2015 Security Conference Dietrich Benjes VP UK, Ireland & Middle East.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

© 2008 Carnegie Mellon University Preventing Insider Threats: Avoiding the Nightmare Scenario of a Good Employee Gone Bad Dawn Cappelli October 31, 2008.

SPEAKER BLITZ ERIC BROWN Senior Systems Engineer NICK JAVANOVIC DoD Regional Sales Manager.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

Cyber Attack Scenario Overview Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile.

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Wardriving 7/29/2004 The “Bad Karma Gang”. Agenda Introduction to Wardriving The Tools of Wardriving Wardriving Green Lake.

Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.

Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon

Network security policy: best practices

ELIMINATING DATA SECURITY THREATS Presented by: Michael Hartman Varonis Systems. Proprietary and confidential.

Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.

VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

Intrusion Detection Presentation : 1 OF n by Manish Mehta 01/24/03.

Cloud Security Julian Lovelock VP, Product Marketing, HID Global.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

Dell Connected Security Solutions Simplify & unify.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

Troubleshooting Windows Vista Security Chapter 4.

© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Leveraging Information to Detect and Prevent Insider Attacks Phoram Mehta Senior.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX.

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. Eliminating Data Security Threats.

INGOTs Computer Security Name: Elliot Haran. Introduction  Staying safe on the internet  Learning to deal with Cyber Bullying, Stalking and grooming.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

Brandon Traffanstedt Systems Engineer - Southeast

Computer Security By Duncan Hall.

Part 1: Corporate Operational benefits, Non-technical information for FSOs and ISSMs/ISSOs Part 2: Technical Tips on how to conduct a better audit review.

Is Federation Putting you at Risk? Presenter: Dan Dagnall – Chief Operating Officer, Fischer International Identity, LLC.

1 Current Trends in Enterprise IT Network Security Key Takeaways Based on 100 Survey Responses © 2016 Lumeta Corporation.

Why SIEM – Why Security Intelligence??

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. Insider Threats Malice, Mistakes,

©2014 Check Point Software Technologies Ltd Security Report “Critical Security Trends and What You Need to Know Today” Nick Hampson Security Engineering.

Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon

Protect your Digital Enterprise

Stopping Attacks Before They Stop Business

Advanced Endpoint Security Data Connectors-Charlotte January 2016

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

Threat Modeling for Cloud Computing

Six Steps to Secure Access for Privileged Insiders and Vendors

Do you know who your employees are sharing their credentials with

Common Methods Used to Commit Computer Crimes

Threats to computers Andrew Cormack UKERNA.

Six Steps to Secure Access for Privileged Insiders and Vendors

Joe, Larry, Josh, Susan, Mary, & Ken

Forensics Week 11.

Presented by: Brendan Walsh Manager, Security and Access Management

Varonis Overview.

PRIVILEGED ACCOUNT ABUSE

Information Social Access Mapping: Who is doing what with data?

Microsoft Ignite /18/2019 7:21 AM

Cyber Security - Protecting Information

Protecting your data with Azure AD

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

STEALTHbits Technologies, Inc.

Presentation transcript:

2015 Security Conference Dietrich Benjes VP UK, Ireland & Middle East

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. Insider Threats Malice, Mistakes, and Mountain Lions

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL3 About Varonis Started operations in 2005 Over 3000 Customers (as of September, 2014) Software Solutions for Human Generated Data

The Varonis Origin Story

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL5 Agenda The anatomy of insider breaches Real world breaches: stats and examples Our irrational biases about risk 6 tips for mitigating insider threats

The Varonis Origin Story

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL7 The Script Get inside (if not there already) Snoop around Exfiltration Get the data out without sounding alarms Enumerate current access; attempt to elevate Visa cards anyone? Usually done by phishing or social engineering PS C:\Users\eddard> findstr /r "^4[0-9]{12}(?:[0-9]{3})?$"

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL8 By the Numbers

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL9 Privilege Abuse

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL10 Our Own Worst Enemy

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL11 Snooping Behind the Firewall

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL12 Target as a Target $162 million breach Lots of fancy tools watching the perimeter (candy bar syndrome) “[…] spokeswoman, Molly Snyder, says the intruders had gained access to the system by using stolen credentials from a third- party vendor”

Risk and Irrational Biases

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL14 Fear and Frequency Large university 146,000 student records, including SSNs, exposed Cause? Copy/paste

A Story About Trees

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL16 Focus on Frequency

They’re in—now what?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL18 6 Mitigation Tips 1. Eliminate Global Access 2. Eliminate Excessive Permissions 3. Alert on Privilege Escalations 4. Alert on Behavioral Deviations 5. Setup Honeypots 6. Closely Monitor High-Risk People and Data

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL19 Tip #1: Eliminate Global Access Locate groups like “Everyone” and “Authenticated Users” and replace them with tighter security groups How do I avoid cutting off legitimate access?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL20 Tip #2: Eliminate Excessive Permissions People and software! Figure out what people have access to but shouldn’t Amazon-like recommendations Auto-expire temporary access Periodically review entitlements

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL21 Tip #3: Alert on Privilege Escalations Do you know when someone gets root access?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL22 Tip #4: Alert on Behavioral Deviations Behavioral activity spikes ( , files, access denied) Monitor activity outside of normal business hours

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL23 Detecting CryptoLocker Alert on more than 100 file modify events from a single user in under a minute Alert triggers an action to: Notify IT admins Grab the username and machine Check the machine’s registry for key/value that CryptoLocker creates Get-Item HKCU:\Software\CryptoLocker\Files).GetValueNames() If value exists, disable user automatically: Disable-ADAccount -Identity $actingObject

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL24 Tip #5: Setup Honeypots Setup a shared folder that is open to everyone X:\Share\Payroll X:\Share\Confidential X:\Share\CEO See who abuses it

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL25 Tip #6: Monitor High Risk People and Data Alert or auto-quarantine sensitive data when it shows up in a public place Watch what root/domain admins are doing Watch what contractors are doing

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL26 Where to get the slides

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL27 Free Threat Assessment

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Thank you!