Exchange Online Advanced Threat Protection

Slides:

Advertisements

Similar presentations

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.

Advertisements

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

IBM Security Network Protection (XGS)

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureSurf Protect your users when surfing the Internet.

CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.

Phishing and Intrusion Prevention Tod Beardsley, TippingPoint (a division of 3Com), 02/15/06 – IMP-201.

Sushant Rao, Senior Product Manager Emerging Threats: Stop Spam, Virus, and Phishing Outbreaks through End-to-End Attack Monitoring.

Director of Research, SANS Institute

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Hosted Security: Complete Protection With A Peace Of Mind Leonard Sim Client Services Manager – South Asia Symantec Hosted Services 1.

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

The Changing World of Endpoint Protection

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

“SaaS secure web and gateways frequently provide efficiency and cost advantages, and a growing number of offerings are delivering an improved.

© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted & Web Traffic at the Perimeter.

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.

Sky Advanced Threat Prevention

©2015 Check Point Software Technologies Ltd. 1 Website Watering Holes Endpoints are at risk in numerous ways, especially when social engineering is applied.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

No boundaries with Unified Web Security Solutions Steven Vlastra Sr. Systems Engineer - Benelux.

Blue Coat Cloud Continuum

©2014 Check Point Software Technologies Ltd Security Report “Critical Security Trends and What You Need to Know Today” Nick Hampson Security Engineering.

Understanding and breaking the cyber kill chain

Web Content Security Unlock the Power of the Web

Unit 3 Section 6.4: Internet Security

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Karsten Chearis Sales Engineer.

Anti-Spam Managing Spam with Kerio Connect

Advanced Endpoint Security Data Connectors-Charlotte January 2016

BUILD SECURE PRODUCTS AND SERVICES

A Virtual Tour of SophosLabs Building next-generation protection

Exchange Online Advanced Threat Protection

Web Content Security Unlock the Power of the Web

Sophos Intercept Next-Gen Endpoint Protection

Ilija Jovičić Sophos Consultant.

TMG Client Protection 6NPS – Session 7.

Barracuda Web Filtering Service

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Burke.

Active Cyber Security, OnDemand

Sophos Intercept Next-Gen Endpoint Protection

Microsoft Ignite /20/2018 8:09 AM BRK3023

Threat Management Gateway

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them David Hood Director of Technology Marketing.

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Bird Team Lead, Account Executive.

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Vanderhoff.

Complete Cloud Security

Jon Peppler, Menlo Security Channels

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Matthew Gardiner Product Marketing.

Demo Advanced Threat Protection

4 ways to stay safe online 1. Avoid viruses and phishing scams

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Andrew Cotton.

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Matthew Gardiner Product Marketing.

Real World Advanced Threat Protection

The Next Generation Cyber Security in the 4th Industrial Revolution

Symantec Web Isolation Secure Access to Uncategorized and Risky Sites Protect Your Most Privileged Users Prevent Phishing and Ransomware Attacks John Moore.

Secure once, run anywhere Simplify your security with Sophos

Office 365 Security & Compliance: Exchange Online Protection

Matt Langford, UNC Mike Hart, MSU Denver

Spear Phishing Awareness

Introduction to Symantec Security Service

Microsoft Üzleti Megoldások Konferencia 2005

Cybersecurity Simplified: Phishing

Cybersecurity Simplified: Ransomware

Presentation transcript:

Exchange Online Advanced Threat Protection

Evolving threat space Any new outbreak consists of two parts Original Virus or URL Mass Virus or URL infections Mass Virus or URL infections Virus and URL Outbreak New variant Any new outbreak consists of two parts Zero hour attack Elongated period of attack Traditional AV/AS cannot protect against zero day attack comprehensibly Attackers can go completely unnoticed during zero day attack

Evolving threat space Short-span attacks can be just minutes to hours Serial variant attacks Short-span attacks can be just minutes to hours Serial variant attacks generally repeat pattern every few hours T=0 T=5 T=10 T=15 T=100 Phisher creates malicious domain First phishing message sent Phishing message lands in user inbox Domain classified as malware on URL block lists User clicks on link in message Attacker can easily change the links in the message after mail is delivered

Exchange Online advanced threat protection Protection against unknown malware/virus Behavioral analysis with machine learning Admin alerts Time of click protection Real time protection against Malicious URLs Growing URL coverage Rich reporting and tracing Built-in URL trace Reports for advanced threats 4 pillars

Suspicious attachment Service architecture Safe Multiple filters + 3 antivirus engines with Exchange Online protection Malicious links Recipient Safe links rewrite Unsafe Suspicious attachment Detonation chamber (sandbox) Executable? Registry call? Elevation? ……? Sender

Safe attachments Protect against zero day exploits in email attachments by blocking messages Provides admins visibility into compromised users Leverages sandboxing technology IP + envelop filter Signature- based AV Blocking known exploits EOP user without ATP with ATP Antispam filter

Safe attachment—experience Admin sets policy Admin gets notification if message is blocked

Rewriting URLs to redirect to a web server Safe links IP + envelop filter Signature- based AV Blocking known exploits EOP user without ATP Antispam filter Rewriting URLs to redirect to a web server with ATP User clicking URL is taken to EOP web servers for the latest check at the “time of click” Web servers perform latest URL reputation check Protect against sites with malicious content, phishing sites Provides admins visibility into compromised users Rewriting the URLs to proxy them through another server

Safe links—experience Users notified if a malicious link is clicked in email Admin sets policy

Rich reporting and click trace Admins have complete visibility into who clicked on what links Reporting by file types and disposition

Purchasing Exchange Online ATP Customer Channel at launch ERP at launch All commercial customers Direct, CSP, Open, MPSA, and EA channels $2 per user per month Multi-tenant government customers Direct, Open, MPSA, and EA channels at an ERP of $1.75 per user per month at launch $1.75 per user per month Office 365 Government Community Cloud (GCC), and Office 365 Nonprofit customers Not available Office 365 Education Customers Direct, Open, and EES $1.40/ Faculty/month $.70/Student/Month