VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. Insider Threats Malice, Mistakes,

Slides:



Advertisements
Similar presentations
Presented by Nikita Shah 5th IT ( )
Advertisements

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Mr C Johnston ICT Teacher
SPEAKER BLITZ ERIC BROWN Senior Systems Engineer NICK JAVANOVIC DoD Regional Sales Manager.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 9: Privacy, Crime, and Security
Cyber Attack Scenario Overview Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Wardriving 7/29/2004 The “Bad Karma Gang”. Agenda Introduction to Wardriving The Tools of Wardriving Wardriving Green Lake.
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon
Network security policy: best practices
ELIMINATING DATA SECURITY THREATS Presented by: Michael Hartman Varonis Systems. Proprietary and confidential.
Module 8: Implementing Administrative Templates and Audit Policy.
Opening SharePoint to External Users.  Centralize all files  Eliminate the need for Matching Subs RFI’s to our RFI’s (Dan Campbell, ETC)  Create a.
Threats to I.T Internet security By Cameron Mundy.
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
Desktop 1 Owning the Desktop: Is.edu like.com? Scott Bradner Harvard University University Technology Security Officer 28 June 2006.
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.
VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
Intrusion Detection Presentation : 1 OF n by Manish Mehta 01/24/03.
Cloud Security Julian Lovelock VP, Product Marketing, HID Global.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
BUSINESS B1 Information Security.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
Troubleshooting Windows Vista Security Chapter 4.
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Leveraging Information to Detect and Prevent Insider Attacks Phoram Mehta Senior.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. Eliminating Data Security Threats.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
2015 Security Conference Dietrich Benjes VP UK, Ireland & Middle East.
MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.
Brandon Traffanstedt Systems Engineer - Southeast
Part 1: Corporate Operational benefits, Non-technical information for FSOs and ISSMs/ISSOs Part 2: Technical Tips on how to conduct a better audit review.
Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.
Why SIEM – Why Security Intelligence??
How to Make Yourself More Secure Using Public Computers and Free Public Wi-Fi.
©2014 Check Point Software Technologies Ltd Security Report “Critical Security Trends and What You Need to Know Today” Nick Hampson Security Engineering.
Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon
Protect your Digital Enterprise
Stopping Attacks Before They Stop Business
Threat Modeling for Cloud Computing
PHISHING Hi, The comms team asked if I could refresh everyone about Phishing after a fairly successful phishing circulated last week that led to.
Do you know who your employees are sharing their credentials with
Common Methods Used to Commit Computer Crimes
Forensics Week 11.
Presented by: Brendan Walsh Manager, Security and Access Management
Varonis Overview.
PRIVILEGED ACCOUNT ABUSE
Microsoft Ignite /18/2019 7:21 AM
Protecting your data with Azure AD
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Navigating GP Security
Information Protection
Microsoft Data Insights Summit
STEALTHbits Technologies, Inc.
Information Protection
Presentation transcript:

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. Insider Threats Malice, Mistakes, and Mountain Lions

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL2 Where to get the slides

The Varonis Origin Story

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL4 Agenda What is an insider breach? Real world breaches: stats and examples Everyday vs headline risks 6 tips for mitigating insider threats

The Varonis Origin Story

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL6 The Script Get inside (if not there already) Snoop around Exfiltration Get the data out without sounding alarms Enumerate current access; attempt to elevate Visa cards anyone? Usually done by phishing or social engineering PS C:\Users\eddard> findstr /r "^4[0-9]{12}(?:[0-9]{3})?$"

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL7 By the Numbers

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL8 Privilege Abuse

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL9 Our Own Worst Enemy

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL10 Snooping Behind the Firewall

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL11 Target as a Target $162 million breach Lots of fancy tools watching the perimeter (candy bar syndrome) “[…] spokeswoman, Molly Snyder, says the intruders had gained access to the system by using stolen credentials from a third- party vendor”

Risk and Irrational Biases

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL13 Fear and Frequency Large university 146,000 student records, including SSNs, exposed Cause? Copy/paste

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL14 Focus on Frequency

They got in - so now what?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL16 6 Mitigation Tips 1. Eliminate Global Access 2. Eliminate Excessive Permissions 3. Alert on Privilege Escalations 4. Alert on Behavioral Deviations 5. Closely Monitor High-Risk People and Data 6. Setup Honeypots

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL17 Tip #1: Eliminate Global Access Locate groups like “Everyone” and “Authenticated Users” and replace them with tighter security groups How do I avoid cutting off legitimate access?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL18 Tip #2: Eliminate Excessive Permissions People and software! Figure out what people have access to but shouldn’t Amazon-like recommendations Auto-expire temporary access Periodically review entitlements

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL19 Tip #3: Alert on Privilege Escalations Do you know when someone gets root access?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL20 Tip #4: Alert on Behavioral Deviations Behavioral activity spikes ( , files, access denied) Monitor activity outside of normal business hours

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL21 Detecting Ransomware Alert on more than 100 file modify events from a single user in under a minute Alert triggers an action to: Notify IT admins Grab the username and machine Check the machine’s registry for key/value that CryptoLocker creates Get-Item HKCU:\Software\CryptoLocker\Files).GetValueNames() If value exists, disable user automatically: Disable-ADAccount -Identity $actingObject

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL22 Tip #5: Setup Honeypots Setup a shared folder that is open to everyone X:\Share\Payroll X:\Share\Confidential X:\Share\CEO See who abuses it

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL23 Tip #6: Monitor High Risk People and Data Alert or auto-quarantine sensitive data when it shows up in a public place Watch what root/domain admins are doing

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL24 Are you exposed? Free Threat Assessment

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL25 Key Findings from Express Assessment Data Risk Assessment Folders with Global Group Access 62% 672 users have non-expiring passwords Stale Data 15,132 Files containing US SSN Data KEY FINDINGS 12,000+ sensitive files with Global Group Access About 79% of all sensitive files 3.51% Folders with inconsistent permissions That is over 14,000 folders in your environment 14% of enabled user accounts are stale 652 Security groups with no users 37,825 Folders that have unresolved SIDs 3.74TB Amount of Stale Data 51,044 Folders contain Stale Data

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Thank you! Jeff Vogt - Systems Engineer Kris Krustchinsky – Sales Representative, Corporate Jae Shin – Sales Representative, State/Local/Edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.