Copyright 2009 Trend Micro Inc. Harish Agastya, Director Server Security Product Marketing Server Security Press Presentation.

Slides:

Advertisements

Similar presentations

Worry-Free Business Security 7

Advertisements

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.

1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.

BalaBit Shell Control Box

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

The Most Analytical and Comprehensive Defense Network in a Box.

11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Security Controls – What Works

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant Classification 8/27/

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.

[Name / Title] [Date] Effective Threat Protection Strategies.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.

FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.

The Most Analytical and Comprehensive Defense Network in a Box.

Dell Connected Security Solutions Simplify & unify.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Web Application Firewall (WAF) RSA ® Conference 2013.

Module 14: Configuring Server Security Compliance

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

Pre-Release Information Aug 17, 2009 Trend Micro Web Gateway Security InterScan Web Security Virtual Appliance v5 Advanced Reporting and Management v1.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

The Changing World of Endpoint Protection

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

Managed Security Vikas Khanduri CCIE#13516,CCSP,CCDP,CCNP,MCSE.

Copyright 2009 Trend Micro Inc. Beyond AV security, now with DLP and web protection. Trend Micro PortalProtect SharePoint Security.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

Sky Advanced Threat Prevention

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Role Of Network IDS in Network Perimeter Defense.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.

Why SIEM – Why Security Intelligence??

Unit 2 Personal Cyber Security and Social Engineering Part 2.

CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.

Security Log Visualization with a Correlation Engine: Chris Kubecka Security-evangelist.eu All are welcome in the House of Bytes English Language Presentation.

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

Copyright 2011 Trend Micro Inc. Securing Your Journey to the Cloud Data Center Evolution: Physical. Virtual. Cloud. 1.

Critical Security Controls

Infrastructure as a Service

Virtualization & Security real solutions

Security in Networking

Securing Your Virtual World

Healthcare Cloud Security Stack for Microsoft Azure

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Securing the Threats of Tomorrow, Today.

Healthcare Cloud Security Stack for Microsoft Azure

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Presentation transcript:

Copyright 2009 Trend Micro Inc. Harish Agastya, Director Server Security Product Marketing Server Security Press Presentation

Copyright 2009 Trend Micro Inc. Deep Security: Securing the New Server 2 Physical Servers under attack Servers virtual and in motion Virtualized Cloud Servers in the open 8/27/ Internal Training

Copyright 2009 Trend Micro Inc. Threat Environment More profitable $100 billion: Estimated profits from global cybercrime -- Chicago Tribune, 2008 More sophisticated, malicious & stealthy “95% of 285 million records stolen in 2008, were the result of highly skillful attacks” “Breaches go undiscovered and uncontained for weeks or months in 75% of cases.” -- Verizon Breach Report, 2009 More frequent "Harvard and Harvard Medical School are attacked every 7 seconds, 24 hours a day, 7 days a week.” -- John Halamka, CIO More targeted “27% of respondents had reported targeted attacks” CSI Computer Crime & Security Survey 3

Copyright 2009 Trend Micro Inc. “99.9% of records were compromised from servers and applications” 2009 Data Breach Investigations Report conducted by Verizon Business RISK Team 8/27/2015 4

Copyright 2009 Trend Micro Inc. High profile breaches May-2008: Security breach cost $12.6 million so far, including legal costs and fines from MasterCard and Visa. More >>More >> Dec-2008: PII of 1.5M customers & 1.1M Social Security Numbers. More >> More >> Aug-2007: Hackers placed software on the company’s network, and steal 45 M credit card #’s. Costs soar to $256 M. More >> Dec-2008: DNS hijacking puts 5,000,000 check processing accounts at risk. More >> May-2009: Hackers broke into 2 databases over a 6 month period, and exposed the data of 160,000+ students. More >>More >> Mar-2009: Hackers hijack PII for 45,000 employees & retirees. More >>More >>

Copyright 2009 Trend Micro Inc. Verizon 2009 Data Breach Investigations 8/27/2015 6

Copyright 2009 Trend Micro Inc. Compliance Imperative 7 More standards: PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST , MITS… More specific security requirements Virtualisation, Web applications, EHR, PII … More penalties & fines HITECH, Breach notifications, civil litigation DMZ consolidation using virtualisation will be a "hot spot” for auditors, given the greater risk of misconfiguration and lower visibility of DMZ policy violation. Through year-end 2011, auditors will challenge virtualized deployments in the DMZ more than nonvirtualized DMZ solutions. Neil MacDonald, Gartner, June 2009 ” “

Copyright 2009 Trend Micro Inc. Virtual Machines Need Specialized Protection 1. Same threats in virtualized servers as physical: –OS & Application vulnerabilities and Configuration errors allow Malware to attack & infect 2. Plus Dynamics of virtualisation causes some new challenges: –Dormant VMs –Resource contention –VM Sprawl –Inter-VM traffic –vMotion 8

Copyright 2009 Trend Micro Inc. Trend Micro Server Security Value Proposition For (target customer) organizations whose server security architecture must address the dynamic nature of their datacenter, including virtualisation and cloud computing, That (statement of need) need to continue to protect confidential data, ensure application availability, and meet compliance requirements, while recognizing perimeter defenses alone are no longer sufficient Trend Micro Server Security (category) is advanced server security software that comprehensively protects the server including the operating system, applications and data and allows systems to become self-defending. It (benefits) Prevents data breaches and business disruptions, and enables compliance and operational cost reductions. Unlike (competitors) vendors whose technology focus is solely limited to physical servers or the server file system Trend Micro (differentiators) addresses the challenging operational, security and compliance needs of today’s dynamic datacenter with superior platform support, comprehensive protection, greater operational efficiency, and tighter integration with existing investments. 8/27/2015 9

Copyright 2009 Trend Micro Inc. Trend Micro Deep Security 10 PHYSICAL VIRTUALCLOUD Deep Packet Inspection IDS / IPS Web App. Protection Application Control Firewall Integrity Monitoring Integrity Monitoring Log Inspection Log Inspection Advanced Server & application protection for: Malware Protection

Copyright 2009 Trend Micro Inc. Why They Buy: Plays for Deep Security Compliance –Reason to do it today –Internal compliance, security policy –External compliance, like PCI, FISMA, NERC, FDIC, SAS 70… –Detailed reporting, audit support Virtualisation Security –Reason to revisit security practices –Provides security necessary to achieve100% virtualisation –Enables mobility and evolution to cloud computing Defense in Depth / Business Continuity –Best practice –Preventing data breach and business disruption –Zero-day protection and virtual patching –Detecting suspicious activity 8/27/ Confidential

Copyright 2009 Trend Micro Inc. Deep Security 7 Modules 8/27/ Internal Training Deep Packet Inspection Enables IDS / IPS, Web App Protection, Application Control Examines incoming & outgoing traffic for: Protocol deviations Content that signals an attack Policy violations. Log Inspection Collects & analyzes operating system and application logs for security events. Rules optimize the identification of important security events buried in multiple log entries. Integrity Monitoring Monitors critical files, systems and registry for changes Critical OS and application files (files, directories, registry keys and values) Flexible, practical monitoring through includes/excludes Auditable reports Firewall Centralized management of server firewall policy Pre-defined templates for common enterprise server types Fine-grained filtering: IP & MAC addresses, Ports Coverage of all IP-based protocols: TCP, UDP, ICMP, IGMP …

Copyright 2009 Trend Micro Inc. Deep Security: Key benefits 13 Prevents Data Breaches & Business Disruptions Enables Compliance Supports Operational Cost Reductions  Shield vulnerabilities in web apps, enterprise apps OSs  Detect & block suspicious activity  Internal policies  PCI & other requirements  Detailed reports document prevented attacks & compliance status  Prioritize secure coding efforts  Manage unscheduled patching  Provides security necessary to realize virtualisation savings  Increased value from SIEM investments

Copyright 2009 Trend Micro Inc. Laura MaioHarish Agastya Questions?