SlideShare a Scribd company logo

Top 5 wi fi security threats

Download as PPTX, PDF
gruzabb
gruzabb
Technology
1 of 15
Top 5 Wi-Fi Security Threats Dr. Pravin Bhagwat CTO, AirTight Networks © 2013 AirTight Networks, Inc. All rights reserved.
Wave of Wireless Consumerization  Uncontrolled increase in Wi-Fi devices  Most client Wi-Fi devices can operate in multiple modes  Do you know what’s happening on your network and premises? © 2013 AirTight Networks, Inc. All rights reserved. 2
TJX Breach – The Tip of the Iceberg Additional breaches © 2013 AirTight Networks, Inc. All rights reserved. 3
Rogue APs • APs attached to the enterprise LAN without permission • Backdoor to the enterprise LAN © 2013 AirTight Networks, Inc. All rights reserved. 4
Soft Rogue APs     Network interface bridging Internet connection sharing (ICS) Add-on devices (e.g., Windy31) Windows 7 Virtual Wi-Fi © 2013 AirTight Networks, Inc. All rights reserved. 5
Client Misbehavior and Man-in-the-middle Attacks • • • • Ad-hoc connections Connections to external APs Probing for vulnerable SSIDs Honeypot/Evil Twin target © 2013 AirTight Networks, Inc. All rights reserved. 6
Bring Your Own Device (BYOD) WPA2/802.1x alone cannot prevent unauthorized devices from accessing the enterprise network © 2013 AirTight Networks, Inc. All rights reserved. 7
Recap of Common Intrusion and Extrusion Threats © 2013 AirTight Networks, Inc. All rights reserved. 8
Wireless Security Strategies That Don’t Work! A “No Wi-Fi” policy without enforcement We don’t have “that” problem because… © 2013 AirTight Networks, Inc. All rights reserved. 9
MDM ≠ Network Security No visibility into Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Scope limited to “managed” devices that run MDM agent What is the incentive to install MDM agents on personal devices? © 2013 AirTight Networks, Inc. All rights reserved. 10
NAC ≠ Wireless Security Scope limited to BYOD on “managed” WLAN Cannot block Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Suffers from “blind spots” – unauthorized Wi-Fi devices connecting via authorized devices © 2013 AirTight Networks, Inc. All rights reserved. 11
Wireless Intrusion Prevention System (WIPS) Automatic Device Classification Comprehensive Threat Coverage Accurate Location Tracking Reliable Threat Prevention BYOD Policy Enforcement © 2013 AirTight Networks, Inc. All rights reserved. 12
Wireless Security Enforcement using WIPS AP Classification Authorized APs Mis-config Policy GO DoS Client Classification Authorized Clients STOP Rogue APs (On Network) STOP Rogue Clients External Clients External APs IGNORE AUTOMATICALLY DETECT AND BLOCK RED PATHS! With this in place, your network is protected from all types of wireless threats, vulnerabilities and attack tools! © 2013 AirTight Networks, Inc. All rights reserved. 13
Identifying a True WIPS: WIDS vs. WIPS Prevalent WIDS Approach Cat and mouse chase of exploits, tools and signatures True WIPS Approach Protects against the fundamental wireless threat building blocks © 2013 AirTight Networks, Inc. All rights reserved. 14
Thank You! Cloud Managed Secure Wi-Fi Solutions www.airtightnetworks.com info@airtightnetworks.com @AirTight +1 877 424 7844 US DoD Approved © 2013 AirTight Networks, Inc. All rights reserved. 15

Recommended

Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Ryan Orsi
 
Implementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraImplementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraKappa Data
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Cyber Security in the Financial Industry
Cyber Security in the Financial IndustryCyber Security in the Financial Industry
Cyber Security in the Financial IndustryJames Bergren
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow DevicesForescout Technologies Inc
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneJose L. Quiñones-Borrero
 
ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForescout Technologies Inc
 

Recommended

Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Ryan Orsi
 
Implementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraImplementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraKappa Data
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Cyber Security in the Financial Industry
Cyber Security in the Financial IndustryCyber Security in the Financial Industry
Cyber Security in the Financial IndustryJames Bergren
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow DevicesForescout Technologies Inc
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneJose L. Quiñones-Borrero
 
ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForescout Technologies Inc
 
SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsForeScout Technologies
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8Phillip LiPari
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas companyLiora R. Herman
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security TipsCentextech
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?Bangladesh Network Operators Group
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against themNick Allott
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai RevisitedClare Nelson, CISSP, CIPP-E
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...PROFIBUS and PROFINET InternationaI - PI UK
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - SlidesezSec
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseItai Bass
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalMary McEvoy Carroll
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 

More Related Content

What's hot

SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsForeScout Technologies
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas companyLiora R. Herman
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security TipsCentextech
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against themNick Allott
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...PROFIBUS and PROFINET InternationaI - PI UK
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - SlidesezSec
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseItai Bass
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalMary McEvoy Carroll
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 

What's hot (20)

SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey Results
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas company
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the Enterprise
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security Tips
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - Slides
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile Enterprise
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_final
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
 

Similar to Top 5 wi fi security threats

Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013AirTight Networks, Inc.
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...ProductNation/iSPIRT
 
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdfonline Marketing
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingShivamSharma909
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...IJCSIS Research Publications
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)Andris Soroka
 
LIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveLIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveRobert Herjavec
 
A Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxA Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxTurboAnchor
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardeninganupriti
 
Protect your guest wifi - NOW
Protect your guest wifi - NOWProtect your guest wifi - NOW
Protect your guest wifi - NOWJoshua Sibaja
 

Similar to Top 5 wi fi security threats (20)

Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
 
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013
 
AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
 
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
 
CEH Domain 6.pdf
CEH Domain 6.pdfCEH Domain 6.pdf
CEH Domain 6.pdf
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
itmsday2.pptx
itmsday2.pptxitmsday2.pptx
itmsday2.pptx
 
Wireless security
Wireless securityWireless security
Wireless security
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
 
LIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveLIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep Dive
 
A Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxA Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptx
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardening
 
Protect your guest wifi - NOW
Protect your guest wifi - NOWProtect your guest wifi - NOW
Protect your guest wifi - NOW
 

Recently uploaded

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 

Recently uploaded (20)

The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 

Top 5 wi fi security threats

  • 1. Top 5 Wi-Fi Security Threats Dr. Pravin Bhagwat CTO, AirTight Networks © 2013 AirTight Networks, Inc. All rights reserved.
  • 2. Wave of Wireless Consumerization  Uncontrolled increase in Wi-Fi devices  Most client Wi-Fi devices can operate in multiple modes  Do you know what’s happening on your network and premises? © 2013 AirTight Networks, Inc. All rights reserved. 2
  • 3. TJX Breach – The Tip of the Iceberg Additional breaches © 2013 AirTight Networks, Inc. All rights reserved. 3
  • 4. Rogue APs • APs attached to the enterprise LAN without permission • Backdoor to the enterprise LAN © 2013 AirTight Networks, Inc. All rights reserved. 4
  • 5. Soft Rogue APs     Network interface bridging Internet connection sharing (ICS) Add-on devices (e.g., Windy31) Windows 7 Virtual Wi-Fi © 2013 AirTight Networks, Inc. All rights reserved. 5
  • 6. Client Misbehavior and Man-in-the-middle Attacks • • • • Ad-hoc connections Connections to external APs Probing for vulnerable SSIDs Honeypot/Evil Twin target © 2013 AirTight Networks, Inc. All rights reserved. 6
  • 7. Bring Your Own Device (BYOD) WPA2/802.1x alone cannot prevent unauthorized devices from accessing the enterprise network © 2013 AirTight Networks, Inc. All rights reserved. 7
  • 8. Recap of Common Intrusion and Extrusion Threats © 2013 AirTight Networks, Inc. All rights reserved. 8
  • 9. Wireless Security Strategies That Don’t Work! A “No Wi-Fi” policy without enforcement We don’t have “that” problem because… © 2013 AirTight Networks, Inc. All rights reserved. 9
  • 10. MDM ≠ Network Security No visibility into Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Scope limited to “managed” devices that run MDM agent What is the incentive to install MDM agents on personal devices? © 2013 AirTight Networks, Inc. All rights reserved. 10
  • 11. NAC ≠ Wireless Security Scope limited to BYOD on “managed” WLAN Cannot block Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Suffers from “blind spots” – unauthorized Wi-Fi devices connecting via authorized devices © 2013 AirTight Networks, Inc. All rights reserved. 11
  • 12. Wireless Intrusion Prevention System (WIPS) Automatic Device Classification Comprehensive Threat Coverage Accurate Location Tracking Reliable Threat Prevention BYOD Policy Enforcement © 2013 AirTight Networks, Inc. All rights reserved. 12
  • 13. Wireless Security Enforcement using WIPS AP Classification Authorized APs Mis-config Policy GO DoS Client Classification Authorized Clients STOP Rogue APs (On Network) STOP Rogue Clients External Clients External APs IGNORE AUTOMATICALLY DETECT AND BLOCK RED PATHS! With this in place, your network is protected from all types of wireless threats, vulnerabilities and attack tools! © 2013 AirTight Networks, Inc. All rights reserved. 13
  • 14. Identifying a True WIPS: WIDS vs. WIPS Prevalent WIDS Approach Cat and mouse chase of exploits, tools and signatures True WIPS Approach Protects against the fundamental wireless threat building blocks © 2013 AirTight Networks, Inc. All rights reserved. 14
  • 15. Thank You! Cloud Managed Secure Wi-Fi Solutions www.airtightnetworks.com info@airtightnetworks.com @AirTight +1 877 424 7844 US DoD Approved © 2013 AirTight Networks, Inc. All rights reserved. 15