Successfully reported this slideshow.

F5 Networks- Why Legacy Security Systems are Failing

804 views

Published on

Nathan Pearce, Product Manager - EMEA at F5 Networks spoke at the CIO Event (dot) com

  • Be the first to comment

  • Be the first to like this

F5 Networks- Why Legacy Security Systems are Failing

  1. 1. WHY LEGACY SECURITYSYSTEMS ARE FAILING Nathan Pearce - @F5NetworksEMEA Product Manager Europe, Middle East & Africa
  2. 2. Know thine enemy • MI5 fighting „astonishing‟ levels of cyber attacks • “Most senior managers don‟t know where their data is”, Varonis • “Trust No One”, Fox Mulder, The X-Files
  3. 3. Unknown Vulnerabilities in Web Apps••••
  4. 4. Cyber-attacks in the News for 2011 IBM X-Force 2011 Trend and Risk Report March 2012
  5. 5. The two faces of hackingIEEE Spectrumspectrum.ieee.org
  6. 6. Attacks Are Moving “Up the Stack” Network Threats Application Threats 90% of security 75% of attacks investment focused here focused hereL3 Security DDOS, packet filters, IP protocol validation, fragmentation, checksum, lengths, etc.L4 Security TCP protocol validation, lengths, checksum , TCP DOS attacks, etc.L5/7 Security Protocol level security of DNS, HTTP, SMTP, SIP etc. OWASP Top 10
  7. 7. Protection From Top Web App. Vulnerabilities (Open Web Application Security Project) OWASP Top 10 Web Application Security Risks: 1. Injection 2. Cross-Site Scripting (XSS) 3. Broken Authentication and Session Management 4. Insecure Direct Object References 5. Cross-Site Request Forgery (CSRF) 6. Security Misconfiguration 7. Insecure Cryptographic Storage 8. Failure to Restrict URL Access 9. Insufficient Transport Layer Protection 10. Unvalidated Redirects and ForwardsSource: www.owasp.org
  8. 8. Can I be a hacker?• Yes• Its easy• With free on-line lessons…
  9. 9. How Long to Resolve a Vulnerability? Website Security Statistics Report
  10. 10. People. Applications. Data. Application and service deliveryGARTNER: 88% of CIOs rate GARTNER: 70% of IT Data center consolidationcloud computing a priority in organizations prefer tothe next 18 months deploy servers virtually rather than on hardware
  11. 11. Protect Applications from Threats Adaptive and unique attack protectionGain visibility Understand Take actioninto application session context and mitigatesessions and apply policy offending clients
  12. 12. Key Ingredients to Better Security Scalable Extensible and Adaptable Context Awareness Engaged Community Unified Security Platform
  13. 13. Key Ingredients to Better Security Scalable Extensible and Adaptable Context Awareness Engaged Community Unified Security Platform
  14. 14. Key Ingredients to Better Security Scalable Extensible and Adaptable Context Awareness Engaged Community Unified Security Platform
  15. 15. Key Ingredients to Better Security Scalable Extensible and Adaptable Context Awareness Engaged Community Unified Security Platform
  16. 16. Key Ingredients to Better Security Scalable Extensible and Adaptable Context Awareness Engaged CommunityUnified Security Platform
  17. 17. Key Ingredients to Better Security Scalable Extensible and Adaptable Context Awareness Engaged CommunityUnified Security Platform

×