By 2020

157. Built for The Cloud Cloud Optix • You can’t secure what you can’t see • Automatic workload discovery, security vulnerability scanning and response AI Powered Security Analytics and Monitoring Governance, Risk and Compliance DevSecOps 176

158. 177 END-TO-END VISIBILITY 177 • Full asset inventory (AWS, Azure, and GCP) • Network topology visualisation • View traffic flow (ingress/egress/ internal) • Security Group analyses how traffic may flow • Analyse Host traffic for hidden vulnerability i.e. open databases

159. 178 CONTINUOUS COMPLIANCE 178 • Continuous monitoring • Custom policies • Out of the box templates • GDPR, CIS, SOC2, HIPAA, ISO 27001 and PCI DSS • Guardrails prevent changes to critical systems • Jira and ServiceNow integration

160. 179 AI-POWERED ALERTS AND RESPONSE 179 • Identify suspicious logins and API calls • Detect suspicious traffic patterns • Close open storage buckets (S3) and ports • Detect configuration drift • Scan IaC templates in Github, Bitbucket and Jenkins Pipeline

161. In Summary 180

162. You NEED Protection 181  Sophos Cloud Optix  Intercept X for Server  UTM  Sophos Cloud Optix  Intercept X for Server  Sophos Cloud Optix  Intercept X for Server  XG Firewall

163. • Your Servers : o Blocking Malware o Ransomware Prevention • Your Virtual Networks: o Firewall, A/V Scanning o IPS and WAF o Sandboxing Unknown Content o Automated Isolation of Compromised o Servers • Your Dynamic Estate: o Single Management Platform o Automated Workload Discovery o Cloud Optix Responsibility IaaS Data classification & accountability Client & end-point protection Identity & access management Application level controls Network controls Host infrastructure Physical security On-prem Source: Microsoft TechNet – Shared Responsibilities for Cloud Computing Customer Cloud provider Sophos Protects SaaSPaaS

164. Exhibition & Networking Get into the thick of it and network for the rest of the evening with these wonderful speakers. Who will pique your interest?

165. Contact us Phone: +44(0)203 657 0707 Email: [email protected]

#whoami presentations

Zer 0 no zer(0 day)   dragon jar
25. 09. 2020
0 views

Zer 0 no zer(0 day) dragon jar

Related presentations


Other presentations created by FahadAlHasan1

Annual OktCyberfest 2019
22. 10. 2019
0 views

Annual OktCyberfest 2019