ENDPOINT PROTECTION PROJECT 2014 Presentation to CTSC.

Slides:

Advertisements

Similar presentations

The Threat Landscape Jan Threat Report 2.

Advertisements

By Hiranmayi Pai Neeraj Jain

The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

7 Effective Habits when using the Internet Philip O’Kane 1.

The ABC’s of Identity Theft Part One in a multi-part series of overviews on Disaster Avoidance, Business Continuity and Disaster Recovery.

Security for Today’s Threat Landscape Kat Pelak 1.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

Controls for Information Security

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.

 Norton Antivirus, developed and distributed by Symantec Corporation, provides malware prevention and removal during a subscription period. It uses signatures.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

10 Tips for keeping MCL safe 1. Set up your defenses. Do you have adequate firewalls and antivirus software to protect you from hackers who could steal.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

Introducing Quick Heal Endpoint Security 5.2. “Quick Heal Endpoint Security 5.2 is designed to provide simple, intuitive centralized management and control.

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Telling the right story Confidential © Bloor Research 2010 …optimise your IT investments Click to edit Master subtitle style Malware—taking protection.

Virus & Anti-Virus Itthiwat Phiphopsukhawadee M.2/7 No.5 Saranpat Prasertthum M.2/7 No.17 Korakrit Laotrakul M.2/7 No.23 Pesan Kasemkitjanuwat M.2/7 No.25.

Staying Safe Online Keep your Information Secure.

Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.

Talking points Attacks are more frequent, more aggressive, require more time to repair and prevent Machines get compromised in 2003 for the same reasons.

Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.

1. Self Awareness You should only access your accounts and private informations from a safe location (only at home as necessary if at all possible) where.

Computer & Network Security

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

Complete Security. Threats changing, still increasing Data everywhere, regulations growing Users everywhere, using everything We’re focused on protecting.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

ANTIVIRUS SOFTWARE.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software,

ENDPOINT PROTECTION PROJECT 2014 Presentation to CTSC 5 February 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.

1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1.

Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.

Antivirus software.

What is Spam? d min.

Social Engineering © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.

Sky Advanced Threat Prevention

Secure  Message interception (confidentiality)  Message interception (blocked delivery)  Message interception and subsequent replay  Message.

Viruses. Learning Objectives: At the end of this lesson you should be able to:

CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.

Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.

1 Sophos Security made simple. Steven Hecht Channel Account Executive Andy Miller Enterprise Account Manager

VIRUSES & ANTI- VIRU-SES. WHAT IS A COMPUTER VIRUS? A computer virus is a small software program that spreads from one computer to another computer and.

HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,

Sophos Central for partners and customers: overview and new features

BUILD SECURE PRODUCTS AND SERVICES

Intercept X Early Access Program Root Cause Analysis

Threat Management Gateway

Data Security Team 1.

Cyber Defense Matrix Cyber Defense Matrix

Intercept X Early Access Program Root Cause Analysis

Secure once, run anywhere Simplify your security with Sophos

Implementing Client Security on Windows 2000 and Windows XP Level 150

Incident response and intrusion detection

Norton Customer Service Phone Number, Tel- (+1)

Presentation transcript:

ENDPOINT PROTECTION PROJECT 2014 Presentation to CTSC

QUICK TOUR Why do we need protection at all? What forms might those protections take? The project that started this Questions for you to consider

MALWARE ATTACK VECTORS Document attachments Malicious URLs Websites USB Sticks Other network attacks

ANTIVIRUS EFFECTIVENESS 2012 Study at University of Alabama at Birmingham Looked at top threats over 30 days Submitted malware to virustotal.com Results: Average detection rate: 25% One week later, avg. detection rate: 66% Our experience for post-incident malware detection: 12% Beware of market differentiation Norton catches more than SEP, but false positive rate is higher.

KEY DEFENSE STRATEGIES Vulnerability and Patch Secunia Control of Admin Rights We do this Application Control Requires clients are managed – involves “trusted sources of change” Isolation URL Filtering Browser isolation (market not mature)

SEP TO SCEP PROJECT Originated as IST internal project Recommend for or against renewal of Symantec contract (from IST POV) RFP explicitly out of scope

WNAG EP SUBGROUP First meeting Project/group pages at technology/about/organizational- structure/information-security- services/examining-sep-replacements technology/about/organizational- structure/information-security- services/examining-sep-replacements Still determining scope

WHAT HAS ISS-SOC BEEN DOING? Assumption: by the time traffic hits the endpoints, it’s already too late. Fact: not every infection is reported to IST. Result: building out network-based intrusion detection and analytics.

QUESTIONS FOR CTSC Does campus: Rely on off-host protection exclusively Combine on-host protection with off-host All-in with on-host protection All-in on vendor “single pane of glass” type solutions And does it need to be one size fits all?

FINAL THOUGHTS Endpoint Protection != Antivirus If something happens but it isn’t reported, what then? Implications of work-from-home