Cyber security
Security by
MultiPoint Ltd.
About MultiPoint
• MultiPoint was founded in April 2009
• Managed by Arie Wolman and Ricardo Resnik
• A Distributor of Sec...
Main Vendors
Some of our customers
Attack Lifecycle
TIME
IMPACT
Resource Validation
Preventative Controls
SOC / CIRT
Incident Response
Analysis
Professional ...
Because prevention’s not enough!
69%
of breaches
Malware was involved in 69% of
all breaches, and
95% of all stolen data.
...
Endpoint Security Network Security Systems
Enterprise Assets
? ? ? ? ?? ? ?Infections Identified
AV HIPS Firewall Firewall...
Automation needed to accelerate & improve
Detection
66%
of breaches remain
undiscovered for months or
more
69%
of breaches...
MultiPoint empowers end users to…
Adapt Posture
enable improvements to
security policies and controls
Optimize Resources
f...
The Kill Chain and Risk
Infection Risk
Reconnaissance Weaponization Delivery Exploitation Command & Control
Data Exfiltrat...
Looking at the Threat After It Bypasses
Prevention
Initial Infection Update & Repurpose Initial C&C and 2nd Repurpose Evas...
Prevention features you need for 2014
Patch automation
Vulnerability
assessment
Integration
Powerful
» Microsoft®, Mac OS®...
Secunia VIM Overview – Key Facts and Benefits
A proactive approach to vulnerability management
Leader in the field of Vuln...
Sandbox technology helps
ThreatTrack Security
"Sandbox
customization is the
only way to adequately
detect
and stop targete...
ThreatUpdates
Includes
Intel,Classifiers,&Attribution
MultiPoint vendors Labs Threat Updates &
Discovery Services
Enterpri...
Why GFI LanGuard is so effective?
Scan
Analyze
Remediate
Install
Takes only a few
minutes to be up
and running
Agent-less ...
Damballa Failsafe Architecture
Hub & Spoke | 1 U Appliances | Out of Band
Our Formula – Delivering Predictive
Security Analytics
Security 2.0: The New Security Stack
Alerts & Logs
SIEM
(Single Pane of Glass)
SOC
Network
DVR
Forensics
Client
NGFW
Endpo...
Increasing customer value thru integrations &
alliances
Enrich, Correlate via
SIEM & Forensics Block & Inform from Network...
Upcoming SlideShare
Loading in …5
×

Cyber Security protection by MultiPoint Ltd.

936 views

Published on

How to defend your company from Cyber attacks

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Cyber Security protection by MultiPoint Ltd.

  1. 1. Cyber security Security by MultiPoint Ltd.
  2. 2. About MultiPoint • MultiPoint was founded in April 2009 • Managed by Arie Wolman and Ricardo Resnik • A Distributor of Security & Networking Software • Main exclusive product lines: – GFI Software, Damballa, Accellion, SpectorSoft, Centrify, IronKey, NovaStor, GFI MAX, LiebSoft, DataMotion, Netwrix, etc. • Certified, Qualified and Credible Technical team • Value Added for the Channel and the End-Users alike
  3. 3. Main Vendors
  4. 4. Some of our customers
  5. 5. Attack Lifecycle TIME IMPACT Resource Validation Preventative Controls SOC / CIRT Incident Response Analysis Professional Services Marketing / PR Brand Loss of Intellectual Property
  6. 6. Because prevention’s not enough! 69% of breaches Malware was involved in 69% of all breaches, and 95% of all stolen data. “Prevention is crucial…but detection/response represents an extremely critical line of defense. Let’s stop treating it like a backup plan and start making it a core part of THE plan." 2013 Verizon Data Breach Investigation Report 210 days The average time from breach to detection was 210 days. Trustwave 2013 Global Security Report New York Times, January 1, 2013 5% 82 new malware samples were put up against more than 40 antivirus products... the initial detection rate was less than 5 percent. “Signature-based methods of detecting malware is not keeping up.” detection rate
  7. 7. Endpoint Security Network Security Systems Enterprise Assets ? ? ? ? ?? ? ?Infections Identified AV HIPS Firewall Firewall IDS/IPS WSG/Proxy VM/SandboxDNS Alerts Alerts Alerts AlertsAlerts AlertsBlockBlacklist/Signatures LogsUnknown Threats Logs Logs Why do these threats go undetected? 87% of victims of data theft had evidence in their log files but failed to identify it. 2011 Data Breach Report Verizon RISK team All this noise, how do I identify real infections?
  8. 8. Automation needed to accelerate & improve Detection 66% of breaches remain undiscovered for months or more 69% of breaches are discovered by parties external to the victim 5% detection rate of 82 new malware samples by traditional signature-based products Sources: Verizon, New York Times
  9. 9. MultiPoint empowers end users to… Adapt Posture enable improvements to security policies and controls Optimize Resources focus teams & tools on high-value activities vs. noisy alerts Manage Portfolio measure performance of preventative solutions Rapidly Respond automate discovery, verification & prioritization of true infections
  10. 10. The Kill Chain and Risk Infection Risk Reconnaissance Weaponization Delivery Exploitation Command & Control Data Exfiltration/ Disruption/Damage Business Risk After Infection Takes Place, the Game Changes Infection Risk Reconnaissance Weaponization Delivery Exploitation Command & Control Data Exfiltration/ Disruption/Damage Infection
  11. 11. Looking at the Threat After It Bypasses Prevention Initial Infection Update & Repurpose Initial C&C and 2nd Repurpose Evasion Cycle Continues… Malware is updated/customized Repository C&C Portals C&C Proxies Downloader Repository C&C Portals C&C Proxies Downloader Threat Actors … Victim Dropper Pay Per Installer Dropper unpacks on the Victim machine and runs Malware is updated/customized DownloaderUpdater Cyber Brokers Malware Author
  12. 12. Prevention features you need for 2014 Patch automation Vulnerability assessment Integration Powerful » Microsoft®, Mac OS® and major Linux operating systems » Microsoft and other popular third-party applications » Security and non-security updates » More than 4000 critical security applications » Interactive dashboard » Workstations, laptops, servers, mobile devices and a wide range of network devices such as printers, switches and routers » Now checking for up to 50,000 vulnerabilities Dedicated reports » For PCI DSS, HIPAA, PSN CoCo and other regulations Improved scan and remediation performance » Through usage of agents and relay agents
  13. 13. Secunia VIM Overview – Key Facts and Benefits A proactive approach to vulnerability management Leader in the field of Vulnerability Intelligence Pioneer and industry leader in the research and disclosure of vulnerabilities The market’s largest verified vulnerability database, 45,000+ products. The only vendor that guarantees coverage of your commercially available environment Award-winning solution Straight forward and simple to set up, maintain and use regardless of the size of an organization Customized asset lists mean targeted information based on your exact environment Filter information based on the asset location or critically, useful for business critical technology which receives less press coverage, e.g.. Lotus Notes Dynamic, customized, historic, and automated reporting. Track and document remediation strategies Eliminated information overload sifting through other sources, emails, and bulk RSS feeds Prioritize patch management based on verified real time information
  14. 14. Sandbox technology helps ThreatTrack Security "Sandbox customization is the only way to adequately detect and stop targeted attacks" As a fully customizable platform, ThreatAnalyzer enables you to recreate your entire application stack (including virtual and native environments) in which you can detonate malicious code to see exactly how malware will behave across all your network and systems configurations. Moreover, custom malware determination rules help Dynamic Malware Analysis Know Your Exposure to Cyber Threats ThreatAnalyzer is the industry's only malware analysis solution that enables you to completely and accurately quantify the risk and exposure your organization faces from any malware threat. you fine tune ThreatAnalyzer to be on the alert for suspicious behavior and activity that concern you most, such as anomalous access to sensitive systems, data exfiltration to foreign domains, queries made to custom applications and more. Within minutes of detonating a malware sample, you will know exactly which system configurations on your network are vulnerable to any threat, enabling you to instantly respond by isolating systems and implementing defenses to prevent infections.
  15. 15. ThreatUpdates Includes Intel,Classifiers,&Attribution MultiPoint vendors Labs Threat Updates & Discovery Services Enterprise Assets ISPs Enterprises MultiPoint Vendors Domains ThreatDiscovery Files TraceReports
  16. 16. Why GFI LanGuard is so effective? Scan Analyze Remediate Install Takes only a few minutes to be up and running Agent-less or agent-based Identify assets (including mobile devices), find vulnerabilities, missing patches, open ports, services, hardware and software, etc. Vulnerability level assigned to each computer Reports, results filtering, network changes history Check external references Deploy missing updates, uninstall applications, deploy custom scripts, open remote desktop connections, etc. Definitions for vulnerabilities and patches are continuously updated from GFI® servers to report and remediate latest threats Deploy agents (agent-less) Powerful interactive dashboard
  17. 17. Damballa Failsafe Architecture Hub & Spoke | 1 U Appliances | Out of Band
  18. 18. Our Formula – Delivering Predictive Security Analytics
  19. 19. Security 2.0: The New Security Stack Alerts & Logs SIEM (Single Pane of Glass) SOC Network DVR Forensics Client NGFW Endpoint Containment Infection Risk Business Risk Prevention Detection Response (Forensics) legacy IPS & Host AV/IPS/FW Infection Damage NBADSandboxing Email Gateway Predictive Security Analytics Attack Advanced Threat Protection
  20. 20. Increasing customer value thru integrations & alliances Enrich, Correlate via SIEM & Forensics Block & Inform from Network to Endpoint Accelerate & Prioritize Response Damballa discovers with certainty & delivers evidence so customers can pivot to…

×