Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Virtual Tour of SophosLabs Building next-generation protection

Published byTheodore Harrison Modified over 6 years ago

Similar presentations

Presentation on theme: "A Virtual Tour of SophosLabs Building next-generation protection"— Presentation transcript:

1 A Virtual Tour of SophosLabs Building next-generation protection
Fraser Howard Principal Researcher September 2016

2 Current Threat landscape SophosLabs Systems Layered Protection Demo
Agenda Current Threat landscape SophosLabs Systems Layered Protection Demo

3 Current Threat Landscape

4 Snapshot of 2016 Threat Landscape
150,000 Suspicious URLs seen & analysed daily 30,000 Malicious URLs daily, over 80% of which are from legitimate web sites 5 million Spam messages daily across 20 countries Malware samples added to Live Protection cloud daily 400,000 Previously unseen files received daily 2,000 Previously unseen Android apps daily 600 million Live Protection lookup events added to Hadoop cluster 50% Of detections based on small number of samples

5 Impact on security Automation Visibility Layered protection
Automated dynamic analysis Cloud response Visibility Track active campaigns Monitor protection levels Layered protection Protection technologies Application control

6 Roles & Responsibilities
SophosLabs Roles & Responsibilities Global Team Real-time response to incidents 24/7/365 operation Threat Response Deep expertise into threats & attacks Create powerful protection solutions Threat Research Build bespoke systems to automate threat analysis & response Enable SophosLabs to scale Automation development Ensure effectiveness & quality of releases Own risk management Quality Assurance Abingdon Vancouver Budapest Ahmedabad Sydney

7 SophosLabs Team Structure
Heuristic rules Advanced detection Customer escalations Anti-spam Android OSX Unix/Linux Android, Linux & Mac Files, URLs, IPs, certs Whitelisting Classifiers Automation Reputation Services Windows malware, PUAs, AppC TFT Unpacking Frameworks Generic Detection Runtime detections (CX, HIPs, mem) Web (CXweb) (CXmail) Dynamic Detection APTs Exploits New, niche threats Knowledge gain Emerging Threats Snort IPS data IPS automation C2 signatures Network Security

8 SophosLabs Systems (live!)

9 Web distributed threats
Visibility campaigns Web distributed threats Global spam traps Real-time picture of spam Phish Scams Meds Malware distribution Social engineering Education? The Web – all about content delivery, good or evil. Millions of pages scanned each day Telemetry provides visibility into malicious activity Track attacks Monitor Exploit Kits

10 Attack Demo: Spam campaign delivering Locky ransomware

11

Download ppt "A Virtual Tour of SophosLabs Building next-generation protection"

Similar presentations

The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Copyright 2012 Trend Micro Inc. Raimund Genes, CTO Innovation In Cloud Security.

Copyright 2012 Trend Micro Inc. Raimund Genes, CTO Innovation In Cloud Security.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
[Name / Title] [Date] Effective Threat Protection Strategies.

[Name / Title] [Date] Effective Threat Protection Strategies.
1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.

1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.
May 19-20 l Washington, DC l Omni Shoreham The ROI of Messaging Security JF Sullivan VP Marketing, Cloudmark, Inc.

May l Washington, DC l Omni Shoreham The ROI of Messaging Security JF Sullivan VP Marketing, Cloudmark, Inc.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.

Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.

Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.
Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.

Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.

Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.
Mario Vuksan CEO PROPRIETARY INFORMATION THREAT ANALYSIS LABS HAVE NEVER BEEN WORKING HARDER #SINET Connection.

Mario Vuksan CEO PROPRIETARY INFORMATION THREAT ANALYSIS LABS HAVE NEVER BEEN WORKING HARDER #SINET Connection.
© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted Email & Web Traffic at the Perimeter.

© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted & Web Traffic at the Perimeter.
Synchronized Security Revolutionizing Advanced Threat Protection

Synchronized Security Revolutionizing Advanced Threat Protection
Title of Presentation DD/MM/YYYY © 2015 Skycure 1 1 1 Why Are Hackers Winning the Mobile Malware Battle.

Title of Presentation DD/MM/YYYY © 2015 Skycure Why Are Hackers Winning the Mobile Malware Battle.

Similar presentations

Ads by Google