SlideShare ist ein Scribd-Unternehmen logo

Symantec Webinar | Redefining Endpoint Security- How to Better Secure the Endpoint

Symantec
Symantec

First-hand insights on the newest cloud-delivered endpoint security solutions. Hear from Joakim Liallias, Symantec and special guest speakers Sundeep Vijeswarapu from PayPal and top industry analyst Fernando Montenegro, 451 Research. Listen here: https://symc.ly/2UY2TlS.

Technologie
1 von 23
Downloaden Sie, um offline zu lesen
Redefining Endpoint Security – How to Better Secure the Endpoint Sundeep Vijeswarapu System Administrator 3; PayPal Joakim Lialias Director Product & GTM Strategy, Symantec Fernando Montenegro Senior Analyst; 451 Research
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Senior Analyst on the Information Security team Originally from , now based in Toronto Topic areas: security architecture (network security), endpoint and cloud security spaces. Prior experience: 20+ years across pre-sales and delivery roles in enterprise security. Interests: security economics, security at scale @fsmontenegro Introduction
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. ENDPOINT DETECTION AND RESPONSE (EDR)ENDPOINT PROTECTION PLATFORM (EPP) Lifecycle Avoid contact ► Reputation ► Content filtering ► Network integration ► App control ► Device control Cheap lookup ► File hashes Pre-execution checking ► AI/ML ► Network validation ► Sandboxing Consider isolation ► Virtualization ► Remote execution Evidence of malicious behavior? ►HIPS ►App behavior… Targeted investigations ►IoC ►Timelines Automated response Ad-hoc (remote) responses Rollback Remediation PREVENTION PROTECTION DETECTION RESPONSE
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Methodology 451 Voice of the Enterprise Quarterly insights: ► Budgets & Insights ► Workloads & Projects ► Organizational Dynamics ► Vendor Evaluations Briefings, Inquiries, Research 100s of hours ► Enterprise IT ► Service Providers ► Security vendors ► Finance professionals Qualitative research Independent
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Use cases Q. On a scale of 1 to 5, where 1 is 'very ineffective' and 5 is 'very effective', how would you rate your current endpoint security solution against the following use cases? Source: 451 Research’s Voice of the Enterprise: Information Security, Workloads and Key Projects 2018 0 34% 27% 21% 21% 14% 0 43% 46% 39% 31% 25% 0 16% 21% 27% 30% 34% 0 4% 4% 10% 12% 16% 0 3% 3% 4% 7% 11% Pre-execution protection (n=463) Stopping during/after execution (n=463) Removing/remediating (n=464) Use of threat intelligence (n=460) After-the-fact investigations (n=458) 5 - highest 4 3 2 1 - lowest Satisfaction rating for endpoint solutions against use cases
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. 6 Handling ransomware Q. How did you handle ransomware in the case, or the most prominent case if multiple, you experienced? Q. If your organization became the victim of a ransomware attack, how would it most likely respond first? Source: 451 Research, Voice of the Enterprise: Information Security, Workloads and Key Projects 2018 56% 18% 11% 8% 2% 1% 1% 3% 68% 5% 8% 14% 2% 0% 2% 3% We would reimage the machine and restore from a backup Our endpoint security tool would interrupt the attack Our network security tool would interrupt the attack We would reimage the machine,but would likely lose the data We would attempt to use a previously broken, publicly available encryption key to decrypt We would attempt to break the encryption key used to encrypt the files to decrypt We would pay the requested amount to unlock our data Other No Ransomware (n=407) Ransomware (n=65)
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Key Challenges Mobility ►Network-agnostic ►Limited capacity Ease of Use ►Seamless operation ►Heterogeneous UX Cognitive overload ►Distraction to be expected ►Brittle security controls USER DEMANDS Pace of change ►Cloud migrations ►M&A activity ►Resource constraints Environment Complexity ►User mobility ►Shifting trust boundaries ►Device heterogeneity ►Regulatory demands BUSINESS DEMANDS Supply Chain ►Software components ►Business relationships ►Technical relationships Attack sophistication ►LOTL/fileless ►Attack automation ►Lateral movement ►Diffuse exfiltration ATTACK TRENDS
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Best practices 8 Cross-platform support ►Windows, Mac, Linux ►Mobile devices Integrated Architecture ►Layered Protection Mobility Support ►On-site/Off-site scenarios ►Protection & Operations Architecture Hardened Environment ►Admin rights ►Macro execution ►Lateral movement Up-to-date Components ►Signatures & ML models ►Upgrade paths ►Newer features Operations Continuous Practices ►Asset Inventory ►Risk Management Program Metrics ►Process tracking ►Security outcomes ►Program improvements Management
451RESEARCH.COM ©2018 451 Research. All Rights Reserved. 9 Coming next… • Endpoint product evolution • Operating system security + 3rd party product • Automation and Orchestration capabilities (API) • For some, cloud-based endpoints • VMs, containers, Kubernetes, serverless compute, … • Governance • Regulatory frameworks, privacy, geopolitical considerations
Symantec Endpoint Protection Environment at PayPal • Our SEPM servers are on version 14.2 MP1 • On client side we are on version 14.x • GUP Servers ©2016 PayPal Inc. Confidential and proprietary.
How SEP helped alleviate our challenges ©2016 PayPal Inc. Confidential and proprietary. • Effective scanning and malware detection via Auto-Protect, SONAR, Download Insight, Manual Scan • SEP has helped us to confirm if machines we are investigating are infected are remediate them. • Even on external Hard drives, SEP identifies malicious files rather quickly as well as provides exact paths of files and other IOCs. • SEP’s data is rather accurate as well when it comes to malicious detections and IDS/RISK logs. • Quick response from Symantec when reported about false positives • Its one of the best tools for malware that we utilize in our Organization.
What’s New? How to Better Secure the Endpoint Joakim Lialias Director Product & GTM Strategy; Symantec
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Why Innovate Endpoint Security? ENDPOINT REALITIES HAVE CHANGED DRAMATICALLY ENDPOINT SECURITY MOVES BEYOND MALWARE ENDPOINT ARCHITECTURE GROWING IN COMPLEXITY 14 Yesterday Today Traditional Endpoints Fixed Function Devices Traditional Endpoints Fixed Function Devices BYOD (Unmanaged) Managed Mobile Devices Managed Mobile Devices Always Connected Users On-Premises Cloud Delivered 7 Agents for Security and Management (average) Challenges Updates Performance Talent Disjointed 2x increase in vulnerabilities driven largely by increase of apps in 2017 +77% of successful attacks in 2017 utilized file-less techniques and dual-use tools +56% increase in risky Wi-Fi networks in 2017 +8,500% increase in coinminer detections +100% of recent major APTs used Active Directory as an attack vector 7 min Average time between endpoint compromise and breach
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 15 HOMOGENOUS ENDPOINT SECURITY AND MANAGEMENT FOR A HETEROGENOUS WORLD The Most Complete Endpoint Security Solution Symantec Endpoint Security 15 TRADITIONAL PLATFORMS BROADEST COVERAGE MODERN PLATFORMS COMPUTE AND STORAGE EXTENSIVE COVERAGE TO PROTECT ALL ENDPOINTS DEEPEST PROTECTION DEFEND AGAINST ALL ATTACK VECTORS AND METHODS ANTIMALWARE PREVENT DETECT RESPOND HARDENING ISOLATE CONTROL DECEIVE FLEXIBLE MANAGEMENT INTEGRATED ARCHITECTURE ACHIEVE SUPERIOR OPERATIONAL EFFICIENCIES ON-PREM HYBRID CLOUD SIMPLIFIED ARCHITECTURE SINGLE AGENT SINGLE CONSOLE OPEN PLATFORM ICDX MODERN MANAGEMENT AUTO-MANAGE MODERN MANAGEMENT & MODERN APP EXTEND SECURITY WITH MODERN MANAGEMENT AUTO EVALUATE à AUTO RECOMMEND à AUTO APPLYà AUTOLEARN
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Foundation for fine grained control Our Endpoint Technology Approach 16 Hardening Strengthen security posture Antimalware Hardening Prevent the Knowable Hunt the Unfindable Respond to Incidents Secure the Connectable Protect the Vulnerable Restrict the Unknown Block the Suspicious Secure the Traversable
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Complete defense to address all threats and vectors Delivering a Unique Endpoint Defense Approach… Endpoint Detection and Response Antimalware Malware Prevention Suspicious Activity Detection White-list Jails Castles Hardening Block-list Capabilities unique to Symantec that deliver unmatched gray activity protection More Malicious More ExploitableThreat Continuum Threats Potential Threats Unknown Potentially Good Known Good 17
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Complete Endpoint Defense Requirements Threats Potential Threats Unknown Potentially Good Known Good Prevent Malware Detect and Respond GlobalBlock Global Whitelist Isolate Apps, Scripts & Content Restrict Domain Access Securely Connect ExfiltrationInfestationInfectionIncursion Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Exfiltration Command and Control HardeningAnti-malware ThreatContinuum 18
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Complete Endpoint Defense Portfolio Threats Potential Threats Unknown Potentially Good Known Good SEP EDR AppControl App Control Application Isolation Threat Defense for Active Directory Cloud Connect Defense ExfiltrationInfestationInfectionIncursion Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Exfiltration Command and Control ThreatContinuum 19
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY …Delivered Through a Single Agent and Console 20
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY SYMANTEC ENDPOINT SECURITY COMPLETE ENDPOINT DEFENSE FOR THE ENTERPRISE 21 Endpoint Protection Advanced Endpoint Hardening Endpoint Detection and Response Symantec Cyber Defense Manager Single Console Symantec Agent Single Agent Symantec Global Intelligence Network Symantec Endpoint Protection – Enhanced Symantec Endpoint Protection Mobile – Enhanced Symantec Endpoint Cloud Connect Defense – New Symantec Endpoint Application Control – NEW Symantec Endpoint Application Isolation – Enhanced Symantec Endpoint Threat Defense for Active Directory – NEW Symantec Endpoint Detection and Response – Enhanced Symantec Managed Endpoint Detection and Response – NEW Advanced Endpoint Defense Suite Prevent + Harden Complete Endpoint Defense Suite Prevent + Harden + Respond Endpoint with Detection and Response Prevention + Detection + Response
QUESTIONS ? Sundeep Vijeswarapu System Administrator 3; PayPal Joakim Lialias Director Product & GTM Strategy, Symantec Fernando Montenegro Senior Analyst; 451 Research
THANK YOU !

Empfohlen

A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
Kaspersky
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Rahul Neel Mani
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
Data Unit
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise Portfolio
Kaspersky
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Priyanka Aash
 
Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018
African Cyber Security Summit
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
Ahmed Hashem El Fiky
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
Shah Sheikh
 

Empfohlen

A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
Kaspersky
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Rahul Neel Mani
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
Data Unit
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise Portfolio
Kaspersky
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Priyanka Aash
 
Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018
African Cyber Security Summit
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
Ahmed Hashem El Fiky
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
Shah Sheikh
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations Center
Dragos, Inc.
 
The Golden Rules - Detecting more with RSA Security Analytics
The Golden Rules - Detecting more with RSA Security AnalyticsThe Golden Rules - Detecting more with RSA Security Analytics
The Golden Rules - Detecting more with RSA Security Analytics
Demetrio Milea
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
Priyanka Aash
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
♟Sergej Epp
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
HITCON GIRLS
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardBirds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
HITCON GIRLS
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
Ben Rothke
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of Compromise
FireEye, Inc.
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Shah Sheikh
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
Atif Ghauri
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
Digital Bond
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Prime Infoserv
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...
Huntsman Security
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
Moti Sagey מוטי שגיא
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
Priyanka Aash
 
Westjets Security Architecture Made Simple We Finally Got It Right
Westjets Security Architecture Made Simple We Finally Got It RightWestjets Security Architecture Made Simple We Finally Got It Right
Westjets Security Architecture Made Simple We Finally Got It Right
Priyanka Aash
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
Forcepoint LLC
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
xband
 

Weitere ähnliche Inhalte

Was ist angesagt?

逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
HITCON GIRLS
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
Atif Ghauri
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Prime Infoserv
 

Was ist angesagt? (20)

Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations Center
 
The Golden Rules - Detecting more with RSA Security Analytics
The Golden Rules - Detecting more with RSA Security AnalyticsThe Golden Rules - Detecting more with RSA Security Analytics
The Golden Rules - Detecting more with RSA Security Analytics
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardBirds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of Compromise
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
Westjets Security Architecture Made Simple We Finally Got It Right
Westjets Security Architecture Made Simple We Finally Got It RightWestjets Security Architecture Made Simple We Finally Got It Right
Westjets Security Architecture Made Simple We Finally Got It Right
 

Ähnlich wie Symantec Webinar | Redefining Endpoint Security- How to Better Secure the Endpoint

Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
Savvius, Inc
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
Cisco Canada
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
Blue Coat
 

Ähnlich wie Symantec Webinar | Redefining Endpoint Security- How to Better Secure the Endpoint (20)

Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
OSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityOSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint Security
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
Bezpečnost není jen antivirus
Bezpečnost není jen antivirusBezpečnost není jen antivirus
Bezpečnost není jen antivirus
 
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security Intelligence
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
 

Mehr von Symantec

Mehr von Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 
GDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators WantGDPR Breach Notification Demystifying What the Regulators Want
GDPR Breach Notification Demystifying What the Regulators Want
 
Symantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 WebinarSymantec Internet Security Threat Report (ISTR) 23 Webinar
Symantec Internet Security Threat Report (ISTR) 23 Webinar
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Kürzlich hochgeladen (20)

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Symantec Webinar | Redefining Endpoint Security- How to Better Secure the Endpoint

  • 1. Redefining Endpoint Security – How to Better Secure the Endpoint Sundeep Vijeswarapu System Administrator 3; PayPal Joakim Lialias Director Product & GTM Strategy, Symantec Fernando Montenegro Senior Analyst; 451 Research
  • 2. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Senior Analyst on the Information Security team Originally from , now based in Toronto Topic areas: security architecture (network security), endpoint and cloud security spaces. Prior experience: 20+ years across pre-sales and delivery roles in enterprise security. Interests: security economics, security at scale @fsmontenegro Introduction
  • 3. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. ENDPOINT DETECTION AND RESPONSE (EDR)ENDPOINT PROTECTION PLATFORM (EPP) Lifecycle Avoid contact ► Reputation ► Content filtering ► Network integration ► App control ► Device control Cheap lookup ► File hashes Pre-execution checking ► AI/ML ► Network validation ► Sandboxing Consider isolation ► Virtualization ► Remote execution Evidence of malicious behavior? ►HIPS ►App behavior… Targeted investigations ►IoC ►Timelines Automated response Ad-hoc (remote) responses Rollback Remediation PREVENTION PROTECTION DETECTION RESPONSE
  • 4. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Methodology 451 Voice of the Enterprise Quarterly insights: ► Budgets & Insights ► Workloads & Projects ► Organizational Dynamics ► Vendor Evaluations Briefings, Inquiries, Research 100s of hours ► Enterprise IT ► Service Providers ► Security vendors ► Finance professionals Qualitative research Independent
  • 5. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Use cases Q. On a scale of 1 to 5, where 1 is 'very ineffective' and 5 is 'very effective', how would you rate your current endpoint security solution against the following use cases? Source: 451 Research’s Voice of the Enterprise: Information Security, Workloads and Key Projects 2018 0 34% 27% 21% 21% 14% 0 43% 46% 39% 31% 25% 0 16% 21% 27% 30% 34% 0 4% 4% 10% 12% 16% 0 3% 3% 4% 7% 11% Pre-execution protection (n=463) Stopping during/after execution (n=463) Removing/remediating (n=464) Use of threat intelligence (n=460) After-the-fact investigations (n=458) 5 - highest 4 3 2 1 - lowest Satisfaction rating for endpoint solutions against use cases
  • 6. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. 6 Handling ransomware Q. How did you handle ransomware in the case, or the most prominent case if multiple, you experienced? Q. If your organization became the victim of a ransomware attack, how would it most likely respond first? Source: 451 Research, Voice of the Enterprise: Information Security, Workloads and Key Projects 2018 56% 18% 11% 8% 2% 1% 1% 3% 68% 5% 8% 14% 2% 0% 2% 3% We would reimage the machine and restore from a backup Our endpoint security tool would interrupt the attack Our network security tool would interrupt the attack We would reimage the machine,but would likely lose the data We would attempt to use a previously broken, publicly available encryption key to decrypt We would attempt to break the encryption key used to encrypt the files to decrypt We would pay the requested amount to unlock our data Other No Ransomware (n=407) Ransomware (n=65)
  • 7. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Key Challenges Mobility ►Network-agnostic ►Limited capacity Ease of Use ►Seamless operation ►Heterogeneous UX Cognitive overload ►Distraction to be expected ►Brittle security controls USER DEMANDS Pace of change ►Cloud migrations ►M&A activity ►Resource constraints Environment Complexity ►User mobility ►Shifting trust boundaries ►Device heterogeneity ►Regulatory demands BUSINESS DEMANDS Supply Chain ►Software components ►Business relationships ►Technical relationships Attack sophistication ►LOTL/fileless ►Attack automation ►Lateral movement ►Diffuse exfiltration ATTACK TRENDS
  • 8. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. Best practices 8 Cross-platform support ►Windows, Mac, Linux ►Mobile devices Integrated Architecture ►Layered Protection Mobility Support ►On-site/Off-site scenarios ►Protection & Operations Architecture Hardened Environment ►Admin rights ►Macro execution ►Lateral movement Up-to-date Components ►Signatures & ML models ►Upgrade paths ►Newer features Operations Continuous Practices ►Asset Inventory ►Risk Management Program Metrics ►Process tracking ►Security outcomes ►Program improvements Management
  • 9. 451RESEARCH.COM ©2018 451 Research. All Rights Reserved. 9 Coming next… • Endpoint product evolution • Operating system security + 3rd party product • Automation and Orchestration capabilities (API) • For some, cloud-based endpoints • VMs, containers, Kubernetes, serverless compute, … • Governance • Regulatory frameworks, privacy, geopolitical considerations
  • 10.
  • 11. Symantec Endpoint Protection Environment at PayPal • Our SEPM servers are on version 14.2 MP1 • On client side we are on version 14.x • GUP Servers ©2016 PayPal Inc. Confidential and proprietary.
  • 12. How SEP helped alleviate our challenges ©2016 PayPal Inc. Confidential and proprietary. • Effective scanning and malware detection via Auto-Protect, SONAR, Download Insight, Manual Scan • SEP has helped us to confirm if machines we are investigating are infected are remediate them. • Even on external Hard drives, SEP identifies malicious files rather quickly as well as provides exact paths of files and other IOCs. • SEP’s data is rather accurate as well when it comes to malicious detections and IDS/RISK logs. • Quick response from Symantec when reported about false positives • Its one of the best tools for malware that we utilize in our Organization.
  • 13. What’s New? How to Better Secure the Endpoint Joakim Lialias Director Product & GTM Strategy; Symantec
  • 14. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Why Innovate Endpoint Security? ENDPOINT REALITIES HAVE CHANGED DRAMATICALLY ENDPOINT SECURITY MOVES BEYOND MALWARE ENDPOINT ARCHITECTURE GROWING IN COMPLEXITY 14 Yesterday Today Traditional Endpoints Fixed Function Devices Traditional Endpoints Fixed Function Devices BYOD (Unmanaged) Managed Mobile Devices Managed Mobile Devices Always Connected Users On-Premises Cloud Delivered 7 Agents for Security and Management (average) Challenges Updates Performance Talent Disjointed 2x increase in vulnerabilities driven largely by increase of apps in 2017 +77% of successful attacks in 2017 utilized file-less techniques and dual-use tools +56% increase in risky Wi-Fi networks in 2017 +8,500% increase in coinminer detections +100% of recent major APTs used Active Directory as an attack vector 7 min Average time between endpoint compromise and breach
  • 15. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 15 HOMOGENOUS ENDPOINT SECURITY AND MANAGEMENT FOR A HETEROGENOUS WORLD The Most Complete Endpoint Security Solution Symantec Endpoint Security 15 TRADITIONAL PLATFORMS BROADEST COVERAGE MODERN PLATFORMS COMPUTE AND STORAGE EXTENSIVE COVERAGE TO PROTECT ALL ENDPOINTS DEEPEST PROTECTION DEFEND AGAINST ALL ATTACK VECTORS AND METHODS ANTIMALWARE PREVENT DETECT RESPOND HARDENING ISOLATE CONTROL DECEIVE FLEXIBLE MANAGEMENT INTEGRATED ARCHITECTURE ACHIEVE SUPERIOR OPERATIONAL EFFICIENCIES ON-PREM HYBRID CLOUD SIMPLIFIED ARCHITECTURE SINGLE AGENT SINGLE CONSOLE OPEN PLATFORM ICDX MODERN MANAGEMENT AUTO-MANAGE MODERN MANAGEMENT & MODERN APP EXTEND SECURITY WITH MODERN MANAGEMENT AUTO EVALUATE à AUTO RECOMMEND à AUTO APPLYà AUTOLEARN
  • 16. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Foundation for fine grained control Our Endpoint Technology Approach 16 Hardening Strengthen security posture Antimalware Hardening Prevent the Knowable Hunt the Unfindable Respond to Incidents Secure the Connectable Protect the Vulnerable Restrict the Unknown Block the Suspicious Secure the Traversable
  • 17. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Complete defense to address all threats and vectors Delivering a Unique Endpoint Defense Approach… Endpoint Detection and Response Antimalware Malware Prevention Suspicious Activity Detection White-list Jails Castles Hardening Block-list Capabilities unique to Symantec that deliver unmatched gray activity protection More Malicious More ExploitableThreat Continuum Threats Potential Threats Unknown Potentially Good Known Good 17
  • 18. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Complete Endpoint Defense Requirements Threats Potential Threats Unknown Potentially Good Known Good Prevent Malware Detect and Respond GlobalBlock Global Whitelist Isolate Apps, Scripts & Content Restrict Domain Access Securely Connect ExfiltrationInfestationInfectionIncursion Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Exfiltration Command and Control HardeningAnti-malware ThreatContinuum 18
  • 19. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Complete Endpoint Defense Portfolio Threats Potential Threats Unknown Potentially Good Known Good SEP EDR AppControl App Control Application Isolation Threat Defense for Active Directory Cloud Connect Defense ExfiltrationInfestationInfectionIncursion Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Exfiltration Command and Control ThreatContinuum 19
  • 20. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY …Delivered Through a Single Agent and Console 20
  • 21. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY SYMANTEC ENDPOINT SECURITY COMPLETE ENDPOINT DEFENSE FOR THE ENTERPRISE 21 Endpoint Protection Advanced Endpoint Hardening Endpoint Detection and Response Symantec Cyber Defense Manager Single Console Symantec Agent Single Agent Symantec Global Intelligence Network Symantec Endpoint Protection – Enhanced Symantec Endpoint Protection Mobile – Enhanced Symantec Endpoint Cloud Connect Defense – New Symantec Endpoint Application Control – NEW Symantec Endpoint Application Isolation – Enhanced Symantec Endpoint Threat Defense for Active Directory – NEW Symantec Endpoint Detection and Response – Enhanced Symantec Managed Endpoint Detection and Response – NEW Advanced Endpoint Defense Suite Prevent + Harden Complete Endpoint Defense Suite Prevent + Harden + Respond Endpoint with Detection and Response Prevention + Detection + Response
  • 22. QUESTIONS ? Sundeep Vijeswarapu System Administrator 3; PayPal Joakim Lialias Director Product & GTM Strategy, Symantec Fernando Montenegro Senior Analyst; 451 Research