Your SlideShare is downloading. ×

Real World Defense Strategies for Targeted Endpoint Threats

200

Published on

The security community is amassing a wealth of intelligence about targeted attacks (aka APTs). One thing we are seeing is that the 2 weakest points in our defense against targeted attacks is the human …

The security community is amassing a wealth of intelligence about targeted attacks (aka APTs). One thing we are seeing is that the 2 weakest points in our defense against targeted attacks is the human element and the endpoint. We need to give more attention to the human element, but few of us are in a position to effect behavioral change in our organization. That is a long road requiring support from management and a more psychology-focused skill set.

On the other hand, most of us are in a position to help improve endpoint security. In this webinar I’ll be focusing on how to build a layered defense against targeted endpoint attacks. To build a true defense-in-depth strategy we will look at the phases of a targeted attack:

*Discover – reconnaissance, “casing the joint”
*Distribute – package and deliver the payload
*Exploit- trigger the payload and exploit the vulnerability
*Control- install persistent malware on system, connect back to command & control
*Execute – spread-out and begin taking action against planned objectives

We will identify controls and technologies that we can deploy to disrupt, hinder, detect and prevent attackers at each phase. These will include:

*Endpoint security best practices
*Endpoint management processes
*Hardening steps
*Monitoring techniques
*Endpoint security technologies

We will draw on the wealth of intelligence the security community is amassing and make this a data-driven presentation.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
200
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Closing on this slide allows the audience to see the true defense in depth strategy Lumension provides. It is suggested to start from the left side and move to the right, highlighting each module/capability along the way.
  • Transcript

    • 1. Sponsored by RealWorld DefenseStrategies forTargeted EndpointThreats © 2013 Monterey Technology Group Inc.
    • 2. Thanks to © 2013 Monterey Technology Group Inc. www.Lumension.com Paul Zimski
    • 3. Preview of Key Points  Phases of a targeted attack  How to disrupt, hinder, detect and prevent attackers at each phase  Endpoint security best practices  Endpoint management processes  Hardening steps  Monitoring techniques  Endpoint security technologies Discover Distribute Exploit Control Execute
    • 4. Discover  What it is  Reconnaissance  Casing the joint  How to fight it  Human  Difficult
    • 5. Distribute  What it is  Package  Deliver the payload  How to fight it  Web  Content scanning  Website reputation  Email  Scanning  Filtering  Training  Device control
    • 6. Exploit  What it is  Trigger the payload  Exploit the vulnerability  How to fight it  Configuration control  Attack surface reduction  Fast patching  Application control  Whitelisting  Memory protection  Anti-malware
    • 7. Control  What it is  Install persistent malware on system  Connect back to command & control  How to fight it  Application control  Whitelisting  Anti-malware  Configuration control  Network egress scanning
    • 8. Execute  What it is  Spread-out  Begin taking action against planned objectives  How to fight it  Application control  Whitelisting  Anti-malware  Configuration control  Network egress scanning  Host monitoring  New EXEs  New accounts  Suspicious access patterns to critical information
    • 9. Bottom line  Fight them every step of the way  Defense-in-depth  Endpoint security is a many headed beast  So many risk vectors  So many security technologies  Integration between endp0int security techn0logies  One agent  One console
    • 10. 18 Defense-in-Depth with Lumension Click to edit Master title style Physical Access Port/DeviceControlandEncryption Full Disk Encryption FirewallManagement PatchandConfigurationManagement Anti-Malware Network Access Sponsored by
    • 11. Sponsored by • Free Security Scanner Tools » Vulnerability Scanner – discover all OS and application vulnerabilities on your network » Application Scanner – discover all the apps being used in your network » Device Scanner – discover all the devices being used in your network http://www.lumension.com/Resources/ Security-Tools.aspx • Lumension® Endpoint Management and Security Suite » Online Demo Video: http://www.lumension.com/Resources/Demo- Center/Vulnerability-Management.aspx » Free Trial (virtual or download): http://www.lumension.com/endpoint- management-security-suite/free-trial.aspx • Get a Quote (and more) http://www.lumension.com/endp oint-management-security- suite/buy-now.aspx#2 11

    ×