Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Issa jason dablow

1,017 views

Published on

Issa jason dablow

Published in: Technology
  • Want to preview some of our plans? You can get 50 Woodworking Plans and a 440-Page "The Art of Woodworking" Book... Absolutely FREE ★★★ http://ishbv.com/tedsplans/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Issa jason dablow

  1. 1. Jason Dablow Sr. Sales Engineer What is a Breach? … Exploited Weaknesses of Traditional Security 6/20/2015 Confidential | Copyright 2013 Trend Micro Inc.Copyright 2014 Trend Micro Inc.
  2. 2. Advanced Malware Targeted Attacks Advanced Malware Targeted Attacks Employee Data Leaks Traditional Malware Vulnerability Exploits 220K new malware programs daily! 2
  3. 3. Who’s committing Attacks & Why  90% perpetrated by outsiders  10% committed by insiders  Motivating factors:  73% Financial  22% Espionage  5% Ideology/Fun Copyright 2014 Trend Micro Inc. Source: http://www.verizonenterprise.com/DBIR/
  4. 4. Victim The Boss Mercenary Attackers Data Fencing The Captain Garant Bullet Proof Hoster Crime Syndicate (Simplified)
  5. 5. $4 Victim Blackhat SEO Attacker $10 Attacker Keywords (Botherder) $2 Compromised Sites (Hacker) $6 $10 Programmer $10 Cryptor $10 Virtest $5 Worm Exploit Kit Bot Reseller $1 $1 $1 Traffic Direction System $5 Garant $10 SQL Injection Kit $3 Carder $4 Money Mule Droppers $1 Card Creator $2 Bullet Proof Hoster $5 Crime Syndicate (Detailed)
  6. 6. Attack Stages Confidential | Copyright 2015 Trend Micro Inc. 1. Intelligence Gathering Identify & research target individuals using public sources (LinkedIn, Facebook, etc) and prepare a customized attack. 2. Point of Entry The initial compromise is typically malware delivered via social engineering (email/IM or drive by download). A backdoor is created and the network can now be infiltrated. 3. Command & Control (C&C) Communication Allows the attacker to instruct and control the compromised machines and malware used for all subsequent phases. 4. Lateral Movement Once inside the network, attacker compromises additional machines to harvest credentials, escalate privilege levels and maintain persistent control. 5. Asset/Data Discovery Several techniques and tools are used to identify the noteworthy servers and the services that house the data of interest. 6. Data Exfiltration Once sensitive information is gathered, the data is funneled to an internal staging server where it is chunked, compressed and often encrypted for transmission to external locations.
  7. 7. Stage 1 - Intelligence Gathering Acquire strategic information about the targets IT environment and organizational structure. “res://” protocol Confidential | Copyright 2015 Trend Micro Inc.
  8. 8. Data at Risk • Corporate / Financial—board meeting records, legal proceedings, strategic plans, contracts, purchase agreements, pre-earnings announcements, executive salaries, M&A plans and pending patent filings. • Manufacturing—Intellectual Property and manufacturing methods • Retail—Financial records & transactions, customer profiles to generate revenue for identity theft • Internal Organization—employee records and health claims for identity and insurance fraud Confidential | Copyright 2015 Trend Micro Inc.
  9. 9. Stage 2 - Point of Entry Gain entry into a target network using weaknesses found. Weaponized Attachment Malicious URLs Attack Weakness found in: • Infrastructure • Systems • Applications • People • 3rd Party Organizations Confidential | Copyright 2015 Trend Micro Inc.
  10. 10. Infection Options Island Hopping Customers Trusted Partner Attackers Cloning websites of conferences victims will attend Craft email for registration and have a fake registration page (Repeatable) Watering Hole Attacks
  11. 11. Spearphishing
  12. 12. Arrival Vectors in APT - Email
  13. 13. Attackers Try Everything Poison Ivy Multiple Ports HTTPS HTTP IMAP IMAP POP3 SMTP DNS POP3S HYPER TEXT HTTP_ALT Monitoring a few ports is not sufficient Apps & protocols Evilgrab Monitoring a few apps & protocols is not sufficient Morphing IXESHE It’s extremely difficult to track the attack Changes in C&C, IP addresses, signatures & behavior 13
  14. 14. Evade detection with customized malware Attacker Malicious C&C websites Ahnlab's Update Servers wipe out files Destroy MBR Destroy MBR wipe out files Unix/Linux Server Farm Windows endpoints Victimized Business A total of 76 tailor-made malware were used, in which 9 were destructive, while the other 67 were used for penetration and monitoring. Confidential | Copyright 2015 Trend Micro Inc.
  15. 15. Code for Sale Confidential | Copyright 2015 Trend Micro Inc. Ultra Hackers Tools for sale Price is 0.0797 BTC (bitcoin) = $25 Virus Builders 1. Nathan's Image Worm 2. Dr. VBS Virus Maker 3. p0ke's WormGen v2.0 4. Vbswg 2 Beta 5. Virus-O-Matic Virus Maker Scanners 1. DD7 Port Scanner 2. SuperScan 4.0 3. Trojan Hunter v1.5 4. ProPort v2.2 5. Bitching Threads v3.1 DoSers, DDoSers, Flooders and Nukers 1. rDoS 2. zDoS 3. Site Hog v1 4. Panther Mode 2 5. Final Fortune 2.4 Fake Programs 1. PayPal Money Hack 2. Windows 7 Serial Generator 3. COD MW2 Keygen 4. COD MW2 Key Generator 5. DDoSeR 3.6 Cracking Tools 1.VNC Crack 2.Access Driver 3.Attack Toolkit v4.1 & source code included 4.Ares 5.Brutus Analysis : · OllyDbg 1.10 & Plugins - Modified by SLV *NEW* · W32Dasm 8.93 - Patched *NEW* · PEiD 0.93 + Plugins *NEW* · RDG Packer Detector v0.5.6 Beta - English *NEW* Rebuilding : · ImpRec 1.6 - Fixed by MaRKuS_TH-DJM/SnD *NEW* · Revirgin 1.5 - Fixed *NEW* · LordPE De Luxe B *NEW* LIST OF SOFTWARE INCLUDED IN THIS PACKAGE: Host Booters 1. MeTuS Delphi 2.8 2. XR Host Booter 2.1 3. Metus 2.0 GB Edition 4. BioZombie v1.5 5. Host Booter and Spammer Stealers 1. Dark Screen Stealer V2 2. Dark IP Stealer 3. Lab Stealer 4. 1337 Steam Stealer 5. Multi Password Stealer v1.6 Remote Administration Tools/Trojans 1. Cerberus 1.03.4 BETA 2. Turkojan 4 GOLD 3. Beast 2.07 4. Shark v3.0.0 5. Archelaus Beta Binders: 1. Albertino Binder 2. BlackHole Binder 3. F.B.I. Binder 4. Predator 1.6 5. PureBiND3R by d3will HEX Editor : · Biew v5.6.2 · Hiew v7.10 *NEW* · WinHex v12.5 *NEW* Decompilers : · DeDe 3.50.04 · VB ?Decompiler? Lite v0.4 *NEW* · Flasm Unpackers : · ACProtect - ACStripper · ASPack - ASPackDie · ASProtect > Stripper 2.07 Final & Stripper 2.11 RC2 *NEW* · DBPE > UnDBPE Keygenning : *NEW* · TMG Ripper Studio 0.02 *NEW* Packers : · FSG 2.0 · MEW 11 1.2 SE · UPX 1.25 & GUI *NEW* · SLVc0deProtector 0.61 *NEW* · ARM Protector v0.3 *NEW* · WinUpack v0.31 Beta *NEW* Patchers : · dUP 2 *NEW* · CodeFusion 3.0 · Universal Patcher Pro v2.0 · Universal Patcher v1.7 *NEW* · Universal Loader Creator v1.2 *NEW* Crypters 1. Carb0n Crypter v1.8 2. Fly Crypter v2.2 3. JCrypter 4. Triloko Crypter 5. Halloween Crypter 6. Deh Crypter 7. Hatrex Crypter 8. Octrix Crypter 9. NewHacks Crypter 10. Refruncy Crypter 100’s of Items
  16. 16. Today’s Reality – One & Done! 99 10% of malware infect < victims 80 1% of malware infect = victim ? Confidential | Copyright 2015 Trend Micro Inc.
  17. 17. Stage 3 - Command & Control Communications Ensure continued communication between the compromised target and the attackers. Common Traits • Uses typical protocols (HTTP) • Uses legitimate sites as C&C • Uses internal systems as C&C • Uses 3rd party apps as C&C • May use compromised internal systems Advantages • Maintains persistence • Avoids detection Threat Actor C&C Server Confidential | Copyright 2015 Trend Micro Inc.
  18. 18. Trend Micro C&C Research Confidential | Copyright 2015 Trend Micro Inc. 54% of C&C Lifespan < 1 Day
  19. 19. Stage 4 - Lateral Movement Seek valuable hosts that house sensitive information. Pass the Hash Confidential | Copyright 2015 Trend Micro Inc.
  20. 20. Confidential | Copyright 2015 Trend Micro Inc.
  21. 21. Confidential | Copyright 2015 Trend Micro Inc.
  22. 22. Confidential | Copyright 2015 Trend Micro Inc.
  23. 23. Stage 5 - Data Discovery Noteworthy assets are identified within the infrastructure then isolated for future data exfiltration. Email servers are identified so attackers can read important email in order to discover valuable information. File lists in different directories are sent back so attackers can identify what are valuable.
  24. 24. Data at Risk Confidential | Copyright 2015 Trend Micro Inc. Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Credit Cards Birth & Phone records Customer PII User Credentials Credit Cards PII leads to fraud Movies, Ransoms, Terrorism
  25. 25. Social Media Accounts Copyright 2014 Trend Micro Inc.
  26. 26. Stage 6 - Exfiltration Transmit data to a location that the threat actors control. Common Traits • Built-in file transfer (RATs) • FTP, HTTP • Tor network/Encryption • Public File Sharing sites Confidential | Copyright 2015 Trend Micro Inc.
  27. 27. Maintenance Stage (Anti-Forensics) Maintain persistence within network for future attacks Confidential | Copyright 2015 Trend Micro Inc.
  28. 28. Confidential | Copyright 2015 Trend Micro Inc. Source: http://krebsonsecurity.com/2012/10/the- scrap-value-of-a-hacked-pc-revisited/
  29. 29. Build an Security Ecosystem Copyright 2014 Trend Micro Inc. Timely Global Threat Intelligence Essential Technologies – Combat Current Threat Techniques Integrated Product Strategy – Automated Protection
  30. 30. 150 Million+ Worldwide Sensors Web Crawler Trend Micro SolutionsTest Labs 3rd Party Feeds Honeypot CDN / xSP Researcher Intelligence Copyright 2014 Trend Micro Inc. Block malicious URL within 15 minutes once it goes online! Timely Global Threat Intelligence
  31. 31. Data Science is Multidisciplinary http://eduardoarea.blogspot.tw/2012/11/el-camino-de-un-data-scientist.html
  32. 32. Essential Technologies Copyright 2014 Trend Micro Inc. The challenges uncovered during the stages of a targeted attack demonstrate the need for sophisticated technologies and services to secure the enterprise.
  33. 33. Essential Technologies: Community File Reputation • Determines the prevalence and maturity of PE files • Prevalence is a statistical concept referring to the number of times a file was detected by Trend Micro sensors at a given time • If a file has not triggered any detections, we will become suspicious of that file if we have only seen it once or a few times • Today over 80% of the malware is only seen once 2
  34. 34. Essential Technologies: Social Engineering Attack Protection 35
  35. 35. Essential Technologies: Advanced Threat Scan Engine (ATSE) How does ATSE determine a document is bad? ….d2hi.df..ga @$#5^%&..so 60788-9-80- =.//// ..)]}[....... Malicious payload Gotcha!! • Uses heuristic scanning and employs a rule-based system – Analyses the document to get malicious/uncommon characteristics • Payloads, malformed, obfuscation, Name tricks,…etc. – Uses both CVE rules & heuristic rules • Zero-day exploits are malware taking advantage of unpatched vulnerabilities but with similar exploitation techniques • Therefore looking for “characteristics” of an exploit 36
  36. 36. Essential Technologies: Memory Inspection Analysis • Protect against most packer and variation solution which obfuscate the file but not in memory 37 Execute Unpack Log prefix with “RAV_”
  37. 37. Confidential | Copyright 2013 Trend Micro Inc. Essential Technologies: Behavioral Trigger Analysis Cryptoware Protection
  38. 38. Essential Technologies: URL Time Of Click • It is important to evaluate URLs not only when they are first received but also when they are accessed, in order to defend against modified URLs. 39 Internet Trend Datacenter Mail Server Mail Gateway Hosted Email Security InterScan Messaging Security Endpoint Risk! No Risk Block! Mobile Workers Web Gateway Inside Customer’s Network Perimeter Outside Customer’s Network Perimeter Risk! No Risk Block! Check URL Reputation when Clicked Check URL Reputation when Clicked Check URL Reputation In real time URL has NO reputation Rewrite URL to point to Trend Cloud
  39. 39. Essential Technologies: Patching and Intrusion Prevention • Each stage of an attack uses exploits to reach its goal. • Typical patching cycle in an enterprise Risk: • Window of opportunity for hacker: 1 month, often 2 months • Potentially “high risk” periods of 1-2 months (public exploit, patch not yet available, or patch not yet installed) 40 Virtual Patching
  40. 40. • In this day and age where new Workloads get instantiated at a high rate, Security Automation is a“must have” • Operations and Security teams can focus on their core responsibilities • Without touching the machine, any new VM gets the right protection • Inventory and ensure protection throughout your environment 41 Essential Technologies: Security Automation Deep Security
  41. 41. Essential Technologies: Virtual Analyzer/Sandboxing • A virtual environment used to analyze potential malware samples • It allows for the observation of file as well as network behavior in order to identify malware via potentially malicious characteristics • Trend Solutions use custom sandboxes based on our customers environment – Targeted malware validates it is on the right environment before infecting the machine, whether it is targeted against one company, one geography or one sector. • Samples can be submitted by Trend products, via APIs or manually (depending on the implementation) 42
  42. 42. Interconnected Product Strategy – Automated Protection Copyright 2014 Trend Micro Inc. The Interconnected Threat Response Cycle is the key to providing real-time response from just discovered threat information from your own environment
  43. 43. Midsize & Enterprise Business The Interconnected Threat Response (ITR) Cycle 44 Analyze risk and nature of attack and attacker, and assess impact of threats retrospectively Update protection automatically, prioritize areas for remediation and adapt protection Detect advanced malware, behavior and communications invisible to standard defenses Assess potential vulnerabilities and proactively protect endpoints, servers and applications MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  44. 44. ITR Use Cases - Prevent System Lockdown • Hardens the system by not allowing any new applications from executing • Can be used in conjunction with other application control features to have a flexible, layered policy for each user • Example: – Lock down the system – Block all Browsers, P2P and Online Storage apps – Allow OS updates, IE, Office, Adobe and SafeSync 45 MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE Application Control
  45. 45. ITR Use Cases - Prevent Data Discovery and Encryption 46 TMCM OSCE Server OSCE Client DLP Data Discovery SQLlite DB Data Discovery Policy WCU Data Discovery Widgets Data Discovery Log Query Data Discovery Reports Database OSCE proxy OfcCMAgent Scan Configuration Scan Report Scan Configuration Scan Report DLP SDK Interface Scan Policy & Command Scan Report Scan Engine Match Engine Policy Engine Scan Result Cache LogProcessor MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  46. 46. Midsize & Enterprise Business The Interconnected Threat Response (ITR) Cycle 47 Analyze risk and nature of attack and attacker, and assess impact of threats retrospectively Update protection automatically, prioritize areas for remediation and adapt protection Detect advanced malware, behavior and communications invisible to standard defenses Assess potential vulnerabilities and proactively protect endpoints, servers and applications MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  47. 47. ITR Use Cases – Detect OfficeScan USB Sensor Deep Discovery Analyzer IWSVAScanMail for MS Exchange ScanMail for Domino IMSVA Deep Discover Inspector MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  48. 48. ITR Use Cases - Detect C&C alerting via local intelligence OfficeScan InterScan Messaging Security Deep Security InterScan Web Security Deep Discovery Analyzer 1. C&C list shared with local SPN 2. SPN enabled products will obtain the latest C&C list SPN Enabled Trend product Local SPN MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE Custom Defense
  49. 49. ITR Use Cases - Detect Suspicious Object sharing via local intelligence 50 Control Manager OfficeScan InterScan Messaging Security InterScan Web Security Deep Discovery Inspector ScanMailEndpoint Sensor 1. Suspicious object list 2. Suspicious objects list shared MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE IP URL Domain File hashes Open IOC information
  50. 50. Midsize & Enterprise Business The Interconnected Threat Response (ITR) Cycle 51 Analyze risk and nature of attack and attacker, and assess impact of threats retrospectively Update protection automatically, prioritize areas for remediation and adapt protection Detect advanced malware, behavior and communications invisible to standard defenses Assess potential vulnerabilities and proactively protect endpoints, servers and applications MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  51. 51. Analyze Impact and Scope (Endpoints) 52 From To To Confidential | Copyright 2014 | © Trend Micro Inc. | Internal Usage Only. MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  52. 52. Visualize the Attack Phases (Network) MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  53. 53. Midsize & Enterprise Business The Interconnected Threat Response (ITR) Cycle 54 Analyze risk and nature of attack and attacker, and assess impact of threats retrospectively Update protection automatically, prioritize areas for remediation and adapt protection Detect advanced malware, behavior and communications invisible to standard defenses Assess potential vulnerabilities and proactively protect endpoints, servers and applications MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  54. 54. ITR Use Cases - Respond Outbreak Prevention via Mutex Sharing 55 Deep Discovery Inspector/ Analyzer OfficeScan Endpoint Endpoint EndpointControl Manager MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  55. 55. ITR Use Cases - Respond File Hash Based Blocking 56 Deep Discovery Inspector/ Analyzer Application Control / Officescan Endpoint Endpoint EndpointControl Manager MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  56. 56. ITR Use Cases – Respond: Suspicious objects can feed into 3rd party products to extend protection: • Bluecoat • HP SMS/Tipping Point • Palo Alto Networks • IBM XGS • And Others… 57 MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  57. 57. ITR Use Cases – Respond : Outbreak Prevention via NSX Security Tagging 58 • Mechanism: Automatic VM Quarantining – If Deep Security detects (uncleanable/unblockable) malware (and in 9.5sp1 also IPS rules) – Then Deep Security adds an NSX tag to the VM – VMWare NSX adds the VM to a Security Group based on the tag value (dynamic membership) – This NSX Security group has firewall settings that isolates the VM to a management network for remediation and to prevent further infections MONITOR & CONTROL PREVENT DETECT RESPOND ANALYZE
  58. 58. CENTRALIZED VISIBILITY & CONTROL
  59. 59. 60 vCloud Air Security that Fits
  60. 60. Thank You!
  61. 61. Backup Slides Copyright 2014 Trend Micro Inc.
  62. 62. Deep Discovery – Custom Defense Advanced Threat Protection Across the Attack Sequence Malicious Content Copyright 2014 Trend Micro Inc. Suspect Communication Attack Behavior 360 degree view 80 + Protocol across all ports Custom Sandboxing – Windows, Android, Mac Custom Defense – Gateway, Messaging, Endpoints Threat Intelligence across platforms – Windows, Mobile, Mac, Linux Security Echosystem SOC in a Box
  63. 63. Complete User Protection Anti-Malware Encryption Application Control Device Management Data Loss Prevention Content Filtering Employees IT Admin Security Email & Messaging Web Access Device Hopping Collaboration Cloud Sync & Sharing Social Networking File/Folder & Removable Media 65
  64. 64. 66 Cloud and Data Center Security Anti-Malware Integrity Monitoring EncryptionSSL Intrusion Prevention Application Scanning Copyright 2014 Trend Micro Inc. Data Center Ops Security Data Center Physical Virtual Private Cloud Public Cloud
  65. 65. 67Copyright 2014 Trend Micro Inc.
  66. 66. 68
  67. 67. • Identified 65M unique cyber security incidents (more than 180K per day on average) Note: We blocked 80B threats targeting our customers. • Discovered 65M unique malware infections due to ALL activity (almost 180K per day on average) • Logged over 160 million command-and- control (CnC) communications (more than five every second on average) • Analyzed 39,504 unique cyber security incidents (more than 100 per day on average) • Discovered 17,995 unique malware infections due to APT activity (almost 50 per day on average) • Logged over 22 million command-and- control (CnC) communications (less than one every second on average) Source: https://www2.fireeye.com/advanced-threat-report-2013.htmlConfidential | Copyright 2014 Trend Micro Inc.
  68. 68. Smart Protection Network – Web Requests/Day Source: http://www.symantec.com/security_response/publications/threatreport.jsp 6,000,000,000 1,700,000,000 0 10,000,000,000 Trend Micro Symantec Confidential | Copyright 2014 Trend Micro Inc.
  69. 69. Smart Protection Network – Web Attacks Blocked/Day Source: http://www.symantec.com/security_response/publications/threatreport.jsp 13,700,000 568,000 0 10,000,000 20,000,000 Trend Micro Symantec Confidential | Copyright 2014 Trend Micro Inc.
  70. 70. Why Trend Micro Over McAfee? 480 BILLION Queries/Month 6B Queries/Day 150M Nodes Confidential/Copyright 2014 Trend Micro Inc. 2.5B Queries/Day 120M Nodes
  71. 71. Broader Coverage Confidential | Copyright 2015 Trend Micro Inc. Consumers Government AgenciesSMB Partners & OEMEnt/VLE Endpoints Servers Virtual Servers Messaging Network SaaSGateway
  72. 72. 6 Billion URLs Processed Daily User Traffic / Sourcing CDN vender Rating Server for Known Threats Unknown & Prefilter Page Download Threat Analysis 6 billion/day 3 billion/day 300 million/day 50% filtered 90% filtered 50,000 malicious URL /day 99.95% filtered Trend Micro Products / Technology CDN Cache High Throughput Web Service Hadoop Cluster Web Crawling Machine Learning Data Mining Technology Process Operation Block malicious URL within 15 minutes once it goes online! Copyright 2014 Trend Micro Inc.
  73. 73. Endpoint Security -- Consumer Products 2009 5.2 h 38.0 h 15.6 h 7.5 h 19.6 h 39.5 h 46.1 h 31.9 h 30.5 h 0 h 5 h 10 h 15 h 20 h 25 h 30 h 35 h 40 h 45 h 50 h Trend Micro Kaspersky Norton McAfee Norman F‐Secure AVG Panda ESET Average time to protect New socially engineered malware Average time to protect 2010 New socially engineered malware 2014
  74. 74. 2014 Tests Co 99.60% 70.53% 95.52% 70.00% 80.00% 90.00% 100.00% Trend Micro Microsoft Vendor Average 0-Day Protection: 2014 99.83% 86.10% 96.60% 85.00% 90.00% 95.00% 100.00% Trend Micro Microsoft (Baseline) Vendor Average Real-World Protection 2014 Averages (Mar-Nov) 99.99% 96.99% 95.00% 96.00% 97.00% 98.00% 99.00% 100.00% Trend Micro Vendor Average Malicious Apps - Avg Nov'13 - Nov'14 98.31% 97.20% 98.06% 97.34% 96.64% 97.09% 97.40% 93.55% 93.67% 94.56% 94.63% 93.68% 95.00% 95.77% 90.00% 92.00% 94.00% 96.00% 98.00% 100.00% Q1'12 Q2'12 Q4'12 Q1'13 Q2'13 Q2'14 Q3'14 Opus One Anti-Spam Results Q1'12-Q3'14 Trend Micro Vendor Average
  75. 75. 2014 Tests Cont’d Co
  76. 76. 2015 Attacks Confidential | Copyright 2015 Trend Micro Inc.

×