SlideShare a Scribd company logo
Social Networking and Cyber-Security:
Strength, Weakness, Opportunity, or Threat?


                        Aus-Cert, May 2010
About Palo Alto Networks

•   World-class team with strong security and networking experience
     • Founded in 2005 by security visionary Nir Zuk

     • Top-tier investors

•   Builds next-generation firewalls that identify / control 950+ applications
     • Restores the firewall as the core of the enterprise network security
       infrastructure
     • Innovations: App-ID™, User-ID™, Content-ID™

•   Global footprint: 1,100+ customers in 60+ countries, 24/7 support
Social Networking is No Longer a Fad
• Hundreds of millions of people use social applications daily
   • Facebook has over 400 million users

   • LinkedIn has over 60 million users

   • Social bookmarking applications have roughly 10 million users each

   • Youtube is the 3rd most popular website on the Internet

• Sales, marketing, public relations, human resources, product teams,
  and business development all see opportunity
Social Networking is A Hotbed of Risk
• Brand Damage
   • Mis-treat your customers at your own peril

• Compliance
   • Using unapproved applications, (FINRA)

• Business Continuity
   • Malware or application vulnerability induced downtime

• Operations Costs
   • Excessive bandwidth consumption, desktop cleanup

• Data Loss/Leakage
   • Unauthorized employee file transfer, data sharing

• Productivity
   • Uncontrolled, excessive use for non-work related purposes
Applications Are The Threat Vector
•   US$3.8M stolen from small
    school district in New York State
     •   Zeus banking trojan stole
         credentials, enabled transfers
     •   All but US$500K recovered
•   Increasingly, new and old threats
    using social networks
     •   Social network-specific (e.g.,
         Koobface, FBAction)
     •   New life for old threats (e.g.,
         Zeus/Zbot)
•   Huge user populations, high
    degree of trust, liberal use of SSL


•   But wait – we have those
    applications under control…
Existing Control Mechanisms?

• Applications have changed

   • Any port, random ports,
      encryption - all in use




                                  • Users feel entitled to use any
                                    application
                                  • New employees = always on,
                                    always connected
Employees Will Find A Way…
                                                                                            80%
                                      RDP

• Remote Access                        SSH                                             76%
                                                                                62%
                                     telnet
   • 27 variants found 95% of                                             53%
                                   LogMeIn
     the time                                                       42%
                                TeamViewer



                                  CGIProxy                   30%
• External Proxies                PHProxy
                                                             30%

                                                            27%
   • 22 variants found 76% of    CoralCDN
     the time                     FreeGate
                                                      15%

                                                      14%
                                Glype Proxy



• Encrypted Tunnels                    Tor
                                                      15%

                                                      13%
                                   Hamachi
   • Non-VPN related – found                         9%
                                  UltraSurf                   Frequency That the
     30% of the time                            3%
                                   Gbridge                  Application Was Detected
                                                3%
                                     Gpass

                                          00%         20%     40%         60%         80%
Applications Are Not What They Seem
                                                              Most Frequently Detected "Dynamic" Applications

           100%

            80%       83%
                                        78%             77%        73%
            60%                                                                            60%
                                                                                60%
                                                                                                           55%       54%       51%
            40%                                                                                                                          42%

            20%

             0%
                  Sharepoint        iTunes          MS RPC       Skype     BitTorrent MSN Voice           Ooyla   Mediafire   eMule   Teamviewer


                                         Applications That are Capable of Tunneling
                                                                                                              • 67% of the applications
       Networking (73)                        36                      18              17         2                use port 80, port 443, or
     Collaboration (46)            18                     25         12                                           hop ports
            Media (24)        8         12         13

  General-Internet (17)       6     7     4
                                                                                                              • 190 of them are
Business-Systems (15)         10        41
                                                                                                                  client/server
                          0                         25                     50                        75       • 177 can tunnel other
                                  Client-server (78)                 Browser-based (66)                           applications, a feature no
                                  Network-protocol (19)              Peer-to-peer (12)                            longer reserved for SSL or
                                                                                                                  SSH
Enterprise 2.0 Use is Consistent; Intensity Up
• Google Docs and Calendar
    resource consumption* is up
    55%


• Google Talk Gadget shot up by
    56% while Google Talk dropped
    76%


• Bandwidth consumed by
    SharePoint and LinkedIn is up
    14% and 48% respectively


• Bandwidth consumed by
    Facebook, per organization, is
    a staggering 4.9 GB

* Resource consumption = bandwidth and session usage
Social Networking: Strengths

         Top line revenue
  Reaching new markets/customer groups
Increasing sales in existing markets/customer
                     groups


         Bottom line profit
Reduction in cost of sales (disintermediation)
        Reduction in cost of support
       Reduction in cost of marketing
Social Networking: Weaknesses

   Fraught with unmanaged risk
            Few policies
Existing policies aren’t enforceable
                 Savvy users
  Content controls/logging/auditing outdated
  Security models too restrictive
             Coarse allow/deny
Social Networking: Opportunities



         Business opportunity
        Evolve security policies
            Evolve controls
Make risk management/security relevant
Threats - Social Networking Top 10

10 - Social networking worms
9 - Phishing bait
8 - Trojan vector
7 - Data leaks
6 - Shortened/obfuscated links
5 - Botnet command and control
4 - It’s a data source for attackers
3 - Cross-Site Request Forgery (CSRF)
2 - Impersonation
1 - Trust
Recommendations

• Policy
  • Gather

  • Listen

  • Redefine

• Model – re-think or refine
  • Blindly blocking is somewhat draconian; blindly allowing is a CLM

  • Safe enablement is your new mantra

• Controls
  • Visibility and control of applications, users, and content is key

  • “Allow, but…” controls are critical
www.paloaltonetworks.com/aur

More Related Content

Viewers also liked

Palo Alto Networks Application Usage and Risk Report - Key Findings for Korea
Palo Alto Networks Application Usage and Risk Report - Key Findings for KoreaPalo Alto Networks Application Usage and Risk Report - Key Findings for Korea
Palo Alto Networks Application Usage and Risk Report - Key Findings for Korea
Palo Alto Networks
 
Jamaica
JamaicaJamaica
Jamaica
michaelanatal
 
iPad Pilot Projects at Framingham State University: Three Use Cases
iPad Pilot Projects at Framingham State University:  Three Use Cases iPad Pilot Projects at Framingham State University:  Three Use Cases
iPad Pilot Projects at Framingham State University: Three Use Cases
FSU-ITS
 
Future makers
Future makersFuture makers
Future makers
Giulia Christeen
 
Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)
Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)
Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)
FSU-ITS
 
Be the Hero
Be the HeroBe the Hero
Be the Hero
Matthew Winner
 
организация и методика выполнения проектов в физ ре
организация и методика выполнения  проектов в  физ реорганизация и методика выполнения  проектов в  физ ре
организация и методика выполнения проектов в физ реАнна Денисенко
 
Vida
VidaVida
Bí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMO
Bí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMOBí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMO
Bí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMO
Nguyễn Đặng
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 Presentation
Justin Richer
 
стимулирующие технологии как метод активизации собственных сил организма
стимулирующие технологии как метод активизации собственных сил организмастимулирующие технологии как метод активизации собственных сил организма
стимулирующие технологии как метод активизации собственных сил организмаАнна Денисенко
 
презентация медико педагогічний контроль на уроках Microsoft power point (2)
презентация медико педагогічний контроль на уроках  Microsoft power point (2)презентация медико педагогічний контроль на уроках  Microsoft power point (2)
презентация медико педагогічний контроль на уроках Microsoft power point (2)
Анна Денисенко
 

Viewers also liked (15)

вич спид
вич спидвич спид
вич спид
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Korea
Palo Alto Networks Application Usage and Risk Report - Key Findings for KoreaPalo Alto Networks Application Usage and Risk Report - Key Findings for Korea
Palo Alto Networks Application Usage and Risk Report - Key Findings for Korea
 
Jamaica
JamaicaJamaica
Jamaica
 
في الفصل
في الفصلفي الفصل
في الفصل
 
iPad Pilot Projects at Framingham State University: Three Use Cases
iPad Pilot Projects at Framingham State University:  Three Use Cases iPad Pilot Projects at Framingham State University:  Three Use Cases
iPad Pilot Projects at Framingham State University: Three Use Cases
 
Future makers
Future makersFuture makers
Future makers
 
Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)
Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)
Blackboard Mobile: Best Practices from the Field (Pre-Session Workshop)
 
Be the Hero
Be the HeroBe the Hero
Be the Hero
 
Apuntes
ApuntesApuntes
Apuntes
 
организация и методика выполнения проектов в физ ре
организация и методика выполнения  проектов в  физ реорганизация и методика выполнения  проектов в  физ ре
организация и методика выполнения проектов в физ ре
 
Vida
VidaVida
Vida
 
Bí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMO
Bí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMOBí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMO
Bí Mật Kiếm Tiền Tay Trắng Thành Triệu Phú $ - Biến Tướng Đa Cấp Sang MMO
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 Presentation
 
стимулирующие технологии как метод активизации собственных сил организма
стимулирующие технологии как метод активизации собственных сил организмастимулирующие технологии как метод активизации собственных сил организма
стимулирующие технологии как метод активизации собственных сил организма
 
презентация медико педагогічний контроль на уроках Microsoft power point (2)
презентация медико педагогічний контроль на уроках  Microsoft power point (2)презентация медико педагогічний контроль на уроках  Microsoft power point (2)
презентация медико педагогічний контроль на уроках Microsoft power point (2)
 

Similar to Aus cert event_2010

Using ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application VulnerabilitiesUsing ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application Vulnerabilities
Denim Group
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
Andrew Ryan
 
Symantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration SurveySymantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration Survey
Symantec
 
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 yearsThe Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
Jay McBain
 
Tech trends - Get some of these skills to stay current
Tech trends - Get some of these skills to stay currentTech trends - Get some of these skills to stay current
Tech trends - Get some of these skills to stay current
Sandeep Bhatnagar
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
Xavier Mertens
 
Summary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer SurveySummary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer Survey
John Rymer
 
Symantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery StudySymantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery Study
Symantec
 
Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...
Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...
Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...
Scott Bils
 
Android Hacking
Android HackingAndroid Hacking
Android Hacking
antitree
 
Infrastructure Consolidation and Virtualization
Infrastructure Consolidation and VirtualizationInfrastructure Consolidation and Virtualization
Infrastructure Consolidation and Virtualization
Bob Rhubart
 
Wdsi 3G Wi Fi Data Offloading Dashboard Features
Wdsi 3G Wi Fi Data Offloading Dashboard FeaturesWdsi 3G Wi Fi Data Offloading Dashboard Features
Wdsi 3G Wi Fi Data Offloading Dashboard Features
Andy Coney
 
(R)evolutionize APM
(R)evolutionize APM(R)evolutionize APM
(R)evolutionize APM
Andreas Grabner
 
Multi-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud Strategy
Multi-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud StrategyMulti-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud Strategy
Multi-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud Strategy
ThousandEyes
 
Biz case-keynote-final copy
Biz case-keynote-final copyBiz case-keynote-final copy
Biz case-keynote-final copy
OracleIDM
 
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
Lumension
 
Just the Facts - Building a Fact-based Business Case for the cloud
Just the Facts - Building a Fact-based Business Case for the cloudJust the Facts - Building a Fact-based Business Case for the cloud
Just the Facts - Building a Fact-based Business Case for the cloud
SAP Ariba
 
Winn wl cloud_study_webinar
Winn wl cloud_study_webinarWinn wl cloud_study_webinar
Winn wl cloud_study_webinar
Winn Technology Group
 
Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...
Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...
Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...
Ixia NVS Group
 
Mobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama AbushabanMobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama Abushaban
Osama Abushaban
 

Similar to Aus cert event_2010 (20)

Using ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application VulnerabilitiesUsing ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application Vulnerabilities
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
Symantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration SurveySymantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration Survey
 
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 yearsThe Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
 
Tech trends - Get some of these skills to stay current
Tech trends - Get some of these skills to stay currentTech trends - Get some of these skills to stay current
Tech trends - Get some of these skills to stay current
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Summary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer SurveySummary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer Survey
 
Symantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery StudySymantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery Study
 
Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...
Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...
Enterprise Cloud Stakeholders Speak: Adoption Patterns, Barriers & Post-Adopt...
 
Android Hacking
Android HackingAndroid Hacking
Android Hacking
 
Infrastructure Consolidation and Virtualization
Infrastructure Consolidation and VirtualizationInfrastructure Consolidation and Virtualization
Infrastructure Consolidation and Virtualization
 
Wdsi 3G Wi Fi Data Offloading Dashboard Features
Wdsi 3G Wi Fi Data Offloading Dashboard FeaturesWdsi 3G Wi Fi Data Offloading Dashboard Features
Wdsi 3G Wi Fi Data Offloading Dashboard Features
 
(R)evolutionize APM
(R)evolutionize APM(R)evolutionize APM
(R)evolutionize APM
 
Multi-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud Strategy
Multi-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud StrategyMulti-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud Strategy
Multi-Cloud Breaks IT Ops: Best Practices to De-Risk Your Cloud Strategy
 
Biz case-keynote-final copy
Biz case-keynote-final copyBiz case-keynote-final copy
Biz case-keynote-final copy
 
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
 
Just the Facts - Building a Fact-based Business Case for the cloud
Just the Facts - Building a Fact-based Business Case for the cloudJust the Facts - Building a Fact-based Business Case for the cloud
Just the Facts - Building a Fact-based Business Case for the cloud
 
Winn wl cloud_study_webinar
Winn wl cloud_study_webinarWinn wl cloud_study_webinar
Winn wl cloud_study_webinar
 
Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...
Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...
Use Your IDS Appliance, presented by Kate Brew, Product Marketing Manager at ...
 
Mobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama AbushabanMobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama Abushaban
 

More from Palo Alto Networks

Palo Alto Networks Application Usage and Risk Report - Key Findings for ANZ
Palo Alto Networks Application Usage and Risk Report - Key Findings for ANZPalo Alto Networks Application Usage and Risk Report - Key Findings for ANZ
Palo Alto Networks Application Usage and Risk Report - Key Findings for ANZ
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Benelux
Palo Alto Networks Application Usage and Risk Report - Key Findings for BeneluxPalo Alto Networks Application Usage and Risk Report - Key Findings for Benelux
Palo Alto Networks Application Usage and Risk Report - Key Findings for Benelux
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Canada
Palo Alto Networks Application Usage and Risk Report - Key Findings for CanadaPalo Alto Networks Application Usage and Risk Report - Key Findings for Canada
Palo Alto Networks Application Usage and Risk Report - Key Findings for Canada
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for China
Palo Alto Networks Application Usage and Risk Report - Key Findings for ChinaPalo Alto Networks Application Usage and Risk Report - Key Findings for China
Palo Alto Networks Application Usage and Risk Report - Key Findings for China
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Dach
Palo Alto Networks Application Usage and Risk Report - Key Findings for DachPalo Alto Networks Application Usage and Risk Report - Key Findings for Dach
Palo Alto Networks Application Usage and Risk Report - Key Findings for Dach
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for France
Palo Alto Networks Application Usage and Risk Report - Key Findings for FrancePalo Alto Networks Application Usage and Risk Report - Key Findings for France
Palo Alto Networks Application Usage and Risk Report - Key Findings for France
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Italy
Palo Alto Networks Application Usage and Risk Report - Key Findings for ItalyPalo Alto Networks Application Usage and Risk Report - Key Findings for Italy
Palo Alto Networks Application Usage and Risk Report - Key Findings for Italy
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Midd...
Palo Alto Networks Application Usage and Risk Report - Key Findings for  Midd...Palo Alto Networks Application Usage and Risk Report - Key Findings for  Midd...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Midd...
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Nordics
Palo Alto Networks Application Usage and Risk Report - Key Findings for NordicsPalo Alto Networks Application Usage and Risk Report - Key Findings for Nordics
Palo Alto Networks Application Usage and Risk Report - Key Findings for Nordics
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Spain
Palo Alto Networks Application Usage and Risk Report - Key Findings for SpainPalo Alto Networks Application Usage and Risk Report - Key Findings for Spain
Palo Alto Networks Application Usage and Risk Report - Key Findings for Spain
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Taiwan
Palo Alto Networks Application Usage and Risk Report - Key Findings for TaiwanPalo Alto Networks Application Usage and Risk Report - Key Findings for Taiwan
Palo Alto Networks Application Usage and Risk Report - Key Findings for Taiwan
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Thailand
Palo Alto Networks Application Usage and Risk Report - Key Findings for ThailandPalo Alto Networks Application Usage and Risk Report - Key Findings for Thailand
Palo Alto Networks Application Usage and Risk Report - Key Findings for Thailand
Palo Alto Networks
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for UK
Palo Alto Networks Application Usage and Risk Report - Key Findings for UKPalo Alto Networks Application Usage and Risk Report - Key Findings for UK
Palo Alto Networks Application Usage and Risk Report - Key Findings for UK
Palo Alto Networks
 
Application Usage and Risk Report - Key Findings for US
Application Usage and Risk Report - Key Findings for USApplication Usage and Risk Report - Key Findings for US
Application Usage and Risk Report - Key Findings for US
Palo Alto Networks
 
Application Usage on Enterprise Networks, December 2011.
Application Usage on Enterprise Networks, December 2011.Application Usage on Enterprise Networks, December 2011.
Application Usage on Enterprise Networks, December 2011.
Palo Alto Networks
 

More from Palo Alto Networks (18)

Palo Alto Networks Application Usage and Risk Report - Key Findings for ANZ
Palo Alto Networks Application Usage and Risk Report - Key Findings for ANZPalo Alto Networks Application Usage and Risk Report - Key Findings for ANZ
Palo Alto Networks Application Usage and Risk Report - Key Findings for ANZ
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Rest ...
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Benelux
Palo Alto Networks Application Usage and Risk Report - Key Findings for BeneluxPalo Alto Networks Application Usage and Risk Report - Key Findings for Benelux
Palo Alto Networks Application Usage and Risk Report - Key Findings for Benelux
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Canada
Palo Alto Networks Application Usage and Risk Report - Key Findings for CanadaPalo Alto Networks Application Usage and Risk Report - Key Findings for Canada
Palo Alto Networks Application Usage and Risk Report - Key Findings for Canada
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for China
Palo Alto Networks Application Usage and Risk Report - Key Findings for ChinaPalo Alto Networks Application Usage and Risk Report - Key Findings for China
Palo Alto Networks Application Usage and Risk Report - Key Findings for China
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Dach
Palo Alto Networks Application Usage and Risk Report - Key Findings for DachPalo Alto Networks Application Usage and Risk Report - Key Findings for Dach
Palo Alto Networks Application Usage and Risk Report - Key Findings for Dach
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for France
Palo Alto Networks Application Usage and Risk Report - Key Findings for FrancePalo Alto Networks Application Usage and Risk Report - Key Findings for France
Palo Alto Networks Application Usage and Risk Report - Key Findings for France
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Hong ...
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Italy
Palo Alto Networks Application Usage and Risk Report - Key Findings for ItalyPalo Alto Networks Application Usage and Risk Report - Key Findings for Italy
Palo Alto Networks Application Usage and Risk Report - Key Findings for Italy
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Midd...
Palo Alto Networks Application Usage and Risk Report - Key Findings for  Midd...Palo Alto Networks Application Usage and Risk Report - Key Findings for  Midd...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Midd...
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Nordics
Palo Alto Networks Application Usage and Risk Report - Key Findings for NordicsPalo Alto Networks Application Usage and Risk Report - Key Findings for Nordics
Palo Alto Networks Application Usage and Risk Report - Key Findings for Nordics
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...
Palo Alto Networks Application Usage and Risk Report - Key Findings for Singa...
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Spain
Palo Alto Networks Application Usage and Risk Report - Key Findings for SpainPalo Alto Networks Application Usage and Risk Report - Key Findings for Spain
Palo Alto Networks Application Usage and Risk Report - Key Findings for Spain
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Taiwan
Palo Alto Networks Application Usage and Risk Report - Key Findings for TaiwanPalo Alto Networks Application Usage and Risk Report - Key Findings for Taiwan
Palo Alto Networks Application Usage and Risk Report - Key Findings for Taiwan
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for Thailand
Palo Alto Networks Application Usage and Risk Report - Key Findings for ThailandPalo Alto Networks Application Usage and Risk Report - Key Findings for Thailand
Palo Alto Networks Application Usage and Risk Report - Key Findings for Thailand
 
Palo Alto Networks Application Usage and Risk Report - Key Findings for UK
Palo Alto Networks Application Usage and Risk Report - Key Findings for UKPalo Alto Networks Application Usage and Risk Report - Key Findings for UK
Palo Alto Networks Application Usage and Risk Report - Key Findings for UK
 
Application Usage and Risk Report - Key Findings for US
Application Usage and Risk Report - Key Findings for USApplication Usage and Risk Report - Key Findings for US
Application Usage and Risk Report - Key Findings for US
 
Application Usage on Enterprise Networks, December 2011.
Application Usage on Enterprise Networks, December 2011.Application Usage on Enterprise Networks, December 2011.
Application Usage on Enterprise Networks, December 2011.
 

Recently uploaded

Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 

Recently uploaded (20)

Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 

Aus cert event_2010

  • 1. Social Networking and Cyber-Security: Strength, Weakness, Opportunity, or Threat? Aus-Cert, May 2010
  • 2. About Palo Alto Networks • World-class team with strong security and networking experience • Founded in 2005 by security visionary Nir Zuk • Top-tier investors • Builds next-generation firewalls that identify / control 950+ applications • Restores the firewall as the core of the enterprise network security infrastructure • Innovations: App-ID™, User-ID™, Content-ID™ • Global footprint: 1,100+ customers in 60+ countries, 24/7 support
  • 3. Social Networking is No Longer a Fad • Hundreds of millions of people use social applications daily • Facebook has over 400 million users • LinkedIn has over 60 million users • Social bookmarking applications have roughly 10 million users each • Youtube is the 3rd most popular website on the Internet • Sales, marketing, public relations, human resources, product teams, and business development all see opportunity
  • 4. Social Networking is A Hotbed of Risk • Brand Damage • Mis-treat your customers at your own peril • Compliance • Using unapproved applications, (FINRA) • Business Continuity • Malware or application vulnerability induced downtime • Operations Costs • Excessive bandwidth consumption, desktop cleanup • Data Loss/Leakage • Unauthorized employee file transfer, data sharing • Productivity • Uncontrolled, excessive use for non-work related purposes
  • 5. Applications Are The Threat Vector • US$3.8M stolen from small school district in New York State • Zeus banking trojan stole credentials, enabled transfers • All but US$500K recovered • Increasingly, new and old threats using social networks • Social network-specific (e.g., Koobface, FBAction) • New life for old threats (e.g., Zeus/Zbot) • Huge user populations, high degree of trust, liberal use of SSL • But wait – we have those applications under control…
  • 6. Existing Control Mechanisms? • Applications have changed • Any port, random ports, encryption - all in use • Users feel entitled to use any application • New employees = always on, always connected
  • 7. Employees Will Find A Way… 80% RDP • Remote Access SSH 76% 62% telnet • 27 variants found 95% of 53% LogMeIn the time 42% TeamViewer CGIProxy 30% • External Proxies PHProxy 30% 27% • 22 variants found 76% of CoralCDN the time FreeGate 15% 14% Glype Proxy • Encrypted Tunnels Tor 15% 13% Hamachi • Non-VPN related – found 9% UltraSurf Frequency That the 30% of the time 3% Gbridge Application Was Detected 3% Gpass 00% 20% 40% 60% 80%
  • 8. Applications Are Not What They Seem Most Frequently Detected "Dynamic" Applications 100% 80% 83% 78% 77% 73% 60% 60% 60% 55% 54% 51% 40% 42% 20% 0% Sharepoint iTunes MS RPC Skype BitTorrent MSN Voice Ooyla Mediafire eMule Teamviewer Applications That are Capable of Tunneling • 67% of the applications Networking (73) 36 18 17 2 use port 80, port 443, or Collaboration (46) 18 25 12 hop ports Media (24) 8 12 13 General-Internet (17) 6 7 4 • 190 of them are Business-Systems (15) 10 41 client/server 0 25 50 75 • 177 can tunnel other Client-server (78) Browser-based (66) applications, a feature no Network-protocol (19) Peer-to-peer (12) longer reserved for SSL or SSH
  • 9. Enterprise 2.0 Use is Consistent; Intensity Up • Google Docs and Calendar resource consumption* is up 55% • Google Talk Gadget shot up by 56% while Google Talk dropped 76% • Bandwidth consumed by SharePoint and LinkedIn is up 14% and 48% respectively • Bandwidth consumed by Facebook, per organization, is a staggering 4.9 GB * Resource consumption = bandwidth and session usage
  • 10. Social Networking: Strengths Top line revenue Reaching new markets/customer groups Increasing sales in existing markets/customer groups Bottom line profit Reduction in cost of sales (disintermediation) Reduction in cost of support Reduction in cost of marketing
  • 11. Social Networking: Weaknesses Fraught with unmanaged risk Few policies Existing policies aren’t enforceable Savvy users Content controls/logging/auditing outdated Security models too restrictive Coarse allow/deny
  • 12. Social Networking: Opportunities Business opportunity Evolve security policies Evolve controls Make risk management/security relevant
  • 13. Threats - Social Networking Top 10 10 - Social networking worms 9 - Phishing bait 8 - Trojan vector 7 - Data leaks 6 - Shortened/obfuscated links 5 - Botnet command and control 4 - It’s a data source for attackers 3 - Cross-Site Request Forgery (CSRF) 2 - Impersonation 1 - Trust
  • 14. Recommendations • Policy • Gather • Listen • Redefine • Model – re-think or refine • Blindly blocking is somewhat draconian; blindly allowing is a CLM • Safe enablement is your new mantra • Controls • Visibility and control of applications, users, and content is key • “Allow, but…” controls are critical