©2012 Bit9. All Rights Reserved Peter Llorens, PERegional Sales Manager, FL, Caribbean & Latin America Julio GutierrezSales Engineer, FL, Caribbean & Latin America The Endpoints are the Target: Arm your Endpoints

Session Objectives 1. What is the problem? 2. What are the challenges for organizations? 3. What is the solution? 4. Key takeaways? 5. How can we help? 6. Questions?

what is the problem?

the assumption of breach the inevitability of compromise

Endless Stream of News

Endless Stream of Data Breaches Source: Information is Beautiful, January 2015www.informationisbeautiful.net

Malware Problem By The Numbers 66% of malware took months or even years to discover (dwell time) 1 69% of intrusions are discovered by an external party Verizon Data Breach Investigations Report 2. McAfee Threats Report: First Quarter Ponemon Institute 2013 Cost of a Data Breach Study $5.4M The average total cost of a data breach 3 155k The number of new malware samples that are seen daily 2

Incident Response is Too Slow and Expensive Threat discovery must be faster Incident response must become more affordable THIS IS NOT SUSTAINABLE Compromise happens in seconds Exfiltration starts within minutes It continues undiscovered for months Remediation takes weeks With the average incident response costs at $737,473 NetDiligence 2013 Cyber Liability & Data Breach Insurance Claims 2014 Verizon Data Breach Investigations Report

what is the Target?

The Endpoint Is The Target July 2014 “Organizations continue to spend a lot of money on network security solutions, but it’s the endpoint that is the ultimate target of advanced threats and attacks.”

what are the Challenges?

Protecting Yourself in Today’s World: Five Requirements Know what’s happening on every endpoint and server right now Visibility See and record everything; detect threats in real time without signatures Detection Stop attacks with customizable, proactive, signature-less techniques Prevention Use a recorded history to see an attack’s full kill chain; contain and stop attacks Response 1 You’re blind on your endpoints and servers 2 You can’t know what’s “bad” ahead of time 4 Traditional endpoint security doesn’t stop advanced threats 3 Incident response is too slow and expensive 5 Your network security doesn’t integrate with your endpoint security Integrate network and endpoint security for real-time response and prevention Integration

what is the Solution?

Know Good - Find Evil

Bit9 + Carbon Black: Full Security Lifecycle Coverage Prevention Stop attacks with proactive, customizable techniques Response Use a recorded history to see an attack’s full kill chain Detection Visibility Know what’s happening on every computer right now Detect attacks in real time without signatures Fixed-Function DevicesServersRemote UsersDesktops You need this for every machine

Where about AV?

Why are you still paying for AV?

I don’t have enough Resources?

Working Smarter Saves Smart Dollars,,, Performing continuous monitoring and live response can save you up to 97% in real money 90% of all alerts are from the same root cause – solve that and you’ll have order of magnitude less alerts the next day

What can we Learn?

Trends and Take Aways Shift in Focus Towards a Positive Security Model: Know Good: Find Evil Focus on the Endpoint Shift in Budgets away from AV and Network Sec to the Endpoint Breaches are no longer being viewed as an act of god - Have a strategy for the endpoint; Working Smarter and More Efficiently saves both Time and Money

©2012 Bit9. All Rights Reserved Reflections from the Field and Questions