Slides usados no web seminário "Enfrentando os Desafios das Ameaças Combinadas" ministrado por Ricardo Valente da Mcafee para a série de web seminários oferecidos pela ISH Tecnologia. Para conhecer mais da ISH visite http://www.ish.com.br ou siga a ISH http://twitter.com/ishtecnologia
37. Global Threat IntelligenceZero Day Response Environment Gotyou.com BOTS Email Gateway Web Gateway Firewall - IPS Internet New phishing email on webmail 2. User clicks 3. Malware detected even without a signature
38. Global Threat IntelligenceZero Day Response Environment Gotyou.com BOTS Email Gateway Web Gateway Global ThreatIntelligence Firewall - IPS Internet 4. Samples Fingerprinted 5. Attributes analyzed in real time 6. Reputations and Signatures Updated
39. Analysts Agree: McAfee Leads Leaders Challengers Leaders Current Offering Strategy Niche Players Visionaries Completeness of Vision Forrester Gartner Strong Performers Web E-mail DLP Web IPS E-mail Firewall Ability to Execute
40. December 8, 2009 User receives email with a short message and a URL, from an IP address with no reputation for SPAM 1 User clicks on link and goes to a fake Reuters' video feed web page with malicious content.” 2 GLOBAL THREAT INTELLIGENCE Internet McAfee Email Gateway Internet Real-time feeds update Firewalls and email and web gateways. Artemis protects the endpoint in real-time 5 The content coming back is malware, and is blocked at the gateway 3 The URL, IP, and the payload - all captured from “an event” is sent Avert Labs 4 McAfee Web Gateway Artemis TrustedSource IPS Firewall UTM TrustedSource TrustedSource McAfee Network Security 10 Bomb Attacks Require Coordinated ProtectionResearch Capacity Matters
52. December 8, 2009 Hacking Exposed - Web and Email 13 Hacking Exposed: Web and Email Security Bookseller site walkthrough FileInsight examples of deobfuscation McAfee® TrustedSource™ technology Anonymous proxies
53. Hacme Books Cross Site Request Forging December 8, 2009 Title of Presentation 14
54. Demo Visit and logon to a typical online book-seller site. Browse selection. Check that shopping cart is empty. Visit the author's web site for a particular selection. Return to book-seller site and check shopping cart. Notice that a title has been added without authorization. Repeat same process using McAfee Web Gateway. Notice that shopping cart does not get populated by the author's site. Why? Author's site has crafted IFRAME that exploits the book-seller site. McAfee Web Gateway strips out offending IFRAME and prevents exploit to book-seller site. December 8, 2009 Title of Presentation 15
83. Internet Access Organized Cyber Crooks Malware Zombie 89.XXX.XXX.84 Botnet C&C 1 Botnet MalwareDownloadBLOCKED McAfee Firewall Enterprise (Sidewinder) McAfee Web Gateway (formerly Webwasher) McAfee Email Gateway (formerly IronMail) NewZombie Zombie Proxies 2 Web Apps Malware IP& Message Data sent to TS Webapps.yourco.com CustomerData Email Internal Network
84. Internet Access Organized Cyber Crooks Malware Zombie Connections Rejected Based on Reputation Botnet C&C Botnet McAfee Firewall Enterprise (Sidewinder) McAfee Web Gateway (formerly Webwasher) McAfee Email Gateway (formerly IronMail) SQL Injection Attack NewZombie Zombie Proxies Web Apps Webapps.yourco.com CustomerData Email Internal Network
Editor's Notes
Key Speaking points:But don’t just take our word for it. Gartner agrees as you see, we have market leading products across all of the major network security magic quadrants that they publish. And when you add our integration to the end point, and our global intelligence, the parts are truly greater than the whole and McAfee is the Leader in network security second to none.