Suche senden
Hochladen
Check point presentation june 2014
•
3 gefällt mir
•
4,377 views
David Berkelmans
Folgen
Technologie
Business
Melden
Teilen
Melden
Teilen
1 von 44
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Check Point designing a security
Check Point designing a security
Group of company MUK
Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check Point
Nextel S.A.
Check Point Threat emulation 2013
Check Point Threat emulation 2013
Group of company MUK
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Global Online Trainings
Check Point: From Branch to Data Center
Check Point: From Branch to Data Center
Group of company MUK
Check Point sizing security
Check Point sizing security
Group of company MUK
Check Point Virtual Systems
Check Point Virtual Systems
Group of company MUK
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
VertexMon VertexMon
Empfohlen
Check Point designing a security
Check Point designing a security
Group of company MUK
Detección y mitigación de amenazas con Check Point
Detección y mitigación de amenazas con Check Point
Nextel S.A.
Check Point Threat emulation 2013
Check Point Threat emulation 2013
Group of company MUK
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Global Online Trainings
Check Point: From Branch to Data Center
Check Point: From Branch to Data Center
Group of company MUK
Check Point sizing security
Check Point sizing security
Group of company MUK
Check Point Virtual Systems
Check Point Virtual Systems
Group of company MUK
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
Ayulgui baidliin buteegdehunud Checkpoint Worldwide #1 Security products
VertexMon VertexMon
checkpoint
checkpoint
Mayank Dhingra
Checkpoint ccsa r76
Checkpoint ccsa r76
Vaibhav Agrawal
Check Point NGFW
Check Point NGFW
Group of company MUK
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
Group of company MUK
Multi domain security-management_technical_presentation
Multi domain security-management_technical_presentation
davebrosnan
How to expose shortcuts in competitive poc
How to expose shortcuts in competitive poc
Moti Sagey מוטי שגיא
Check Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast Agent
MarketingArrowECS_CZ
How to Choose a SandBox - Gartner
How to Choose a SandBox - Gartner
Moti Sagey מוטי שגיא
Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies
sushmil123
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
Shah Sheikh
Checkpoint Overview
Checkpoint Overview
Leonardo Antichi
Palo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shop
Priyanka Aash
Check Point Consolidation
Check Point Consolidation
Group of company MUK
Auditing Check Point Firewalls
Auditing Check Point Firewalls
Ben Rothke
Check point sandblast threat-emulation-customer-success-presentation
Check point sandblast threat-emulation-customer-success-presentation
Nattira Panbun
Check Point mission statement
Check Point mission statement
Moti Sagey מוטי שגיא
Redefining Endpoint Security
Redefining Endpoint Security
Burak DAYIOGLU
Symantec Endpoint Suite
Symantec Endpoint Suite
MarketingArrowECS_CZ
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
Instalación Firewall Checkpoint R70
Instalación Firewall Checkpoint R70
symple9
Checkpoint r77
Checkpoint r77
Minh Dương
Weitere ähnliche Inhalte
Was ist angesagt?
checkpoint
checkpoint
Mayank Dhingra
Checkpoint ccsa r76
Checkpoint ccsa r76
Vaibhav Agrawal
Check Point NGFW
Check Point NGFW
Group of company MUK
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
Group of company MUK
Multi domain security-management_technical_presentation
Multi domain security-management_technical_presentation
davebrosnan
How to expose shortcuts in competitive poc
How to expose shortcuts in competitive poc
Moti Sagey מוטי שגיא
Check Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast Agent
MarketingArrowECS_CZ
How to Choose a SandBox - Gartner
How to Choose a SandBox - Gartner
Moti Sagey מוטי שגיא
Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies
sushmil123
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
Shah Sheikh
Checkpoint Overview
Checkpoint Overview
Leonardo Antichi
Palo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shop
Priyanka Aash
Check Point Consolidation
Check Point Consolidation
Group of company MUK
Auditing Check Point Firewalls
Auditing Check Point Firewalls
Ben Rothke
Check point sandblast threat-emulation-customer-success-presentation
Check point sandblast threat-emulation-customer-success-presentation
Nattira Panbun
Check Point mission statement
Check Point mission statement
Moti Sagey מוטי שגיא
Redefining Endpoint Security
Redefining Endpoint Security
Burak DAYIOGLU
Symantec Endpoint Suite
Symantec Endpoint Suite
MarketingArrowECS_CZ
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
Was ist angesagt?
(20)
checkpoint
checkpoint
Checkpoint ccsa r76
Checkpoint ccsa r76
Check Point NGFW
Check Point NGFW
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
Multi domain security-management_technical_presentation
Multi domain security-management_technical_presentation
How to expose shortcuts in competitive poc
How to expose shortcuts in competitive poc
Check Point SandBlast and SandBlast Agent
Check Point SandBlast and SandBlast Agent
How to Choose a SandBox - Gartner
How to Choose a SandBox - Gartner
Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies
VIPER Labs - VOIP Security - SANS Summit
VIPER Labs - VOIP Security - SANS Summit
Checkpoint Overview
Checkpoint Overview
Palo alto networks next generation firewalls
Palo alto networks next generation firewalls
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shop
Check Point Consolidation
Check Point Consolidation
Auditing Check Point Firewalls
Auditing Check Point Firewalls
Check point sandblast threat-emulation-customer-success-presentation
Check point sandblast threat-emulation-customer-success-presentation
Check Point mission statement
Check Point mission statement
Redefining Endpoint Security
Redefining Endpoint Security
Symantec Endpoint Suite
Symantec Endpoint Suite
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
Andere mochten auch
Instalación Firewall Checkpoint R70
Instalación Firewall Checkpoint R70
symple9
Checkpoint r77
Checkpoint r77
Minh Dương
Web Security Deployment
Web Security Deployment
Cisco Canada
Check point
Check point
Are Mar
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
Cisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cisco Security
Cisco Ironport WSA- Introduction and Guide in Short
Cisco Ironport WSA- Introduction and Guide in Short
Priyank Sharma
Checkpoint 1 (1)
Checkpoint 1 (1)
Maisarah Zulkifly
Political checkpoint
Political checkpoint
Azizah Bakar
BreakingPoint & McAfee RSA Conference 2011 Presentation: Data Sheets Lie
BreakingPoint & McAfee RSA Conference 2011 Presentation: Data Sheets Lie
Ixia
Symantec Corporate Presentation
Symantec Corporate Presentation
InvestorSymantec
Cp r75 firewall_admin_guide
Cp r75 firewall_admin_guide
Anh Thảo
Andere mochten auch
(12)
Instalación Firewall Checkpoint R70
Instalación Firewall Checkpoint R70
Checkpoint r77
Checkpoint r77
Web Security Deployment
Web Security Deployment
Check point
Check point
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitive
Cisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cisco Ironport WSA- Introduction and Guide in Short
Cisco Ironport WSA- Introduction and Guide in Short
Checkpoint 1 (1)
Checkpoint 1 (1)
Political checkpoint
Political checkpoint
BreakingPoint & McAfee RSA Conference 2011 Presentation: Data Sheets Lie
BreakingPoint & McAfee RSA Conference 2011 Presentation: Data Sheets Lie
Symantec Corporate Presentation
Symantec Corporate Presentation
Cp r75 firewall_admin_guide
Cp r75 firewall_admin_guide
Ähnlich wie Check point presentation june 2014
Ochrana pred modernými malware útokmi
Ochrana pred modernými malware útokmi
MarketingArrowECS_CZ
комплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblast
Diana Frolova
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Clouditalia Telecomunicazioni
Csa summit seguridad en el sddc
Csa summit seguridad en el sddc
CSA Argentina
Completing your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check Point
aliciasyc
LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014
Ashlie Steele
Check Point Infinity
Check Point Infinity
Alexander Kravchenko
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check Point
MarcoTechnologies
WannaCry: How to Protect Yourself
WannaCry: How to Protect Yourself
Check Point Software Technologies
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
Moti Sagey מוטי שגיא
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
IBM Sverige
Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - Detailed
Moti Sagey מוטי שגיא
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
Group of company MUK
Web Application Security
Web Application Security
sudip pudasaini
End to End Security - Check Point
End to End Security - Check Point
Harry Gunns
The malware monetization machine
The malware monetization machine
Priyanka Aash
PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINT
Technofutur TIC
Everything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeep
Ivanti
Managing Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix Ecosystem
Denim Group
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
Alan Kan
Ähnlich wie Check point presentation june 2014
(20)
Ochrana pred modernými malware útokmi
Ochrana pred modernými malware útokmi
комплексная защита от современных интернет угроз с помощью Check point sandblast
комплексная защита от современных интернет угроз с помощью Check point sandblast
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Csa summit seguridad en el sddc
Csa summit seguridad en el sddc
Completing your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check Point
LSI Spring Agent Open House 2014
LSI Spring Agent Open House 2014
Check Point Infinity
Check Point Infinity
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check Point
WannaCry: How to Protect Yourself
WannaCry: How to Protect Yourself
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
Michael andersson - att ligga steget före in en allt mer hotfylld värld BC14
Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - Detailed
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
Web Application Security
Web Application Security
End to End Security - Check Point
End to End Security - Check Point
The malware monetization machine
The malware monetization machine
PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINT
Everything You Need to Know About BlueKeep
Everything You Need to Know About BlueKeep
Managing Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix Ecosystem
Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
Mehr von David Berkelmans
ISACA Oceania CACS 2017 Sponsorship Prospectus
ISACA Oceania CACS 2017 Sponsorship Prospectus
David Berkelmans
ISACA Canberra 30th annivesary press release
ISACA Canberra 30th annivesary press release
David Berkelmans
ISACA Canberra 30th annivesary press release
ISACA Canberra 30th annivesary press release
David Berkelmans
Canberra Chapter Certification Information Session
Canberra Chapter Certification Information Session
David Berkelmans
ISACA Canberra 2014 Financial Statements
ISACA Canberra 2014 Financial Statements
David Berkelmans
ISACA Canberra 30th anniversary panel breakfast
ISACA Canberra 30th anniversary panel breakfast
David Berkelmans
Value creation through optimising risk
Value creation through optimising risk
David Berkelmans
Mehr von David Berkelmans
(7)
ISACA Oceania CACS 2017 Sponsorship Prospectus
ISACA Oceania CACS 2017 Sponsorship Prospectus
ISACA Canberra 30th annivesary press release
ISACA Canberra 30th annivesary press release
ISACA Canberra 30th annivesary press release
ISACA Canberra 30th annivesary press release
Canberra Chapter Certification Information Session
Canberra Chapter Certification Information Session
ISACA Canberra 2014 Financial Statements
ISACA Canberra 2014 Financial Statements
ISACA Canberra 30th anniversary panel breakfast
ISACA Canberra 30th anniversary panel breakfast
Value creation through optimising risk
Value creation through optimising risk
Kürzlich hochgeladen
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
AliaaTarek5
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
panagenda
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
IES VE
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
panagenda
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
Ravi Sanghani
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
A Framework for Development in the AI Age
A Framework for Development in the AI Age
Cprime
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
Mydbops
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Pim van der Noll
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
Inflectra
2024 April Patch Tuesday
2024 April Patch Tuesday
Ivanti
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
Hiroshi SHIBATA
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
LoriGlavin3
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
LoriGlavin3
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
panagenda
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
MounikaPolabathina
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
LoriGlavin3
Kürzlich hochgeladen
(20)
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
A Framework for Development in the AI Age
A Framework for Development in the AI Age
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
2024 April Patch Tuesday
2024 April Patch Tuesday
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
Check point presentation june 2014
1.
1©2014 Check Point
Software Technologies Ltd. Cyber Attacks: Protecting against the Unknown Unknowns Keith D. Holtham Check Point Software Technologies Australia
2.
2©2014 Check Point
Software Technologies Ltd. The Internet of everything
3.
3©2014 Check Point
Software Technologies Ltd. The Internet of everything BRINGS WITH IT new challenges
4.
4©2014 Check Point
Software Technologies Ltd. Adobe breach hit more than 150 million usernames and passwords According to foreign media the organization behind the attack is suspected to be an unnamed government organization... Target credit card hack reveals need for updated security The U.S. is the juiciest target for hackers hunting credit card information. And … 4.6 Million Snapchat usernames and phone numbers leaked A new website called SnapchatDB! Has allegedly leaked 4.6 million Snapchat..
5.
5©2014 Check Point
Software Technologies Ltd.
6.
6©2014 Check Point
Software Technologies Ltd. Value of a Hacked PC http://krebsonsecurity.com
7.
7©2014 Check Point
Software Technologies Ltd. ASD Top 35 – Top 14 Mitigation Strategies 1. Application white listing 2. Application patching 3. OS Patching 4. Restrict Admin privileges 5. User application configuration hardening 6. Automated dynamic analysis of email and web content (Sandboxing) 7. Operating system Generic exploit mitigation 8. Host based Intrusion Detection/Prevention 9. Disable Local Admin accounts 10.Network Segmentation 11.Multi-Factor Authentication 12.Software-Based Application firewall - Incoming 13.Software-Based Application firewall – Outgoing 14.Non-Persistent virtualised sandboxing
8.
8©2014 Check Point
Software Technologies Ltd. Target: 40 million credit & debit cards
9.
9©2014 Check Point
Software Technologies Ltd. TARGET attack
10.
10©2014 Check Point
Software Technologies Ltd. 40 000 machines 1797 stores
11.
11©2014 Check Point
Software Technologies Ltd. TARGET attack
12.
12©2014 Check Point
Software Technologies Ltd. TARGET attack
13.
13©2014 Check Point
Software Technologies Ltd. TARGET attack
14.
14©2014 Check Point
Software Technologies Ltd. TARGET attack
15.
15©2014 Check Point
Software Technologies Ltd. TARGET attack
16.
16©2014 Check Point
Software Technologies Ltd. TARGET attack
17.
17©2014 Check Point
Software Technologies Ltd. TARGET attack
18.
18©2014 Check Point
Software Technologies Ltd. TARGET attack RAM-scraping kit: BlackPOS (VBScript – 207kB) Created in March 2013 Kit author: Rinat Shabayev, 23 years old Cost: 1800-2300$
19.
19©2014 Check Point
Software Technologies Ltd. TARGET attack – who’s next ?
20.
20©2014 Check Point
Software Technologies Ltd. Critical Infrastructure at Risk! Critical and industrial systems make our modern world Like other IT systems, they are prone to attacks The consequences of such attacks are much greater: - Power failures - Water pollution or floods - Disruption of transportation systems - Malfunction of Production Lines
21.
21©2014 Check Point
Software Technologies Ltd. Important Attacks Stuxnet, Duqu, Flame Pacific Energy, Saudi Arabia Aramco German Power Utility, 50Hertz Queensland, Harrisburg and Willows Water System
22.
22©2014 Check Point
Software Technologies Ltd. 3 steps of modern attacks
23.
23©2014 Check Point
Software Technologies Ltd. FIND THE WEAKEST LINK GET ACCESS EXTRACT DATA 3 steps of modern attacks
24.
24©2014 Check Point
Software Technologies Ltd. FIND THE WEAKEST LINK Designing an attack
25.
25©2014 Check Point
Software Technologies Ltd. FIND THE WEAKEST LINK Designing an attack
26.
26©2014 Check Point
Software Technologies Ltd. Top Vulnerable Applications list of leading vulnerable applications in 2012 Adobe Reader Adobe Flash Firefox Java Microsoft Office Internet Explorer 30 Critical vulnerabilities 17 Critical vulnerabilities 16 Critical vulnerabilities 57 Critical vulnerabilities 91 Critical vulnerabilities 14 Critical vulnerabilities
27.
27©2014 Check Point
Software Technologies Ltd. WOULD YOU OPEN THIS ATTACHMENT? “Over 90% of targeted emails use malicious file attachments as the payload or infection source” Wall Street Journal Nov, 2012
28.
28©2014 Check Point
Software Technologies Ltd. Gathering Intelligence
29.
29©2014 Check Point
Software Technologies Ltd. Gathering Intelligence First Name Last Name Likes Gender Email Phone Number Topic of Interest Usernames Social Profile Technical Profile IP Address Browser Type Plug-ins deployed OS Type Patch History Anti-Virus Brand Applications User permissions
30.
30©2014 Check Point
Software Technologies Ltd. Choosing the right weapon Zero-Day Exploits Patched Vulnerabilities
31.
31©2014 Check Point
Software Technologies Ltd. In reality, it’s impossible to patch everything
32.
32©2014 Check Point
Software Technologies Ltd.
33.
33©2014 Check Point
Software Technologies Ltd. WHAT ABOUT NEW ATTACKS? Block download of malware infested files Detect and prevent bot damage Stops exploits of known vulnerabilities Multi-Layered Threat Prevention IPS Anti-Bot Antivirus
34.
34©2014 Check Point
Software Technologies Ltd. ONLY DEALS WITH THE KNOWN Multi-Layered Threat Prevention IPS Anti-Bot Antivirus
35.
35©2014 Check Point
Software Technologies Ltd. HOW TO DEAL WITH THE UNKNOWN ? Multi-Layered Threat Prevention IPS Anti-Bot Antivirus
36.
36©2014 Check Point
Software Technologies Ltd. Known Unknowns – Top Vulnerable Applications list of leading vulnerable applications in 2012 Adobe Reader Adobe Flash Firefox Java Microsoft Office Internet Explorer 30 Critical vulnerabilities 17 Critical vulnerabilities 16 Critical vulnerabilities 57 Critical vulnerabilities 91 Critical vulnerabilities 14 Critical vulnerabilities We know that in the upcoming year 200–300 new currently unknown vulnerabilities will be discovered in popular business applications
37.
37©2014 Check Point
Software Technologies Ltd. TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS Duqu Worm Causing Collateral Damage in a Silent Cyber-War Worm exploiting zero-day vulnerabilities in a Word document
38.
38©2013 Check Point
Software Technologies Ltd. Threat Emulation Discover and STOP new threats based-on threat behavior [Confidential] For designated groups and individuals INSPECT EMULATE PREVENTSHARE
39.
39©2014 Check Point
Software Technologies Ltd. That’s why we need to segment networks Initial infection on laptop Only pathway across network controlled through security gateway Infection can’t spread if there’s no open path
40.
40©2014 Check Point
Software Technologies Ltd. Hierarchical Lines of Defense “Establish hierarchical lines of defense that provide protections for data and systems hosted within the corresponding segment boundaries” Site (Host, Network) Mobile Cloud
41.
41©2014 Check Point
Software Technologies Ltd. Segment Grouping Site
42.
42©2014 Check Point
Software Technologies Ltd. ASD Top 35 – Top 14 Mitigation Strategies 1. Application white listing 2. Application patching 3. OS Patching 4. Restrict Admin privileges 5. User application configuration hardening 6. Automated dynamic analysis of email and web content (Sandboxing) 7. Operating system Generic exploit mitigation 8. Host based Intrusion Detection/Prevention 9. Disable Local Admin accounts 10.Network Segmentation 11.Multi-Factor Authentication 12.Software-Based Application firewall - Incoming 13.Software-Based Application firewall – Outgoing 14.Non-Persistent virtualised sandboxing
43.
43©2014 Check Point
Software Technologies Ltd. How do you manage the unknown in 2014? Use of unknown malware exploded in 2013 Integrated malware sandboxing is a must-have1 Malware exposure and infections increased Anti-bot and antivirus must have global intelligence 2 High-risk applications expanded in the enterprise Policy-driven application control must be integrated 3 Data loss events grew across industries and data types Data loss prevention must expand across the network 4
44.
44©2014 Check Point
Software Technologies Ltd. Thank You !
Jetzt herunterladen