Download presentation
Presentation is loading. Please wait.
Published byKelly Pope Modified over 8 years ago
1
An Introduction to Deception Based Technology Asif Yaqub Nick Palmer February 5, 2016
2
TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. BUSINESS OVERVIEW Who We Are – TrapX is a leader in deception based cyber security defense – Founded in 2011 – Channels and MSSP’s support our global 2000 customers What We Do – Deceive, detect and defend against zero day and APT malware in real-time – Deliver accurate insight into malicious activity and malware unseen by other cyber defense – Change the economics of cyber defense by shifting the cost to the attacker
3
TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. WHEN PERIMETER DEFENSES FAIL Defense & Mitigation Deception & Detection & Analysis Prevention DEFEND BEYOND THE PERIMITER Did something get in? What did they take? How did it happen? How do I stop it? Don’t let it happen
4
TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. Single Management Console Flexible deployment options (onsite/cloud) Analyst & Forensic interface Automatic static & dynamic analysis Automatic Tier 3 forensic reports Flexible deployment options (onsite/cloud) Simple Component Architecture Malware Trap Botnet Detector Flexible deployment options (virtual/physical) What is the DeceptionGrid™ VLAN 103 Core Switch VLAN 100 VLAN 101 VLAN 102 SPAN or TAP Firewall Step 1: Identify Malware Propagation Step 2: Detect Botnet and C&C Sandbox TSOC Botnet Detector Malware Traps TrapX Appliance Deploy Malware Traps Deploy Botnet Detector
5
TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. ADAPTIVE DEFENSE Phase 02 : TrapX Malware Trap. Captures the binary infection attempt from internal attacker at the VLAN level. TrapX DeceptionGrid™ Binary Upload TrapX Security Operations Console Analysis Report Binary Upload McAfee Advanced Threat Defense PHASE 01 : Infected host. Bypassed other security controls. Possibly a mobile user, laptop commuter, or infected by zero day. PHASE 03 : TrapX can feed the McAfee ecosystem with additional intelligence on who the infected endpoints are that are exhibiting the same behavior as the known bad actor. Facilitates immediate understanding of exposure inside the network. McAfee EMAIL GATEWAY McAfee WEB GATEWAY McAfee NETWORK IPS McAfee ePO and ENDPOINT AGENT McAfee ENTERPRISE SECURITY MANAGER McAfee NEXT GENERATION FIREWALL DXL (Data Exchange Layer) TIE (Threat Intelligence Exchange) DXL
6
TrapX Security - Confidential and Proprietary Copyright 2015 TrapX Security, Inc. The Demonstration Scenario
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.