Presentation is loading. Please wait.

Presentation is loading. Please wait.

ENDPOINT PROTECTION PROJECT 2014 Presentation to CTSC.

Published byStuart Hart Modified over 9 years ago

Similar presentations

Presentation on theme: "ENDPOINT PROTECTION PROJECT 2014 Presentation to CTSC."— Presentation transcript:

1 ENDPOINT PROTECTION PROJECT 2014 Presentation to CTSC

2 QUICK TOUR Why do we need protection at all? What forms might those protections take? The project that started this Questions for you to consider

3 MALWARE ATTACK VECTORS Email Document attachments Malicious URLs Websites USB Sticks Other network attacks

4 ANTIVIRUS EFFECTIVENESS 2012 Study at University of Alabama at Birmingham Looked at top email threats over 30 days Submitted malware to virustotal.com Results: Average detection rate: 25% One week later, avg. detection rate: 66% Our experience for post-incident malware detection: 12% Beware of market differentiation Norton catches more than SEP, but false positive rate is higher.

5 KEY DEFENSE STRATEGIES Vulnerability and Patch Secunia Control of Admin Rights We do this Application Control Requires clients are managed – involves “trusted sources of change” Isolation URL Filtering Browser isolation (market not mature)

6 SEP TO SCEP PROJECT Originated as IST internal project Recommend for or against renewal of Symantec contract (from IST POV) RFP explicitly out of scope

7 WNAG EP SUBGROUP First meeting 2014-12-10 Project/group pages at https://uwaterloo.ca/information-systems- technology/about/organizational- structure/information-security- services/examining-sep-replacements https://uwaterloo.ca/information-systems- technology/about/organizational- structure/information-security- services/examining-sep-replacements Still determining scope

8 WHAT HAS ISS-SOC BEEN DOING? Assumption: by the time traffic hits the endpoints, it’s already too late. Fact: not every infection is reported to IST. Result: building out network-based intrusion detection and analytics.

9 QUESTIONS FOR CTSC Does campus: Rely on off-host protection exclusively Combine on-host protection with off-host All-in with on-host protection All-in on vendor “single pane of glass” type solutions And does it need to be one size fits all?

10 FINAL THOUGHTS Endpoint Protection != Antivirus If something happens but it isn’t reported, what then? Implications of work-from-home

Download ppt "ENDPOINT PROTECTION PROJECT 2014 Presentation to CTSC."

Similar presentations

The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.

The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
The ABC’s of Identity Theft Part One in a multi-part series of overviews on Disaster Avoidance, Business Continuity and Disaster Recovery.

The ABC’s of Identity Theft Part One in a multi-part series of overviews on Disaster Avoidance, Business Continuity and Disaster Recovery.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.
By Joshua T. I. Towers. 13.3 $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.

By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Controls for Information Security

Controls for Information Security
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.

Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
 Norton Antivirus, developed and distributed by Symantec Corporation, provides malware prevention and removal during a subscription period. It uses signatures.

 Norton Antivirus, developed and distributed by Symantec Corporation, provides malware prevention and removal during a subscription period. It uses signatures.

Similar presentations

Ads by Google