Presentation is loading. Please wait.

Presentation is loading. Please wait.

Faizel Lakhani | President & COO

Similar presentations


Presentation on theme: "Faizel Lakhani | President & COO"— Presentation transcript:

1 Faizel Lakhani | President & COO
SS8 BreachDetect Faizel Lakhani | President & COO

2 Vulnerability Weaponized
The Current Model Traditional threat intelligence feeds raise alarms when known threats are detected in the future Some offer a very short window to go backwards to determine if the vulnerability was used to access the network Your Exposure Your visibility to this vulnerability History Vulnerability Weaponized Malware Discovered Threat Definition

3 Vulnerability Weaponized
The SS8 Difference Time Machine for Breach Detection SS8 identifies when vulnerabilities were exploited in the past. We alert you to those vulnerabilities being exploited now and in the future. Leading threat intelligence feeds Your Exposure Your visibility to this vulnerability Your visibility to this vulnerability History Vulnerability Weaponized Threat Definition Malware Discovered

4 Introducing SS8 BreachDetect
Time Machine for Breach Detection Lightweight Sensors Learning Analytics Automated Discovery Application-aware sensors deploy on the network to generate High-Definition Records (HDRs) that can be stored for years Enriches, analyzes, learns, and matches HDR data with user, device and threat intelligence information Simplified workflows and visualization built for the security analyst take the guesswork out of hunting for breaches

5 BreachDetect at Work Find breaches now you didn’t know about before
Firewall Anti-Malware Intrusion Detection Anti-Virus Web session from to using Internet Explorer on a Windows 8.1 computer session from to with attachment, “Your Benefits Statement.pdf” File upload using Dropbox over HTTPS from to , “employee information.pdf” Uncovered as a Command and Control Network Uncovered weeks later as a Phishing Attack Found to be a source of Malware installation

6 Differentiators 1 Workflows Built for Breach Hunting

7 HIGH-DEFINITION RECORDS (HDRs)
Differentiators 2 HDRs Provide App-Level Visibility Layer 7 intelligence (not NetFlow) Decodes thousands of protocols 10 million HDRs processed per second HIGH-DEFINITION RECORDS (HDRs) Date Time User Device App Attachment Size 23:22:16 John Locno iPhone - 140 kb 07:10:55 Dennis Li Dell Laptop book.doc 20 MB 10:30:03 Tim Blattly Dev Server prez2.zip 43.7 MB 09:20:02 Bill Simons MacBook results.ppt 3 MB 20:09:01 Sandy Stall 198 kb

8 Conventional Packet Storage
Differentiators 3 Extensive Data Storage for Retrospection Full Packets, and Coarse or No Metadata Conventional Packet Storage 2 Weeks of Data No Enrichment with Device or User Information - Investigation-grade, High-Definition Records from Every Packet Enrichment with User and Device information + 8-10 Years of Data

9 HDRs 4 Differentiators Network, Device, Identity, Application
Not just replaying history, learning from and applying it HDRs Network, Device, Identity, Application Threat Feeds SS8 Applies Today’s Knowledge to History SS8 Supports Any Threat Feeds Other devices with the same connections? Did any employees go to newly learnt malvertising sites? SAP ThreatDetect, AlienVault, iSIGHT Partners, Critical Stack, and more… Did anyone else receive this same phishing and attachment? Did anyone take advantage of this vulnerability in the past?

10 Thank You


Download ppt "Faizel Lakhani | President & COO"

Similar presentations


Ads by Google