SlideShare ist ein Scribd-Unternehmen logo

Defending Against Modern Threats Wp Lr[1]

DeepNines Technologies
DeepNines Technologies

DeepNines Technologies information for IT B2B. Defending against modern threats with DeepNines IT Services. More information located at www.deepnines.com

Technologie
1 von 14
Downloaden Sie, um offline zu lesen
Whitepaper: Defending Against Modern Web Threats Introducing Data Cloud URL Filtering Real-Time Network Defense
Table of Contents Executive Summary 4 Introduction 4 The Evolution of URL Filtering 5 Early URL Filtering 5 Traditional Filtering 7 Data Cloud Filtering 7 Data Cloud Vs. Traditional URL Filtering 9 Storage Size Impacts Accuracy and Coverage 9 Access to Security Expertise 10 Updates to Local Premises 10 Comparison Summary 11 Data Cloud Essential Elements 11 Broad Network of Data Sources 11 Data Mining Capabilities 12 Security Expertise 12 DeepNines Content Filter 13 About DeepNines 14 Real-Time Network Defense 3
Defending Against Modern Web Threats Introducing Data Cloud URL Filtering Executive Summary The explosion in Internet use has brought with it new threats for both home and business. URL Filtering, which has previously been used primarily for content control, compliance and productivity, is now starting to be implemented as an additional layer to mitigate these web-based threats. However, earlier generations of URL Filtering solutions, based on black/white lists, local databases, and on-session heuristics, are still in widespread use but cannot keep up with today’s threats due to their technical limitations. This white paper introduces a new type of URL Filtering technology known as “Data Cloud URL Filtering” technology that overcomes the limitations of older solutions and provides the necessary protection against the growing dangers on the Web.that are necessary to utilize the connectivity funded by the Schools and Libraries Program. Introduction The Internet has become an indispensable part of everyday life and work, yet the massive growth of data coupled with a rapid increase in the number of individuals with Web access has introduced a variety of productivity, compliance and security challenges to today’s Internet users. In private homes, the Internet can easily turn into a dangerous tool if not used and monitored properly. Pornography, nudity, hate sites and violence are just a few examples of unwanted content to which children can easily be exposed if not properly protected. In the business arena, organizations must defend themselves against legal liabilities that arise when employees access inappropriate or illegal Web sites or content; implementing self-enforced use policies has not been enough to prevent these activities. Productivity challenges for businesses include crippling bandwidth consumption, network latency and even network downtime due to the rise in corporate users and their bandwidth-intensive applications such as streaming media. Security risks are also an important and growing issue for both home and business users, as the enormous popularity and reach of the Internet has made it the preferred attack vector for hackers. Attackers are finding increasingly sophisticated ways to utilize the Web for their activities, such as infecting websites with malware, both in legitimate web sites as well as less reputable sites such as those hosting pornography. Industry analyst firm Gartner pointed out that in the first quarter of 2008, more than 50 percent of infected sites were in fact legitimate ones that had been silently infected by attackers1 — an alarming statistic that shows how important it is to have highly accurate solutions to identify and block access to malicious web sites. 1Peter Firstbrook, “Why Malware Filtering is Necessary in the Web Gateway,” Gartner Publication G00158459, 26 August 2008, 2. Real-Time Network Defense 4
URL Filtering (URLF) technology was originally intended to protect minors surfing the web and prevent employee access to inappropriate content or sites which had a negative impact on employee productivity; however, URLF is now being added to the security arsenal as an additional layer of protection. URL Filtering is becoming a key addition to the multi-layered approach which includes gateway firewalls, anti-virus solutions and intrusion prevention. According to Gartner, the Web threat environment has evolved dramatically during the past three years; however, most organizations continue to rely on the same defensive technology introduced more than ten years ago — a practice that leaves them exposed to business, legal and security risks. Not all URLF solutions are equal in the way they analyze a site. Today’s Web sites are increasingly diversified, and user-generated content in Web 2.0 and social networking sites has led to the grouping of a variety of media and content types on a single site. In this scenario, a malware site can easily hide in a subdomain or page within a legitimate domain such as Microsoft’s live.spaces.com or Facebook. Web use and Web threats happen in real-time and organizations require next generation URLF technology advanced enough to keep up with the complex and quickly shifting threatscape in a user-generated content world. The Evolution of URL Filtering In order to understand the evolution of URLF implementations, it is important first to understand the main processes of most URLF systems. The chart below defines these processes of categorization, storage and filtering: Process Mission Categorization Analyzes Web data to associate URLs with one or more pre-defined categories Storage Stores the categorized sites – typically in a database – for access as users browse Filtering Takes action (block/allow) based on how sites are categorized The different approaches and implementations of each of these URLF elements can have a tremendous effect on systems’ infrastructure, performance and accuracy. Early URL Filtering In the mid 1990s, URLF solutions relied on black lists (prohibited) and white lists (approved) to control access to Web sites. While the lists of good/bad URLs were managed locally by each organization’s IT department, in most cases they were generated by a central service and then stored at each customer’s site, where filtering also took place. There were, however, a number of drawbacks to this approach. 2 Firstbrook, 2 Real-Time Network Defense 5
Inaccurate site categorizations caused many approved sites to be blocked while allowing some prohibited sites through the filters. It was a resource-intensive process requiring IT departments to handle frequent updates and edits to the lists. List-based URLF solutions were limited to filtering “known” sites, and suffered a notable lack of granularity that left Most organizations them unable to adequately process new Web requests. As the Web grew and the number continue to rely on the and complexity of Web threats increased, a black/white list approach was no longer a same technology invented viable approach for organizations seeking a reliable filtering solution. 10 years ago. In the late 1990s, URLF technology began leveraging category engines coupled with a Gartner local database. The category engines were typically located in a remote location (i.e. “in the cloud”) rather than a local machine within a corporate network. This remote categorization approach is still the preferred architecture for today’s standard URLF solutions. Using this technology, URLs and their contents were analyzed and classified under a predefined category (e.g., pornography, employment searches, sports) stored in a centralized master database and then transferred in batches to local customer databases which were exact replicas of the master database. Unlike with black and white lists, where policies were across-the-board, the centralized category engine approach introduced the capability to enforce granular policies at each organization. While providing more depth than the previous incarnation of URLF, the fact that these solutions were restricted by the size of the local database impeded their ability to provide extensive coverage and in-depth site classification. This limitation had an even greater effect on system accuracy as sites have become more dynamic and complex. Figure 1 demonstrates a typical database URLF implementation, where although the categorization process is done in a remote location (in the cloud), the storage is kept at the device level. In that type of architecture, every customer has the exact same database, regardless of the fact that each different customer has different needs. Figure 1 — Database URL Filtering Architecture 3Jesse Alpert & Nissan Hajaj, “We knew the web was big...,” The official Google Blog, July 25, 2008 <http://googleblog.blogspot.com/2008/07/we-knew-web-was-big.html>. Real-Time Network Defense 6
Traditional URL Filtering In the early 2000s, URLF solutions began to employ dynamic engines as a means of analyzing the flood of dynamic content and Web sites on the fly. These on-session heuristic engines examine probability — i.e., how likely it is that the text in a particular site signifies the type of site it actually is — in order to determine whether or not a site should be blocked. Local heuristic engines attempted to solve the main problems inherent in database solutions: their “one size fits all” approach and limited capacity. Since local heuristic engines must analyze a site without interrupting user experience, they are supposed to work quickly, but unlike categorization in the cloud, they do so with limited resources because their categorization engine typically runs on a desktop or appliance. Impaired by time and resource limitations, these engines still are not capable of providing an in-depth analysis of both content and context – two vital points when dealing with the complexities of a Web 2.0 environment. Furthermore, these engines have been prone to harm organizations’ productivity or even break security policies by blocking legitimate sites or allowing malicious content to pass though. Since this type of heuristic technology has not yet stabilized, these engines are typically used in tandem with older, more established local database solutions. While there are several database solutions that employ heuristic engines in their offering, their use is limited to specific categorization tasks, while leaving the database-building process to the more in-depth and mature technology. Although deploying them together provides a slight improvement over each one alone, blending database URLF together with on-session heuristic URLF still keeps both technologies’ shortcomings. Overall, these database/heuristic URLF solutions are limited enough that they tend to disappoint when it comes to accuracy and performance. Data Cloud URL Filtering The Web is an almost infinite collection of data that is growing at a speed of a billion pages per day, according to Google. The Internet’s vast size coupled with the unique and specific Since the database itself needs of individual customers has created the need to move beyond physical and technical limitations of local databases and on-session heuristics; the most innovative and effective is located int he cloud, approach has been to transfer the local database into the cloud. This provides a more Data Cloud URLF is able flexible, comprehensive and accurate form of URLF technology which can be called “Data to leverage the enormous Cloud URL Filtering.” depth and breadth of the data available. Data Cloud URLF does not need to rely upon the limited resources of an on-premise database for analysis and detection, nor is it dependent on database updates for the latest available information. Instead, since the database itself is located in the cloud, Data Cloud URLF is able to leverage the enormous depth and breadth of data available in the cloud for threat detection, analysis and prevention. Working in the cloud, multiple engines can work massively on classification, growing the Data Cloud’s contents based on actual usage and popularity patterns. The Data Cloud itself is an extensive, nearly infinite database existing outside of a fixed location. Comprised of relevant, up-to-date content needed to facilitate quick and accurate detection, its massive computing and storage capabilities are leveraged by a local cache that unlike the traditional database, stores only the data required to fulfill each customer’s needs. Thus the data cloud overcomes many of the problems inherent in the earlier generations of URLF. Real-Time Network Defense 7
Figure 2 demonstrates a typical Data Cloud URLF implementation, where the categorization and database itself is stored in a remote location (in the cloud). In this architecture, the local cache stores the necessary information locally, and can expand and contract based on customer needs. Figure 2 — Data Cloud URL Filtering Architecture Real-Time Network Defense 8
Data Cloud vs. Traditional URL Filtering Storage Size Impacts Accuracy and Coverage The innovation of Data Cloud technology is in its storage process, where it eliminates the limitation of local, on-premise storage capacity, allowing URLF solutions to focus on accuracy and coverage. The size of the database Note that even in traditional database URLF, the categorization is done in the cloud, but dictates how accurate or this differs significantly from Data Cloud URLF. A local database can contain millions of complete it can be; every categorized sites and tens of millions of Web pages, but this represents a tiny fraction of new site that needs to be sites/pages on the Internet overall, so the chances of missing something important are added to the local substantial. The size of the database dictates how accurate or complete it can be; every database comes at the...... new site that needs to be added to the local database comes at the expense of data that is already there and will need to be pushed out. For example, a popular blog hosting site such as blogspot.com may contain more than 20 million Web pages, each fitting into an entirely different category — one blog may be about science, another about sex, even another about politics — totaling 20 million unique entries in the database. As the local database URLF solution cannot afford to have 20 million different entries for a single Web site, it will typically generalize its findings. By trying to fit each page into the most similar categories it can find — such as “blogs” or “computers” — the potential exists for it to block legitimate pages while allowing some prohibited content through. Furthermore, database URLF technology provides the same sites and their global classifications to all customers, regardless of its relevance to each individual user or organization. Taking into consideration the behavioral, cultural, geographical and professional differences that can vary between organizations, this dictates a necessary compromise in terms of coverage. Even when deployed with together a heuristic engine, the limitation for database URLF technology is still a major factor. Trying to assess a URL’s categories with on-session local heuristic engines under the restrictions of limited resources, performance issues and latency, impedes the ability to provide accurate classification. This means that in mixed solutions, local heuristic engines cannot function as a complementary layer to categorize every request that the database lacks; instead, they are used only a small percentage of the time and only for well-defined categorization tasks. Data Cloud URLF, on the other hand, has no local storage limitations, so this technology can store all the Web pages that its customer-base needs in the cloud, while each customer’s local cache stores only the sites that are relevant to that customer. Returning to the previous example, while all 20 million pages in a particular domain can be stored in the Data Cloud, each customer can store the exact required subset based on its unique browsing behavior and needs. Real-Time Network Defense 9
Access to Security Expertise Considering URLF as an integral part of the overall security infrastructure is an important step toward detecting and preventing Web threats. However, the design limitations of earlier generation URLF solutions prevent them from prioritizing these threats quickly and accurately. Furthermore, they are limited in their access to security sources from which to extract updated information. With the speed at which Web threats appear and evolve, this drawback has a serious impact upon the effectiveness of traditional URLF solutions. Data Cloud URLF solutions, on the other hand, can leverage the extensive security expertise available in the cloud such as zero-hour malware patterns, zombie data and phishing feeds. The Cloud provides continual access to updates on the latest threats, which allows Data Cloud URLF solutions to quickly and efficiently place potential threats into core security categories such as compromised sites, malware and phishing. Retaining these categorizations in the Data Cloud enables all users, regardless of geographic or physical location, to benefit from the continuous analysis and identification of threats. Updates to Local Premises Updates are another differentiator between Data Cloud and traditional URLF solutions. In order for database URLF to obtain the most recent information, frequent high-volume and often time-consuming updates must be performed. With the growth of dynamic and short-lived threats, such as phishing sites that are online for less than 24 hours, database URLF solutions relying on periodic updates cannot stay up-to-date. Additionally, each update may inflate the local database unnecessarily with large amounts of irrelevant information, affecting both system and network resources. Data Cloud URLF solutions are not burdened with the need for scheduled updates, as they only make real-time requests for information not previously known in the local cache to receive highly specific and relevant information from the Data Cloud as needed. Thus, these solutions avoid the data dump inherent in traditional URLF updates; storing this specific information in the local cache creates a streamlined, efficient resource for users — storing nothing more and nothing less than they need at any given time. 4 Firstbrook, 2 Real-Time Network Defense 10
Comparison Summary While most URL filtering technologies were adequate solutions at the time they were introduced, they failed to adapt to the changing environment. The following figure summarizes each technology’s advantages and disadvantages when examined in light of the demands of today’s dynamic Internet environment. Figure 3 — URL Filtering Technology Comparison in Today’s Internet Environment Mid 90s Late 90s Early 2000 2008 Local Black Local Heuristic Data White Lists Databases Engines Cloud Accuracy POOR BASIC POOR EXCELLENT Coverage POOR POOR EXCELLENT EXCELLENT Badwidth EXCELLENT POOR EXCELLENT EXCELLENT Up-to-date POOR POOR BASIC EXCELLENT Local DB can’t Summary Not scalable for Unlimited central cope with Not enough local today’s dynamic power, advanced exponential resources to Internet demands auto-learning Internet growth analyze data local cache and diveristy Data Cloud Essential Elements Implementing a Data Cloud URLF solution involves more than just storing a database in a It is critical for a Data remote location — different infrastructure, analysis methodology and expertise are required Cloud URLF solution to to leverage its considerable advantages. Following are descriptions of three areas that are a gather data from ultiple crucial part of an effective Data Cloud URLF implementation: broad data source network, specialized sources and data mining capabilities and security expertise. protocols to obtain truly accurate information. Broad Network of Data Sources The sheer size and complexity of the Internet make it impossible for any one vendor to possess enough expertise to address every possible Web threat. Therefore, it is critical for a Data Cloud URLF solution to gather data from multiple specialized sources and protocols to obtain truly accurate information. Messaging and Web protocols are now frequently used as a channel for malicious activities. Whether from phishing sites that are distributed through spam or malicious Web sites hosted on infected machines, a Data Cloud solution must be able to gather and analyze a substantial amount of complementary sources in order to better detect new and emerging threats. Browsing behavior from both individual users and backbone traffic is a valuable source of information for URLF solutions. With no database size limitations, each request can be analyzed and processed to identify key trends from around the world. For example, if a small site receives a sudden spike in traffic, it should be analyzed for possible threats since malware writers frequently increase traffic to an infected site to achieve results. Real-Time Network Defense 11
Zero hour malware is also a concern. While identifying malware variants lies in the hands of expert anti-virus vendors, Data Cloud URLF can utilize this expertise in a mutually beneficial manner – the URLF acts as a source of information about new variants, informing anti-virus vendors; while the anti-virus vendors act as an authority for blacklisting malicious files on Web sites. This sort of sharing and analysis requires a dedicated infrastructure for trading information not only across different protocols, but across companies as well. Data Mining Capabilities Since the amount of information available for analysis and processing is nearly infinite, accurate and comprehensive data mining capability is a key function of Data Cloud URLF solutions. The ability to extract patterns and threats from an enormous and diversified group of data sources — in mere seconds — is one of the most important differentiators among Data Cloud URLF solutions. Cross referencing different data sources in order to identify new patterns and threats is an integral part of URLF data mining. The ability to place all the pieces together in order to see the big picture requires a technology infrastructure that feeds one data source engine output with another, in order to extract more value from existing sources. For example, most web-based phishing and malware outbreaks are delivered via email, so feeding these attacks into the URL engine can allow a URLF engine to block attacks at the zero hour. By utilizing this expertise, Data Cloud URLF enables the identification and extraction of new threats in real-time. When data is gathered from many different protocols including external sources, Data Cloud URLF can provide a 360-degree view of the entire threatscape. Security Expertise Web threats are increasing at an alarming rate. According to Gartner, the threat environment will continue to evolve rapidly due to attackers’ specializations and the proliferation of adaptable malware tools.4 Thus, they stress the need for organizations to change their defensive strategies or accept increased business risk and potentially costly disruptions. The original URLF technologies were designed to handle productivity and inappropriate content, rather than security. Today’s Web threats, however, require URLF solutions to include proven security expertise to detect current and even future Internet threats. There are millions of data points constantly being analyzed with Data Cloud URLF and without proven security expertise, crucial elements can be overlooked. Real-Time Network Defense 12
DeepNines Content Filter Sharing resources DeepNines Content Filter leverages Data Cloud technology to provide the most accurate, amongst vast numbers of up-to-the-minute analysis and categorization available in a URLF solution today. It is provided in the DeepNines Secure Web Gateway appliance (local database) and integrates users in the Data Cloud seamlessly with the Data Cloud without administrative set-up or administration. enables organizations to By taking full advantage of the depth and breadth of resources available in the cloud, access more Content Filter is able to extract patterns and threats from an enormous and diversified comprehensive, granular group of data sources in mere seconds. Built on proven, award-winning security and specific filtering data technology, DeepNines and its expansive global network of security partners, such as the than is available with a Commtouch Security Alliance, are able to provide timely, detailed information on coverage database-dependent areas ranging from anti-spyware, anti-phishing and anti-child pornography, to site rank URLF solution. technologies and search engine pattern analysis, among others. Once accessed, this information is stored in the Data Cloud for ongoing reference. Updated in real-time, these same sources inform the rapid analysis and categorization process of Content Filter, allowing users to extract highly specific and detailed results wherever and whenever they require it. Real-Time Network Defense 13
About DeepNines DeepNines Technologies is a leader in network security, providing real-time, identity-based network defense for content and applications. Since 1999, DeepNines has provided business, education, health care and government customers with innovative network security that is affordable and easy-to-use. By inventing and patenting unified threat management technology, DeepNines' products enable unparalleled protection and control of ports, protocols, users, applications and content at firewall speed. DeepNines' gateway products leverage the power to protect, control and manage inbound and outbound Internet traffic, empowering enterprises and institutions to secure their networks deep-into-the-nines. For more information, go to www.deepnines.com or contact your DeepNines sales representative at sales@deepnines.com. Network-Based Solution Portfolio: • Web Security Gateway • Unified Threat Management • Network and Application Firewalls • Network Admission Control • Network Intrusion Prevention • Network Behavioral Analysis • Network-Based Data Loss Prevention • Internet Security Assessment Innovation and Patent Portfolio Through commitment, expertise and innovative thinking, DeepNines has led the network security industry with pioneering technology and products. With over 40 patent applications filed and eight patents granted, DeepNines created the unified threat management (UTM) market by pioneering the integration of firewall and intrusion prevention/detection into a single, intelligent solution. DeepNines’ powerful blend of technology has led the way for other industry-leading solutions for bandwidth management, content filtering and application control. Acknowledgements • Gartner Inc. • Commtouch GlobalView and Security Alliance Real-Time Network Defense 14
DeepNines_ModernThreats_0909 14 6 4 3 Da lla s P ar k wa y , S ui te 15 0 | D all as , T X 7 5 2 5 4 - 8 8 0 1 | t e l 2 1 4 .2 7 3 .6 996 | e m ai l s al es @d e e p ni ne s . co m | we b d ee p n ine s. c om Copyright © 2009 DeepNines Technologies, Inc. All rights reserved. DeepNines, the DeepNines logo and DeepNines products of DeepNines Secure Web Gateway and DeepNines features, technologies and product-lines are registered trademarks of DeepNines Technologies, Inc. All other trademarks are the property of DeepNines Technologies, Inc. or their respective owners. While every effort is made to ensure the information given is accurate, DeepNines does not accept liability for any errors or mistakes which may arise. Specifications and other information in this document may be subject to change without notice. DeepNines Data Sheet released 09, 2009. DeepNines is protected by US Patents 6,930,978, 7,058,976 and 7,380,272.

Empfohlen

Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Managementipspat
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging Threats2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging ThreatsLumension
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the CloudChirag Joshi, CISA, CISM, CRISC
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsKim Jensen
 
Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118
Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118
Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118AngelaHoltby
 

Empfohlen

Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Managementipspat
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging Threats2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging ThreatsLumension
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the CloudChirag Joshi, CISA, CISM, CRISC
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsKim Jensen
 
Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118
Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118
Cloudifying threats-understanding-cloud-app-attacks-and-defenses joa-eng_0118AngelaHoltby
 
Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Kim Jensen
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to itIT-Toolkits.org
 
State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008Kim Jensen
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integrationMarco Essomba
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Presd1 10
Presd1 10Presd1 10
Presd1 10Niels Groeneveld
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...Authentic8
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsCognizant
 
Unique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsUnique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsJuniper Networks
 
Project 3
Project 3Project 3
Project 3Priyanka Goswami
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalShallu Behar-Sheehan FCIM
 
F5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 Networks
 
ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010Ulf Mattsson
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Online Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsOnline Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsAlfonso Sintjago
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paperRenny Shen
 
ICT ICA3
ICT ICA3ICT ICA3
ICT ICA3bf0801.bm0741s109
 
Linxen&pimmer
Linxen&pimmerLinxen&pimmer
Linxen&pimmerUniversity of the West of England
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Kim Jensen
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to itIT-Toolkits.org
 
State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008Kim Jensen
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integrationMarco Essomba
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...Authentic8
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsCognizant
 
Unique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsUnique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsJuniper Networks
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalShallu Behar-Sheehan FCIM
 
F5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 Networks
 
ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010Ulf Mattsson
 
Share point encryption
Share point encryptionShare point encryption
Share point encryptioncsmith2009
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Online Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsOnline Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsAlfonso Sintjago
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paperRenny Shen
 

Was ist angesagt? (20)

Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data security
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integration
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
 
Presd1 10
Presd1 10Presd1 10
Presd1 10
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 
Unique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative SolutionsUnique Security Challenges in the Datacenter Demand Innovative Solutions
Unique Security Challenges in the Datacenter Demand Innovative Solutions
 
Project 3
Project 3Project 3
Project 3
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
 
F5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhere
 
ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010
 
Share point encryption
Share point encryptionShare point encryption
Share point encryption
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdata
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
Online Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security ConsiderationsOnline Focus Groups Privacy and Security Considerations
Online Focus Groups Privacy and Security Considerations
 
comparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-papercomparing-approaches-for-web-dns-infrastructure-security-white-paper
comparing-approaches-for-web-dns-infrastructure-security-white-paper
 

Andere mochten auch

Impacts of ict in society
Impacts of ict in societyImpacts of ict in society
Impacts of ict in societyMat_J
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidPhil Agcaoili
 
Digital divide linear powerpoint
Digital divide linear powerpointDigital divide linear powerpoint
Digital divide linear powerpointlawhitney83
 
The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008Tim Bass
 
Cyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldCyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldSOURAV CHANDRA
 
Modern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panelModern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panelRamsés Gallego
 
Digital Divide Powerpoint by Sam, Michael, Eduard and Hanut
Digital Divide Powerpoint by Sam, Michael, Eduard and HanutDigital Divide Powerpoint by Sam, Michael, Eduard and Hanut
Digital Divide Powerpoint by Sam, Michael, Eduard and Hanutsmuench
 
Final cyber crime and security
Final cyber crime and securityFinal cyber crime and security
Final cyber crime and securitynikunjandy
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & securitypinkutinku26
 
Digital Divide Powerpoint
Digital Divide PowerpointDigital Divide Powerpoint
Digital Divide Powerpointsmuench
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKeshab Nath
 
Information communication technology
Information communication technologyInformation communication technology
Information communication technologyAditya
 
cyber crime & cyber law
cyber crime & cyber lawcyber crime & cyber law
cyber crime & cyber lawhimanshumunjal
 

Andere mochten auch (20)

ICT ICA3
ICT ICA3ICT ICA3
ICT ICA3
 
Linxen&pimmer
Linxen&pimmerLinxen&pimmer
Linxen&pimmer
 
Impacts of ict in society
Impacts of ict in societyImpacts of ict in society
Impacts of ict in society
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
 
Digital divide linear powerpoint
Digital divide linear powerpointDigital divide linear powerpoint
Digital divide linear powerpoint
 
The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008
 
Cyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldCyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's world
 
Modern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panelModern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panel
 
Digital Divide Powerpoint by Sam, Michael, Eduard and Hanut
Digital Divide Powerpoint by Sam, Michael, Eduard and HanutDigital Divide Powerpoint by Sam, Michael, Eduard and Hanut
Digital Divide Powerpoint by Sam, Michael, Eduard and Hanut
 
Final cyber crime and security
Final cyber crime and securityFinal cyber crime and security
Final cyber crime and security
 
Digital Divide PPT
Digital Divide PPTDigital Divide PPT
Digital Divide PPT
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
Digital Divide Powerpoint
Digital Divide PowerpointDigital Divide Powerpoint
Digital Divide Powerpoint
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Impact of ICT
Impact of ICTImpact of ICT
Impact of ICT
 
Information communication technology
Information communication technologyInformation communication technology
Information communication technology
 
ICT Centered Teaching & Learning
ICT Centered Teaching & LearningICT Centered Teaching & Learning
ICT Centered Teaching & Learning
 
cyber crime & cyber law
cyber crime & cyber lawcyber crime & cyber law
cyber crime & cyber law
 

Ähnlich wie Defending Against Modern Threats Wp Lr[1]

Watch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)DnaWatch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)DnaSylCotter
 
APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...
APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...
APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...apidays
 
wp-security-dbsec-cloud-3225125
wp-security-dbsec-cloud-3225125wp-security-dbsec-cloud-3225125
wp-security-dbsec-cloud-3225125Gabor Bokor
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12Altaware, Inc.
 
Malicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression TechniqueMalicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression TechniqueDr. Amarjeet Singh
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
Cloud service providers in pune
Cloud service providers in puneCloud service providers in pune
Cloud service providers in puneAnshita Dixit
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityAhmed Banafa
 
A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...IJECEIAES
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfTechugo
 

Ähnlich wie Defending Against Modern Threats Wp Lr[1] (20)

Watch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)DnaWatch Guard Reputation Enabled Defense (White Paper)Dna
Watch Guard Reputation Enabled Defense (White Paper)Dna
 
APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...
APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...
APIsecure 2023 - Approaching Multicloud API Security USing Metacloud, David L...
 
wp-security-dbsec-cloud-3225125
wp-security-dbsec-cloud-3225125wp-security-dbsec-cloud-3225125
wp-security-dbsec-cloud-3225125
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
375 378
375 378375 378
375 378
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
Palo Alto Networks K-12
Palo Alto Networks K-12Palo Alto Networks K-12
Palo Alto Networks K-12
 
Malicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression TechniqueMalicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression Technique
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providers
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Cloud service providers in pune
Cloud service providers in puneCloud service providers in pune
Cloud service providers in pune
 
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...A hybrid framework for detecting structured query language injection attacks...
A hybrid framework for detecting structured query language injection attacks...
 
The New Intelligent Network: Building a Smarter, Simpler Architecture
The New Intelligent Network: Building a Smarter, Simpler ArchitectureThe New Intelligent Network: Building a Smarter, Simpler Architecture
The New Intelligent Network: Building a Smarter, Simpler Architecture
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
 

Kürzlich hochgeladen

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Kürzlich hochgeladen (20)

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

Defending Against Modern Threats Wp Lr[1]

  • 1. Whitepaper: Defending Against Modern Web Threats Introducing Data Cloud URL Filtering Real-Time Network Defense
  • 2. Table of Contents Executive Summary 4 Introduction 4 The Evolution of URL Filtering 5 Early URL Filtering 5 Traditional Filtering 7 Data Cloud Filtering 7 Data Cloud Vs. Traditional URL Filtering 9 Storage Size Impacts Accuracy and Coverage 9 Access to Security Expertise 10 Updates to Local Premises 10 Comparison Summary 11 Data Cloud Essential Elements 11 Broad Network of Data Sources 11 Data Mining Capabilities 12 Security Expertise 12 DeepNines Content Filter 13 About DeepNines 14 Real-Time Network Defense 3
  • 3. Defending Against Modern Web Threats Introducing Data Cloud URL Filtering Executive Summary The explosion in Internet use has brought with it new threats for both home and business. URL Filtering, which has previously been used primarily for content control, compliance and productivity, is now starting to be implemented as an additional layer to mitigate these web-based threats. However, earlier generations of URL Filtering solutions, based on black/white lists, local databases, and on-session heuristics, are still in widespread use but cannot keep up with today’s threats due to their technical limitations. This white paper introduces a new type of URL Filtering technology known as “Data Cloud URL Filtering” technology that overcomes the limitations of older solutions and provides the necessary protection against the growing dangers on the Web.that are necessary to utilize the connectivity funded by the Schools and Libraries Program. Introduction The Internet has become an indispensable part of everyday life and work, yet the massive growth of data coupled with a rapid increase in the number of individuals with Web access has introduced a variety of productivity, compliance and security challenges to today’s Internet users. In private homes, the Internet can easily turn into a dangerous tool if not used and monitored properly. Pornography, nudity, hate sites and violence are just a few examples of unwanted content to which children can easily be exposed if not properly protected. In the business arena, organizations must defend themselves against legal liabilities that arise when employees access inappropriate or illegal Web sites or content; implementing self-enforced use policies has not been enough to prevent these activities. Productivity challenges for businesses include crippling bandwidth consumption, network latency and even network downtime due to the rise in corporate users and their bandwidth-intensive applications such as streaming media. Security risks are also an important and growing issue for both home and business users, as the enormous popularity and reach of the Internet has made it the preferred attack vector for hackers. Attackers are finding increasingly sophisticated ways to utilize the Web for their activities, such as infecting websites with malware, both in legitimate web sites as well as less reputable sites such as those hosting pornography. Industry analyst firm Gartner pointed out that in the first quarter of 2008, more than 50 percent of infected sites were in fact legitimate ones that had been silently infected by attackers1 — an alarming statistic that shows how important it is to have highly accurate solutions to identify and block access to malicious web sites. 1Peter Firstbrook, “Why Malware Filtering is Necessary in the Web Gateway,” Gartner Publication G00158459, 26 August 2008, 2. Real-Time Network Defense 4
  • 4. URL Filtering (URLF) technology was originally intended to protect minors surfing the web and prevent employee access to inappropriate content or sites which had a negative impact on employee productivity; however, URLF is now being added to the security arsenal as an additional layer of protection. URL Filtering is becoming a key addition to the multi-layered approach which includes gateway firewalls, anti-virus solutions and intrusion prevention. According to Gartner, the Web threat environment has evolved dramatically during the past three years; however, most organizations continue to rely on the same defensive technology introduced more than ten years ago — a practice that leaves them exposed to business, legal and security risks. Not all URLF solutions are equal in the way they analyze a site. Today’s Web sites are increasingly diversified, and user-generated content in Web 2.0 and social networking sites has led to the grouping of a variety of media and content types on a single site. In this scenario, a malware site can easily hide in a subdomain or page within a legitimate domain such as Microsoft’s live.spaces.com or Facebook. Web use and Web threats happen in real-time and organizations require next generation URLF technology advanced enough to keep up with the complex and quickly shifting threatscape in a user-generated content world. The Evolution of URL Filtering In order to understand the evolution of URLF implementations, it is important first to understand the main processes of most URLF systems. The chart below defines these processes of categorization, storage and filtering: Process Mission Categorization Analyzes Web data to associate URLs with one or more pre-defined categories Storage Stores the categorized sites – typically in a database – for access as users browse Filtering Takes action (block/allow) based on how sites are categorized The different approaches and implementations of each of these URLF elements can have a tremendous effect on systems’ infrastructure, performance and accuracy. Early URL Filtering In the mid 1990s, URLF solutions relied on black lists (prohibited) and white lists (approved) to control access to Web sites. While the lists of good/bad URLs were managed locally by each organization’s IT department, in most cases they were generated by a central service and then stored at each customer’s site, where filtering also took place. There were, however, a number of drawbacks to this approach. 2 Firstbrook, 2 Real-Time Network Defense 5
  • 5. Inaccurate site categorizations caused many approved sites to be blocked while allowing some prohibited sites through the filters. It was a resource-intensive process requiring IT departments to handle frequent updates and edits to the lists. List-based URLF solutions were limited to filtering “known” sites, and suffered a notable lack of granularity that left Most organizations them unable to adequately process new Web requests. As the Web grew and the number continue to rely on the and complexity of Web threats increased, a black/white list approach was no longer a same technology invented viable approach for organizations seeking a reliable filtering solution. 10 years ago. In the late 1990s, URLF technology began leveraging category engines coupled with a Gartner local database. The category engines were typically located in a remote location (i.e. “in the cloud”) rather than a local machine within a corporate network. This remote categorization approach is still the preferred architecture for today’s standard URLF solutions. Using this technology, URLs and their contents were analyzed and classified under a predefined category (e.g., pornography, employment searches, sports) stored in a centralized master database and then transferred in batches to local customer databases which were exact replicas of the master database. Unlike with black and white lists, where policies were across-the-board, the centralized category engine approach introduced the capability to enforce granular policies at each organization. While providing more depth than the previous incarnation of URLF, the fact that these solutions were restricted by the size of the local database impeded their ability to provide extensive coverage and in-depth site classification. This limitation had an even greater effect on system accuracy as sites have become more dynamic and complex. Figure 1 demonstrates a typical database URLF implementation, where although the categorization process is done in a remote location (in the cloud), the storage is kept at the device level. In that type of architecture, every customer has the exact same database, regardless of the fact that each different customer has different needs. Figure 1 — Database URL Filtering Architecture 3Jesse Alpert & Nissan Hajaj, “We knew the web was big...,” The official Google Blog, July 25, 2008 <http://googleblog.blogspot.com/2008/07/we-knew-web-was-big.html>. Real-Time Network Defense 6
  • 6. Traditional URL Filtering In the early 2000s, URLF solutions began to employ dynamic engines as a means of analyzing the flood of dynamic content and Web sites on the fly. These on-session heuristic engines examine probability — i.e., how likely it is that the text in a particular site signifies the type of site it actually is — in order to determine whether or not a site should be blocked. Local heuristic engines attempted to solve the main problems inherent in database solutions: their “one size fits all” approach and limited capacity. Since local heuristic engines must analyze a site without interrupting user experience, they are supposed to work quickly, but unlike categorization in the cloud, they do so with limited resources because their categorization engine typically runs on a desktop or appliance. Impaired by time and resource limitations, these engines still are not capable of providing an in-depth analysis of both content and context – two vital points when dealing with the complexities of a Web 2.0 environment. Furthermore, these engines have been prone to harm organizations’ productivity or even break security policies by blocking legitimate sites or allowing malicious content to pass though. Since this type of heuristic technology has not yet stabilized, these engines are typically used in tandem with older, more established local database solutions. While there are several database solutions that employ heuristic engines in their offering, their use is limited to specific categorization tasks, while leaving the database-building process to the more in-depth and mature technology. Although deploying them together provides a slight improvement over each one alone, blending database URLF together with on-session heuristic URLF still keeps both technologies’ shortcomings. Overall, these database/heuristic URLF solutions are limited enough that they tend to disappoint when it comes to accuracy and performance. Data Cloud URL Filtering The Web is an almost infinite collection of data that is growing at a speed of a billion pages per day, according to Google. The Internet’s vast size coupled with the unique and specific Since the database itself needs of individual customers has created the need to move beyond physical and technical limitations of local databases and on-session heuristics; the most innovative and effective is located int he cloud, approach has been to transfer the local database into the cloud. This provides a more Data Cloud URLF is able flexible, comprehensive and accurate form of URLF technology which can be called “Data to leverage the enormous Cloud URL Filtering.” depth and breadth of the data available. Data Cloud URLF does not need to rely upon the limited resources of an on-premise database for analysis and detection, nor is it dependent on database updates for the latest available information. Instead, since the database itself is located in the cloud, Data Cloud URLF is able to leverage the enormous depth and breadth of data available in the cloud for threat detection, analysis and prevention. Working in the cloud, multiple engines can work massively on classification, growing the Data Cloud’s contents based on actual usage and popularity patterns. The Data Cloud itself is an extensive, nearly infinite database existing outside of a fixed location. Comprised of relevant, up-to-date content needed to facilitate quick and accurate detection, its massive computing and storage capabilities are leveraged by a local cache that unlike the traditional database, stores only the data required to fulfill each customer’s needs. Thus the data cloud overcomes many of the problems inherent in the earlier generations of URLF. Real-Time Network Defense 7
  • 7. Figure 2 demonstrates a typical Data Cloud URLF implementation, where the categorization and database itself is stored in a remote location (in the cloud). In this architecture, the local cache stores the necessary information locally, and can expand and contract based on customer needs. Figure 2 — Data Cloud URL Filtering Architecture Real-Time Network Defense 8
  • 8. Data Cloud vs. Traditional URL Filtering Storage Size Impacts Accuracy and Coverage The innovation of Data Cloud technology is in its storage process, where it eliminates the limitation of local, on-premise storage capacity, allowing URLF solutions to focus on accuracy and coverage. The size of the database Note that even in traditional database URLF, the categorization is done in the cloud, but dictates how accurate or this differs significantly from Data Cloud URLF. A local database can contain millions of complete it can be; every categorized sites and tens of millions of Web pages, but this represents a tiny fraction of new site that needs to be sites/pages on the Internet overall, so the chances of missing something important are added to the local substantial. The size of the database dictates how accurate or complete it can be; every database comes at the...... new site that needs to be added to the local database comes at the expense of data that is already there and will need to be pushed out. For example, a popular blog hosting site such as blogspot.com may contain more than 20 million Web pages, each fitting into an entirely different category — one blog may be about science, another about sex, even another about politics — totaling 20 million unique entries in the database. As the local database URLF solution cannot afford to have 20 million different entries for a single Web site, it will typically generalize its findings. By trying to fit each page into the most similar categories it can find — such as “blogs” or “computers” — the potential exists for it to block legitimate pages while allowing some prohibited content through. Furthermore, database URLF technology provides the same sites and their global classifications to all customers, regardless of its relevance to each individual user or organization. Taking into consideration the behavioral, cultural, geographical and professional differences that can vary between organizations, this dictates a necessary compromise in terms of coverage. Even when deployed with together a heuristic engine, the limitation for database URLF technology is still a major factor. Trying to assess a URL’s categories with on-session local heuristic engines under the restrictions of limited resources, performance issues and latency, impedes the ability to provide accurate classification. This means that in mixed solutions, local heuristic engines cannot function as a complementary layer to categorize every request that the database lacks; instead, they are used only a small percentage of the time and only for well-defined categorization tasks. Data Cloud URLF, on the other hand, has no local storage limitations, so this technology can store all the Web pages that its customer-base needs in the cloud, while each customer’s local cache stores only the sites that are relevant to that customer. Returning to the previous example, while all 20 million pages in a particular domain can be stored in the Data Cloud, each customer can store the exact required subset based on its unique browsing behavior and needs. Real-Time Network Defense 9
  • 9. Access to Security Expertise Considering URLF as an integral part of the overall security infrastructure is an important step toward detecting and preventing Web threats. However, the design limitations of earlier generation URLF solutions prevent them from prioritizing these threats quickly and accurately. Furthermore, they are limited in their access to security sources from which to extract updated information. With the speed at which Web threats appear and evolve, this drawback has a serious impact upon the effectiveness of traditional URLF solutions. Data Cloud URLF solutions, on the other hand, can leverage the extensive security expertise available in the cloud such as zero-hour malware patterns, zombie data and phishing feeds. The Cloud provides continual access to updates on the latest threats, which allows Data Cloud URLF solutions to quickly and efficiently place potential threats into core security categories such as compromised sites, malware and phishing. Retaining these categorizations in the Data Cloud enables all users, regardless of geographic or physical location, to benefit from the continuous analysis and identification of threats. Updates to Local Premises Updates are another differentiator between Data Cloud and traditional URLF solutions. In order for database URLF to obtain the most recent information, frequent high-volume and often time-consuming updates must be performed. With the growth of dynamic and short-lived threats, such as phishing sites that are online for less than 24 hours, database URLF solutions relying on periodic updates cannot stay up-to-date. Additionally, each update may inflate the local database unnecessarily with large amounts of irrelevant information, affecting both system and network resources. Data Cloud URLF solutions are not burdened with the need for scheduled updates, as they only make real-time requests for information not previously known in the local cache to receive highly specific and relevant information from the Data Cloud as needed. Thus, these solutions avoid the data dump inherent in traditional URLF updates; storing this specific information in the local cache creates a streamlined, efficient resource for users — storing nothing more and nothing less than they need at any given time. 4 Firstbrook, 2 Real-Time Network Defense 10
  • 10. Comparison Summary While most URL filtering technologies were adequate solutions at the time they were introduced, they failed to adapt to the changing environment. The following figure summarizes each technology’s advantages and disadvantages when examined in light of the demands of today’s dynamic Internet environment. Figure 3 — URL Filtering Technology Comparison in Today’s Internet Environment Mid 90s Late 90s Early 2000 2008 Local Black Local Heuristic Data White Lists Databases Engines Cloud Accuracy POOR BASIC POOR EXCELLENT Coverage POOR POOR EXCELLENT EXCELLENT Badwidth EXCELLENT POOR EXCELLENT EXCELLENT Up-to-date POOR POOR BASIC EXCELLENT Local DB can’t Summary Not scalable for Unlimited central cope with Not enough local today’s dynamic power, advanced exponential resources to Internet demands auto-learning Internet growth analyze data local cache and diveristy Data Cloud Essential Elements Implementing a Data Cloud URLF solution involves more than just storing a database in a It is critical for a Data remote location — different infrastructure, analysis methodology and expertise are required Cloud URLF solution to to leverage its considerable advantages. Following are descriptions of three areas that are a gather data from ultiple crucial part of an effective Data Cloud URLF implementation: broad data source network, specialized sources and data mining capabilities and security expertise. protocols to obtain truly accurate information. Broad Network of Data Sources The sheer size and complexity of the Internet make it impossible for any one vendor to possess enough expertise to address every possible Web threat. Therefore, it is critical for a Data Cloud URLF solution to gather data from multiple specialized sources and protocols to obtain truly accurate information. Messaging and Web protocols are now frequently used as a channel for malicious activities. Whether from phishing sites that are distributed through spam or malicious Web sites hosted on infected machines, a Data Cloud solution must be able to gather and analyze a substantial amount of complementary sources in order to better detect new and emerging threats. Browsing behavior from both individual users and backbone traffic is a valuable source of information for URLF solutions. With no database size limitations, each request can be analyzed and processed to identify key trends from around the world. For example, if a small site receives a sudden spike in traffic, it should be analyzed for possible threats since malware writers frequently increase traffic to an infected site to achieve results. Real-Time Network Defense 11
  • 11. Zero hour malware is also a concern. While identifying malware variants lies in the hands of expert anti-virus vendors, Data Cloud URLF can utilize this expertise in a mutually beneficial manner – the URLF acts as a source of information about new variants, informing anti-virus vendors; while the anti-virus vendors act as an authority for blacklisting malicious files on Web sites. This sort of sharing and analysis requires a dedicated infrastructure for trading information not only across different protocols, but across companies as well. Data Mining Capabilities Since the amount of information available for analysis and processing is nearly infinite, accurate and comprehensive data mining capability is a key function of Data Cloud URLF solutions. The ability to extract patterns and threats from an enormous and diversified group of data sources — in mere seconds — is one of the most important differentiators among Data Cloud URLF solutions. Cross referencing different data sources in order to identify new patterns and threats is an integral part of URLF data mining. The ability to place all the pieces together in order to see the big picture requires a technology infrastructure that feeds one data source engine output with another, in order to extract more value from existing sources. For example, most web-based phishing and malware outbreaks are delivered via email, so feeding these attacks into the URL engine can allow a URLF engine to block attacks at the zero hour. By utilizing this expertise, Data Cloud URLF enables the identification and extraction of new threats in real-time. When data is gathered from many different protocols including external sources, Data Cloud URLF can provide a 360-degree view of the entire threatscape. Security Expertise Web threats are increasing at an alarming rate. According to Gartner, the threat environment will continue to evolve rapidly due to attackers’ specializations and the proliferation of adaptable malware tools.4 Thus, they stress the need for organizations to change their defensive strategies or accept increased business risk and potentially costly disruptions. The original URLF technologies were designed to handle productivity and inappropriate content, rather than security. Today’s Web threats, however, require URLF solutions to include proven security expertise to detect current and even future Internet threats. There are millions of data points constantly being analyzed with Data Cloud URLF and without proven security expertise, crucial elements can be overlooked. Real-Time Network Defense 12
  • 12. DeepNines Content Filter Sharing resources DeepNines Content Filter leverages Data Cloud technology to provide the most accurate, amongst vast numbers of up-to-the-minute analysis and categorization available in a URLF solution today. It is provided in the DeepNines Secure Web Gateway appliance (local database) and integrates users in the Data Cloud seamlessly with the Data Cloud without administrative set-up or administration. enables organizations to By taking full advantage of the depth and breadth of resources available in the cloud, access more Content Filter is able to extract patterns and threats from an enormous and diversified comprehensive, granular group of data sources in mere seconds. Built on proven, award-winning security and specific filtering data technology, DeepNines and its expansive global network of security partners, such as the than is available with a Commtouch Security Alliance, are able to provide timely, detailed information on coverage database-dependent areas ranging from anti-spyware, anti-phishing and anti-child pornography, to site rank URLF solution. technologies and search engine pattern analysis, among others. Once accessed, this information is stored in the Data Cloud for ongoing reference. Updated in real-time, these same sources inform the rapid analysis and categorization process of Content Filter, allowing users to extract highly specific and detailed results wherever and whenever they require it. Real-Time Network Defense 13
  • 13. About DeepNines DeepNines Technologies is a leader in network security, providing real-time, identity-based network defense for content and applications. Since 1999, DeepNines has provided business, education, health care and government customers with innovative network security that is affordable and easy-to-use. By inventing and patenting unified threat management technology, DeepNines' products enable unparalleled protection and control of ports, protocols, users, applications and content at firewall speed. DeepNines' gateway products leverage the power to protect, control and manage inbound and outbound Internet traffic, empowering enterprises and institutions to secure their networks deep-into-the-nines. For more information, go to www.deepnines.com or contact your DeepNines sales representative at sales@deepnines.com. Network-Based Solution Portfolio: • Web Security Gateway • Unified Threat Management • Network and Application Firewalls • Network Admission Control • Network Intrusion Prevention • Network Behavioral Analysis • Network-Based Data Loss Prevention • Internet Security Assessment Innovation and Patent Portfolio Through commitment, expertise and innovative thinking, DeepNines has led the network security industry with pioneering technology and products. With over 40 patent applications filed and eight patents granted, DeepNines created the unified threat management (UTM) market by pioneering the integration of firewall and intrusion prevention/detection into a single, intelligent solution. DeepNines’ powerful blend of technology has led the way for other industry-leading solutions for bandwidth management, content filtering and application control. Acknowledgements • Gartner Inc. • Commtouch GlobalView and Security Alliance Real-Time Network Defense 14
  • 14. DeepNines_ModernThreats_0909 14 6 4 3 Da lla s P ar k wa y , S ui te 15 0 | D all as , T X 7 5 2 5 4 - 8 8 0 1 | t e l 2 1 4 .2 7 3 .6 996 | e m ai l s al es @d e e p ni ne s . co m | we b d ee p n ine s. c om Copyright © 2009 DeepNines Technologies, Inc. All rights reserved. DeepNines, the DeepNines logo and DeepNines products of DeepNines Secure Web Gateway and DeepNines features, technologies and product-lines are registered trademarks of DeepNines Technologies, Inc. All other trademarks are the property of DeepNines Technologies, Inc. or their respective owners. While every effort is made to ensure the information given is accurate, DeepNines does not accept liability for any errors or mistakes which may arise. Specifications and other information in this document may be subject to change without notice. DeepNines Data Sheet released 09, 2009. DeepNines is protected by US Patents 6,930,978, 7,058,976 and 7,380,272.