SlideShare ist ein Scribd-Unternehmen logo

Arbor Securing the Future with Visibility, Automation and Integration

A
African Cyber Security Summit

This document discusses the growing threat of distributed denial of service (DDoS) attacks and strategies for mitigating them. It notes that DDoS attacks are increasing in size and complexity, often leveraging insecure internet of things (IoT) devices and vulnerable services. The document recommends implementing best practices like blocking spoofed IP addresses to prevent reflection attacks, and filtering known threats and vulnerabilities. It presents Arbor's approach of providing visibility, automation and integration to help secure networks and enable business agility in the face of evolving DDoS threats.

Präsentationen & Vorträge
1 von 32
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY Arbor, Securing the Future Visibility + Automation & Integration Moncef ZID , Territory Manager North Africa. ( Oran April 2018)
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 2 THE CONNECTED WORLD IS BUSINESS
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 3 7,7 Million Estimated 7,7 million (mostly vulnerable) IoT devices are connected to the Internet EVERY day. (Gartner report Feb. 2017) During this presentation, approx. 160,000 new IoT devices will go online
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 4 1:500.000 1:500.000 is the theoretical DDoS amplification factor for the Memcached service Lab test: 1:516.436
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 5 31,4% 31,4% of Internet ASN’s allow spoofed traffic to originate from their networks. (Caida spoofer project)
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 6 1,7 Tbps 1.7 Tbps is the size of the largest DDoS attacks in history (Memcached DDoS Reflection attack, February 25th 2018)
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 7 HOW DID WE GET INTO THIS MESS?
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 8 The attackers come in many shapes… • Malware arms dealers are either individuals or organizations which research and develop attack tools which take advantage of security vulnerabilities. As part of their Q&A, they often do live field testing. (Ref. Mirai Windows Seeder and IoT Reaper) • The DDoS mercenaries offer DDoS services (Booters/Stressers) for hire to the attackers • The attackers mostly use Booter/Stresser services to launch their attacks, there are though some exceptions.
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 9 And they are innovative and persistent… Incidents Time Lots of attacks Miscreant R&D New type of attacks Resolve the problem Post mortem Prepare Survive… We are here Incidents Time
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 10 The Windows Mirai Seeder Subverting “innocent” IoT devices into zombies In February 2017 a new Windows seeder was detected which had the capability to infect IoT devices behind firewalls, gaining access to the previously ”unreachable” IoT devices: • An infected Windows computer has now the capability to infect and subvert the “innocent” IoT population behind Enterprise firewalls into zombies. • The attacker can then use the zombies to: 1. Infect other IoT devices. 2. Launch outbound attacks against external targets. 3. Perform reconnaissance on internal networks, followed by targeted attacks against internal targets. IoT Study #1 “Reaching the Malware Case unreachable”
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 11 IoT Reaper A modular, highly advanced IoT Trojan • In October 2017 a new IoT Trojan was discovered which instead of relying on brute-force credentials attacks, used exploits to gain access to IoT devices. It was cross-platform, consisting of ARM and MIPS IoT code + Windows seeder EXEs. • It was highly modular with LUA based scanning, infection and DDoS attack modules, all field upgradable. • IoT Reaper scanned the Internet for vulnerable devices and at one time, was believed to have identified more than 2M vulnerable devices • However, it never infected more than 30k devices and after a 2 week period with frequent updates, went silent… IoT Malware Case Study #2: “Using IoT SW vulnerabilities”
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 12 The Memcached DDoS Reflection attack • Memcached is an in-memory database caching system which is typically deployed in IDC, ‘cloud’, and Infrastructure-as-a-Service (IaaS) networks to improve the performance of database-driven Web sites and other Internet- facing services • Unfortunately, the default implementation has no authentication features and is often deployed as listening on all interfaces on port 11211 (both UDP and TCP). • Combine this with IP spoofing and the results is a 1.7 Tbps DDoS Reflection attack! IoT DDoS Case Study #3: “Abusing vulnerable services”
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 13 The Memcached DDoS Reflection attack Should we be fighting back? NO!!1. It’s ILLEGAL to delete or modify information (flush) or disrupt the operations (shutdown) of systems which do not belong to you. (§ 206 Norway criminal law) 2. It’s also immoral (and plain stupid) to attack Reflectors as they probably belong to someone which is also a victim of the same attack. 3. DDoS defenses are working pretty well against this attack, fighting back will just make the problem worse and put us on a VERY slippery slope.
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 14 The solution… • Get rid of spoofed IP’s  kill DDoS Reflection: • Implement Security Best Practices (BCP38) • Protect your borders, both external and internal: • Scan your networks for known threats and vulnerable IoT devices. • Block/Rate limit known threats (”Exploitable port filters”) • Make strict requirements of your peers, if their networks contain known threats and they don’t do anything about it, why peer with them? • Make VERY strict requirements of your vendors, especially CPE’s! • Implement DDoS mitigation strategies: • Use Netflow for detection, Flowspec and scrubbing centers for mitigation For more details, see http://www.senki.org/
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 15 • The attackers love IoT! We are constantly seeing new types of IoT malware, now both targeting previously unreachable IoT devices and taking advantage of security vulnerabilities in IoT software. • Reflection/Amplification attacks are increasing IoT malware has now started to take advantage of vulnerable services, dramatically increasing their firepower and attack capabilities. Vulnerable services are being deployed on a daily basis, especially in cloud based services. Summary • Harden your networks and implement exploitable port filters Eliminate spoofing  Eliminate DDoS Reflection. (Most SP’s in Europe do this already) Consider blocking traffic from peers which don’t play by the rules.
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 16
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 17 Source: 12th Worldwide Infrastructure Security Report. Arbor Networks, Inc. Peak Attack Sizes Grow 800 Gbps 309 Gbps 100 Gbps 24 Gbps 2016201520142013201220112010200920082007
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 18 The Impact of Large Attacks 41% 61%Enterpris e Datacentr e
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 19 Attacks Over 100 Gbps x 2 2014 - 2015 2015 - 2016 ATLAS Peak Monitored Attack Size (Gbps), 2015 vs. 2016 Source: Arbor Networks, Inc. Large Attacks Are Common 0 50 100 150 200 250 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 Attacks Over 100Gbps 2015 2016
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 20 2017 Tracking 2016 ATLAS Peak Monitored Attack Size (Gbps), 2015 - 2017 Source: Arbor Networks, Inc. Large Attacks Are Common 0 50 100 150 200 250 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 Attacks Over 100Gbps 2015 2016 2017
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 21 Source: 12th Worldwide Infrastructure Security Report. Arbor Networks, Inc. Complexity: Multi-Vector DDoS 23% 10% 67% Do Not Know No Yes
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 22 Cost of DDoS Service Impact to Victim Why? Weaponisation
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 23 Attack Target Customer Verticals 69% End-User/Subscriber 48% Government 41% Financial Services 40% Hosting 36% eCommerce 35% Gaming 31% Education 13% Law Enforcement 10% Healthcare 10% Energy/Utilities Financial Attack Experiences Up from 45%63% Government Attack Experiences Up from 43%53% DDoS, A Multi-Industry Problem
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 24
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 25 • Focus & collation • Services Business Transformation Is Driving Digital Transformation • Speed, speed, and more speed • Top Down Design • Portable everything • Visibility fragmented • ‘Cost’ of failure growing Business Applications & Data Are ‘Moving’ Risk Remains & Escalates Key Security Problems …the World Has Changed for Security
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 26 “The secret of change is to focus all of your energy, NOT on fighting the old, but on building the NEW” – Socrates
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 27 Arbor, Securing the Future Three core concepts……. VISIBILITY AUTOMATION INTEGRATION
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 28 Smarter Data Comprehensive Network Telemetry Ubiquitous Visibility & Security Smarter Analytics Visibility is the Key Solving Problems = Managed Risk = Business Agility 1 2
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 29 Automation & Integration Open compute Horizontal scalability (Containers) Platform Scaling Services Broader TAM, SaaS offering for enterprise Integrated Platforms Pervasive Visibility
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 30 SECURITY Visibility SECURITY Automation SECURITY Integration • Provisioning • Workflow • Data Securing the Future • Pervasive • Services • ATLAS • Advanced DDoS • Collation • Scale
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 31 – Steve Jobs
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY Q&A / THANK YOU 32 Contact Information: Darren Anstee, CTO danstee@arbor.net

Empfohlen

Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Zscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureZscaler
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016William Slater III
 
IoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetIoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetNathan Wallace, PhD, PE
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?Zscaler
 

Empfohlen

Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Zscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureZscaler
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016William Slater III
 
IoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetIoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetNathan Wallace, PhD, PE
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?Zscaler
 
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Zscaler
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai RevisitedClare Nelson, CISSP, CIPP-E
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chZscaler
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
 
IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel Bessie Wang
 
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)Priyanka Aash
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016David Glover
 
Practical IoT Security in the Enterprise
Practical IoT Security in the EnterprisePractical IoT Security in the Enterprise
Practical IoT Security in the EnterpriseDaniel Miessler
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamAmit Rohatgi
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Securescoopnewsgroup
 
Nas nie zaatakują!
Nas nie zaatakują!Nas nie zaatakują!
Nas nie zaatakują!Biznes to Rozmowy
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
Internet of everything #IoE
Internet of everything #IoEInternet of everything #IoE
Internet of everything #IoEMatteo Masi
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewStephen Bates
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsStanford School of Engineering
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
IoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeIoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeAPNIC
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Zscaler
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chZscaler
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
 
IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel Bessie Wang
 
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)Priyanka Aash
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016David Glover
 
Practical IoT Security in the Enterprise
Practical IoT Security in the EnterprisePractical IoT Security in the Enterprise
Practical IoT Security in the EnterpriseDaniel Miessler
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamAmit Rohatgi
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Securescoopnewsgroup
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
Internet of everything #IoE
Internet of everything #IoEInternet of everything #IoE
Internet of everything #IoEMatteo Masi
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewStephen Bates
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsStanford School of Engineering
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 

Was ist angesagt? (20)

Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
 
IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel IoT Panel- Cisco and Intel
IoT Panel- Cisco and Intel
 
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
 
Practical IoT Security in the Enterprise
Practical IoT Security in the EnterprisePractical IoT Security in the Enterprise
Practical IoT Security in the Enterprise
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour Unified Secure Access Solution (based on Zero Trust principles)
Block Armour Unified Secure Access Solution (based on Zero Trust principles)
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you Spam
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Secure
 
Nas nie zaatakują!
Nas nie zaatakują!Nas nie zaatakują!
Nas nie zaatakują!
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
Internet of everything #IoE
Internet of everything #IoEInternet of everything #IoE
Internet of everything #IoE
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate Overview
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019
 

Ähnlich wie Arbor Securing the Future with Visibility, Automation and Integration

IoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeIoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeAPNIC
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoThe Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoMyNOG
 
1. How will the IoT help your business - cisco
1. How will the IoT help your business - cisco1. How will the IoT help your business - cisco
1. How will the IoT help your business - ciscoMITEF México
 
Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz Asia Pte Ltd
 
[London HashiCorp] Securing Cloud Native Communication: From end user to serv...
[London HashiCorp] Securing Cloud Native Communication: From end user to serv...[London HashiCorp] Securing Cloud Native Communication: From end user to serv...
[London HashiCorp] Securing Cloud Native Communication: From end user to serv...Daniel Bryant
 
Arbor Presentation
Arbor Presentation Arbor Presentation
Arbor Presentation J Hartig
 
[CNCF Webinar] Securing Cloud Native Communication, From End User to Service
[CNCF Webinar] Securing Cloud Native Communication, From End User to Service[CNCF Webinar] Securing Cloud Native Communication, From End User to Service
[CNCF Webinar] Securing Cloud Native Communication, From End User to ServiceDaniel Bryant
 
[HashiConf EU] Securing Cloud Native Communication, From End User to Service
[HashiConf EU] Securing Cloud Native Communication, From End User to Service[HashiConf EU] Securing Cloud Native Communication, From End User to Service
[HashiConf EU] Securing Cloud Native Communication, From End User to ServiceDaniel Bryant
 
Nvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalNvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalA. Phillip Smith
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPawachMetharattanara
 
Best Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecurityBest Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecuritySatyaKVivek
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Cisco Fog Computing Solutions: Unleash the Power of the Internet of Things
Cisco Fog Computing Solutions: Unleash the Power of the Internet of ThingsCisco Fog Computing Solutions: Unleash the Power of the Internet of Things
Cisco Fog Computing Solutions: Unleash the Power of the Internet of ThingsHarshitParkar6677
 
Computing solutions
Computing solutionsComputing solutions
Computing solutionsToufik Kaci
 
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfNXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfssuser57b3e5
 
An approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxAn approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxamalouwarda1
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsNetworkCollaborators
 

Ähnlich wie Arbor Securing the Future with Visibility, Automation and Integration (20)

IoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeIoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat Landscape
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony TeoThe Stakes Have Changed – The Changing Security Landscape by Tony Teo
The Stakes Have Changed – The Changing Security Landscape by Tony Teo
 
1. How will the IoT help your business - cisco
1. How will the IoT help your business - cisco1. How will the IoT help your business - cisco
1. How will the IoT help your business - cisco
 
Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security Netpluz DDoS Mitigation - Managed Cyber Security
Netpluz DDoS Mitigation - Managed Cyber Security
 
[London HashiCorp] Securing Cloud Native Communication: From end user to serv...
[London HashiCorp] Securing Cloud Native Communication: From end user to serv...[London HashiCorp] Securing Cloud Native Communication: From end user to serv...
[London HashiCorp] Securing Cloud Native Communication: From end user to serv...
 
Arbor Presentation
Arbor Presentation Arbor Presentation
Arbor Presentation
 
[CNCF Webinar] Securing Cloud Native Communication, From End User to Service
[CNCF Webinar] Securing Cloud Native Communication, From End User to Service[CNCF Webinar] Securing Cloud Native Communication, From End User to Service
[CNCF Webinar] Securing Cloud Native Communication, From End User to Service
 
[HashiConf EU] Securing Cloud Native Communication, From End User to Service
[HashiConf EU] Securing Cloud Native Communication, From End User to Service[HashiConf EU] Securing Cloud Native Communication, From End User to Service
[HashiConf EU] Securing Cloud Native Communication, From End User to Service
 
Nvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalNvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - final
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
Best Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecurityBest Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT Security
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Cisco Fog Computing Solutions: Unleash the Power of the Internet of Things
Cisco Fog Computing Solutions: Unleash the Power of the Internet of ThingsCisco Fog Computing Solutions: Unleash the Power of the Internet of Things
Cisco Fog Computing Solutions: Unleash the Power of the Internet of Things
 
Computing solutions
Computing solutionsComputing solutions
Computing solutions
 
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfNXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
 
An approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptxAn approach to mitigate DDoS attacks on SIP.pptx
An approach to mitigate DDoS attacks on SIP.pptx
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
 

Mehr von African Cyber Security Summit

Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...African Cyber Security Summit
 
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...African Cyber Security Summit
 
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...African Cyber Security Summit
 
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019African Cyber Security Summit
 
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...African Cyber Security Summit
 
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...African Cyber Security Summit
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019African Cyber Security Summit
 
Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019African Cyber Security Summit
 

Mehr von African Cyber Security Summit (20)

Bilan & Perspectives #ACSS2019
Bilan & Perspectives #ACSS2019Bilan & Perspectives #ACSS2019
Bilan & Perspectives #ACSS2019
 
Rapport de Visibilité #ACSS2019
Rapport de Visibilité #ACSS2019Rapport de Visibilité #ACSS2019
Rapport de Visibilité #ACSS2019
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019
 
Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019
 
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
 
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
 
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
 
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
 
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
 
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
 
Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019
 
Bilan & Perspectives - ACSS 2018
Bilan & Perspectives - ACSS 2018Bilan & Perspectives - ACSS 2018
Bilan & Perspectives - ACSS 2018
 
Rapport de Visibilité ACCS 2018
Rapport de Visibilité ACCS 2018Rapport de Visibilité ACCS 2018
Rapport de Visibilité ACCS 2018
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018
 
Atelier Technique MANAGE ENGINE ACSS 2018
Atelier Technique MANAGE ENGINE ACSS 2018Atelier Technique MANAGE ENGINE ACSS 2018
Atelier Technique MANAGE ENGINE ACSS 2018
 
Atelier Technique EXTREME NETWORKS ACSS 2018
Atelier Technique EXTREME NETWORKS ACSS 2018Atelier Technique EXTREME NETWORKS ACSS 2018
Atelier Technique EXTREME NETWORKS ACSS 2018
 
Atelier Technique WALLIX ACSS 2018
Atelier Technique WALLIX ACSS 2018Atelier Technique WALLIX ACSS 2018
Atelier Technique WALLIX ACSS 2018
 

Kürzlich hochgeladen

Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxmavinoikein
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSebastiano Panichella
 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxJohnree4
 
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYPHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYpruthirajnayak525
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comsaastr
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.KathleenAnnCordero2
 
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...漢銘 謝
 
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Escort Service
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxogubuikealex
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxCarrieButtitta
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxaryanv1753
 
Early Modern Spain. All about this period
Early Modern Spain. All about this periodEarly Modern Spain. All about this period
Early Modern Spain. All about this periodSaraIsabelJimenez
 
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMQuality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMCharmi13
 
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...marjmae69
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxnoorehahmad
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸mathanramanathan2005
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRsarwankumar4524
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power
 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringSebastiano Panichella
 

Kürzlich hochgeladen (20)

Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptx
 
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYPHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
 
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
THE COUNTRY WHO SOLVED THE WORLD_HOW CHINA LAUNCHED THE CIVILIZATION REVOLUTI...
 
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptx
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptx
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
 
Early Modern Spain. All about this period
Early Modern Spain. All about this periodEarly Modern Spain. All about this period
Early Modern Spain. All about this period
 
Quality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEMQuality by design.. ppt for RA (1ST SEM
Quality by design.. ppt for RA (1ST SEM
 
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software Engineering
 

Arbor Securing the Future with Visibility, Automation and Integration

  • 1. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY Arbor, Securing the Future Visibility + Automation & Integration Moncef ZID , Territory Manager North Africa. ( Oran April 2018)
  • 2. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 2 THE CONNECTED WORLD IS BUSINESS
  • 3. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 3 7,7 Million Estimated 7,7 million (mostly vulnerable) IoT devices are connected to the Internet EVERY day. (Gartner report Feb. 2017) During this presentation, approx. 160,000 new IoT devices will go online
  • 4. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 4 1:500.000 1:500.000 is the theoretical DDoS amplification factor for the Memcached service Lab test: 1:516.436
  • 5. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 5 31,4% 31,4% of Internet ASN’s allow spoofed traffic to originate from their networks. (Caida spoofer project)
  • 6. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 6 1,7 Tbps 1.7 Tbps is the size of the largest DDoS attacks in history (Memcached DDoS Reflection attack, February 25th 2018)
  • 7. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 7 HOW DID WE GET INTO THIS MESS?
  • 8. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 8 The attackers come in many shapes… • Malware arms dealers are either individuals or organizations which research and develop attack tools which take advantage of security vulnerabilities. As part of their Q&A, they often do live field testing. (Ref. Mirai Windows Seeder and IoT Reaper) • The DDoS mercenaries offer DDoS services (Booters/Stressers) for hire to the attackers • The attackers mostly use Booter/Stresser services to launch their attacks, there are though some exceptions.
  • 9. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 9 And they are innovative and persistent… Incidents Time Lots of attacks Miscreant R&D New type of attacks Resolve the problem Post mortem Prepare Survive… We are here Incidents Time
  • 10. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 10 The Windows Mirai Seeder Subverting “innocent” IoT devices into zombies In February 2017 a new Windows seeder was detected which had the capability to infect IoT devices behind firewalls, gaining access to the previously ”unreachable” IoT devices: • An infected Windows computer has now the capability to infect and subvert the “innocent” IoT population behind Enterprise firewalls into zombies. • The attacker can then use the zombies to: 1. Infect other IoT devices. 2. Launch outbound attacks against external targets. 3. Perform reconnaissance on internal networks, followed by targeted attacks against internal targets. IoT Study #1 “Reaching the Malware Case unreachable”
  • 11. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 11 IoT Reaper A modular, highly advanced IoT Trojan • In October 2017 a new IoT Trojan was discovered which instead of relying on brute-force credentials attacks, used exploits to gain access to IoT devices. It was cross-platform, consisting of ARM and MIPS IoT code + Windows seeder EXEs. • It was highly modular with LUA based scanning, infection and DDoS attack modules, all field upgradable. • IoT Reaper scanned the Internet for vulnerable devices and at one time, was believed to have identified more than 2M vulnerable devices • However, it never infected more than 30k devices and after a 2 week period with frequent updates, went silent… IoT Malware Case Study #2: “Using IoT SW vulnerabilities”
  • 12. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 12 The Memcached DDoS Reflection attack • Memcached is an in-memory database caching system which is typically deployed in IDC, ‘cloud’, and Infrastructure-as-a-Service (IaaS) networks to improve the performance of database-driven Web sites and other Internet- facing services • Unfortunately, the default implementation has no authentication features and is often deployed as listening on all interfaces on port 11211 (both UDP and TCP). • Combine this with IP spoofing and the results is a 1.7 Tbps DDoS Reflection attack! IoT DDoS Case Study #3: “Abusing vulnerable services”
  • 13. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 13 The Memcached DDoS Reflection attack Should we be fighting back? NO!!1. It’s ILLEGAL to delete or modify information (flush) or disrupt the operations (shutdown) of systems which do not belong to you. (§ 206 Norway criminal law) 2. It’s also immoral (and plain stupid) to attack Reflectors as they probably belong to someone which is also a victim of the same attack. 3. DDoS defenses are working pretty well against this attack, fighting back will just make the problem worse and put us on a VERY slippery slope.
  • 14. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 14 The solution… • Get rid of spoofed IP’s  kill DDoS Reflection: • Implement Security Best Practices (BCP38) • Protect your borders, both external and internal: • Scan your networks for known threats and vulnerable IoT devices. • Block/Rate limit known threats (”Exploitable port filters”) • Make strict requirements of your peers, if their networks contain known threats and they don’t do anything about it, why peer with them? • Make VERY strict requirements of your vendors, especially CPE’s! • Implement DDoS mitigation strategies: • Use Netflow for detection, Flowspec and scrubbing centers for mitigation For more details, see http://www.senki.org/
  • 15. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 15 • The attackers love IoT! We are constantly seeing new types of IoT malware, now both targeting previously unreachable IoT devices and taking advantage of security vulnerabilities in IoT software. • Reflection/Amplification attacks are increasing IoT malware has now started to take advantage of vulnerable services, dramatically increasing their firepower and attack capabilities. Vulnerable services are being deployed on a daily basis, especially in cloud based services. Summary • Harden your networks and implement exploitable port filters Eliminate spoofing  Eliminate DDoS Reflection. (Most SP’s in Europe do this already) Consider blocking traffic from peers which don’t play by the rules.
  • 16. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 16
  • 17. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 17 Source: 12th Worldwide Infrastructure Security Report. Arbor Networks, Inc. Peak Attack Sizes Grow 800 Gbps 309 Gbps 100 Gbps 24 Gbps 2016201520142013201220112010200920082007
  • 18. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 18 The Impact of Large Attacks 41% 61%Enterpris e Datacentr e
  • 19. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 19 Attacks Over 100 Gbps x 2 2014 - 2015 2015 - 2016 ATLAS Peak Monitored Attack Size (Gbps), 2015 vs. 2016 Source: Arbor Networks, Inc. Large Attacks Are Common 0 50 100 150 200 250 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 Attacks Over 100Gbps 2015 2016
  • 20. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 20 2017 Tracking 2016 ATLAS Peak Monitored Attack Size (Gbps), 2015 - 2017 Source: Arbor Networks, Inc. Large Attacks Are Common 0 50 100 150 200 250 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 Attacks Over 100Gbps 2015 2016 2017
  • 21. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 21 Source: 12th Worldwide Infrastructure Security Report. Arbor Networks, Inc. Complexity: Multi-Vector DDoS 23% 10% 67% Do Not Know No Yes
  • 22. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 22 Cost of DDoS Service Impact to Victim Why? Weaponisation
  • 23. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 23 Attack Target Customer Verticals 69% End-User/Subscriber 48% Government 41% Financial Services 40% Hosting 36% eCommerce 35% Gaming 31% Education 13% Law Enforcement 10% Healthcare 10% Energy/Utilities Financial Attack Experiences Up from 45%63% Government Attack Experiences Up from 43%53% DDoS, A Multi-Industry Problem
  • 24. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 24
  • 25. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 25 • Focus & collation • Services Business Transformation Is Driving Digital Transformation • Speed, speed, and more speed • Top Down Design • Portable everything • Visibility fragmented • ‘Cost’ of failure growing Business Applications & Data Are ‘Moving’ Risk Remains & Escalates Key Security Problems …the World Has Changed for Security
  • 26. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 26 “The secret of change is to focus all of your energy, NOT on fighting the old, but on building the NEW” – Socrates
  • 27. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 27 Arbor, Securing the Future Three core concepts……. VISIBILITY AUTOMATION INTEGRATION
  • 28. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 28 Smarter Data Comprehensive Network Telemetry Ubiquitous Visibility & Security Smarter Analytics Visibility is the Key Solving Problems = Managed Risk = Business Agility 1 2
  • 29. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 29 Automation & Integration Open compute Horizontal scalability (Containers) Platform Scaling Services Broader TAM, SaaS offering for enterprise Integrated Platforms Pervasive Visibility
  • 30. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 30 SECURITY Visibility SECURITY Automation SECURITY Integration • Provisioning • Workflow • Data Securing the Future • Pervasive • Services • ATLAS • Advanced DDoS • Collation • Scale
  • 31. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 31 – Steve Jobs
  • 32. ©2017 ARBOR® CONFIDENTIAL & PROPRIETARY Q&A / THANK YOU 32 Contact Information: Darren Anstee, CTO danstee@arbor.net