SlideShare ist ein Scribd-Unternehmen logo

Talos threat-intelligence

X
xband

PROTECTING YOUR NETWORK

Technologie
1 von 4
Downloaden Sie, um offline zu lesen
page 1 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com PROTECTING YOUR NETWORK Talos Group At Talos, we know that the magic black box and the silver bullet security solutions do not exist. We know that security is difficult and that it requires a new approach, one that empowers our customers to address their security challenges. We strive to weaponize intelligence and build detection technologies to quickly inform and defend our customers. The digital world is expanding at an unprecedented rate, likewise targets and attack opportunities are expanding equally quickly. To be effective in combating these threats, security experts need to go beyond tracking and detecting, and need to push the boundaries of today's security technologies to work against tomorrow's exploits. Talos takes the initiative to provide the most comprehensive and proactive security and threat intelligence solutions in the industry, which in turn com- prises the solid foundation of the Cisco Security ecosystem. Talos' core objective is to provide verifiable and customizable defensive technologies and techniques that help customers quickly protect assets from the cloud to core. Our job is protecting your network. WHAT IS TALOS Talos is Cisco’s threat intelligence organization, an elite group of security experts devoted to providing superior protection for our customers, products, and services. Talos encompasses five key areas: Detection Research, Threat Intelligence, Engine Development, Vulnerability Research and Development, and Outreach. Detection Research consists of vulnerability and malware analysis that leads to the development of detection content for all of Cisco’s security products. This includes unpacking, reverse engineering, and the development of proof of concept code to ensure we address each threat in the most efficient and effective way possible on each platform. Threat Intelligence consists of correlating and tracking threats so that we are able to turn attribution information into action- able threat intelligence. By identifying threats and threat actors more quickly, Talos Intelligence enables us to protect our customers quickly and effectively. Engine Development efforts helps ensure our various inspection engines stay current and maintains their ability to detect and address emerging threats. Talos is comprised of five key areas: Detection Research, Threat Intelligence, Engine Development, Vulnerability Research and Development, and Outreach. Vulnerability Research and Development develops ways to identify “Zero-Day” security issues in the platforms and operating systems our customers depend on. By doing this in a programmatic, repeatable fashion, they identify new methods to find and defend against security issues. Outreach programs involve researching, identifying, and communicating new trends our adversaries are using to compromise victims. SUPERIOR PROTECTION BREADTH AND DEPTH OF SECURITY COVERAGE Protecting your network requires both breadth and depth of coverage. While some research teams limit their focus to a few areas, Talos is dedicated to helping provide protection against
page 2 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com SOFTWARE SUPPORTED BY TALOSan extensive range of threats. Talos' threat intelligence supports a wide range of security solutions including Next-Generation IPS (with and without integrated application control), Next-Generation Firewall and AMP (our advanced malware analysis and protection), Email Security Appliance, Web Security Appliance, and ThreatGrid, as well as numerous open source and commercial threat protection systems. Customers gain the unique benefit of the wide range of Cisco security products feeding into the Talos Threat feed. This allows Talos' intelligence and threat research to be deployed in any type of environment to protect any type of asset. EMAIL SECURITY It comes as no surprise that Talos has a unique insight into email based threats due to SenderBase© and SpamCop© . The additional perspective obtained through our diverse customer base allows us to address and identify threats with unparalleled speed and agility. Each day we inspect over 300 billion emails; drawing on layering detection technologies (like outbreak filters and machine-learning based reputation filters), along with Cisco’s Advanced Malware Protection (AMP). With all of the features combined, Talos blocks approximately 200 billion malicious emails a day, or 2.3 million blocks per second. UNMATCHED WEB VISIBILITY Cisco web security technologies have a reputation for detecting and identifying new and emerging web exploitation techniques. The Angler exploit kit for example compromises users with a success rate of 40% making it one of the most effective ways of compromising users on the internet. Talos has insight into nearly 17 billion web requests each day, drawing on multiple protection methods including our AMP technology to protect our users. PROVEN IPS VULNERABILITY-BASED PROTECTION Talos is well known in the industry for its excellence in detecting the myriad of vulnerabilities, exploits, and malware that emerge daily. Using high quality, rapid releases, we keep our customers up-to-date with vulnerability-based protections for the latest threats. While other vendors claim similar coverage, only Talos has proven time and time again in third-party validation that our detection content is top notch. For the last seven years Talos has led the NSS Labs Network IPS test in detection rate. ADVANCED MALWARE PROTECTION Keeping customers safe against the onslaught of malware requires innovative and rapidly advancing detection technol- ogies and content. Additionally, it requires massive amounts of intelligence gathering, reverse engineering, and analytics to wade through this mountain of data and turn it into actionable information. Talos utilizes all of this information to develop malware protections, post-compromise protection, reputation services, and analysis tools to locate threats as they appear “in the wild”. These capabilities are driven back into all Cisco's products for protecting hosts, mail gateways, and network assets — truly protecting customers, Before, During, and After the threat. COMPREHENSIVE INTELLIGENCE ACTIONABLE COMMUNITY-DRIVEN THREAT DATA The core component of any holistic security strategy is solid, actionable intelligence. Over the last 10 years Talos has built one of the most comprehensive intelligence-gathering and analysis platforms in the industry. Through the ClamAV™, Snort® , Immunet™, SpamCop© , SenderBase© , Threat Grid™, and Talos user communities, Talos receives valuable intelligence that no other security research team can match. In addition, through collaboration with users and customers around the globe through our Crete (formerly SPARK) program, Talos is able to detect regionalized and language specific threats as they emerge. Talos tracks threats across end points, networks, cloud environments, web, and email providing a comprehensive understanding of cyber threats, their root causes, and scopes of outbreaks.
page 3 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com ACCESS TO VULNERABILITY INFORMATION Talos also analyzes numerous public and private intelligence feeds every day, looking for new threats, and acting on that information in real-time to develop new detection content. In addition, industry partnerships like the Microsoft Active Protection Program (MAPP) allow Talos to quickly and effectively handle new Microsoft and Adobe targeted threats, releasing our detection on the same day as Microsoft patches. This allows our customers to protect their critical assets with network and host-based protection, while they test and deploy these new patches. INNOVATIVE DETECTION TECHNOLOGIES FLEXIBLE DEFENSIVE TECHNOLOGIES FOR DYNAMIC ENVIRONMENTS The threat landscape has evolved from buffer overflows in network services, to complex client side attacks targeting browsers and files. As attacks change, so must the defensive technologies used to detect them. Talos is constantly working on new detection technologies that push the envelope of today’s detection mechanisms, while keeping them agile enough to be quickly adapted to tomorrow’s threats. ANTICIPATING THREATS It is one thing to respond to new threats, it is another to protect against new ones. Talos is constantly searching for new vulnerabilities and threats that could affect our customers. When new vulnerabilities are discovered, Talos releases rules to protect against these Zero-Day threats while the affected vendors develop and test their patches. With these protections, Talos customers can control the threat while waiting for protections from their vendors. Talos is also actively engaged in locating new malicious websites, botnet command-and-control servers, and other malicious sites on the Internet. Once located, this information is cataloged and consolidated into comprehensive IP blacklists and URL filtering feeds, which are distributed to our customers as well as shared with industry partners in order to make the internet a safer place. Talos pulls data from millions of users worldwide, honeypots, sandboxes, and extensive industry partnerships, collecting more than 1.1 million unique malware samples a day. USERS SANDBOXES PARTNERS HONEY POTS EXAMPLES OF TALOS 0-DAY THREAT PROTECTION: ■■ TALOS-2015-0024 – Total Commander ■■ TALOS-2015-0018 – Apple Quicktime ■■ VRT-2014-0301 – Microsoft Windows FastFAT REAL-TIME MALWARE INTELLIGENCE Through compiling data acquired from the millions of users worldwide, along with honeypots, sandboxes, and extensive industry partnerships in the malware community, Talos collects more than 1,100,000 malicious software samples a day. Our advanced analysis infrastructure automatically analyzes these samples and rapidly generates detection content to mitigate these threats on a daily basis. This allows us an amazing in- sight into the threat landscape and an unparalleled perspective as our adversaries attempts to compromise users. THREAT RESEARCH Whether identifying new malware families targeting point- of-sale terminals like PoSeidon, widespread malvertising networks like “Kyle and Stan”, or even threats that pose a risk to core services on the Internet like "SSHPsychos", Talos can be counted on to identify, research, and document their adversaries. During every investigation Talos identifies multiple ways customers can defend against threats. We pride ourselves on not only identifying and remediating the issue at hand but also on identifying all facets of the adversaries criminal network, even if they are associated with entirely separate malware campaigns. Cisco customers benefit by having this threat intelligence built into every product. Additionally this information is shared with the public via blogs, Snort rules, conferences, and white papers. By providing this information to as many people as possible we can help introduce obstacles for our adversaries.
page 4 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com Content URL Talos Website talosintel.com Talos Blog blogs.cisco.com/talos Talos Twitter twitter.com/talossecurity Talos YouTube Channel cs.co/talostube IRC Channels irc.freenode.net: #snort, #razorback, #clamav ClamAV Website clamav.net ClamAV Blog blog.clamav.net Snort Website snort.org Snort Blog blog.snort.org Talos Rule Advisories snort.org/talos TRUSTED COMMUNITY EXTENDING YOUR TEAM Having a trusted place to turn when the going gets tough is essential to effective security. Without strong communication channels between security and response teams and trust- ed partners, it is impossible to stay up-to-date on the latest threats and solve your unique security problems. Talos believes we should be an extension of your security team. We don’t just push information at you, we want to have constructive conver- sations about your goals and how we can help you reach them. Talos has created several programs to help facilitate this task. INTELLIGENCE SHARING The Awareness, Education, Guidance, and Intelligence Sharing (AEGIS™) program was created specifically to interact with our customers and partners to help solve custom detection challenges in your specialized environments. AEGIS puts participating members of the security industry in direct contact with the Talos Threat Intelligence Team to help build custom detection content, improve security practices, gather feed- back on our products and services, and implement customer improvements to our products. It’s just one more way we help protect your network. The Crete program is a collaborative exchange between Talos and our Customers that provide us with real-world scenarios and traffic, while providing participating customers with lead- ing edge intel. INTERACTIVE INFORMATION Talos keeps in constant contact with our customers through numerous interactive channels. Talos, ClamAV, and Snort blogs are continually updated with information about the latest threats, how to create custom detection content, and in-depth analysis of the latest malware families. For a list of Talos resources and ways to interact with Talos, see the table below. KEEPING UP-TO-DATE Talos is responsible for the entire chain of Cisco detection and prevention, from intelligence-gathering, analysis, content creation, packaging and quality assurance, to end user delivery. Controlling this entire process allows Talos to rapidly deliver industry-leading detection content in the time frames neces- sary for defending against today’s latest threats. CONCLUSION Talos provides a uniquely comprehensive and proactive approach to protecting your network. With an enviable track record for success and leadership in the security industry, team members are focused on providing high-quality, customer-driven security research that sets the bar for accuracy and relevance. For Talos customers, these skills and research translate directly into award-winning products and services. Even if you’re not a Talos customer, you will reap the benefits provided by Talos’ research efforts. With a unique and enduring commitment to an open source model, and a continuing stream of research papers, presentations, blog posts and more, Talos makes high-impact, effective knowledge and tools available to the entire community. It’s a record and a legacy - one that is unmatched in the industry.

Empfohlen

Data Center Server security
Data Center Server securityData Center Server security
Data Center Server securityxband
 
Advanced Threat Defense Intel Security
Advanced Threat Defense Intel SecurityAdvanced Threat Defense Intel Security
Advanced Threat Defense Intel Securityxband
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban PrósperoClusterCba
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Disección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeDisección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeCristian Garcia G.
 
FireEye Portfolio
FireEye PortfolioFireEye Portfolio
FireEye PortfolioPrime Infoserv
 

Empfohlen

Data Center Server security
Data Center Server securityData Center Server security
Data Center Server securityxband
 
Advanced Threat Defense Intel Security
Advanced Threat Defense Intel SecurityAdvanced Threat Defense Intel Security
Advanced Threat Defense Intel Securityxband
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban PrósperoClusterCba
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Disección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeDisección de amenazas en entornos de nube
Disección de amenazas en entornos de nubeCristian Garcia G.
 
FireEye Portfolio
FireEye PortfolioFireEye Portfolio
FireEye PortfolioPrime Infoserv
 
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not MarketingArrowECS_CZ
 
Issa jason dablow
Issa jason dablowIssa jason dablow
Issa jason dablowISSA LA
 
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Chaitanya chandra sekhar
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye SolutionsPrime Infoserv
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníMarketingArrowECS_CZ
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseRahul Neel Mani
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.marketingunitrends
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
FireEye Advanced Threat Protection - What You Need to Know
FireEye Advanced Threat Protection - What You Need to KnowFireEye Advanced Threat Protection - What You Need to Know
FireEye Advanced Threat Protection - What You Need to KnowFireEye, Inc.
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalZscaler
 
Advanced persistent threat (apt) & data centric audit and protection (dacp)
Advanced persistent threat (apt) & data centric audit and protection (dacp)Advanced persistent threat (apt) & data centric audit and protection (dacp)
Advanced persistent threat (apt) & data centric audit and protection (dacp)CloudMask inc.
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint ProtectionMustafa YÜKSEL
 

Weitere ähnliche Inhalte

Was ist angesagt?

Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not MarketingArrowECS_CZ
 
Issa jason dablow
Issa jason dablowIssa jason dablow
Issa jason dablowISSA LA
 
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Chaitanya chandra sekhar
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníMarketingArrowECS_CZ
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseRahul Neel Mani
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.marketingunitrends
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
FireEye Advanced Threat Protection - What You Need to Know
FireEye Advanced Threat Protection - What You Need to KnowFireEye Advanced Threat Protection - What You Need to Know
FireEye Advanced Threat Protection - What You Need to KnowFireEye, Inc.
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalZscaler
 

Was ist angesagt? (20)

Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
 
Issa jason dablow
Issa jason dablowIssa jason dablow
Issa jason dablow
 
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
Mcafee data loss_prevention_11.6.x_product_guide_9-28-2021
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guide
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
FireEye Advanced Threat Protection - What You Need to Know
FireEye Advanced Threat Protection - What You Need to KnowFireEye Advanced Threat Protection - What You Need to Know
FireEye Advanced Threat Protection - What You Need to Know
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
 

Ähnlich wie Talos threat-intelligence

Advanced persistent threat (apt) & data centric audit and protection (dacp)
Advanced persistent threat (apt) & data centric audit and protection (dacp)Advanced persistent threat (apt) & data centric audit and protection (dacp)
Advanced persistent threat (apt) & data centric audit and protection (dacp)CloudMask inc.
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint ProtectionMustafa YÜKSEL
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for merakiCisco Canada
 
Websense security prediction 2014
Websense security prediction 2014Websense security prediction 2014
Websense security prediction 2014Bee_Ware
 
Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networksCisco Canada
 
SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security ChecklistMobeen Khan
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - CybersecurityAbhilashYadav14
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsRedhuntLabs2
 
bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)
bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)
bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)Sam Kumarsamy
 
Types-of-Cyber-Attacks-E-book.pdf
Types-of-Cyber-Attacks-E-book.pdfTypes-of-Cyber-Attacks-E-book.pdf
Types-of-Cyber-Attacks-E-book.pdfANUSREEASHOK5
 
How Zyxel UTM Stops Ransomware....
How Zyxel UTM Stops Ransomware....How Zyxel UTM Stops Ransomware....
How Zyxel UTM Stops Ransomware....Bhairave Maulekhi
 
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...cyberprosocial
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakMarc St-Pierre
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutionsAlan Rudd
 
CWTSBWEB022416 (1)
CWTSBWEB022416 (1)CWTSBWEB022416 (1)
CWTSBWEB022416 (1)Greg Posten
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...cyberprosocial
 

Ähnlich wie Talos threat-intelligence (20)

Advanced persistent threat (apt) & data centric audit and protection (dacp)
Advanced persistent threat (apt) & data centric audit and protection (dacp)Advanced persistent threat (apt) & data centric audit and protection (dacp)
Advanced persistent threat (apt) & data centric audit and protection (dacp)
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint Protection
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
 
Websense security prediction 2014
Websense security prediction 2014Websense security prediction 2014
Websense security prediction 2014
 
Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networks
 
SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security Checklist
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - Cybersecurity
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 
Product brochure-print-spread
Product brochure-print-spreadProduct brochure-print-spread
Product brochure-print-spread
 
bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)
bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)
bcs_sb_TechPartner_SAPlatform_Damballa_EN_v1a (2)
 
CTI Report
CTI ReportCTI Report
CTI Report
 
Types-of-Cyber-Attacks-E-book.pdf
Types-of-Cyber-Attacks-E-book.pdfTypes-of-Cyber-Attacks-E-book.pdf
Types-of-Cyber-Attacks-E-book.pdf
 
Talos
TalosTalos
Talos
 
How Zyxel UTM Stops Ransomware....
How Zyxel UTM Stops Ransomware....How Zyxel UTM Stops Ransomware....
How Zyxel UTM Stops Ransomware....
 
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
Safeguarding the Digital Realm Understanding CyberAttacks and Their Vital Cou...
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience Fastrak
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutions
 
CWTSBWEB022416 (1)
CWTSBWEB022416 (1)CWTSBWEB022416 (1)
CWTSBWEB022416 (1)
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
Safeguarding the Digital Realm: Understanding CyberAttacks and Their Vital Co...
 

Mehr von xband

Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breachesxband
 
Security Transformation Services
Security Transformation ServicesSecurity Transformation Services
Security Transformation Servicesxband
 
Security Operations and Response
Security Operations and ResponseSecurity Operations and Response
Security Operations and Responsexband
 
Information Risk and Protection
Information Risk and ProtectionInformation Risk and Protection
Information Risk and Protectionxband
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
API Connect Presentation
API Connect PresentationAPI Connect Presentation
API Connect Presentationxband
 
Verizon Data Breach Investigation Report
Verizon Data Breach Investigation ReportVerizon Data Breach Investigation Report
Verizon Data Breach Investigation Reportxband
 
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netxband
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gapxband
 
Hipaa Omnibus Final-Rule-eResource
Hipaa Omnibus Final-Rule-eResourceHipaa Omnibus Final-Rule-eResource
Hipaa Omnibus Final-Rule-eResourcexband
 
The Total Economic Impact™ Of Cisco Data Virtualization
The Total Economic Impact™ Of Cisco Data VirtualizationThe Total Economic Impact™ Of Cisco Data Virtualization
The Total Economic Impact™ Of Cisco Data Virtualizationxband
 
Assessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security SolutionsAssessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security Solutionsxband
 
Big Data, Little Data, and Everything in Between
Big Data, Little Data, and Everything in BetweenBig Data, Little Data, and Everything in Between
Big Data, Little Data, and Everything in Betweenxband
 
2015 cost of data breach study global analysis
2015 cost of data breach study global analysis2015 cost of data breach study global analysis
2015 cost of data breach study global analysisxband
 
Charles la trobe_college_learning_without_limits
Charles la trobe_college_learning_without_limitsCharles la trobe_college_learning_without_limits
Charles la trobe_college_learning_without_limitsxband
 
Fujitsu spain revolutionizing_public_administration
Fujitsu spain revolutionizing_public_administrationFujitsu spain revolutionizing_public_administration
Fujitsu spain revolutionizing_public_administrationxband
 
Iter supercomputing beyond_horizon
Iter supercomputing beyond_horizonIter supercomputing beyond_horizon
Iter supercomputing beyond_horizonxband
 
Ben gurion university_data_desert
Ben gurion university_data_desertBen gurion university_data_desert
Ben gurion university_data_desertxband
 
Shanghai health bureau_big_data_healthcare
Shanghai health bureau_big_data_healthcareShanghai health bureau_big_data_healthcare
Shanghai health bureau_big_data_healthcarexband
 
Bilim Pharmaceuticals Books 2-in-1 Convertibles
Bilim Pharmaceuticals Books 2-in-1 ConvertiblesBilim Pharmaceuticals Books 2-in-1 Convertibles
Bilim Pharmaceuticals Books 2-in-1 Convertiblesxband
 

Mehr von xband (20)

Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breaches
 
Security Transformation Services
Security Transformation ServicesSecurity Transformation Services
Security Transformation Services
 
Security Operations and Response
Security Operations and ResponseSecurity Operations and Response
Security Operations and Response
 
Information Risk and Protection
Information Risk and ProtectionInformation Risk and Protection
Information Risk and Protection
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
API Connect Presentation
API Connect PresentationAPI Connect Presentation
API Connect Presentation
 
Verizon Data Breach Investigation Report
Verizon Data Breach Investigation ReportVerizon Data Breach Investigation Report
Verizon Data Breach Investigation Report
 
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
 
Hipaa Omnibus Final-Rule-eResource
Hipaa Omnibus Final-Rule-eResourceHipaa Omnibus Final-Rule-eResource
Hipaa Omnibus Final-Rule-eResource
 
The Total Economic Impact™ Of Cisco Data Virtualization
The Total Economic Impact™ Of Cisco Data VirtualizationThe Total Economic Impact™ Of Cisco Data Virtualization
The Total Economic Impact™ Of Cisco Data Virtualization
 
Assessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security SolutionsAssessing the Business Value of SDN Datacenter Security Solutions
Assessing the Business Value of SDN Datacenter Security Solutions
 
Big Data, Little Data, and Everything in Between
Big Data, Little Data, and Everything in BetweenBig Data, Little Data, and Everything in Between
Big Data, Little Data, and Everything in Between
 
2015 cost of data breach study global analysis
2015 cost of data breach study global analysis2015 cost of data breach study global analysis
2015 cost of data breach study global analysis
 
Charles la trobe_college_learning_without_limits
Charles la trobe_college_learning_without_limitsCharles la trobe_college_learning_without_limits
Charles la trobe_college_learning_without_limits
 
Fujitsu spain revolutionizing_public_administration
Fujitsu spain revolutionizing_public_administrationFujitsu spain revolutionizing_public_administration
Fujitsu spain revolutionizing_public_administration
 
Iter supercomputing beyond_horizon
Iter supercomputing beyond_horizonIter supercomputing beyond_horizon
Iter supercomputing beyond_horizon
 
Ben gurion university_data_desert
Ben gurion university_data_desertBen gurion university_data_desert
Ben gurion university_data_desert
 
Shanghai health bureau_big_data_healthcare
Shanghai health bureau_big_data_healthcareShanghai health bureau_big_data_healthcare
Shanghai health bureau_big_data_healthcare
 
Bilim Pharmaceuticals Books 2-in-1 Convertibles
Bilim Pharmaceuticals Books 2-in-1 ConvertiblesBilim Pharmaceuticals Books 2-in-1 Convertibles
Bilim Pharmaceuticals Books 2-in-1 Convertibles
 

Kürzlich hochgeladen

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Kürzlich hochgeladen (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Talos threat-intelligence

  • 1. page 1 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com PROTECTING YOUR NETWORK Talos Group At Talos, we know that the magic black box and the silver bullet security solutions do not exist. We know that security is difficult and that it requires a new approach, one that empowers our customers to address their security challenges. We strive to weaponize intelligence and build detection technologies to quickly inform and defend our customers. The digital world is expanding at an unprecedented rate, likewise targets and attack opportunities are expanding equally quickly. To be effective in combating these threats, security experts need to go beyond tracking and detecting, and need to push the boundaries of today's security technologies to work against tomorrow's exploits. Talos takes the initiative to provide the most comprehensive and proactive security and threat intelligence solutions in the industry, which in turn com- prises the solid foundation of the Cisco Security ecosystem. Talos' core objective is to provide verifiable and customizable defensive technologies and techniques that help customers quickly protect assets from the cloud to core. Our job is protecting your network. WHAT IS TALOS Talos is Cisco’s threat intelligence organization, an elite group of security experts devoted to providing superior protection for our customers, products, and services. Talos encompasses five key areas: Detection Research, Threat Intelligence, Engine Development, Vulnerability Research and Development, and Outreach. Detection Research consists of vulnerability and malware analysis that leads to the development of detection content for all of Cisco’s security products. This includes unpacking, reverse engineering, and the development of proof of concept code to ensure we address each threat in the most efficient and effective way possible on each platform. Threat Intelligence consists of correlating and tracking threats so that we are able to turn attribution information into action- able threat intelligence. By identifying threats and threat actors more quickly, Talos Intelligence enables us to protect our customers quickly and effectively. Engine Development efforts helps ensure our various inspection engines stay current and maintains their ability to detect and address emerging threats. Talos is comprised of five key areas: Detection Research, Threat Intelligence, Engine Development, Vulnerability Research and Development, and Outreach. Vulnerability Research and Development develops ways to identify “Zero-Day” security issues in the platforms and operating systems our customers depend on. By doing this in a programmatic, repeatable fashion, they identify new methods to find and defend against security issues. Outreach programs involve researching, identifying, and communicating new trends our adversaries are using to compromise victims. SUPERIOR PROTECTION BREADTH AND DEPTH OF SECURITY COVERAGE Protecting your network requires both breadth and depth of coverage. While some research teams limit their focus to a few areas, Talos is dedicated to helping provide protection against
  • 2. page 2 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com SOFTWARE SUPPORTED BY TALOSan extensive range of threats. Talos' threat intelligence supports a wide range of security solutions including Next-Generation IPS (with and without integrated application control), Next-Generation Firewall and AMP (our advanced malware analysis and protection), Email Security Appliance, Web Security Appliance, and ThreatGrid, as well as numerous open source and commercial threat protection systems. Customers gain the unique benefit of the wide range of Cisco security products feeding into the Talos Threat feed. This allows Talos' intelligence and threat research to be deployed in any type of environment to protect any type of asset. EMAIL SECURITY It comes as no surprise that Talos has a unique insight into email based threats due to SenderBase© and SpamCop© . The additional perspective obtained through our diverse customer base allows us to address and identify threats with unparalleled speed and agility. Each day we inspect over 300 billion emails; drawing on layering detection technologies (like outbreak filters and machine-learning based reputation filters), along with Cisco’s Advanced Malware Protection (AMP). With all of the features combined, Talos blocks approximately 200 billion malicious emails a day, or 2.3 million blocks per second. UNMATCHED WEB VISIBILITY Cisco web security technologies have a reputation for detecting and identifying new and emerging web exploitation techniques. The Angler exploit kit for example compromises users with a success rate of 40% making it one of the most effective ways of compromising users on the internet. Talos has insight into nearly 17 billion web requests each day, drawing on multiple protection methods including our AMP technology to protect our users. PROVEN IPS VULNERABILITY-BASED PROTECTION Talos is well known in the industry for its excellence in detecting the myriad of vulnerabilities, exploits, and malware that emerge daily. Using high quality, rapid releases, we keep our customers up-to-date with vulnerability-based protections for the latest threats. While other vendors claim similar coverage, only Talos has proven time and time again in third-party validation that our detection content is top notch. For the last seven years Talos has led the NSS Labs Network IPS test in detection rate. ADVANCED MALWARE PROTECTION Keeping customers safe against the onslaught of malware requires innovative and rapidly advancing detection technol- ogies and content. Additionally, it requires massive amounts of intelligence gathering, reverse engineering, and analytics to wade through this mountain of data and turn it into actionable information. Talos utilizes all of this information to develop malware protections, post-compromise protection, reputation services, and analysis tools to locate threats as they appear “in the wild”. These capabilities are driven back into all Cisco's products for protecting hosts, mail gateways, and network assets — truly protecting customers, Before, During, and After the threat. COMPREHENSIVE INTELLIGENCE ACTIONABLE COMMUNITY-DRIVEN THREAT DATA The core component of any holistic security strategy is solid, actionable intelligence. Over the last 10 years Talos has built one of the most comprehensive intelligence-gathering and analysis platforms in the industry. Through the ClamAV™, Snort® , Immunet™, SpamCop© , SenderBase© , Threat Grid™, and Talos user communities, Talos receives valuable intelligence that no other security research team can match. In addition, through collaboration with users and customers around the globe through our Crete (formerly SPARK) program, Talos is able to detect regionalized and language specific threats as they emerge. Talos tracks threats across end points, networks, cloud environments, web, and email providing a comprehensive understanding of cyber threats, their root causes, and scopes of outbreaks.
  • 3. page 3 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com ACCESS TO VULNERABILITY INFORMATION Talos also analyzes numerous public and private intelligence feeds every day, looking for new threats, and acting on that information in real-time to develop new detection content. In addition, industry partnerships like the Microsoft Active Protection Program (MAPP) allow Talos to quickly and effectively handle new Microsoft and Adobe targeted threats, releasing our detection on the same day as Microsoft patches. This allows our customers to protect their critical assets with network and host-based protection, while they test and deploy these new patches. INNOVATIVE DETECTION TECHNOLOGIES FLEXIBLE DEFENSIVE TECHNOLOGIES FOR DYNAMIC ENVIRONMENTS The threat landscape has evolved from buffer overflows in network services, to complex client side attacks targeting browsers and files. As attacks change, so must the defensive technologies used to detect them. Talos is constantly working on new detection technologies that push the envelope of today’s detection mechanisms, while keeping them agile enough to be quickly adapted to tomorrow’s threats. ANTICIPATING THREATS It is one thing to respond to new threats, it is another to protect against new ones. Talos is constantly searching for new vulnerabilities and threats that could affect our customers. When new vulnerabilities are discovered, Talos releases rules to protect against these Zero-Day threats while the affected vendors develop and test their patches. With these protections, Talos customers can control the threat while waiting for protections from their vendors. Talos is also actively engaged in locating new malicious websites, botnet command-and-control servers, and other malicious sites on the Internet. Once located, this information is cataloged and consolidated into comprehensive IP blacklists and URL filtering feeds, which are distributed to our customers as well as shared with industry partners in order to make the internet a safer place. Talos pulls data from millions of users worldwide, honeypots, sandboxes, and extensive industry partnerships, collecting more than 1.1 million unique malware samples a day. USERS SANDBOXES PARTNERS HONEY POTS EXAMPLES OF TALOS 0-DAY THREAT PROTECTION: ■■ TALOS-2015-0024 – Total Commander ■■ TALOS-2015-0018 – Apple Quicktime ■■ VRT-2014-0301 – Microsoft Windows FastFAT REAL-TIME MALWARE INTELLIGENCE Through compiling data acquired from the millions of users worldwide, along with honeypots, sandboxes, and extensive industry partnerships in the malware community, Talos collects more than 1,100,000 malicious software samples a day. Our advanced analysis infrastructure automatically analyzes these samples and rapidly generates detection content to mitigate these threats on a daily basis. This allows us an amazing in- sight into the threat landscape and an unparalleled perspective as our adversaries attempts to compromise users. THREAT RESEARCH Whether identifying new malware families targeting point- of-sale terminals like PoSeidon, widespread malvertising networks like “Kyle and Stan”, or even threats that pose a risk to core services on the Internet like "SSHPsychos", Talos can be counted on to identify, research, and document their adversaries. During every investigation Talos identifies multiple ways customers can defend against threats. We pride ourselves on not only identifying and remediating the issue at hand but also on identifying all facets of the adversaries criminal network, even if they are associated with entirely separate malware campaigns. Cisco customers benefit by having this threat intelligence built into every product. Additionally this information is shared with the public via blogs, Snort rules, conferences, and white papers. By providing this information to as many people as possible we can help introduce obstacles for our adversaries.
  • 4. page 4 of 4© 2015 Cisco. All rights reserved. talos-external@cisco.com | talosintel.com Content URL Talos Website talosintel.com Talos Blog blogs.cisco.com/talos Talos Twitter twitter.com/talossecurity Talos YouTube Channel cs.co/talostube IRC Channels irc.freenode.net: #snort, #razorback, #clamav ClamAV Website clamav.net ClamAV Blog blog.clamav.net Snort Website snort.org Snort Blog blog.snort.org Talos Rule Advisories snort.org/talos TRUSTED COMMUNITY EXTENDING YOUR TEAM Having a trusted place to turn when the going gets tough is essential to effective security. Without strong communication channels between security and response teams and trust- ed partners, it is impossible to stay up-to-date on the latest threats and solve your unique security problems. Talos believes we should be an extension of your security team. We don’t just push information at you, we want to have constructive conver- sations about your goals and how we can help you reach them. Talos has created several programs to help facilitate this task. INTELLIGENCE SHARING The Awareness, Education, Guidance, and Intelligence Sharing (AEGIS™) program was created specifically to interact with our customers and partners to help solve custom detection challenges in your specialized environments. AEGIS puts participating members of the security industry in direct contact with the Talos Threat Intelligence Team to help build custom detection content, improve security practices, gather feed- back on our products and services, and implement customer improvements to our products. It’s just one more way we help protect your network. The Crete program is a collaborative exchange between Talos and our Customers that provide us with real-world scenarios and traffic, while providing participating customers with lead- ing edge intel. INTERACTIVE INFORMATION Talos keeps in constant contact with our customers through numerous interactive channels. Talos, ClamAV, and Snort blogs are continually updated with information about the latest threats, how to create custom detection content, and in-depth analysis of the latest malware families. For a list of Talos resources and ways to interact with Talos, see the table below. KEEPING UP-TO-DATE Talos is responsible for the entire chain of Cisco detection and prevention, from intelligence-gathering, analysis, content creation, packaging and quality assurance, to end user delivery. Controlling this entire process allows Talos to rapidly deliver industry-leading detection content in the time frames neces- sary for defending against today’s latest threats. CONCLUSION Talos provides a uniquely comprehensive and proactive approach to protecting your network. With an enviable track record for success and leadership in the security industry, team members are focused on providing high-quality, customer-driven security research that sets the bar for accuracy and relevance. For Talos customers, these skills and research translate directly into award-winning products and services. Even if you’re not a Talos customer, you will reap the benefits provided by Talos’ research efforts. With a unique and enduring commitment to an open source model, and a continuing stream of research papers, presentations, blog posts and more, Talos makes high-impact, effective knowledge and tools available to the entire community. It’s a record and a legacy - one that is unmatched in the industry.