Presentation is loading. Please wait.

Presentation is loading. Please wait.

Making All Client Side Java Secure Bill Gardner Sr. Director Products September 2014 1.

Published byKathleen Fitzgerald Modified over 9 years ago

Similar presentations

Presentation on theme: "Making All Client Side Java Secure Bill Gardner Sr. Director Products September 2014 1."— Presentation transcript:

1 Making All Client Side Java Secure Bill Gardner Sr. Director Products September 2014 1

2 Agenda 2 The Security Landscape Let’s Talk Java Demonstration Q&A

3 The IT Security Paradox 3 Security Spending — ’05–’14 Up 294% $30B No! Up 390% Are breaches going down? Malware/Breaches — ’05–’14 Source: Gartner, Idtheftcenter, $30B is a Gartner figure for 2014

4 The Problem 4 The Endpoint ProblemIneffective DetectionAdvanced Threats Polymorphic Targeted Zero Day Pattern-Matching Only known Many false positives Costly remediation 71% of all breaches start on the endpoint! Source: Verizon Data Breach Report

5 The Endpoint ProblemIneffective DetectionAdvanced Threats 71% of all breaches start on the endpoint! The Problem Polymorphic Targeted Zero Day Pattern-Matching Only known Many false positives Costly remediation “ Anti-virus is dead. It catches only 45% of cyber-attacks. ” Brian Dye SVP, Symantec

6 6 If JAVA didn’t exist… It would have to be invented

7 7 97% of enterprise browsers ran Java in 2013 Source: Cisco 2014 Annual Threat Report 91% of successful enterprises attacks exploited Java in 2013 Source: Cisco 2014 Annual Threat Report ~50% of enterprise traffic uses a Java version that’s more than two years out of date Source: CIOL Bureau 19% of enterprise Windows PCs ran the latest version of Java between August 1-29, 2013 Source: CIOL Bureau Let’s Talk About Java

8 Java Is Not the Problem NTDLL.DLL ntoskrnl.exe win32k.sys HAL 8

9 NTDLL.DLL ntoskrnl.exe win32k.sys HAL And All Software Is Vulnerable 9

10 A Better Idea 10 Isolate the threat!

11 Bromium vSentry: Hardware-isolation for Untrusted Tasks 11 Microvisor Hardware isolates each untrusted Windows task Lightweight, fast, hidden, with an unchanged native UX Based on Xen with a small, secure code base Fully integrated into the desktop user experience Hardware virtualization Hardware security features

12 12 Desktop Untrusted Tasks Micro-visor mutually isolates untrustworthy tasks from the OS and each other

13 Each untrusted task is instantly isolated in a micro-VM, invisible to the user 13 Untrusted Tasks

14 14 Micro-VMs execute “Copy on Write”

15 15 Malware is automatically discarded when the task is complete

16 16 Full attack execution 3 Live Attack Visualization & Analysis (LAVA) 4 One task per micro-VM 2 Micro-VM introspection 1

17 Benefits 17 Consumerization SaaS/Cloud & VDI Patching & Remediation End Point Security Data is secure at runtime Malware has no access to your network Empower users: “click on anything” Real-time insight into actual attacks Protect un-patched desktops Eliminate remediation Defeat Advanced Persistent Threats Robust to human mistakes

18 Benefits 18 Empower users: “click on anything” Real-time insight into actual attacks Defeat Advanced Persistent Threats Robust to human mistakes Data is secure at runtime Malware has no access to your network Protect un-patched desktops Eliminate remediation Consumerization SaaS/Cloud & VDI Patching & Remediation End Point Security

19 The attack landscape has fundamentally changed; perimeter evaporating in the cloud and mobile era Current ‘detection’ defenses are ineffective; endpoint is the weakest link Bromium is redefining endpoint security with micro-virtualization Enormous benefits in defeating attacks, streamlining IT and empowering users Summary 19

20 Demo 20

21 Email info@bromium.cominfo@bromium.com Explore www.bromium.comwww.bromium.com Find Out How You Can Make Java Safe… 21

Download ppt "Making All Client Side Java Secure Bill Gardner Sr. Director Products September 2014 1."

Similar presentations

Ian Pratt SVP, Products Bromium Inc.

Ian Pratt SVP, Products Bromium Inc.
Endpoint security via Application sandboxing and virtualization: Past, present, future Rafal Wojtczuk

Endpoint security via Application sandboxing and virtualization: Past, present, future Rafal Wojtczuk
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.
Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.

Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.
Director of Research, SANS Institute

Director of Research, SANS Institute
Supporting BYOD Dennis Cromwell Supporting BYOD  CISCO Study – 15B devices capable of connecting to a network by 2015  The Consumerization.

Supporting BYOD Dennis Cromwell Supporting BYOD  CISCO Study – 15B devices capable of connecting to a network by 2015  The Consumerization.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Introducing… …taking desktop computing to the cloud making business effortless!

Introducing… …taking desktop computing to the cloud making business effortless!
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Virtual techdays INDIA │ 9-11 February 2011 Security Discussion: Ask the Experts M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation Anirudh.

Virtual techdays INDIA │ 9-11 February 2011 Security Discussion: Ask the Experts M.S.Anand │ MTC Technology Specialist │ Microsoft Corporation Anirudh.

Similar presentations

Ads by Google