SlideShare ist ein Scribd-Unternehmen logo

Cyber Attack Survival: Are You Ready?

Als PPTX, PDF herunterladen
Radware
Radware

The Cyber Attack landscape is evolving with new attack vectors and dangerous trends that can affect the security of your business. Some attacks can take only minutes to complete, yet months to be discovered. Determine your attack risk and learn what to look for in a quality cyber attack defense. Please visit here: http://www.radware.com/social/amn/ for information on Radware's AMN (Attack Mitigation Network.

Technologie
1 von 28
Cyber Attack Survival. Are You Ready?
2 Who Is At Risk? 2013 Shift from 2013 © Radware, Inc. 2014
Sophistication • Duration: 3 Days • 5 Attack Vectors • Attack target: HKEX • Duration: 3 Days • 4 Attack Vectors • Attack target: Visa, MasterCard • Duration: 20 Days • More than 7 Attack vectors • Attack target: Vatican Attack Landscape Evolution • Duration: 10+ Months • Multiple attack vectors • Attack target: US Banks 2010 2011 2012 2013 3
Multi-Vector Attacks Take Aim • Attackers would rather keep the target busy by launching one attack at a time, rather than firing the entire arsenal at once. • You may be successful at blocking four or five attack vectors, but it only takes one for the damage to be done. 4 More than 50% of attack campaigns deployed five or more attack vectors during 2013. © Radware, Inc. 2014
Application: 62% Network: 38% 5 Attack Vectors © Radware, Inc. 2014
New Vectors, Dangerous Trends • 50% of all Web attacks were encrypted application based attacks during 2013. • 15% of organizations reported attacks targeting web application login pages on a daily basis. • And DNS based volumetric floods increased from 10% to 21% in 2013, becoming the second most common attack vector. 6 © Radware, Inc. 2014
Public attention 1 sec page delay 7 The Results 3.5% decrease in conversions 2.1% decrease in shopping cart size 9.4% decrease in page views 8.4% increase in bounce rates © Radware, Inc. 2014
Multi-Vulnerability Attack Campaigns 8 Internet Internet Pipe Firewall IPS/IDS Load Balancer (ADC) Server SQL Server 2011 2012 2013 5% 10% 15% 20% 25% 30% • Volumetric Floods • Network Scans • SYN Floods • Low & Slow • HTTP Floods • SSL Floods • Application Misuse • Brute Force • SQL Injection • Cross Site Scripting © Radware, Inc. 2014
Problem: Single Source, Multiple IPs Enterprise Datacenter • Single Attack source • Attacker dynamically changes IP • DHCP reset, Anonymous proxies 9 © Radware, Inc. 2014
Problem: Multiple Sources, Single IP Enterprise Datacenter Sources are behind NAT • CDN • Enterprise Internal Network • Carrier Grade NAT 10 © Radware, Inc. 2014
Seconds Minutes Hours Days Weeks Months 29% Initial Compromise to Discovery 0% 0% 2% 13% 56% 11 Minutes to Compromise. Months to Discover. Initial Compromise to Data Exfiltration 8% 38% 14% 25% 8% 8% Initial Attack to Initial Compromise 1100%% 7755%% 12% 2% 0% 1% 29% 56% © Radware, Inc. 2014
Enterprise Data Center Outsourced Infrastructure Hosted Facilities Public / Private Cloud 12 © Radware, Inc. 2014
• The demise of the perimeter • Third party security dependencies • Limited or no situational awareness • Limited threat visibility • Loss of control Outsourcing Ramifications 13 © Radware, Inc. 2014
Detection: Encrypted / Non-Volumetric Attacks • Envelope Attacks – Device Overload • Directed Attacks - Exploits • Intrusions – Mis-Configurations • Localized Volume Attacks • Low & Slow Attacks • SSL Floods 14
Detection: Application Attacks • Web Attacks • Application Misuse • Connection Floods • Brute Force • Directory Traversals • Injections • Scraping & API Misuse 15
Detection: Volumetric Attacks • Network DDoS • SYN Floods • HTTP Floods 16
B o t n e t E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r 17 Mitigation: Encrypted, Low & Slow Attacks
B o t n e t E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r Attack signatures 18 Mitigation: Application Attacks
B o t n e t E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r 19 Mitigation: Volumetric Attacks
B o t n e t C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r E n t e r p r i s e Attack signatures 20 Mitigation: Volumetric Attacks
B o t n e t C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r E n t e r p r i s e 21 Mitigation: Volumetric Attacks
22 Attack Mitigation Optimization AppWall WAF DefensePro E n t e r p r i s e D a t a C e n t e r
Cyber Attack Defense Attack Detection Quality of Detection (QD) Technical Coverage Detection Algorithms Time to Detection (TD) Reporting & Correlation Triaged Response Options Attack Mitigation Quality of Mitigation (QM) Over / Under Mitigating Proper Mitigation Location Time to Mitigation (TM) Local / Premise Cloud Business Partner 23 Cyber Attack Defense Attack Detection Attack Mitigation Quality Of Mitigation Time To Mitigation Quality Of Detection Time To Detection Technical Coverage Detection Algorithms Reporting & Correlation Triaged Response Options Over/Under Mitigation Mitigation Location Local / Premise Cloud Business Partner © Radware, Inc. 2014
Cyber Control Sync, Automation & Visibility Distributed Detection Synchronize traffic baselines and attack information amongst all mitigation tools. 3rd Party Detection/ Mitigation Elements SDN-enabled Network Elements Distributed Mitigation Radware AMS Components Current Network Elements The Attack Mitigation Network Selects the most effective tools and location for attack mitigation. Collect security events and network statistics from a multitude of resources. 24 © Radware, Inc. 2014
1. Don’t assume that you’re not a target. Draw up battle plans. Learn from the mistakes of others. Survival Checklist 25 2. Protecting your data is not the same as protecting your business. Comprehensive information security requires data protection, system integrity and operational availability. 3. You don’t control all of your critical business systems Understand your vulnerabilities in the distributed, outsourced world. Work with cloud and internet service providers that provide you with visibility and control over your connectivity and hosted assets.
4. You can’t defend against attacks you can’t detect. Survival Checklist The battle prepared business harnesses an intelligence network. 26 5. Don’t believe the DDoS protection propaganda. Understand the limitations of cloud-based scrubbing solutions. Not all networking and security appliance solutions were created equal. 6. Know your limitations. Enlist forces that have expertise to help you fight.
Cyber Security Toolkit DefensePro: Anti-DoS, Network Behavioral Analysis, IPS AppWall: Web Application Firewall Alteon: Application Delivery Controller, SSL Attack Decryption Vision: SIEM, Centralized Management & Reporting DefensePipe: Cloud-based, volumetric cyber attack scrubbing service Emergency Response Team: Free 365x7x24 support for customers that are under cyber-attack 27 © Radware, Inc. 2014
Thank You Carl.Herberger@Radware.com VP Security Solutions © Radware, Inc. 2014

Empfohlen

Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware Event
Art Ocain
 
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive MalwareShah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest Threat
ETech 7
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
ErnestStaats
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
wajug
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
Radware
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
IBM Security
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enough
Martin Opsahl
 

Empfohlen

Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware Event
Art Ocain
 
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive MalwareShah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest Threat
ETech 7
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
ErnestStaats
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
wajug
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
Radware
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
IBM Security
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enough
Martin Opsahl
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
SaraPia5
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]
Radware
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
Cloudflare
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
InnoTech
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.
marketingunitrends
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
Radware
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
UmairFirdous
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
Tom K
 
Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomware
Quick Heal Technologies Ltd.
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Security
crussell79
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous Malware
HTS Hosting
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
ClearDATACloud
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 Report
Fortis
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cisco Security
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Network Performance Channel GmbH
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics
Priyanka Aash
 
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
ClearDATACloud
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threats
Zscaler
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
Symantec Brasil
 
ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdf
TuPhan66
 
Check Point Ddos protector
Check Point Ddos protectorCheck Point Ddos protector
Check Point Ddos protector
Group of company MUK
 

Weitere ähnliche Inhalte

Was ist angesagt?

TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
SaraPia5
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]
Radware
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Security
crussell79
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
ClearDATACloud
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Network Performance Channel GmbH
 

Was ist angesagt? (20)

TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
 
Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomware
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Security
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous Malware
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 Report
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania presoFortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics
 
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at Risk
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threats
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 

Ähnlich wie Cyber Attack Survival: Are You Ready?

Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
North Texas Chapter of the ISSA
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Cloudflare
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
Cloudflare
 
Managing Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix EcosystemManaging Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix Ecosystem
Denim Group
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Imperva Incapsula
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Norm Barber
 

Ähnlich wie Cyber Attack Survival: Are You Ready? (20)

ddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdfddos-protector-customer-presentation.pdf
ddos-protector-customer-presentation.pdf
 
Check Point Ddos protector
Check Point Ddos protectorCheck Point Ddos protector
Check Point Ddos protector
 
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
Luncheon 2015-08-20 - Multi-vector DDOS Attacks Detection and Mitigation by P...
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Outpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security ProgramOutpost24 Webinar - Five steps to build a killer Application Security Program
Outpost24 Webinar - Five steps to build a killer Application Security Program
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 
Managing Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix EcosystemManaging Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix Ecosystem
 
2017 Q1 Arcticcon - Meet Up - Adventures in Adversarial Emulation
2017 Q1 Arcticcon - Meet Up - Adventures in Adversarial Emulation2017 Q1 Arcticcon - Meet Up - Adventures in Adversarial Emulation
2017 Q1 Arcticcon - Meet Up - Adventures in Adversarial Emulation
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
 
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016
 
2012 Global Application and Network Security Report
2012 Global Application and Network Security Report2012 Global Application and Network Security Report
2012 Global Application and Network Security Report
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
Navigating the Web Security Landscape
Navigating the Web Security LandscapeNavigating the Web Security Landscape
Navigating the Web Security Landscape
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 

Mehr von Radware

The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...
Radware
 
The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs Downtime
Radware
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock Bash
Radware
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Radware
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand Perception
Radware
 

Mehr von Radware (20)

Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)
 
What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
 
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF Service
 
The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...
 
The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs Downtime
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock Bash
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand Perception
 
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
 
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeSecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
 
In the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksIn the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-Attacks
 
Survival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeSurvival in an Evolving Threat Landscape
Survival in an Evolving Threat Landscape
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
 

Kürzlich hochgeladen

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Kürzlich hochgeladen (20)

Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Cyber Attack Survival: Are You Ready?

  • 1. Cyber Attack Survival. Are You Ready?
  • 2. 2 Who Is At Risk? 2013 Shift from 2013 © Radware, Inc. 2014
  • 3. Sophistication • Duration: 3 Days • 5 Attack Vectors • Attack target: HKEX • Duration: 3 Days • 4 Attack Vectors • Attack target: Visa, MasterCard • Duration: 20 Days • More than 7 Attack vectors • Attack target: Vatican Attack Landscape Evolution • Duration: 10+ Months • Multiple attack vectors • Attack target: US Banks 2010 2011 2012 2013 3
  • 4. Multi-Vector Attacks Take Aim • Attackers would rather keep the target busy by launching one attack at a time, rather than firing the entire arsenal at once. • You may be successful at blocking four or five attack vectors, but it only takes one for the damage to be done. 4 More than 50% of attack campaigns deployed five or more attack vectors during 2013. © Radware, Inc. 2014
  • 5. Application: 62% Network: 38% 5 Attack Vectors © Radware, Inc. 2014
  • 6. New Vectors, Dangerous Trends • 50% of all Web attacks were encrypted application based attacks during 2013. • 15% of organizations reported attacks targeting web application login pages on a daily basis. • And DNS based volumetric floods increased from 10% to 21% in 2013, becoming the second most common attack vector. 6 © Radware, Inc. 2014
  • 7. Public attention 1 sec page delay 7 The Results 3.5% decrease in conversions 2.1% decrease in shopping cart size 9.4% decrease in page views 8.4% increase in bounce rates © Radware, Inc. 2014
  • 8. Multi-Vulnerability Attack Campaigns 8 Internet Internet Pipe Firewall IPS/IDS Load Balancer (ADC) Server SQL Server 2011 2012 2013 5% 10% 15% 20% 25% 30% • Volumetric Floods • Network Scans • SYN Floods • Low & Slow • HTTP Floods • SSL Floods • Application Misuse • Brute Force • SQL Injection • Cross Site Scripting © Radware, Inc. 2014
  • 9. Problem: Single Source, Multiple IPs Enterprise Datacenter • Single Attack source • Attacker dynamically changes IP • DHCP reset, Anonymous proxies 9 © Radware, Inc. 2014
  • 10. Problem: Multiple Sources, Single IP Enterprise Datacenter Sources are behind NAT • CDN • Enterprise Internal Network • Carrier Grade NAT 10 © Radware, Inc. 2014
  • 11. Seconds Minutes Hours Days Weeks Months 29% Initial Compromise to Discovery 0% 0% 2% 13% 56% 11 Minutes to Compromise. Months to Discover. Initial Compromise to Data Exfiltration 8% 38% 14% 25% 8% 8% Initial Attack to Initial Compromise 1100%% 7755%% 12% 2% 0% 1% 29% 56% © Radware, Inc. 2014
  • 12. Enterprise Data Center Outsourced Infrastructure Hosted Facilities Public / Private Cloud 12 © Radware, Inc. 2014
  • 13. • The demise of the perimeter • Third party security dependencies • Limited or no situational awareness • Limited threat visibility • Loss of control Outsourcing Ramifications 13 © Radware, Inc. 2014
  • 14. Detection: Encrypted / Non-Volumetric Attacks • Envelope Attacks – Device Overload • Directed Attacks - Exploits • Intrusions – Mis-Configurations • Localized Volume Attacks • Low & Slow Attacks • SSL Floods 14
  • 15. Detection: Application Attacks • Web Attacks • Application Misuse • Connection Floods • Brute Force • Directory Traversals • Injections • Scraping & API Misuse 15
  • 16. Detection: Volumetric Attacks • Network DDoS • SYN Floods • HTTP Floods 16
  • 17. B o t n e t E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r 17 Mitigation: Encrypted, Low & Slow Attacks
  • 18. B o t n e t E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r Attack signatures 18 Mitigation: Application Attacks
  • 19. B o t n e t E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r 19 Mitigation: Volumetric Attacks
  • 20. B o t n e t C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r E n t e r p r i s e Attack signatures 20 Mitigation: Volumetric Attacks
  • 21. B o t n e t C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r E n t e r p r i s e 21 Mitigation: Volumetric Attacks
  • 22. 22 Attack Mitigation Optimization AppWall WAF DefensePro E n t e r p r i s e D a t a C e n t e r
  • 23. Cyber Attack Defense Attack Detection Quality of Detection (QD) Technical Coverage Detection Algorithms Time to Detection (TD) Reporting & Correlation Triaged Response Options Attack Mitigation Quality of Mitigation (QM) Over / Under Mitigating Proper Mitigation Location Time to Mitigation (TM) Local / Premise Cloud Business Partner 23 Cyber Attack Defense Attack Detection Attack Mitigation Quality Of Mitigation Time To Mitigation Quality Of Detection Time To Detection Technical Coverage Detection Algorithms Reporting & Correlation Triaged Response Options Over/Under Mitigation Mitigation Location Local / Premise Cloud Business Partner © Radware, Inc. 2014
  • 24. Cyber Control Sync, Automation & Visibility Distributed Detection Synchronize traffic baselines and attack information amongst all mitigation tools. 3rd Party Detection/ Mitigation Elements SDN-enabled Network Elements Distributed Mitigation Radware AMS Components Current Network Elements The Attack Mitigation Network Selects the most effective tools and location for attack mitigation. Collect security events and network statistics from a multitude of resources. 24 © Radware, Inc. 2014
  • 25. 1. Don’t assume that you’re not a target. Draw up battle plans. Learn from the mistakes of others. Survival Checklist 25 2. Protecting your data is not the same as protecting your business. Comprehensive information security requires data protection, system integrity and operational availability. 3. You don’t control all of your critical business systems Understand your vulnerabilities in the distributed, outsourced world. Work with cloud and internet service providers that provide you with visibility and control over your connectivity and hosted assets.
  • 26. 4. You can’t defend against attacks you can’t detect. Survival Checklist The battle prepared business harnesses an intelligence network. 26 5. Don’t believe the DDoS protection propaganda. Understand the limitations of cloud-based scrubbing solutions. Not all networking and security appliance solutions were created equal. 6. Know your limitations. Enlist forces that have expertise to help you fight.
  • 27. Cyber Security Toolkit DefensePro: Anti-DoS, Network Behavioral Analysis, IPS AppWall: Web Application Firewall Alteon: Application Delivery Controller, SSL Attack Decryption Vision: SIEM, Centralized Management & Reporting DefensePipe: Cloud-based, volumetric cyber attack scrubbing service Emergency Response Team: Free 365x7x24 support for customers that are under cyber-attack 27 © Radware, Inc. 2014
  • 28. Thank You Carl.Herberger@Radware.com VP Security Solutions © Radware, Inc. 2014