2. 1
Agenda
1. What Changed?
2. New Rules.
3. A new world.
4. Gartner’s 2016 Magic Quadrant for Endpoint
Protection Platforms.
5. The Rise of Ransomware.
6. Kaspersky with UTMs.
7. Threat Research.
8. Conclusion.
9. Q & A.
3. 2
OUR MISSION TO PROTECT EVERYONE FROM CYBERCRIME
“Cybercrime today knows no borders, and its
technical capabilities are improving fast; we’re
seeing how attacks are becoming increasingly
sophisticated. Our mission is to combat all types
of cyberthreats, to make using internet safe and
secure”.
@ IDC conference 2014 FourPoint Lagos Nigeria.
Stanisalus Mezu
Chief Executive Officer and Chairman
Palette Business Solution
6. 5
Knowledge workers will
spend only
5%of the day in the
same space and
time as their colleagues by
2017.
WORK HAS CHANGED
82%
of companies
allow use of
employee-
owned devices
84%
of organizations have
remote workers
2020
Year
Millennials
will comprise
50%
of the global
workforce
8. 7
SO HAVE THE RISKS
$11.56
$12.69
$15.42
2013 2014 2015
Average Cost of Cybercrime in the U.S.
Dollars (Millions), per incident
Sony security spends $22M per
year. Sony Breach…direct cost
of $35M for one year….cost to
reputation $100B+
Kowsik Guruswamy, CTO of Menlo Security
“
9. 8
TODAY’S STANDARDAPPROACHES
NO LONGER WORK
TOO MUCH
FOCUS ON
COMPLIANCEEnterprises spend too much on
checking boxes down a list.
TOO RISK BASED
Taking a reactive approach only
addresses known threats, not the
new unknowns.
TOO MANY POINT
SOLUTIONS
Too many different security
vendors whose products do not
communicate with one another.
13. 12
Pervasive Users
Users expect to
be able to work
in any location
and have access
to all their work
resources. Users
expect work to be
lifestyle-agnostic.
Devices Explosion
The explosion of
devices is eroding
the standard-based
approach to
corporate
IT. BYOD is re-
defining
workplace standard.
Ubiquitous Apps
Deploying and
managing plethora
of applications
across different
platforms is
becoming more
difficult. Rouge
Apps easily
compromise BYOD
devices.
Corporate Data on all
Devices
As yearning for
productivity requires
users to have access
to corporate data on
all devices, this
presents new
challenges of data
loss, espionage and
compliance/regulator
violation.
HOW PERVASIVE IS TODAY’S WORKPLACE?
14. 13
HOW BUSINESS CAN TAKE CONTROL?
Today's workplace culture is fast-evolving. Productivity now continues to
demand that Users use different lifestyle-fit Devices to run Ubiquitous
Apps and access Business Data. More business data are shifting from on-
premise repositories to cloud and devices. Users have increasing liberty to
access corporate data from any device, anywhere and anytime. This new
"workplace culture" requires new tool to secure endpoints, manage
identity and protect organization data asset.
Enterprise Software Mobility Suite is a comprehensive cloud-based
solution to address consumerization of IT, BYOD and ubiquitous
Apps/Data challenges.
21. 20
The enterprise IT staff is faced with what has been an
unsolvable problem. The enterprise depends on the network to
ensure the continuity of the business and depending upon the
business model, the network may be at the center of its strategy.
Injecting security into this model has traditionally meant slow
downing the network, sometimes to the point of affecting
application performance resulting in complaints. The
organization is then forced to find a middle ground between the
two, a compromise that pleases no one. But until now, this has
been compromise that enterprises have been forced to make.
22. 21
A NEW WORLD
CALLS FOR A
NEW APPROACH
Today’s world demands security
without compromise.
29. 28
MOBILITY
Sources: 1 - Forrester Research, 2 – Gartner, 3 - Corporate IT Security Risks Survey 2014,
of the world’s
workforce is mobile1
Today,
~37% of all companies
worldwide are
expected to adopt
the BYOD model2
By 2017,
50% devices is among
the top priorities for
the corporate IT
security function3
Security of
mobile/
portable
32. 31
Kaspersky Lab Threat Intelligence
Insight and Expertise Gained Through a history of Discoveries
2014
REGIN
THE MASK
TURLA
ENERGETIC BEAR/
CROUCHING YETI
DARKHOTEL
2013
RED
OCTOBER
WINNTI
NETTRAVELER
ICEFOG
KIMSUKI
2012
FLAME
GAUSS
MINIFLAME
2011
DUQU
Q1 2015
DESERT
FALCONS
EQUATION
CARBANAK
HELLSING
33. 32
IT’S TIME TO RETHINK YOUR IT SECURITY
MOBILITY DATA
SECURITY
BUSINESS
CONTINUITY
SECURITY
INTELLIGENCE
TRUSTED
PARTNER
COMPREHENSIVE
PROTECTION
TO PREPARE FOR THE INEVITABLE!
34. 33
Kaspersky Lab’S ENTERPRISE SOLUTIONS PORTFOLIO
Built to Address key Customer Needs
ENDPOINT
SECURITY
MOBILE
SECURITY
VIRTUALIZATION
SECURITY
SECURITY
INTELLIGENCE
DDOS
PROTECTION
SOLUTIONS FOR
DATA CENTERS
INDUSTRIAL
SECURITY
FRAUD
PREVENTION
ANTI-APT
MOBILITY DATA
SECURITY
BUSINESS
CONTINUITY
35. 34
Here's Who Made Gartner's 2016 Magic Quadrant
Endpoint Protection Platforms
36. 35
Strengths: In particular, Gartner praised the range
of malware protection options from OfficeScan, the
company's endpoint detection and response solution
(which many others do not offer), its malware
detection sandbox and its "very complete" Endpoint
Application Control solution. Gartner also said the
company's relationship with VMware has proven
beneficial for anti-malware scanning, intrusion
prevention and file integrity monitoring capabilities.
Weaknesses: Most of Gartner's cautions about Trend
Micro concerned a list of integration it wished the vendor
offered, including bringing anti-malware scanning
capabilities to OfficeScan, policy-level integration and
more variety of OS offerings for application control,
encryption, DLP and device control. Gartner said Trend
Micro could benefit from more granular product
management of its Control Manager and a central database
for its Endpoint Sensor alerts.mmmmm
Trend Micro: Leader
Trend Micro, based in Tokyo, is one of the largest enterprise
protection platform vendors on the Gartner list. Gartner also
praised Trend Micro's investment in application control,
vulnerability detection and shielding, malware sandboxing, and
endpoint detection and response. The company also has made
investments in next-generation IPS and network security with its
October acquisition of HP TippingPoint.
Trend Micro: Strengths And Weakness1st Place in the Gartner’s rating
37. 36
Strengths: Gartner praised Intel Security's
wide range of solutions, as well as EPP
integration with the company's ePO
administrative platform, Global Threat
Intelligence and Threat Intelligence
Exchange. Benefits also included Intel
Security's Advanced Threat Defense
sandboxing solution as well as its
Management for Optimized Virtual
Environments anti-malware scanning.
Weaknesses: Intel Security is plagued by
customer complaints based on its legacy
multiple agent architecture, Gartner said.
Gartner said the company shows slow
evolution around its integration framework,
upgrades required for detection and
administration improvements as well as the
requirement of Intel-based chipsets for some
advanced capabilities.
Intel Security: Leader
The second-largest EPP vendor on Gartner's list is Intel Security, which was named a
"leader" on this year's Magic Quadrant list. Gartner praised the Santa Clara, Calif.-
based vendor's extensive portfolio of security solutions, as well as its integration with
its ePolicy Orchestrator (ePO) solution. The company has been shedding multiple
product lines in recent months to accommodate its new strategy, but EPP is one area
that has remained relatively untouched.
2nd Place in the Gartner’s rating Intel Security
38. 37
Strengths: Gartner praised Kaspersky for its
malware research team and wide variety of
integration client management tools. It also
had particular praise for Kaspersky's
Automatic Exploit Prevention, Zero-Day
Exploit and Targeted Attack Shield and
Security for Virtualization technologies.
Weaknesses: Some fallings for Kaspersky included
the company's lack of endpoint detection and
response or malware sandboxing, as well as the
long replacement cycle that will likely come with
its upcoming Endpoint Security For Business 10
SP2 edition. Gartner said the company's client
management tool is more ideal for SMBs and
operations validation, rather than for the enterprise.
3nd Place in the Gartner’s rating Kaspersky Lab
59. 58
URGENT DETECTION SYSTEM 2 (UDS2)
Advantages:
The shingle lists are updated in real time, no database updates
Far more efficient at filtering unsolicited mail
Works in combination with “conventional” technologies
UDS – Cloud-based spam filtering system. Checks certain characteristics of email (not
content!) against cloud database to produce verdict. Relies on full message “signature”, not
able to detect slightly modified messages.
UDS2 – dissects emails to tokens and combines tokens “signatures” to create a “shingle”- new
type of signature not vulnerable to slight spam alternations.
60. 59
AUTOMATIC EXPLOIT PREVENTION
The purpose of any exploit is to trigger certain vulnerabilities in software in order to launch various types
of malicious code.
Signature/heuristic scan
Vulnerability scan
Patch management
Raised alert level to attempts of most frequently targeted software to execute
code
Application actions history to see the context
Matching against templates of actions performed by know exploits
Code origin tracking, detecting code execution without user’s consent
Forced Address Space Layout Randomization to break exploit behavior
Known exploits:
Unknown (zero-day) exploits:
61. 60
PROTECTION QUALITY
PROVEN BY INDEPENDENT TESTS
N of independent
tests/reviews
Score
of TOP
3
places
*Notes:
• According to summary
results of independent tests
in 2014 for corporate,
consumer and mobile
products.
• Summary includes tests
conducted by the
following independent
test labs and
magazines:
Test labs: AV-
Comparatives, AV-Test,
Dennis;
Technology Labs, MRG E
tas, NNS Labs, PC;
Security Labs, VirusBulletin.
• The size of the bubble
reflects the number of 1st
places achieved.
* Top overall test rating for 2014. For details, see
http://www.kaspersky.com/about/news/product/2015/kaspersky-lab-products-achieve-outstanding-results-in-independent-
tests-throughout-2014
62. 61
KSV TEST RESULTS
61
Tolly Group (KSV | Agentless v.2.0)
Tolly found that Kaspersky Security for Virtualization 2.0 blends efficient hypervisor resource usage with solid protection abilities by
delivering lower response time and disk usage than the other products tested. Kaspersky also defended against threats better than the
other agentless offerings under tests.
63. 62
KSV Test results
62
AV-Test (KSV | Light Agent v.3.0)
While all measured products show similar protection levels their performance impacts differed significantly. Kaspersky Security for
Virtualization | Light Agent has shown the least impact on the virtual infrastructure which results in better efficiency of the virtual
environment empowered by this solution.
66. 65
SECURITY INTELLIGENCE IS IN OUR DNA
Expertise from the TOP down. Our CEO/MD Stanislus Mezu is the foremost,
respected, influential security expert.
Respected among TOP security organizations. We are trusted
by and have partnerships with the world’s fastest-growing
cybersecurity companies and the largest one that is privately-
owned.
Independent recognition of our leadership.
Kaspersky Lab is consistently awarded top scores
in more independent tests than any other vendor.
We have been identified as a Leader in the three
most prominent and influential global analyst
vendor assessments
Leading global threat intelligence. Threat
Research and Global Research and Analysis
Teams are strategically located all around
the globe, providing unparalleled depth of
analysis and understanding of all kinds of
threats
Leading discovery of the most complicated threats. We
have a long-standing reputation of making the first and
most relevant security discoveries
See and predict security incidents. The
Kaspersky Security Network gives us the
broadest view of millions of threats from every
corner of the world
Technology driven. We are the world’s largest privately held
IT security company whose R&D teams are solely focused on
technology quality and innovation, rather than being
constrained only by short-term, market-driven profit
expectations
67. 66
SECURITY EXPERTISE FROM THE TOP DOWN
•More than 200 Partners locally
•More than 1/3 of the
company’s employees are
R&D experts
•We are a VAD company, our
R&D resources are quick
and flexible
69. 68
Palette Business Solution HQ
9 Adebola Street (Entrance on Alhaji Masha),
Surulere, Lagos, Nigeria.
www.paletteng.com
LET'S TALK?
70. 69
a. Using Vmware tools
How can an administrator manage Kaspersky for virtulization?
b. Using Kaspersky Security Center.
c. Using the web interface of Kaspersky security for virtualization.
d. using the command line interface of Kaspersky security for virtualization
Question