An Introduction to Deception Based Technology Asif Yaqub Nick Palmer February 5, 2016.

Slides:

Advertisements

Similar presentations

Nathan Labadie Systems Engineer, US-Central FireEye

Advertisements

Palo Alto Networks Jay Flanyak Channel Business Manager

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

The Most Analytical and Comprehensive Defense Network in a Box.

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 FireEye Overview John Bolger Manager Channels, US-Central FireEye.

Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel

Top of Content Box Line Subtitle Line Title Line Ruslans Barbasins| Territory Manager – CIS, Central Asia, Caucasus Leading The World Into Connected Security.

11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.

SPEAKER BLITZ ERIC BROWN Senior Systems Engineer NICK JAVANOVIC DoD Regional Sales Manager.

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 Next Generation Threat Protection Randy Lee– Sr. SE Manager.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

John Prisco President and CEO Triumfant, Inc. Our defenses are designed to defeat threats we have seen before. We have very little protection against.

Palo Alto Networks Modern Malware Cory Grant Regional Sales Manager Palo Alto Networks.

The Most Analytical and Comprehensive Defense Network in a Box.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

Classification 10/3/2015 Worry-Free Business Security 5.0.

Jeong, Hyun-Cheol. 2 Contents DDoS Attacks in Korea 1 1 Countermeasures against DDoS Attacks in Korea Countermeasures against DDoS Attacks in.

© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.

Pre-Release Information Aug 17, 2009 Trend Micro Web Gateway Security InterScan Web Security Virtual Appliance v5 Advanced Reporting and Management v1.

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

ANTIVIRUS SOFTWARE.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software,

The Changing World of Endpoint Protection

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

Network security Product Group 2 McAfee Network Security Platform.

Net Optics Confidential and Proprietary 1 Bypass Switches Intelligent Access and Monitoring Architecture Solutions.

Winning with Check point

© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted & Web Traffic at the Perimeter.

2015 Security Conference Dave Gill Intel Security.

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

Sky Advanced Threat Prevention

Cryptography and Network Security Sixth Edition by William Stallings.

Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August

1Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.Blue Coat Confidential – Internal Use Only COMPLETE LIFECYCLE APPROACH TO ADVANCED THREAT.

1Copyright © 2015 Blue Coat Systems Inc. All Rights Reserved. BLUE COAT SYSTEMS CORPORATE OVERVIEW May 2015.

©2015 Check Point Software Technologies Ltd. 1 Website Watering Holes Endpoints are at risk in numerous ways, especially when social engineering is applied.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Blue Coat Confidential Web and Mobile Application Controls Timothy Chiu Director of Product Marketing, Security July 2012.

© Copyright 2015 EMC Corporation. All rights reserved. 1 RSA FRAUDACTION DANIEL COHEN * FRAUDACTION ANTI-FRAUD SERVICES.

Introducing Dell SonicWALL Capture Advanced Threat Protection Service

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

1 Sophos Security made simple. Steven Hecht Channel Account Executive Andy Miller Enterprise Account Manager

No boundaries with Unified Web Security Solutions Steven Vlastra Sr. Systems Engineer - Benelux.

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,

Understanding and breaking the cyber kill chain

Advanced Endpoint Security Data Connectors-Charlotte January 2016

Sophos Intercept X Matt Cooke – Senior Product Marketing Manager.

Today’s cyber security landscape

Real-time protection for web sites and web apps against ATTACKS

TRITON APX SUITE DEMO Uvid u interfejs i funkcionalnosti

Jon Peppler, Menlo Security Channels

Strong Security for Your Weak Link:

Software-Defined Secure Networks in Action

Shifting from “Incident” to “Continuous” Response

Panda Adaptive Defense Platform and Services

Chapter 4: Protecting the Organization

Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.

Presentation transcript:

An Introduction to Deception Based Technology Asif Yaqub Nick Palmer February 5, 2016

TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. BUSINESS OVERVIEW Who We Are – TrapX is a leader in deception based cyber security defense – Founded in 2011 – Channels and MSSP’s support our global 2000 customers What We Do – Deceive, detect and defend against zero day and APT malware in real-time – Deliver accurate insight into malicious activity and malware unseen by other cyber defense – Change the economics of cyber defense by shifting the cost to the attacker

TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. WHEN PERIMETER DEFENSES FAIL Defense & Mitigation Deception & Detection & Analysis Prevention DEFEND BEYOND THE PERIMITER Did something get in? What did they take? How did it happen? How do I stop it? Don’t let it happen

TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. Single Management Console Flexible deployment options (onsite/cloud) Analyst & Forensic interface Automatic static & dynamic analysis Automatic Tier 3 forensic reports Flexible deployment options (onsite/cloud) Simple Component Architecture Malware Trap Botnet Detector Flexible deployment options (virtual/physical) What is the DeceptionGrid™ VLAN 103 Core Switch VLAN 100 VLAN 101 VLAN 102 SPAN or TAP Firewall Step 1: Identify Malware Propagation Step 2: Detect Botnet and C&C Sandbox TSOC Botnet Detector Malware Traps TrapX Appliance Deploy Malware Traps Deploy Botnet Detector

TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. ADAPTIVE DEFENSE Phase 02 : TrapX Malware Trap. Captures the binary infection attempt from internal attacker at the VLAN level. TrapX DeceptionGrid™ Binary Upload TrapX Security Operations Console Analysis Report Binary Upload McAfee Advanced Threat Defense PHASE 01 : Infected host. Bypassed other security controls. Possibly a mobile user, laptop commuter, or infected by zero day. PHASE 03 : TrapX can feed the McAfee ecosystem with additional intelligence on who the infected endpoints are that are exhibiting the same behavior as the known bad actor. Facilitates immediate understanding of exposure inside the network. McAfee GATEWAY McAfee WEB GATEWAY McAfee NETWORK IPS McAfee ePO and ENDPOINT AGENT McAfee ENTERPRISE SECURITY MANAGER McAfee NEXT GENERATION FIREWALL DXL (Data Exchange Layer) TIE (Threat Intelligence Exchange) DXL

TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. The Demonstration Scenario