Presentation is loading. Please wait.

Presentation is loading. Please wait.

Four Generations of Security Devices Putting IDS in Context

Published byHelena Harper Modified over 6 years ago

Similar presentations

Presentation on theme: "Four Generations of Security Devices Putting IDS in Context"— Presentation transcript:

1 Four Generations of Security Devices Putting IDS in Context
Arun Sood Prof Computer Science Director International Cyber Center

2 All Rights Reserved - SCIT Labs Confidential and Proprietary
Four Generations of Security Products 4th Generation Resilience Restoration Recovery 3rd Generation Intrusion Tolerance Survivability Situational Awareness Hardening of OS 2nd Generation Firewall IDS VPN DLP Perimeter Defense 1st Generation Trusted Computing Access Control List Cryptography All Rights Reserved - SCIT Labs Confidential and Proprietary

3 All Rights Reserved - SCIT Labs Confidential and Proprietary
Cyber Threat Observations Intrusions are inevitable Intruders stay in systems for days, weeks, months Current servers are “sitting ducks SCIT Focus All Rights Reserved - SCIT Labs Confidential and Proprietary

4 All Rights Reserved - SCIT Labs Confidential and Proprietary
Cyber Kill Chain Another way to think through the issues, is to look at the Kill Chain. Lockheed Martin CIRT identified the sequential chain of events that are required to successfully complete its targeted mission. The events are divided into 3 broad categories: Pre-compromise Compromise Post-compromise The prevention and detection systems focus on pre-compromise - Reconnaissance – Attacker research Weaponization – Attacker creates malware to fit the situation Delivery – Launch a phishing or similar attack In the Compromise stage, the attacker malware exploits the vulnerability and the malware operations are launched. In the Post Compromise stage, Attacker controls the system and can now make lateral moves to exploit additional systems in the network As the malware gets embedded in the system the risk increases, potential for damage increase and cost to remediate increases. Hence the goal of SCIT technology is to make the malware ineffective. All Rights Reserved - SCIT Labs Confidential and Proprietary

5 All Rights Reserved - SCIT Labs Confidential and Proprietary
Integrated Mitigation Framework GET IN STAY IN ACT All Rights Reserved - SCIT Labs Confidential and Proprietary

6 Reduce Cost of Security – Increase the Adversary Expense
High Adversary Cost/expense Low Low High Level of adversary access/privilege “Impact”

7 What About Cloud? Public, private and hybrid cloud
Is cloud more secure than data center? Where is the data located? What about the cyber security implications? Build your own cloud Cloud may get more security with fewer people

Download ppt "Four Generations of Security Devices Putting IDS in Context"

Similar presentations

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
Security Life Cycle for Advanced Threats

Security Life Cycle for Advanced Threats
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.
LA BEOC Built Through Public – Private Collaboration.

LA BEOC Built Through Public – Private Collaboration.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
David Flournoy Bit9 Mid-Atlantic Regional Manager

David Flournoy Bit9 Mid-Atlantic Regional Manager
Controls for Information Security

Controls for Information Security
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Similar presentations

Ads by Google