SlideShare a Scribd company logo

Delivering Security with GFI MAX - Mark Petrie

Download as PPTX, PDF
MAXfocus
MAXfocus

Delivering Security with GFI MAX

Software
1 of 56
Delivering Managed Security GFI MAX RemoteManagement Mark Petrie, Director of Engineering GFI MAX
Intro » Security is essential. Period. » Lock down access at every level. » Multi-layer approach offers the best protection.
An example from 2012 » Cutting Sword of Justice launches cyber attack on Saudi Aramco, 15th August 2012 » Estimated 30,000 workstations infected, three-quarters of Aramco’s corporate PCs » Virus erased data - documents, spreadsheets, emails, files » Replaced all with an image of a burning American flag » Estimated $630 Million USD loss » We are not Saudi Aramco – we are not important enough to attract an attack » True… if you have no employees, no customers, no trade secrets and no money! » Everyone else… is a target » Hacking has been around for years!! » The IT industry did not collapse! » Acts of vandalism have evolved » Steal, demolish or monetize data…
Some examples from 2014 » Montana State Health Department » May 2014, details of a data breach that affects over 1 million patients announced » Breach actually happened in July 2013, but not discovered for almost a year » Identity of intruders and extent of breach still unclear » CodeSpaces.com » June 2014, codespaces.com closes its doors » Started as a Distributed Denial of Service attack » Ended with an attempt to extort money from company » P.F. Chang (Resteraunt Chain) » Data breach compromised customer payment information » June 2014, thousands of newly stolen credit and debit cards offered for sale online » Target’s Q4 ‘13 earnings fell 46% due to $450m USD loss from theft of customer data » In May 2014, hackers announce theft of 233 million users’ personal records from eBay » Dominos Pizza held to ransom over 600,000 Belgian and French customer records » Evernote was taken down with a DDoS attack
The Bad News » Estimated cost of Cyber Crime and Cyber Espionage » $100 billion USD per year in US alone » $425 billion USD per year worldwide » Advanced Persistent Threats (APT): » Coordinated cyber activities of criminals and state level entities » Objective of stealing information, compromising information systems* » Criminal organizations monetise all aspects of illicit access » Foreign Intelligence Services gather Intellectual Property » APT tries to stay embedded for as long as possible » APT generally only resorts to destruction upon detection * regular users are sometimes the most adept at this!
The Good News » “Managed Security Services Market” by Transparency Market Research » $9 billion USD in 2012, could be worth £24 billion USD by 2019 » Predicted market will expand at CAGR of 15.4% between 2013 and 2019 » Gartner » Security spending gets boost from mobile, social and cloud » Worldwide spending on information security will top $71 billion USD this year • Almost 8% increase over 2013 » Data loss prevention segment recording the fastest growth at 18.9 percent » In 2015, 10% of overall IT security capabilities will be delivered as a cloud service » SMBs will become event more reliant on hosted security services Unfortunately, many organizations continue to lack staff with the appropriate security skills. To keep up with hackers, more than half of organizations will by 2018 rely on security services firms that specialize in data protection, risk and infrastructure management
The Really Good News At least 85% of the targeted cyber intrusions that Defence Signals Directorate (DSD) responds to could be prevented by following the Top 4 mitigation strategies listed in the Strategies to Mitigate Targeted Cyber Intrusions: » Use application whitelisting to help prevent malicious software and other unapproved programs from running » Patch applications such as PDF readers, Microsoft Office, Java, Flash Player and web browsers » Patch operating system vulnerabilities » Minimise the number of users with administrative privileges
Lock down access at every level » Control access to the device » Patch Operating System and Program Vulnerabilities » Protect against Virus and Malware » Stay safe online
Device Security
Device Security » Check access to machine » Lock machines when not in use » Password security • Strong passwords to secure access • Do not have post-its with passwords written down » Can you account for all user accounts on machine or domain? » Review failed login attempts to check no malicious access of machines » User rights on PC, do they have Admin rights to Operating System?
Operating System & Program Security
Operating System & Program Security Close loopholes and resolve potential vulnerabilities through regular and effective installation of software patches and updates… » Microsoft released 106 important or critical security bulletins in 2013 » 2445 total bulletins of low importance and above for Windows, Office etc » Adobe Acrobat updated from v 10.1.90 in January 2013 to v11.0.06 in January 2014 » 7 versions updates in 12 months in just one program » Java updated from v7 Update 11 to v7 Update 51 in same timeframe
Virus & Malware Protection
Virus & Malware Protection » Don’t let those cute little guys fool you! Know your enemy! » Trojan » Generally non replicating » Often enter system through freeware (scareware) » Then act as a backdoor to gain access to personal data. » May also corrupt or encrypt data... Cryptolocker » Virus » Needs carrier (e.g. macro) » Infect system and then replicate » Can disable the device / connected network devices » Consume system and network resources for potential spamming / replication » Can also log keystrokes, identifying passwords and sensitive user information » Worm » Unlike virus, does not need a program to carry infection » Standalone program that self-replicates to spread across networks » Again, consume system and network resources » Carry out DoS attacks… MyDoom
Virus & Malware Protection New malware of the last 24 months!! AV Test institute which registers over 220,000 new malicious programs every day!!
Virus & Malware Protection » Microsoft Security Essentials (now Windows Defender) integrated into OS to offer some protection » End-point products that include a Firewall can be problematic by blocking too many programs, restricting outbound access etc. » Combined Internet Security suite products can be bloated
Internet Access Protection
Internet Access Protection » Internet Society online survey in 2012 (10,789 respondents) » Access to the Internet should be considered a basic human right • 83% somewhat or strongly agree • 14% somewhat or strongly disagree • 3% don't know » The Internet should be governed in some form to protect the community from harm. • 82% somewhat or strongly agree • 15% somewhat or strongly disagree • 3% don't know » When you are logged in to a service or application do you use privacy protections? • 27% all the time • 36% most of the time • 29% sometimes • 9% never » Network Perimeter / Gateway / Firewall devices only work for LAN » What about remote workers?
Multiple Layers = Multiple Problems??
Multi-layers? No problem!
GFI MAX Single pane of glass Asset Tracking Pro-active monitoring (Failed login check) Patch Management Managed Antivirus Web Protection & More
Asset Tracking
Asset Tracking » FREE of charge » View Software details per device » Run Modification Report to check on installed software since initial build » Create Software License groups to blacklist known bad programs
Pro-active Monitoring
New and much improved “Failed Login Check” » #1 customer request on ideas.gfi.com » More informative: Event IDs, failure reason, IP address, username » Respond quickly and decisively to security concerns
Active Directory Users Report
Patch Management
Vulnerability Scanning and Patch Management » What exactly is it? » Uses GFI LANGuard Agent » Vulnerability Check (DSC) runs daily » Lists missing patches and discovered vulnerabilities » Check can run in Alert mode or report mode » Included in Client Daily and Weekly Reports » Set and forget? » Auto-approve patches (by severity) » Schedule installation of approved patches daily, weekly or ad-hoc » Or, manually approve and install patches from Dashboard (now or later) » Patch Overview Report shows missing/installed patches at client(s) » Client Monthly Report lists patches installed that month
Schedule regular installation of approved patches
Schedule ad-hoc installation of approved patches
Suports All Microsoft Updates » Security Updates » Critical » Important » Moderate » Low » Update roll-ups » Service Packs » Critical Updates » Updates » Tools » Drivers
Vendor Support » Apple: » QuickTime » iTunes » Safari » Adobe: » Reader » Acrobat » Flash » Shockwave » Air » Mozilla » Firefox » Thunderbird » SeaMonkey » Instant Messaging Clients » Skype » Yahoo » Browsers » Google Chrome » Opera » Zip tools » 7-Zip » WinRAR » Oracle Java » And more…
Update Release Cycle » We aim to support Microsoft updates within hours of Patch Tuesday » Out of band patches (Microsoft and non-Microsoft) within one working day » LANGuard checks for updates between 1am and 5am GMT and at DSC » Incremental differences for non-Microsoft update databases » Download Microsoft update database direct from microsoft.com » Patches are downloaded directly from vendors’ web-sites » Patches are downloaded when they need to be installed » Use Site Concentrator to cache patches once per site » Switch off Windows Updates?
Patch Approval Lifecycle » ALL patches must be approved before they can be scheduled for installation » Approval can be manual or automatic based on severity » We only report updates as missing if they are required » We report all updates installed, even if we didn’t install them » If there is no install date/time listed, it was not installed by us
Identifying Patches 1. Microsoft release a Security Bulletin… 2. Knowledge Base articles describe which update is required for each OS…
Identifying Patches 3. Search Approval Dialog for Knowledge Base article to approve patch… 4. View Patch Overview report (Group by patch) to see its status on devices
More information » Supported Microsoft Products http://www.gfi.com/lannetscan/msappfullreport.htm » Supported Microsoft Patches http://www.gfi.com/lannetscan/msfullreport.htm » Supported non-Microsoft Products http://kb.gfi.com/articles/SkyNet_Article/KBID003469 » Supported non-Microsoft Patches http://www.gfi.com/lannetscan/3pfullreport.htm
Managed Antivirus
Managed Antivirus
Managed Antivirus » Deployed from Dashboard » Installs automatically if no other Antivirus software present » Can remove other Antivirus software with no user interaction » Policy based configuration with operating system specific file exclusions » Automatic update definitions if detected as out-of-date » Use Protection Report to ensure all end-points protected
Manage Quarantine » Reports menu, Managed Antivirus, Quarantine Report
Stay in-control during virus outbreak » Reports menu, Managed Antivirus, Threat Report
Web Protection
Web Protection » Web Security » Stop users from visiting malicious sites » Both network and remote workers » Web Filtering » Web-site categorization based on BrightCloud (WebRoot) » Implement browsing policies for the workplace, set allowed schedules etc » Whitelist / Blacklist specific URLs » Web Bandwidth Monitoring » Alerts when downloads exceeds threshold (you define) » Reporting » Overview report • Monitor trends • Spot exceptions » Report Builder • Drill-down and understand cause
Web Security » Restrict access to known sites that can harm your customers
Web Filtering » All websites are categorized. If in multiple categories, most restrictive wins » Use schedules to allow access to social media etc out of office hours
Bandwidth Monitoring » Receive an alert when downloads exceed threshold
Overview Report » Weekly overview of Web Security, Filtering, and Bandwidth at client » Ratio of allowed to blocked requests » Top blocked categories » Top visited sites » Noisiest devices » Monitor trends and spot exceptions
Report Builder » If overview report shows an increase in blocked requests to category or site » Show me requests to specific category or site from all devices at client » If irregular activity is suspected » Show me all requests from specific device
Internet Usage Policy Employing an internet usage policy for customers will need them to ensure they have made their employees aware. http://www.gfi.com/pages/sample-internet-usage-policy Citizens Advice - Your employer can legally monitor your use of the phone, internet, e-mail or fax in the workplace if: • the monitoring relates to the business • the equipment being monitored is provided partly or wholly for work • your employer has made all reasonable efforts to inform you that your communications will be monitored. As long as your employer sticks to these rules, they don't need to get your consent before they monitor your electronic communications
Additional Protection
Managed Online Backup Managed Online Backup allows you to easily backup customers data • Disk to Disk (via LocalSpeedVault) to Cloud (D2D2C) • True Delta technology ensures only changed file blocks are backed-up • All data encrypted with 128 bit AES encryption before sending With Cryptolocker, it is likely that the only way to recover data is from a backup
Mobile Device Management Protect against business critical data being being compromised via loss or theft of company or employee owned mobile device • Set Passcode • Locate device • Lock device • Remote Wipe
Email Security Mail Protection offers the ability to not just filter out spam but also ensure that viruses and other email threats do not impact your client. » Employs a unique combination of Antivirus technologies • Traditional signature-based anti-virus engine • Zero-hour virus detection • Virtualization-based malware detection » Reduces risk of attack on customer network through setting trusted connection incoming and outgoing » Continuity so no missed messages as will be queued, even if unable to contact the specified server Additionally you can also use Mail Archive to securely store a copy of every emails for quick retrieval and in case of disaster
Dashboard considerations » Ensure all dashboard users have specific logon » Do not use the Primary Access Key to access Dashboard » Restrict access via IP Address » Two Factor Authentication
Thank You Conferences.gfimax.com/app

Recommended

Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul FenwickDelivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul FenwickMAXfocus
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Information security
Information securityInformation security
Information securityAppin Faridabad
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets PersonalNicholas Davis
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securityAliyuMuhammadButu
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 

Recommended

Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul FenwickDelivering Security with the MAX RemoteManagement Platform - Paul Fenwick
Delivering Security with the MAX RemoteManagement Platform - Paul FenwickMAXfocus
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Information security
Information securityInformation security
Information securityAppin Faridabad
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets PersonalNicholas Davis
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securityAliyuMuhammadButu
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemCheapSSLsecurity
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!IBM Security
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Security Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsSecurity Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsEswar Publications
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breachesxband
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
festival ICT 2013: Check Point 2013 Security Report
festival ICT 2013: Check Point 2013 Security Reportfestival ICT 2013: Check Point 2013 Security Report
festival ICT 2013: Check Point 2013 Security Reportfestival ICT 2016
 
Perimeter Security is Failing
Perimeter Security is FailingPerimeter Security is Failing
Perimeter Security is FailingUL Transaction Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Drjabez
 
Cybersecurity Operations: Examining the State of the SOC
Cybersecurity Operations: Examining the State of the SOCCybersecurity Operations: Examining the State of the SOC
Cybersecurity Operations: Examining the State of the SOCFidelis Cybersecurity
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataIBM Security
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
Delivering Security Within the MAX Remote Management Platform - Todd Haughland
Delivering Security Within the MAX Remote Management Platform - Todd HaughlandDelivering Security Within the MAX Remote Management Platform - Todd Haughland
Delivering Security Within the MAX Remote Management Platform - Todd HaughlandMAXfocus
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 

More Related Content

What's hot

Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemCheapSSLsecurity
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!IBM Security
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Security Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsSecurity Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsEswar Publications
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breachesxband
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Vertex Holdings
 
festival ICT 2013: Check Point 2013 Security Report
festival ICT 2013: Check Point 2013 Security Reportfestival ICT 2013: Check Point 2013 Security Report
festival ICT 2013: Check Point 2013 Security Reportfestival ICT 2016
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Drjabez
 
Cybersecurity Operations: Examining the State of the SOC
Cybersecurity Operations: Examining the State of the SOCCybersecurity Operations: Examining the State of the SOC
Cybersecurity Operations: Examining the State of the SOCFidelis Cybersecurity
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataIBM Security
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 

What's hot (20)

Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend Them
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
 
Securing Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best PracticesSecuring Fintech: Threats, Challenges & Best Practices
Securing Fintech: Threats, Challenges & Best Practices
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
Security Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsSecurity Solutions against Computer Networks Threats
Security Solutions against Computer Networks Threats
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breaches
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
festival ICT 2013: Check Point 2013 Security Report
festival ICT 2013: Check Point 2013 Security Reportfestival ICT 2013: Check Point 2013 Security Report
festival ICT 2013: Check Point 2013 Security Report
 
Perimeter Security is Failing
Perimeter Security is FailingPerimeter Security is Failing
Perimeter Security is Failing
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
 
Cybersecurity Operations: Examining the State of the SOC
Cybersecurity Operations: Examining the State of the SOCCybersecurity Operations: Examining the State of the SOC
Cybersecurity Operations: Examining the State of the SOC
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
 

Similar to Delivering Security with GFI MAX - Mark Petrie

Delivering Security Within the MAX Remote Management Platform - Todd Haughland
Delivering Security Within the MAX Remote Management Platform - Todd HaughlandDelivering Security Within the MAX Remote Management Platform - Todd Haughland
Delivering Security Within the MAX Remote Management Platform - Todd HaughlandMAXfocus
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Eoin Keary
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearydrewz lin
 
computer virus full explain ppt.pptx
computer virus full explain ppt.pptxcomputer virus full explain ppt.pptx
computer virus full explain ppt.pptxTayyabaAbbas4
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
2014CyberSecurityProject
2014CyberSecurityProject2014CyberSecurityProject
2014CyberSecurityProjectKaley Hair
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with aiBurhan Ahmed
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionEoin Keary
 
The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.Teri Radichel
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 
Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsUltraUploader
 

Similar to Delivering Security with GFI MAX - Mark Petrie (20)

Delivering Security Within the MAX Remote Management Platform - Todd Haughland
Delivering Security Within the MAX Remote Management Platform - Todd HaughlandDelivering Security Within the MAX Remote Management Platform - Todd Haughland
Delivering Security Within the MAX Remote Management Platform - Todd Haughland
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-keary
 
computer virus full explain ppt.pptx
computer virus full explain ppt.pptxcomputer virus full explain ppt.pptx
computer virus full explain ppt.pptx
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
2014CyberSecurityProject
2014CyberSecurityProject2014CyberSecurityProject
2014CyberSecurityProject
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
 
C3
C3C3
C3
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud version
 
The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included features
 
Computing safety
Computing safetyComputing safety
Computing safety
 
Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documents
 
Lecture5
Lecture5Lecture5
Lecture5
 
Cybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking AboutCybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking About
 

More from MAXfocus

Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trumpMAXfocus
 
Creating Positive User Experiences Through Technology - Paul Kenny
Creating Positive User Experiences Through Technology - Paul KennyCreating Positive User Experiences Through Technology - Paul Kenny
Creating Positive User Experiences Through Technology - Paul KennyMAXfocus
 
Welcome and MAX Keynotes - Dave Sobel and Alistair Forbes
Welcome and MAX Keynotes - Dave Sobel and Alistair ForbesWelcome and MAX Keynotes - Dave Sobel and Alistair Forbes
Welcome and MAX Keynotes - Dave Sobel and Alistair ForbesMAXfocus
 
Closing Keynote - Dave Sobel
Closing Keynote - Dave SobelClosing Keynote - Dave Sobel
Closing Keynote - Dave SobelMAXfocus
 
Maximise Your Reputation in the Marketplace Jason King
Maximise Your Reputation in the Marketplace Jason KingMaximise Your Reputation in the Marketplace Jason King
Maximise Your Reputation in the Marketplace Jason KingMAXfocus
 
Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...
Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...
Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...MAXfocus
 
Managed Services in 2014: Pricing and Positioning - Dave Sobel
Managed Services in 2014: Pricing and Positioning - Dave SobelManaged Services in 2014: Pricing and Positioning - Dave Sobel
Managed Services in 2014: Pricing and Positioning - Dave SobelMAXfocus
 
Scripting and Automation within the MAX Platform Ernest Byrd
Scripting and Automation within the MAX Platform Ernest ByrdScripting and Automation within the MAX Platform Ernest Byrd
Scripting and Automation within the MAX Platform Ernest ByrdMAXfocus
 
Lessons from the Trenches Selling and Marketing Best Practices Terry Hedden
Lessons from the Trenches Selling and Marketing Best Practices Terry HeddenLessons from the Trenches Selling and Marketing Best Practices Terry Hedden
Lessons from the Trenches Selling and Marketing Best Practices Terry HeddenMAXfocus
 
Recruit & Retain Top Talent - Michael Schmditmann
Recruit & Retain Top Talent - Michael SchmditmannRecruit & Retain Top Talent - Michael Schmditmann
Recruit & Retain Top Talent - Michael SchmditmannMAXfocus
 
Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan
Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan
Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan MAXfocus
 
Getting from $400k to $4m - the Four Biggest Operational Challenges - Gordan Tan
Getting from $400k to $4m - the Four Biggest Operational Challenges - Gordan TanGetting from $400k to $4m - the Four Biggest Operational Challenges - Gordan Tan
Getting from $400k to $4m - the Four Biggest Operational Challenges - Gordan TanMAXfocus
 
5 Critical Steps for Selling Managed Services - Adam Harris
5 Critical Steps for Selling Managed Services - Adam Harris 5 Critical Steps for Selling Managed Services - Adam Harris
5 Critical Steps for Selling Managed Services - Adam Harris MAXfocus
 
Max Backup Roadmap and Strategy Presentation - Eric Harless
Max Backup Roadmap and Strategy Presentation - Eric Harless Max Backup Roadmap and Strategy Presentation - Eric Harless
Max Backup Roadmap and Strategy Presentation - Eric Harless MAXfocus
 
How we turned Office 365 from a threat to an opportunity- Dan Scott
How we turned Office 365 from a threat to an opportunity- Dan ScottHow we turned Office 365 from a threat to an opportunity- Dan Scott
How we turned Office 365 from a threat to an opportunity- Dan ScottMAXfocus
 
Scripting and Automation within the MAX Platform - Mark Petrie
Scripting and Automation within the MAX Platform - Mark Petrie Scripting and Automation within the MAX Platform - Mark Petrie
Scripting and Automation within the MAX Platform - Mark Petrie MAXfocus
 
7 reasons your backups should go to the cloud - Nick Cavalancia
7 reasons your backups should go to the cloud - Nick Cavalancia 7 reasons your backups should go to the cloud - Nick Cavalancia
7 reasons your backups should go to the cloud - Nick Cavalancia MAXfocus
 
The Mysterious Case of the Vanishing Cloud - Seth Robinson
The Mysterious Case of the Vanishing Cloud - Seth Robinson The Mysterious Case of the Vanishing Cloud - Seth Robinson
The Mysterious Case of the Vanishing Cloud - Seth Robinson MAXfocus
 
Christiano Fermo
Christiano Fermo Christiano Fermo
Christiano Fermo MAXfocus
 
Rapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & Grow
Rapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & GrowRapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & Grow
Rapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & GrowMAXfocus
 

More from MAXfocus (20)

Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
 
Creating Positive User Experiences Through Technology - Paul Kenny
Creating Positive User Experiences Through Technology - Paul KennyCreating Positive User Experiences Through Technology - Paul Kenny
Creating Positive User Experiences Through Technology - Paul Kenny
 
Welcome and MAX Keynotes - Dave Sobel and Alistair Forbes
Welcome and MAX Keynotes - Dave Sobel and Alistair ForbesWelcome and MAX Keynotes - Dave Sobel and Alistair Forbes
Welcome and MAX Keynotes - Dave Sobel and Alistair Forbes
 
Closing Keynote - Dave Sobel
Closing Keynote - Dave SobelClosing Keynote - Dave Sobel
Closing Keynote - Dave Sobel
 
Maximise Your Reputation in the Marketplace Jason King
Maximise Your Reputation in the Marketplace Jason KingMaximise Your Reputation in the Marketplace Jason King
Maximise Your Reputation in the Marketplace Jason King
 
Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...
Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...
Consolidating your Services Portfolio with GFI MAX - Jason Parsons and Steve ...
 
Managed Services in 2014: Pricing and Positioning - Dave Sobel
Managed Services in 2014: Pricing and Positioning - Dave SobelManaged Services in 2014: Pricing and Positioning - Dave Sobel
Managed Services in 2014: Pricing and Positioning - Dave Sobel
 
Scripting and Automation within the MAX Platform Ernest Byrd
Scripting and Automation within the MAX Platform Ernest ByrdScripting and Automation within the MAX Platform Ernest Byrd
Scripting and Automation within the MAX Platform Ernest Byrd
 
Lessons from the Trenches Selling and Marketing Best Practices Terry Hedden
Lessons from the Trenches Selling and Marketing Best Practices Terry HeddenLessons from the Trenches Selling and Marketing Best Practices Terry Hedden
Lessons from the Trenches Selling and Marketing Best Practices Terry Hedden
 
Recruit & Retain Top Talent - Michael Schmditmann
Recruit & Retain Top Talent - Michael SchmditmannRecruit & Retain Top Talent - Michael Schmditmann
Recruit & Retain Top Talent - Michael Schmditmann
 
Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan
Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan
Lessons from the Worlds Top 5 MSPs MAX2014 - Gordon Tan
 
Getting from $400k to $4m - the Four Biggest Operational Challenges - Gordan Tan
Getting from $400k to $4m - the Four Biggest Operational Challenges - Gordan TanGetting from $400k to $4m - the Four Biggest Operational Challenges - Gordan Tan
Getting from $400k to $4m - the Four Biggest Operational Challenges - Gordan Tan
 
5 Critical Steps for Selling Managed Services - Adam Harris
5 Critical Steps for Selling Managed Services - Adam Harris 5 Critical Steps for Selling Managed Services - Adam Harris
5 Critical Steps for Selling Managed Services - Adam Harris
 
Max Backup Roadmap and Strategy Presentation - Eric Harless
Max Backup Roadmap and Strategy Presentation - Eric Harless Max Backup Roadmap and Strategy Presentation - Eric Harless
Max Backup Roadmap and Strategy Presentation - Eric Harless
 
How we turned Office 365 from a threat to an opportunity- Dan Scott
How we turned Office 365 from a threat to an opportunity- Dan ScottHow we turned Office 365 from a threat to an opportunity- Dan Scott
How we turned Office 365 from a threat to an opportunity- Dan Scott
 
Scripting and Automation within the MAX Platform - Mark Petrie
Scripting and Automation within the MAX Platform - Mark Petrie Scripting and Automation within the MAX Platform - Mark Petrie
Scripting and Automation within the MAX Platform - Mark Petrie
 
7 reasons your backups should go to the cloud - Nick Cavalancia
7 reasons your backups should go to the cloud - Nick Cavalancia 7 reasons your backups should go to the cloud - Nick Cavalancia
7 reasons your backups should go to the cloud - Nick Cavalancia
 
The Mysterious Case of the Vanishing Cloud - Seth Robinson
The Mysterious Case of the Vanishing Cloud - Seth Robinson The Mysterious Case of the Vanishing Cloud - Seth Robinson
The Mysterious Case of the Vanishing Cloud - Seth Robinson
 
Christiano Fermo
Christiano Fermo Christiano Fermo
Christiano Fermo
 
Rapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & Grow
Rapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & GrowRapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & Grow
Rapid Fire Tools: Top Ways to Use IT Assessments to Win New Business & Grow
 

Recently uploaded

Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxRTS corp
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfInnovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfYashikaSharma391629
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 

Recently uploaded (20)

Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfInnovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 

Delivering Security with GFI MAX - Mark Petrie

  • 1. Delivering Managed Security GFI MAX RemoteManagement Mark Petrie, Director of Engineering GFI MAX
  • 2. Intro » Security is essential. Period. » Lock down access at every level. » Multi-layer approach offers the best protection.
  • 3. An example from 2012 » Cutting Sword of Justice launches cyber attack on Saudi Aramco, 15th August 2012 » Estimated 30,000 workstations infected, three-quarters of Aramco’s corporate PCs » Virus erased data - documents, spreadsheets, emails, files » Replaced all with an image of a burning American flag » Estimated $630 Million USD loss » We are not Saudi Aramco – we are not important enough to attract an attack » True… if you have no employees, no customers, no trade secrets and no money! » Everyone else… is a target » Hacking has been around for years!! » The IT industry did not collapse! » Acts of vandalism have evolved » Steal, demolish or monetize data…
  • 4. Some examples from 2014 » Montana State Health Department » May 2014, details of a data breach that affects over 1 million patients announced » Breach actually happened in July 2013, but not discovered for almost a year » Identity of intruders and extent of breach still unclear » CodeSpaces.com » June 2014, codespaces.com closes its doors » Started as a Distributed Denial of Service attack » Ended with an attempt to extort money from company » P.F. Chang (Resteraunt Chain) » Data breach compromised customer payment information » June 2014, thousands of newly stolen credit and debit cards offered for sale online » Target’s Q4 ‘13 earnings fell 46% due to $450m USD loss from theft of customer data » In May 2014, hackers announce theft of 233 million users’ personal records from eBay » Dominos Pizza held to ransom over 600,000 Belgian and French customer records » Evernote was taken down with a DDoS attack
  • 5. The Bad News » Estimated cost of Cyber Crime and Cyber Espionage » $100 billion USD per year in US alone » $425 billion USD per year worldwide » Advanced Persistent Threats (APT): » Coordinated cyber activities of criminals and state level entities » Objective of stealing information, compromising information systems* » Criminal organizations monetise all aspects of illicit access » Foreign Intelligence Services gather Intellectual Property » APT tries to stay embedded for as long as possible » APT generally only resorts to destruction upon detection * regular users are sometimes the most adept at this!
  • 6. The Good News » “Managed Security Services Market” by Transparency Market Research » $9 billion USD in 2012, could be worth £24 billion USD by 2019 » Predicted market will expand at CAGR of 15.4% between 2013 and 2019 » Gartner » Security spending gets boost from mobile, social and cloud » Worldwide spending on information security will top $71 billion USD this year • Almost 8% increase over 2013 » Data loss prevention segment recording the fastest growth at 18.9 percent » In 2015, 10% of overall IT security capabilities will be delivered as a cloud service » SMBs will become event more reliant on hosted security services Unfortunately, many organizations continue to lack staff with the appropriate security skills. To keep up with hackers, more than half of organizations will by 2018 rely on security services firms that specialize in data protection, risk and infrastructure management
  • 7. The Really Good News At least 85% of the targeted cyber intrusions that Defence Signals Directorate (DSD) responds to could be prevented by following the Top 4 mitigation strategies listed in the Strategies to Mitigate Targeted Cyber Intrusions: » Use application whitelisting to help prevent malicious software and other unapproved programs from running » Patch applications such as PDF readers, Microsoft Office, Java, Flash Player and web browsers » Patch operating system vulnerabilities » Minimise the number of users with administrative privileges
  • 8. Lock down access at every level » Control access to the device » Patch Operating System and Program Vulnerabilities » Protect against Virus and Malware » Stay safe online
  • 10. Device Security » Check access to machine » Lock machines when not in use » Password security • Strong passwords to secure access • Do not have post-its with passwords written down » Can you account for all user accounts on machine or domain? » Review failed login attempts to check no malicious access of machines » User rights on PC, do they have Admin rights to Operating System?
  • 11. Operating System & Program Security
  • 12. Operating System & Program Security Close loopholes and resolve potential vulnerabilities through regular and effective installation of software patches and updates… » Microsoft released 106 important or critical security bulletins in 2013 » 2445 total bulletins of low importance and above for Windows, Office etc » Adobe Acrobat updated from v 10.1.90 in January 2013 to v11.0.06 in January 2014 » 7 versions updates in 12 months in just one program » Java updated from v7 Update 11 to v7 Update 51 in same timeframe
  • 13. Virus & Malware Protection
  • 14. Virus & Malware Protection » Don’t let those cute little guys fool you! Know your enemy! » Trojan » Generally non replicating » Often enter system through freeware (scareware) » Then act as a backdoor to gain access to personal data. » May also corrupt or encrypt data... Cryptolocker » Virus » Needs carrier (e.g. macro) » Infect system and then replicate » Can disable the device / connected network devices » Consume system and network resources for potential spamming / replication » Can also log keystrokes, identifying passwords and sensitive user information » Worm » Unlike virus, does not need a program to carry infection » Standalone program that self-replicates to spread across networks » Again, consume system and network resources » Carry out DoS attacks… MyDoom
  • 15. Virus & Malware Protection New malware of the last 24 months!! AV Test institute which registers over 220,000 new malicious programs every day!!
  • 16. Virus & Malware Protection » Microsoft Security Essentials (now Windows Defender) integrated into OS to offer some protection » End-point products that include a Firewall can be problematic by blocking too many programs, restricting outbound access etc. » Combined Internet Security suite products can be bloated
  • 18. Internet Access Protection » Internet Society online survey in 2012 (10,789 respondents) » Access to the Internet should be considered a basic human right • 83% somewhat or strongly agree • 14% somewhat or strongly disagree • 3% don't know » The Internet should be governed in some form to protect the community from harm. • 82% somewhat or strongly agree • 15% somewhat or strongly disagree • 3% don't know » When you are logged in to a service or application do you use privacy protections? • 27% all the time • 36% most of the time • 29% sometimes • 9% never » Network Perimeter / Gateway / Firewall devices only work for LAN » What about remote workers?
  • 19. Multiple Layers = Multiple Problems??
  • 21. GFI MAX Single pane of glass Asset Tracking Pro-active monitoring (Failed login check) Patch Management Managed Antivirus Web Protection & More
  • 23. Asset Tracking » FREE of charge » View Software details per device » Run Modification Report to check on installed software since initial build » Create Software License groups to blacklist known bad programs
  • 25. New and much improved “Failed Login Check” » #1 customer request on ideas.gfi.com » More informative: Event IDs, failure reason, IP address, username » Respond quickly and decisively to security concerns
  • 28. Vulnerability Scanning and Patch Management » What exactly is it? » Uses GFI LANGuard Agent » Vulnerability Check (DSC) runs daily » Lists missing patches and discovered vulnerabilities » Check can run in Alert mode or report mode » Included in Client Daily and Weekly Reports » Set and forget? » Auto-approve patches (by severity) » Schedule installation of approved patches daily, weekly or ad-hoc » Or, manually approve and install patches from Dashboard (now or later) » Patch Overview Report shows missing/installed patches at client(s) » Client Monthly Report lists patches installed that month
  • 29. Schedule regular installation of approved patches
  • 30. Schedule ad-hoc installation of approved patches
  • 31. Suports All Microsoft Updates » Security Updates » Critical » Important » Moderate » Low » Update roll-ups » Service Packs » Critical Updates » Updates » Tools » Drivers
  • 32. Vendor Support » Apple: » QuickTime » iTunes » Safari » Adobe: » Reader » Acrobat » Flash » Shockwave » Air » Mozilla » Firefox » Thunderbird » SeaMonkey » Instant Messaging Clients » Skype » Yahoo » Browsers » Google Chrome » Opera » Zip tools » 7-Zip » WinRAR » Oracle Java » And more…
  • 33. Update Release Cycle » We aim to support Microsoft updates within hours of Patch Tuesday » Out of band patches (Microsoft and non-Microsoft) within one working day » LANGuard checks for updates between 1am and 5am GMT and at DSC » Incremental differences for non-Microsoft update databases » Download Microsoft update database direct from microsoft.com » Patches are downloaded directly from vendors’ web-sites » Patches are downloaded when they need to be installed » Use Site Concentrator to cache patches once per site » Switch off Windows Updates?
  • 34. Patch Approval Lifecycle » ALL patches must be approved before they can be scheduled for installation » Approval can be manual or automatic based on severity » We only report updates as missing if they are required » We report all updates installed, even if we didn’t install them » If there is no install date/time listed, it was not installed by us
  • 35. Identifying Patches 1. Microsoft release a Security Bulletin… 2. Knowledge Base articles describe which update is required for each OS…
  • 36. Identifying Patches 3. Search Approval Dialog for Knowledge Base article to approve patch… 4. View Patch Overview report (Group by patch) to see its status on devices
  • 37. More information » Supported Microsoft Products http://www.gfi.com/lannetscan/msappfullreport.htm » Supported Microsoft Patches http://www.gfi.com/lannetscan/msfullreport.htm » Supported non-Microsoft Products http://kb.gfi.com/articles/SkyNet_Article/KBID003469 » Supported non-Microsoft Patches http://www.gfi.com/lannetscan/3pfullreport.htm
  • 40. Managed Antivirus » Deployed from Dashboard » Installs automatically if no other Antivirus software present » Can remove other Antivirus software with no user interaction » Policy based configuration with operating system specific file exclusions » Automatic update definitions if detected as out-of-date » Use Protection Report to ensure all end-points protected
  • 41. Manage Quarantine » Reports menu, Managed Antivirus, Quarantine Report
  • 42. Stay in-control during virus outbreak » Reports menu, Managed Antivirus, Threat Report
  • 44. Web Protection » Web Security » Stop users from visiting malicious sites » Both network and remote workers » Web Filtering » Web-site categorization based on BrightCloud (WebRoot) » Implement browsing policies for the workplace, set allowed schedules etc » Whitelist / Blacklist specific URLs » Web Bandwidth Monitoring » Alerts when downloads exceeds threshold (you define) » Reporting » Overview report • Monitor trends • Spot exceptions » Report Builder • Drill-down and understand cause
  • 45. Web Security » Restrict access to known sites that can harm your customers
  • 46. Web Filtering » All websites are categorized. If in multiple categories, most restrictive wins » Use schedules to allow access to social media etc out of office hours
  • 47. Bandwidth Monitoring » Receive an alert when downloads exceed threshold
  • 48. Overview Report » Weekly overview of Web Security, Filtering, and Bandwidth at client » Ratio of allowed to blocked requests » Top blocked categories » Top visited sites » Noisiest devices » Monitor trends and spot exceptions
  • 49. Report Builder » If overview report shows an increase in blocked requests to category or site » Show me requests to specific category or site from all devices at client » If irregular activity is suspected » Show me all requests from specific device
  • 50. Internet Usage Policy Employing an internet usage policy for customers will need them to ensure they have made their employees aware. http://www.gfi.com/pages/sample-internet-usage-policy Citizens Advice - Your employer can legally monitor your use of the phone, internet, e-mail or fax in the workplace if: • the monitoring relates to the business • the equipment being monitored is provided partly or wholly for work • your employer has made all reasonable efforts to inform you that your communications will be monitored. As long as your employer sticks to these rules, they don't need to get your consent before they monitor your electronic communications
  • 52. Managed Online Backup Managed Online Backup allows you to easily backup customers data • Disk to Disk (via LocalSpeedVault) to Cloud (D2D2C) • True Delta technology ensures only changed file blocks are backed-up • All data encrypted with 128 bit AES encryption before sending With Cryptolocker, it is likely that the only way to recover data is from a backup
  • 53. Mobile Device Management Protect against business critical data being being compromised via loss or theft of company or employee owned mobile device • Set Passcode • Locate device • Lock device • Remote Wipe
  • 54. Email Security Mail Protection offers the ability to not just filter out spam but also ensure that viruses and other email threats do not impact your client. » Employs a unique combination of Antivirus technologies • Traditional signature-based anti-virus engine • Zero-hour virus detection • Virtualization-based malware detection » Reduces risk of attack on customer network through setting trusted connection incoming and outgoing » Continuity so no missed messages as will be queued, even if unable to contact the specified server Additionally you can also use Mail Archive to securely store a copy of every emails for quick retrieval and in case of disaster
  • 55. Dashboard considerations » Ensure all dashboard users have specific logon » Do not use the Primary Access Key to access Dashboard » Restrict access via IP Address » Two Factor Authentication

Editor's Notes

  1. http://www.bbc.co.uk/news/technology-28654613
  2. Explain to customers that simply having an AV isn’t it all. There are complex ways in which they can target and access devices and so we look to layer to address these.
  3. End user education
  4. End user education
  5. Refer to the whitelisting of applications, as mentioned earlier in DSD recommendations
  6. Browser independent
  7. Paul Fenwick in a “previous life” …