Four Generations of Security Devices Putting IDS in Context

Slides:

Advertisements

Similar presentations

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.

Advertisements

Security Life Cycle for Advanced Threats

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

LA BEOC Built Through Public – Private Collaboration.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

David Flournoy Bit9 Mid-Atlantic Regional Manager

Controls for Information Security

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

1 S1 Lockheed Martin. 2 S Define I & W and Relate To Cyber Define I & W and Relate To Cyber Is Cyber Indications and Warning Unique? Is Cyber Indications.

Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.

IS3220 Information Technology Infrastructure Security

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

Koustav Sadhukhan, Rao Arvind Mallari and Tarun Yadav DRDO, Ministry of Defense, INDIA Cyber Attack Thread: A Control-flow Based Approach to Deconstruct.

1 Cyber Security In-The-Large Ed Lazowska Bill & Melinda Gates Chair in Computer Science & Engineering University of Washington October 12, 2005.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

Understanding and breaking the cyber kill chain

Proactive Incident Response

Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.

Center of Excellence in Cyber Security

Vikas Uberoy -Channel Director ANZ

Cyber Security: State of the Nation

Intelligence Driven Defense, The Next Generation SOC

Wenjing Lou Complex Networks and Security Research (CNSR) Lab

ATD session 2: compliancy versus mission assurance

Panel Discussion Can We Handle an Advanced Cyber Threat?

Closing the Breach Detection Gap

SEC 572 Competitive Success/snaptutorial.com

CIS 333Competitive Success/tutorialrank.com

SEC 572 Enthusiastic Studysnaptutorial.com

CIS 333 RANK Lessons in Excellence-- cis333rank.com.

SEC 572 Education for Service-- snaptutorial.com.

CIS 333 Education for Service-- tutorialrank.com.

CIS 333 RANK Education for Service-- cis333rank.com.

SEC 572 Teaching Effectively-- snaptutorial.com

I have many checklists: how do I get started with cyber security?

Threat Landscape for Data Security

Cyber Threat Landscape

CompTIA Security+ Study Guide (SY0-501)

Cyber Defense Matrix Cyber Defense Matrix

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 21 March 2018.

Cybersecurity at PJM Jonathon Monken

Home Internet Vulnerabilities

Enterprise Services & Integration Directorate

The University of Adelaide, School of Computer Science

Shifting from “Incident” to “Continuous” Response

The Next Generation Cyber Security in the 4th Industrial Revolution

Security as Risk Management

Chapter 4: Protecting the Organization

How to Mitigate the Consequences What are the Countermeasures?

Faculty of Science IT Department By Raz Dara MA.

Implementing Client Security on Windows 2000 and Windows XP Level 150

Cybersecurity ATD technical

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 26 September 2018.

Cybersecurity at PJM Jonathon Monken

Houston Code Wars Bob Moore March 2, 2019 WWAS 2019 | Confidential.

Cloud Computing for Wireless Networks

Presentation transcript:

Four Generations of Security Devices Putting IDS in Context Arun Sood Prof Computer Science Director International Cyber Center

All Rights Reserved - SCIT Labs Confidential and Proprietary Four Generations of Security Products 4th Generation Resilience Restoration Recovery 3rd Generation Intrusion Tolerance Survivability Situational Awareness Hardening of OS 2nd Generation Firewall IDS VPN DLP Perimeter Defense 1st Generation Trusted Computing Access Control List Cryptography All Rights Reserved - SCIT Labs Confidential and Proprietary

All Rights Reserved - SCIT Labs Confidential and Proprietary Cyber Threat Observations Intrusions are inevitable Intruders stay in systems for days, weeks, months Current servers are “sitting ducks SCIT Focus All Rights Reserved - SCIT Labs Confidential and Proprietary

All Rights Reserved - SCIT Labs Confidential and Proprietary Cyber Kill Chain Another way to think through the issues, is to look at the Kill Chain. Lockheed Martin CIRT identified the sequential chain of events that are required to successfully complete its targeted mission. The events are divided into 3 broad categories: Pre-compromise Compromise Post-compromise The prevention and detection systems focus on pre-compromise - Reconnaissance – Attacker research Weaponization – Attacker creates malware to fit the situation Delivery – Launch a phishing or similar attack In the Compromise stage, the attacker malware exploits the vulnerability and the malware operations are launched. In the Post Compromise stage, Attacker controls the system and can now make lateral moves to exploit additional systems in the network As the malware gets embedded in the system the risk increases, potential for damage increase and cost to remediate increases. Hence the goal of SCIT technology is to make the malware ineffective. All Rights Reserved - SCIT Labs Confidential and Proprietary

All Rights Reserved - SCIT Labs Confidential and Proprietary Integrated Mitigation Framework GET IN STAY IN ACT All Rights Reserved - SCIT Labs Confidential and Proprietary

Reduce Cost of Security – Increase the Adversary Expense High Adversary Cost/expense Low Low High Level of adversary access/privilege “Impact”

What About Cloud? Public, private and hybrid cloud Is cloud more secure than data center? Where is the data located? What about the cyber security implications? Build your own cloud Cloud may get more security with fewer people