Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Targeted Attacks| Have you found yours?Andy DancerCTO EMEA
Traditional Security is Insufficient                                                   Advanced                Empowered  ...
Copyright 2012 Trend Micro Inc.   3
Switch of mental approach• Terrorist Paradox                           • Advanced Threats  – We have to win all the       ...
Custom Attacks        • Today’s most dangerous          attacks are those targeted                                        ...
Deep Discovery & The Custom Defense                              Advanced                                  Threat         ...
APT Activity               Specialized Threat Detection               Across the Attack Sequence                  Maliciou...
Deep Discovery & The Custom Defense                              Advanced                                  Threat         ...
Automated Analysis                    Bandwidth                                                               Live Cloud  ...
Deep Discovery Advisor   Threat Intelligence Center• In-Depth Contextual Analysis including simulation  results, asset pro...
Deep Discovery & The Custom Defense                              Advanced                                  Threat         ...
The Custom Defense  Specialized Threat                                Deep analysis                Custom security    Cont...
The Custom Defense In Action             Advanced Email Protection              InterScan Messaging Security              ...
So what does that look like in context?                    Outer Perimeter                                      Valuable S...
Deep Discovery                                                                 Simulate                          Analyze  ...
DeepSecurityInner Perimeter for valuable assets  Deep Packet Inspection                  Firewall                         ...
Thanks for listening......any questions? Confidential | Copyright 2012 Trend Micro Inc.
Upcoming SlideShare
Loading in …5
×

Targeted Attacks: Have you found yours?

409 views

Published on

Attacks are evolving and so must the response – but how? This presentation explores how you get beyond the APT hype and strike a sensible balance between security expenditure and commercial risk. We explain what do you need to just keep doing, what’s new and what’s no longer effective.

  • Be the first to comment

  • Be the first to like this

Targeted Attacks: Have you found yours?

  1. 1. Targeted Attacks| Have you found yours?Andy DancerCTO EMEA
  2. 2. Traditional Security is Insufficient Advanced Empowered Elastic Persistent Threats Employees PerimeterTrend Micro evaluations find over 90% of enterprise networks contain active malicious malware! Copyright 2012 Trend Micro Inc.
  3. 3. Copyright 2012 Trend Micro Inc. 3
  4. 4. Switch of mental approach• Terrorist Paradox • Advanced Threats – We have to win all the – Many steps have to time to defend execute in turn to steal – They only have to get it my data right once to win – I only need to spot one step to thwart them Copyright 2012 Trend Micro Inc. 4
  5. 5. Custom Attacks • Today’s most dangerous attacks are those targeted 01010010 directly and specifically 100101001 10001100 at an organization — 00101110 1010101 its people, its systems, its vulnerabilities, its data.10/19/2012 Confidential | Copyright 2012 Trend Micro Inc. 5
  6. 6. Deep Discovery & The Custom Defense Advanced Threat Protection Network Threat Detection Deep Discovery10/19/2012 Confidential | Copyright 2012 Trend Micro Inc. 6
  7. 7. APT Activity Specialized Threat Detection Across the Attack Sequence Malicious Content • Emails containing embedded document exploits • Drive-by Downloads • Zero-day and known malware Suspect Communication • C&C communication for any type of malware & bots • Backdoor activity by attacker Attack Behavior • Malware activity: propagation, downloading, spam ming . . . • Attacker activity: scan, brute force, tool downloads. • Data exfiltration communication
  8. 8. Deep Discovery & The Custom Defense Advanced Threat Protection Network Threat Detection Deep Discovery Attack Analysis & Intelligence10/19/2012 Confidential | Copyright 2012 Trend Micro Inc. 9
  9. 9. Automated Analysis Bandwidth Live Cloud Lookup Advanced Heuristics ThreatIntelligence Sandbox Analysis Focused Manual Investigation Output to SIEM Copyright 2012 Trend Micro Inc. 10
  10. 10. Deep Discovery Advisor Threat Intelligence Center• In-Depth Contextual Analysis including simulation results, asset profiles and additional security events• Integrated Threat Connect Intelligence included in analysis results• Enhanced Threat Investigation and Visualization capabilities• Highly Customizable Dashboard, Reports & Alerts• Centralized Visibility and Reporting across Deep Discovery Inspector units Threat Connect Intelligence
  11. 11. Deep Discovery & The Custom Defense Advanced Threat Protection Network Threat Detection Deep Discovery Adaptive Security Updates Containment & Remediation Attack Analysis & Intelligence10/19/2012 Confidential | Copyright 2012 Trend Micro Inc. 12
  12. 12. The Custom Defense Specialized Threat Deep analysis Custom security Context-relevant Detection at network based on custom blacklists & views & intel guide and protection sandboxing and signatures block rapid remediation points relevant global intel further attack response10/19/2012 Confidential | Copyright 2012 Trend Micro Inc. 13
  13. 13. The Custom Defense In Action Advanced Email Protection InterScan Messaging Security or ScanMail Anti-spam Threat Threat Security Analyzer Intelligence Update Anti-phishing Center Server Web Reputation Deep Discovery Advisor Anti-malware • Blocking of targeted spear phishing emails and document exploits via Advanced Threat Detection custom sandboxing • Central analysis of detections • Automated updates of malicious quarantine IP/Domains • Search & Destroy function10/19/2012 Confidential | Copyright 2012 Trend Micro Inc. 14
  14. 14. So what does that look like in context? Outer Perimeter Valuable Server Inner Perimeters Valuable Server Endpoint Valuable Server Endpoint
  15. 15. Deep Discovery Simulate Analyze Out of band network data feed of all Correlatenetwork traffic Detect Malicious Content and Communication Identify Attack Behaviour & Reduce False Positives Visibility – Real-time Dashboards Insight – Risk-based Analysis Action – Remediation Intelligence
  16. 16. DeepSecurityInner Perimeter for valuable assets Deep Packet Inspection Firewall Security Anti-Virus VM VM VM VM VM VM Log Inspection Hypervisor Integrity Monitoring
  17. 17. Thanks for listening......any questions? Confidential | Copyright 2012 Trend Micro Inc.

×