SlideShare a Scribd company logo

Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Management Solution

Criminal IP
Criminal IP

Businesses and organizations have numerous network devices, databases, servers, applications, and domains, and all of these IT assets are through IP addresses and Ports. Attack Surface Management refers to the proactive detection and management of attack vectors such as open ports, server vulnerabilities, similar domains, phishing, and domains distributing malicious code. Criminal IP ASM automatically monitors and generates a report on assets exposed to the attack surface. All IT assets are thoroughly detected globally, with a streamlined introduction procedure requiring registration of only one primary domain. Request a FREE Demo of Criminal IP ASM at: https://www.criminalip.io/asm/attack-surface-management

Technology
1 of 41
Threat Intelligence-based Automated Attack Surface Management Solution
Agenda 1 2 3 4 Criminal IP ASM Application About AI Spera • What is ASM? • Hacker’s Attack Process • Differences • Necessity • Features • Features and Products UI • Requirement • Use Cases • Mission of Global CTI Lead Al Spera • Executives • Products ASM (Attack Surface Management)
ASM (Attack Surface Management) • What is ASM? • Hacker’s Attack Process • Differences • Necessity
AWS GCP AZURE IDC IDC 1. ASM What is ASM? What is Attack Surface Management (ASM)? Businesses and organizations have numerous network devices, databases, servers, applications, and domains, and all of these IT assets are operated by IP addresses and ports. Attack Surface Management refers to the proactive detection and management of attack vectors such as open ports, server vulnerabilities, similar domains, phishing, and domains distributin g malicious code. Centralized External passageway of assets With the rapid change in corporates' IT environment, attack surfaces are varying and broadening in a bigger scale. Corporate digital assets in the past Corporate digital assets of today Diversified & Decentralized
RDP Apache 172.4.124.13 172.4.124.14 172.4.124.12 156.137.22.9 156.137.22.10 nginx MySQL OpenSSH Attack Surface 1. ASM CVE-2019-9516 CVE-2020-15778 CVE-2021-23017 CVE-2021-2356 Attack Surface All assets on the external network can be targets of attacks. Corporate Data Center Cloud What is ASM?
1 2 3 4 1. ASM Hacker’s Attack Process Hackers put a lot of time and effort into collecting information on the target. Therefore, it is essential to find the exact exposure point of the attack surface. Hacker's Attack Process
SaaS-based service enables automated operation without cumbersome work ASM (Attack Surface Management) • Need to install equipment or Software • Integration and customization • Passive policies • Ongoing updates and management • Multiple failure points • Work suspended upon failure occurrence Traditional Security Solution 1. ASM ASM Traditional Security Solutions ASM FW IPS DDoS WAF SSL VPN Etc. Attack Surface Management Complicated task Multiple potential failures Differences Differences between Traditional Security Method and ASM Traditional security devices and solutions primarily focus on taking action after an attack. ASM prevents the attack by identifying and managing the exposure of attacks in advance. Simple task No potential failure
Vulnerability detection process of traditional security solutions Selection of target software Behavior, type, and interface analysis Type estimation Database search Deep-dive a nalysis Selection of p otential attack points Code analysis/ Error injection Vulnerability assessment & Abnormal behavior detection Post-hoc analysis Establish- ment of attack scenario Countermea- sures against attacks Vulnerability Detection Automated Vulnerability Analysis Countermeasures against Vulnerability Vulnerability detection process of ASM System Decreased Probability of Penetrating Attack Surface Reduced Cost&Resources Hwang, Seong Oun. (2012). A Methodology for Security Vulnerability Assessment Process on Binary Code. The Journal of The Institute of Internet, B roadcasting and Communication, 12(5), 237–242. https://doi.org/10.7236/JIWIT.2012.12.5.237 1. ASM Effects of Introducing ASM Increased Work Efficiency Improved Attack Surface Security Differences
“ASM is a new solution that helps organizations iden tify risks associated with internet-connected assets and systems that they may be unaware of. More tha n one-third of the recent successful attacks against enterprises originate from externally connected asse ts. That’s the reason why ASM will become an essent ial task for CIOs and CISOs.” Importance of Attack Surface Management, the major talking point of the information security market 1. ASM 「2021 Emerging Technologies: Critical Insights for External Attack Surface Management」 Necessity “Some ASM tools discovered several hundred percent more cloud assets than organizations thought they were using, and on average, attack surface management tools initially discover 30% more cloud assets than security teams know they have.” 「2022 ASM Report: Find and Cover Your Assets with Attack Surface Management」
1. ASM  Gartner said, “Strengthening digital abilities of digital workplace employees to create an engaging, intuitive work environment.“  With the trend of going digital, technology to integrate AI, cloud, and IoT is drawing corporates’ investment and attention  But with digital workplaces using ICT technology, they have become the new target for hackers’ attack  Increased user convenience, increased threats of being hacked  COVID-19 pandemic and working-from-home trend increased corporate attack surfaces  Corporates are putting more emphasis on cloud-based applications, devices, and human security elements  Demand for expanded vulnerabilities management to deal with risks in a decentralized digital work environment is more vital than ever  As organizations get used to operating the new business model, they will prefer vulnerabilities management for new platforms and applications3 Reference : Frost & Sullivan, Global Vulnerability Management Market, Forecast to 2025 As corporates accommodate new assets and workflow more broadly and deeply, adopting ASM will become a MUST. Managing attack surface and vulnerabilities is now a MUST Popularization of working from home • Covid-19 pandemic and increase in working from home expanded corporate attack surfaces • Increased Zero-day vulnerabilities targeting remote SW, including VPN • 82% of corporates will support working from home after the end of Covid-19 Transition to digital workplace • With the trend of going digital, the cloud working environment draws corporates' investment and attention • Digital workplace with ICT technology has become a new target for hackers' attack • Increased user convenience, increased threats of being hacked Industry 4.0, increase in IoT devices • Business innovation utilizing IoT devices • For the past 5 years, approximately 20.5 billion devices were connected Necessity
Criminal IP ASM • Features • Features and Products UI • Criminal IP Integration
2. ASM IP Address Domain TCP SSL Certificate Application UDP IoT Webcam RDP DNS Record ICS SCADA MySQL NTP NNTPS CCTV Printer Bitcoin VPN QNAP Firewall TFTP Proxy Darkweb Default Password Name Server Cloud Server Automatic detection of client assets Criminal IP ASM conducts an internet-wide scanning for known and unknown client assets on IP addresses and open ports. Scan Port data from all over the world IP Port Domain 4.2 billion IP address info Over 300 million domain address data Features
2. ASM Cloud-based web interface Criminal IP ASM is a SaaS-type ASM product that does not require installing or deploying hardware or software on customer servers. After registering your account, you can use your network's PC, tablet, or mobile device to launch your ASM solution rapidly and readily through an easy-to-use web interface. Installed On-Premises - Initial installation of product and building i nternal server - System update patch, upgrade - Internal server and network failure issue m anagement - Hardware maintenance and upgrade - Network maintenance and upgrade - Security maintenance and upgrade - Database maintenance and upgrade Maintenance Cost Cloud SaaS Maintenance Cost Annual purchase User Guide and Training Customization Features
2. ASM Asset and vulnerability risk scoring Our algorithm using AI machine learning provides real-time detection to visualize the assets with five levels of risk scoring. Cybersecurity managers can prioritize the risks based on the visualized scoring to respond quickly and precisely. IP/Asset Domain/Certificate Critical Network/assets have been attacked or are under attack Domain/certificates are falsified or contain malicious links Dangerous Network/assets are exposed to attack surface, vulnerable to attacks The domain is falsified or a certificate has expired/ leaked, requiring action Moderate Network/assets maintain a moderate security level Domain/certificates maintain a moderate security level Low Network/assets are not exposed externally and are kept safe The domain is not falsified or a certificate is free from leakage or expiration, and is kept safe Safe Features
Asset Search Domain Search Image Search Certificate Search Exploit Search Banner Explorer Vulnerability Statistics Element Analysis Map Search Intelligence Major Features of Criminal IP Search Engine 2. ASM Free integration with CTI search engine Criminal IP, a Cyber Threat Intelligence search engine, provides a detailed search of corporate's asset data detected by ASM. Features
Vulnerability Analysis and Threat Response Service 2. ASM Provide threat analysis report and real-time threat response guide Open vulnerable ports Discover unidentified a ssets Discover new vulnerabilities Verify customer assets Identify assets with vulnerabilities Determine the phishing and asset forgery status Analyze vulnerability countermeasures Providing solutions to respond to issues within 24 hours Determine the and leakage status hacking Identify services running o n ports Response process Daily monitoring A report is automatically generated and sent when a client’s new asset and its vulnerabilities are detected. If an issue demands responses, AI Spera's security experts are on standby to deliver prompt analysis reports and response solutions. Features
Overview of Criminal IP ASM Criminal IP ASM automatically monitors and generates a report on assets exposed to the attack surface. All IT assets are thoroughly detected globally, with a streamlined introduction procedure requiring registration of only one primary domain. 2. ASM Full Feature and Product UI New Assets IP Assets Domain Certificate OSINT (Google Hacking) Dashboard Intelligence Search Result Risk Automatically detects assets that have been recently added or changed Scans open ports of detected IP addresses Shows the associated domains and subdomains of the detected IP address Displays information about the certificate applied to the domain Monitors information about assets exposed to Google Provides an asset search query Presents asset information on s tatistics, geographic information, and vulnerability status Gets details about the exposure s tatus and vulnerabilities on the a ttack surface Alerts users about exploitable vulnerabilities of assets such as IP, domain, certificate, and application
Dashboard A real-time view of the entire threat landscape and a solid understanding of your security situation 2. ASM Full Feature and Product UI
Host & Cloud Statistics Provide the total number of automatically detected hosts and the status of the enterprise’s cloud assets The number of Host matches the total sum of assets classified into each cloud and IDC assets. 2. ASM Full Feature and Product UI
Provide the geographical distribution of corporate IT assets based on IP address data from worldwide Geographic Statistics of Assets 2. ASM Full Feature and Product UI
Visualize the ratio of ASN, application, and open ports in chart formats for better readability AS Name, Software, Port Statistics 2. ASM Full Feature and Product UI
Recent risks Show the most recently detected risks Upon clicking data on Assets, you can see details about the vulnerability. 2. ASM Full Feature and Product UI
New Assets Show the most recently added new assets Upon clicking on each asset, you can see detailed information. 2. ASM Full Feature and Product UI
IP Assets (Application) Provide a carefully curated summary (risk score, AS Name, geolocation, vulnerabilities, etc.) of detected IP assets Immediately connect an intelligence search engine upon clicking on an IP address to access more enriched threat intelligence 2. ASM Full Feature and Product UI
Domain / Certificate Display contextualized threat information about a domain (score, technology, jQuery, PHP, etc.), number of vulnerabilities for a domain, certificate information (SSL, encryption, and SSL expiration date), and subdomains 2. ASM Full Feature and Product UI
If threats are detected from registered assets, they are automatically added to the Risks page so you can quickly check assets exposed to threats. Risks 2. ASM Full Feature and Product UI
Enjoy additional features of Search, Intelligence, and API integration provided by the Criminal IP CTI search engine paired with ASM Stay on top of the latest cybersecurity trends through our compilation of statistics-packed analysis reports on global cyber threats Criminal IP Threat Intelligence Search Engine 2. ASM Full Feature and Product UI
Application • Requirement • Use Cases
Automatic extraction of IPs and domains in possession Primary Domain Registration We do not request much information from clients when they start using Criminal IP ASM. Only one domain address of all operating assets is enough to immediately start Attack Surface Management (ASM) as it automatically identifies all network-exposed assets. Automation area related domains complex amplification feature information classification and matching Automation area Attack Surface Management Auto-registration Only one requirement to adopt Criminal IP ASM 3. Application Requirement
Even at this moment, the major assets of many companies and organizations are being exposed unprotected to attack surfaces. Real Data of attack surfaces detected by ASM 3. Application Use Cases Shared System with Cooperators Marketing Event Page Dev/Test System SW Patch Server
A report with visual risk-scoring is generated if any enterprise assets with exploitable vulnerabilities are discovered through threat intelligence analysis. You ca n check countermeasures against vulnerabilities through Criminal IP. Case 1 : When new vulnerabilities are discovered 2021.01.30 (Before) 2021.02.01 (After) Server A Server A Safe Critical New CVE-2021-44228 3. Application Use Cases
Regular vulnerability inspection via ASM Large-scale vulnerability (Log4shell) issue occurrence Vulnerabilities occurrence Introduction of Criminal IP ASM solution to public institution 'B' Immediate response Introduction of ASM Automatic inspection No need to check for large-scale vulnerabilities every year Criminal IP ASM sends automatic reports regularly A vulnerability report is generated, and immediate measures are taken by response procedures of the AI Spera security team Complete inspection of assets with vulnerabilities as soon as the vulnerability is found The public institution, 'B’, checks vulnerabilities every six months according to NIS policy January Inspected a large-scale vulnerability Public Institution B February Patched overall system in order over a month March-June Unable to check new vulnerabilities until the second half of the year Vulnerabilities Check System Patch Vulnerabilities Unattended 3. Application Use Cases Case 1 : When new vulnerabilities are discovered
If a port that should not be open is accidentally opened or left open, Criminal IP ASM scans all IP ports in real-time and provides a threat report. Case 2 : When dangerous ports are opened 3306 80 443 3306 : DB Port 3. Application Use Cases
Case 2 : When dangerous ports are opened ERP failure occurred Requested help to DBA (Data Base Administrator), who was on vacation Used firewall management solution to set time limit to using DB Port, but due to system error, Port 3306 was left open Port 3306 was left open and unattended To gain access to DB from outside, DB Port '3306' had to be opened Introduced Criminal IP ASM to Manufacturer P six months later Manufacturer P Manufacturer 'P' using ERP system Internal developer checked, found DB issue ERP failure occurred 3306 Port opened Port 3306 exposure DB issue detected Request for External Officer Firewall system error Real-time management of ports and assets in operation Real-time scanning of ports and assets Introduction of ASM Discovery of multiple open ports and assets with restricted external access Port detection Ports closure and immediate response after verification with ASM automatic report Immediate response 3. Application Use Cases
Criminal IP ASM's real-time scanning enables the detection of assets that are left exposed or neglected. Case 3 : When new assets are added 3. Application Use Cases
Case 3 : When new assets are added Discovery of unknown assets scattered on unused clouds Introduced Criminal IP ASM to IT Service Corporate A two years later Real-time automatic detection of cyber assets Introduction of ASM Discovery of unknown assets Immediate response IT Service Corporate A IT Service Corporate 'A' operating multi-cloud Using Google Cloud, AWS, Azure as major cloud services Used Alibaba Cloud as the marketing agency suggested The security team did not provide an inspection, as it was the marketing team's project The marketing team created an event landing page for the new service Multi-cloud operation Event operation Domain unattended after event Landing page creation Alibaba Cloud adoption Personal information utilization NEW After the end of the event, client information and server left unattended Called personal-information-related API to send EDM (used as a one-time event page) Server removal and immediate response after verification with ASM automatic report Closing unused event pages and automating cloud asset management with ASM 3. Application Use Cases
About AI Spera • Mission of Global CTI Lead Al Spera • Executives • Products
We are committed to ensuring ongoing visibility and management of assets scattered across the attack surface to guard against attacker threats immediately. As attackers employ more intricate methods, we strive harder to uncover and contain breaches in all networks and IT assets. AI S pera's mission is to protect its customers from ever-evolving cyber threats by developing the latest data-driven security technologies. Mission of Global CTI Lead AI Spera 4. About AI Spera View the attack surface through the eyes of an attacker AI Spera
Executives 4. About AI Spera CEO Byungtak Kang Online game security, malware analysis expert Co-Founder Huy Kang Kim The first hacker-turned-professor in Korea AI Spera was founded in 2017 as a project initiated at Korea University’s Hacking Response Technology Lab (HCRLab - ocslab.hksecurity.net) by Byungtak Kang, who has long served as a corporate security director and an experienced university professor, and Huy Kang Kim, a hacker-turned- professor. They both concluded that “cyber exposure” would emerge as the most significant future concern in the cyber security industry. The two founders pondered which solutions would be practically needed for cyber security. They wanted to create a company that provides data-driven security powered by a robust dataset on cyber threats. These great experts sharing the same mindset, came together to establish the AI Spera of today. AI Spera continues to collaborate with the Hacking Response Technology Lab on various algorithm development and common research projects in the big data field and is also getting great assistance through rational regulatory reform and policy proposals at the academic level. Tracing back our history to the Hacking and Countermeasure Research Lab (HCRLAB)
We provide solutions that apply cyber threat intelligence and AI/machine learning. AI Spera's solutions are used in various fields from individuals to companies and countries. Products 4. About AI Spera Products FDS Intelligence-based Abnormal User Detection System Privacy Preventing leaks of private information ASM Attack SurfaceManagement Brand Auto-detectCopyright infringement • Verify IP data of abnormal users • Monitor abnormal users 24/7 • Restrict/block abnormal users from accessing services • Detect malicious URLs • Detect Open Wi-Fi hacking attempts • Detect IoT device Info leaks • Detect exposed IT assets • Automatic vulnerability detection • Detect with Google OSINT • Monitoring dashboard • Analysis of Asset Threat Intelligence • Detect illegal game servers • Detect illegal streaming sites • Detect sites selling counterfeit goods • Detect brand-infringing phishing sites Target Customers Fintech Fraud Detection FDS Auth & Platform B2C Mobile Web Services Fintech Financial Infrastructure Security Cybersecurity IT Asset Management Security Control Risk Management Audit Security Corporate Relations Criminal IP
Thank you support@aispera.com E - m a i l https://www.criminalip.io We b s i t e

Recommended

The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityPECB
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat IntelligenceATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat IntelligenceMITRE - ATT&CKcon
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 

Recommended

The difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityThe difference between Cybersecurity and Information Security
The difference between Cybersecurity and Information SecurityPECB
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat IntelligenceATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat IntelligenceMITRE - ATT&CKcon
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introductiongbud7
 
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - GerritzBSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - GerritzChristopher Gerritz
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Jim Kaplan CIA CFE
 
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementUsing IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementJoe Vest
 
Security testing
Security testingSecurity testing
Security testingKhizra Sammad
 
Secure code practices
Secure code practicesSecure code practices
Secure code practicesHina Rawal
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...Edureka!
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptxSandeshUprety4
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Security operation center
Security operation centerSecurity operation center
Security operation centerMuthuKumaran267
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring RationaleSam Bowne
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Edureka!
 
Criminal IP - Threat Intelligence Search Engine
Criminal IP - Threat Intelligence Search EngineCriminal IP - Threat Intelligence Search Engine
Criminal IP - Threat Intelligence Search EngineCriminal IP
 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security SolutionsThe TNS Group
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 

More Related Content

What's hot

Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introductiongbud7
 
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - GerritzBSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - GerritzChristopher Gerritz
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Jim Kaplan CIA CFE
 
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementUsing IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementJoe Vest
 
Secure code practices
Secure code practicesSecure code practices
Secure code practicesHina Rawal
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...Edureka!
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Security operation center
Security operation centerSecurity operation center
Security operation centerMuthuKumaran267
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring RationaleSam Bowne
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Edureka!
 
Criminal IP - Threat Intelligence Search Engine
Criminal IP - Threat Intelligence Search EngineCriminal IP - Threat Intelligence Search Engine
Criminal IP - Threat Intelligence Search EngineCriminal IP
 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security SolutionsThe TNS Group
 

What's hot (20)

Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introduction
 
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - GerritzBSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
BSidesLV 2016 - Powershell - Hunting on the Endpoint - Gerritz
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
 
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementUsing IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
 
Security testing
Security testingSecurity testing
Security testing
 
Secure code practices
Secure code practicesSecure code practices
Secure code practices
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
 
Security operation center
Security operation centerSecurity operation center
Security operation center
 
1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale1. Network Security Monitoring Rationale
1. Network Security Monitoring Rationale
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
 
Criminal IP - Threat Intelligence Search Engine
Criminal IP - Threat Intelligence Search EngineCriminal IP - Threat Intelligence Search Engine
Criminal IP - Threat Intelligence Search Engine
 
Endpoint Security Solutions
Endpoint Security SolutionsEndpoint Security Solutions
Endpoint Security Solutions
 

Similar to Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Management Solution

Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Presentation data security solutions certified ibm business partner for ibm...
Presentation data security solutions certified ibm business partner for ibm...Presentation data security solutions certified ibm business partner for ibm...
Presentation data security solutions certified ibm business partner for ibm...xKinAnx
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...PlatformSecurityManagement
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...Amazon Web Services Korea
 
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...Kaspersky
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security IntelligenceSplunk
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CloudIDSummit
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
Panda Cloud Services
Panda Cloud ServicesPanda Cloud Services
Panda Cloud ServicesOzgur Gercek
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake finalMinh Le
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorFMA Summits
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
 

Similar to Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Management Solution (20)

Information Security
Information SecurityInformation Security
Information Security
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Presentation data security solutions certified ibm business partner for ibm...
Presentation data security solutions certified ibm business partner for ibm...Presentation data security solutions certified ibm business partner for ibm...
Presentation data security solutions certified ibm business partner for ibm...
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
 
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
How We Stopped Being Just Antivirus and Became a Unique Industrial Infrastruc...
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
Post Wannacry Update
Post Wannacry UpdatePost Wannacry Update
Post Wannacry Update
 
Panda Cloud Services
Panda Cloud ServicesPanda Cloud Services
Panda Cloud Services
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake final
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
 

Recently uploaded

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Recently uploaded (20)

Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Management Solution

  • 1. Threat Intelligence-based Automated Attack Surface Management Solution
  • 2. Agenda 1 2 3 4 Criminal IP ASM Application About AI Spera • What is ASM? • Hacker’s Attack Process • Differences • Necessity • Features • Features and Products UI • Requirement • Use Cases • Mission of Global CTI Lead Al Spera • Executives • Products ASM (Attack Surface Management)
  • 3. ASM (Attack Surface Management) • What is ASM? • Hacker’s Attack Process • Differences • Necessity
  • 4. AWS GCP AZURE IDC IDC 1. ASM What is ASM? What is Attack Surface Management (ASM)? Businesses and organizations have numerous network devices, databases, servers, applications, and domains, and all of these IT assets are operated by IP addresses and ports. Attack Surface Management refers to the proactive detection and management of attack vectors such as open ports, server vulnerabilities, similar domains, phishing, and domains distributin g malicious code. Centralized External passageway of assets With the rapid change in corporates' IT environment, attack surfaces are varying and broadening in a bigger scale. Corporate digital assets in the past Corporate digital assets of today Diversified & Decentralized
  • 6. 1 2 3 4 1. ASM Hacker’s Attack Process Hackers put a lot of time and effort into collecting information on the target. Therefore, it is essential to find the exact exposure point of the attack surface. Hacker's Attack Process
  • 7. SaaS-based service enables automated operation without cumbersome work ASM (Attack Surface Management) • Need to install equipment or Software • Integration and customization • Passive policies • Ongoing updates and management • Multiple failure points • Work suspended upon failure occurrence Traditional Security Solution 1. ASM ASM Traditional Security Solutions ASM FW IPS DDoS WAF SSL VPN Etc. Attack Surface Management Complicated task Multiple potential failures Differences Differences between Traditional Security Method and ASM Traditional security devices and solutions primarily focus on taking action after an attack. ASM prevents the attack by identifying and managing the exposure of attacks in advance. Simple task No potential failure
  • 8. Vulnerability detection process of traditional security solutions Selection of target software Behavior, type, and interface analysis Type estimation Database search Deep-dive a nalysis Selection of p otential attack points Code analysis/ Error injection Vulnerability assessment & Abnormal behavior detection Post-hoc analysis Establish- ment of attack scenario Countermea- sures against attacks Vulnerability Detection Automated Vulnerability Analysis Countermeasures against Vulnerability Vulnerability detection process of ASM System Decreased Probability of Penetrating Attack Surface Reduced Cost&Resources Hwang, Seong Oun. (2012). A Methodology for Security Vulnerability Assessment Process on Binary Code. The Journal of The Institute of Internet, B roadcasting and Communication, 12(5), 237–242. https://doi.org/10.7236/JIWIT.2012.12.5.237 1. ASM Effects of Introducing ASM Increased Work Efficiency Improved Attack Surface Security Differences
  • 9. “ASM is a new solution that helps organizations iden tify risks associated with internet-connected assets and systems that they may be unaware of. More tha n one-third of the recent successful attacks against enterprises originate from externally connected asse ts. That’s the reason why ASM will become an essent ial task for CIOs and CISOs.” Importance of Attack Surface Management, the major talking point of the information security market 1. ASM 「2021 Emerging Technologies: Critical Insights for External Attack Surface Management」 Necessity “Some ASM tools discovered several hundred percent more cloud assets than organizations thought they were using, and on average, attack surface management tools initially discover 30% more cloud assets than security teams know they have.” 「2022 ASM Report: Find and Cover Your Assets with Attack Surface Management」
  • 10. 1. ASM  Gartner said, “Strengthening digital abilities of digital workplace employees to create an engaging, intuitive work environment.“  With the trend of going digital, technology to integrate AI, cloud, and IoT is drawing corporates’ investment and attention  But with digital workplaces using ICT technology, they have become the new target for hackers’ attack  Increased user convenience, increased threats of being hacked  COVID-19 pandemic and working-from-home trend increased corporate attack surfaces  Corporates are putting more emphasis on cloud-based applications, devices, and human security elements  Demand for expanded vulnerabilities management to deal with risks in a decentralized digital work environment is more vital than ever  As organizations get used to operating the new business model, they will prefer vulnerabilities management for new platforms and applications3 Reference : Frost & Sullivan, Global Vulnerability Management Market, Forecast to 2025 As corporates accommodate new assets and workflow more broadly and deeply, adopting ASM will become a MUST. Managing attack surface and vulnerabilities is now a MUST Popularization of working from home • Covid-19 pandemic and increase in working from home expanded corporate attack surfaces • Increased Zero-day vulnerabilities targeting remote SW, including VPN • 82% of corporates will support working from home after the end of Covid-19 Transition to digital workplace • With the trend of going digital, the cloud working environment draws corporates' investment and attention • Digital workplace with ICT technology has become a new target for hackers' attack • Increased user convenience, increased threats of being hacked Industry 4.0, increase in IoT devices • Business innovation utilizing IoT devices • For the past 5 years, approximately 20.5 billion devices were connected Necessity
  • 11. Criminal IP ASM • Features • Features and Products UI • Criminal IP Integration
  • 12. 2. ASM IP Address Domain TCP SSL Certificate Application UDP IoT Webcam RDP DNS Record ICS SCADA MySQL NTP NNTPS CCTV Printer Bitcoin VPN QNAP Firewall TFTP Proxy Darkweb Default Password Name Server Cloud Server Automatic detection of client assets Criminal IP ASM conducts an internet-wide scanning for known and unknown client assets on IP addresses and open ports. Scan Port data from all over the world IP Port Domain 4.2 billion IP address info Over 300 million domain address data Features
  • 13. 2. ASM Cloud-based web interface Criminal IP ASM is a SaaS-type ASM product that does not require installing or deploying hardware or software on customer servers. After registering your account, you can use your network's PC, tablet, or mobile device to launch your ASM solution rapidly and readily through an easy-to-use web interface. Installed On-Premises - Initial installation of product and building i nternal server - System update patch, upgrade - Internal server and network failure issue m anagement - Hardware maintenance and upgrade - Network maintenance and upgrade - Security maintenance and upgrade - Database maintenance and upgrade Maintenance Cost Cloud SaaS Maintenance Cost Annual purchase User Guide and Training Customization Features
  • 14. 2. ASM Asset and vulnerability risk scoring Our algorithm using AI machine learning provides real-time detection to visualize the assets with five levels of risk scoring. Cybersecurity managers can prioritize the risks based on the visualized scoring to respond quickly and precisely. IP/Asset Domain/Certificate Critical Network/assets have been attacked or are under attack Domain/certificates are falsified or contain malicious links Dangerous Network/assets are exposed to attack surface, vulnerable to attacks The domain is falsified or a certificate has expired/ leaked, requiring action Moderate Network/assets maintain a moderate security level Domain/certificates maintain a moderate security level Low Network/assets are not exposed externally and are kept safe The domain is not falsified or a certificate is free from leakage or expiration, and is kept safe Safe Features
  • 15. Asset Search Domain Search Image Search Certificate Search Exploit Search Banner Explorer Vulnerability Statistics Element Analysis Map Search Intelligence Major Features of Criminal IP Search Engine 2. ASM Free integration with CTI search engine Criminal IP, a Cyber Threat Intelligence search engine, provides a detailed search of corporate's asset data detected by ASM. Features
  • 16. Vulnerability Analysis and Threat Response Service 2. ASM Provide threat analysis report and real-time threat response guide Open vulnerable ports Discover unidentified a ssets Discover new vulnerabilities Verify customer assets Identify assets with vulnerabilities Determine the phishing and asset forgery status Analyze vulnerability countermeasures Providing solutions to respond to issues within 24 hours Determine the and leakage status hacking Identify services running o n ports Response process Daily monitoring A report is automatically generated and sent when a client’s new asset and its vulnerabilities are detected. If an issue demands responses, AI Spera's security experts are on standby to deliver prompt analysis reports and response solutions. Features
  • 17. Overview of Criminal IP ASM Criminal IP ASM automatically monitors and generates a report on assets exposed to the attack surface. All IT assets are thoroughly detected globally, with a streamlined introduction procedure requiring registration of only one primary domain. 2. ASM Full Feature and Product UI New Assets IP Assets Domain Certificate OSINT (Google Hacking) Dashboard Intelligence Search Result Risk Automatically detects assets that have been recently added or changed Scans open ports of detected IP addresses Shows the associated domains and subdomains of the detected IP address Displays information about the certificate applied to the domain Monitors information about assets exposed to Google Provides an asset search query Presents asset information on s tatistics, geographic information, and vulnerability status Gets details about the exposure s tatus and vulnerabilities on the a ttack surface Alerts users about exploitable vulnerabilities of assets such as IP, domain, certificate, and application
  • 18. Dashboard A real-time view of the entire threat landscape and a solid understanding of your security situation 2. ASM Full Feature and Product UI
  • 19. Host & Cloud Statistics Provide the total number of automatically detected hosts and the status of the enterprise’s cloud assets The number of Host matches the total sum of assets classified into each cloud and IDC assets. 2. ASM Full Feature and Product UI
  • 20. Provide the geographical distribution of corporate IT assets based on IP address data from worldwide Geographic Statistics of Assets 2. ASM Full Feature and Product UI
  • 21. Visualize the ratio of ASN, application, and open ports in chart formats for better readability AS Name, Software, Port Statistics 2. ASM Full Feature and Product UI
  • 22. Recent risks Show the most recently detected risks Upon clicking data on Assets, you can see details about the vulnerability. 2. ASM Full Feature and Product UI
  • 23. New Assets Show the most recently added new assets Upon clicking on each asset, you can see detailed information. 2. ASM Full Feature and Product UI
  • 24. IP Assets (Application) Provide a carefully curated summary (risk score, AS Name, geolocation, vulnerabilities, etc.) of detected IP assets Immediately connect an intelligence search engine upon clicking on an IP address to access more enriched threat intelligence 2. ASM Full Feature and Product UI
  • 25. Domain / Certificate Display contextualized threat information about a domain (score, technology, jQuery, PHP, etc.), number of vulnerabilities for a domain, certificate information (SSL, encryption, and SSL expiration date), and subdomains 2. ASM Full Feature and Product UI
  • 26. If threats are detected from registered assets, they are automatically added to the Risks page so you can quickly check assets exposed to threats. Risks 2. ASM Full Feature and Product UI
  • 27. Enjoy additional features of Search, Intelligence, and API integration provided by the Criminal IP CTI search engine paired with ASM Stay on top of the latest cybersecurity trends through our compilation of statistics-packed analysis reports on global cyber threats Criminal IP Threat Intelligence Search Engine 2. ASM Full Feature and Product UI
  • 29. Automatic extraction of IPs and domains in possession Primary Domain Registration We do not request much information from clients when they start using Criminal IP ASM. Only one domain address of all operating assets is enough to immediately start Attack Surface Management (ASM) as it automatically identifies all network-exposed assets. Automation area related domains complex amplification feature information classification and matching Automation area Attack Surface Management Auto-registration Only one requirement to adopt Criminal IP ASM 3. Application Requirement
  • 30. Even at this moment, the major assets of many companies and organizations are being exposed unprotected to attack surfaces. Real Data of attack surfaces detected by ASM 3. Application Use Cases Shared System with Cooperators Marketing Event Page Dev/Test System SW Patch Server
  • 31. A report with visual risk-scoring is generated if any enterprise assets with exploitable vulnerabilities are discovered through threat intelligence analysis. You ca n check countermeasures against vulnerabilities through Criminal IP. Case 1 : When new vulnerabilities are discovered 2021.01.30 (Before) 2021.02.01 (After) Server A Server A Safe Critical New CVE-2021-44228 3. Application Use Cases
  • 32. Regular vulnerability inspection via ASM Large-scale vulnerability (Log4shell) issue occurrence Vulnerabilities occurrence Introduction of Criminal IP ASM solution to public institution 'B' Immediate response Introduction of ASM Automatic inspection No need to check for large-scale vulnerabilities every year Criminal IP ASM sends automatic reports regularly A vulnerability report is generated, and immediate measures are taken by response procedures of the AI Spera security team Complete inspection of assets with vulnerabilities as soon as the vulnerability is found The public institution, 'B’, checks vulnerabilities every six months according to NIS policy January Inspected a large-scale vulnerability Public Institution B February Patched overall system in order over a month March-June Unable to check new vulnerabilities until the second half of the year Vulnerabilities Check System Patch Vulnerabilities Unattended 3. Application Use Cases Case 1 : When new vulnerabilities are discovered
  • 33. If a port that should not be open is accidentally opened or left open, Criminal IP ASM scans all IP ports in real-time and provides a threat report. Case 2 : When dangerous ports are opened 3306 80 443 3306 : DB Port 3. Application Use Cases
  • 34. Case 2 : When dangerous ports are opened ERP failure occurred Requested help to DBA (Data Base Administrator), who was on vacation Used firewall management solution to set time limit to using DB Port, but due to system error, Port 3306 was left open Port 3306 was left open and unattended To gain access to DB from outside, DB Port '3306' had to be opened Introduced Criminal IP ASM to Manufacturer P six months later Manufacturer P Manufacturer 'P' using ERP system Internal developer checked, found DB issue ERP failure occurred 3306 Port opened Port 3306 exposure DB issue detected Request for External Officer Firewall system error Real-time management of ports and assets in operation Real-time scanning of ports and assets Introduction of ASM Discovery of multiple open ports and assets with restricted external access Port detection Ports closure and immediate response after verification with ASM automatic report Immediate response 3. Application Use Cases
  • 35. Criminal IP ASM's real-time scanning enables the detection of assets that are left exposed or neglected. Case 3 : When new assets are added 3. Application Use Cases
  • 36. Case 3 : When new assets are added Discovery of unknown assets scattered on unused clouds Introduced Criminal IP ASM to IT Service Corporate A two years later Real-time automatic detection of cyber assets Introduction of ASM Discovery of unknown assets Immediate response IT Service Corporate A IT Service Corporate 'A' operating multi-cloud Using Google Cloud, AWS, Azure as major cloud services Used Alibaba Cloud as the marketing agency suggested The security team did not provide an inspection, as it was the marketing team's project The marketing team created an event landing page for the new service Multi-cloud operation Event operation Domain unattended after event Landing page creation Alibaba Cloud adoption Personal information utilization NEW After the end of the event, client information and server left unattended Called personal-information-related API to send EDM (used as a one-time event page) Server removal and immediate response after verification with ASM automatic report Closing unused event pages and automating cloud asset management with ASM 3. Application Use Cases
  • 37. About AI Spera • Mission of Global CTI Lead Al Spera • Executives • Products
  • 38. We are committed to ensuring ongoing visibility and management of assets scattered across the attack surface to guard against attacker threats immediately. As attackers employ more intricate methods, we strive harder to uncover and contain breaches in all networks and IT assets. AI S pera's mission is to protect its customers from ever-evolving cyber threats by developing the latest data-driven security technologies. Mission of Global CTI Lead AI Spera 4. About AI Spera View the attack surface through the eyes of an attacker AI Spera
  • 39. Executives 4. About AI Spera CEO Byungtak Kang Online game security, malware analysis expert Co-Founder Huy Kang Kim The first hacker-turned-professor in Korea AI Spera was founded in 2017 as a project initiated at Korea University’s Hacking Response Technology Lab (HCRLab - ocslab.hksecurity.net) by Byungtak Kang, who has long served as a corporate security director and an experienced university professor, and Huy Kang Kim, a hacker-turned- professor. They both concluded that “cyber exposure” would emerge as the most significant future concern in the cyber security industry. The two founders pondered which solutions would be practically needed for cyber security. They wanted to create a company that provides data-driven security powered by a robust dataset on cyber threats. These great experts sharing the same mindset, came together to establish the AI Spera of today. AI Spera continues to collaborate with the Hacking Response Technology Lab on various algorithm development and common research projects in the big data field and is also getting great assistance through rational regulatory reform and policy proposals at the academic level. Tracing back our history to the Hacking and Countermeasure Research Lab (HCRLAB)
  • 40. We provide solutions that apply cyber threat intelligence and AI/machine learning. AI Spera's solutions are used in various fields from individuals to companies and countries. Products 4. About AI Spera Products FDS Intelligence-based Abnormal User Detection System Privacy Preventing leaks of private information ASM Attack SurfaceManagement Brand Auto-detectCopyright infringement • Verify IP data of abnormal users • Monitor abnormal users 24/7 • Restrict/block abnormal users from accessing services • Detect malicious URLs • Detect Open Wi-Fi hacking attempts • Detect IoT device Info leaks • Detect exposed IT assets • Automatic vulnerability detection • Detect with Google OSINT • Monitoring dashboard • Analysis of Asset Threat Intelligence • Detect illegal game servers • Detect illegal streaming sites • Detect sites selling counterfeit goods • Detect brand-infringing phishing sites Target Customers Fintech Fraud Detection FDS Auth & Platform B2C Mobile Web Services Fintech Financial Infrastructure Security Cybersecurity IT Asset Management Security Control Risk Management Audit Security Corporate Relations Criminal IP
  • 41. Thank you support@aispera.com E - m a i l https://www.criminalip.io We b s i t e