SlideShare a Scribd company logo

Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu

Download as PPTX, PDF
Ayehu Software Technologies Ltd.
Ayehu Software Technologies Ltd.

Ransomware makers have progressed from infecting individual users on a one-off basis to targeting whole organizations. Using advanced attack techniques like reconnaissance and credential abuse, they can infect many machines at once, bringing business operations to a screeching halt. To stop individual and network-wide attacks, organizations need a multi-layered defense that includes both detection and eradication. Join security experts from LightCyber and Ayehu as they discuss how to defeat ransomware. They will present a live demo of a ransomware attack and show how to quickly contain it with LightCyber + Ayehu. Attendees will learn: - Why targeted ransomware is more devastating and difficult to stop than traditional ransomware. - Methods to disrupt ransomware attacks and ward off extortionists. - How LightCyber + Ayehu work together to detect and mitigate ransomware threats. Presenters: - Kasey Cross, Sr. Product Manager, LightCyber - Guy Nadivi, Director, Business Development – North America, Ayehu - Peter Lee, Director, Professional Services, Ayehu

Software
1 of 22
Defeat Ransomware and Ward off Extortionists with LightCyber + Ayehu
Guy Nadivi Director, Business Development Peter Lee Director, Professional Services Today’s Webinar is Presented by: Kasey Cross Sr. Product Marketing Manager
Behavioral Attack Detection Magna Platform Overview • Network-Centric Detection • Agentless & Signature-less • Post-Intrusion: NTA/UEBA Differentiation • Most Accurate & Efficient: Proven & Measured Success • Broadest Context: Network + Endpoint + User • Broadest Attack Coverage with Integrated Remediation Verticals Served • Finance & Insurance • Public Sector • Retail, Healthcare, Legal • Service Providers • Media, Technology, & More Operations Overview • US HQ - CA • EMEA HQ - Amsterdam • IL HQ - Ramat Gan • Customers World-Wide MAGNA About LightCyber
FOUNDED: 2007 (bootstrapped) FOUNDERS: Gabby Nizri Yaron Levy FUNDING: July 2015: $3M Series A, BGV & KEC (Palo Alto & NY) CUSTOMERS: 100+ Mid-Large Ent. (and growing) OFFICES: Tel Aviv New York (2015) Bay Area (2016) EMPLOYEES: 20+ (and growing) PRODUCT: eyeShare™ v4.8 first GA 2009 About Ayehu
State of Ransomware • Ransomware is getting more advanced, using targeted attack techniques to maximize damage • $209M paid out by US victims in Q1/2016* • 38% of companies hit by ransomware in 2016* • 38% and 17% of ransomware attacks target the service and manufacturing industries, despite many, high-profile healthcare attacks * FBI, KnowBe4 Survey of 1,138 companies, Symantec
Opportunistic Ransomware Attacks Laptop File Servers Malicious Website k Infected client contacts command and control server and receives a unique cryptographic key  User downloads ransomware From a website or opens a malicious email attachment l Ransomware encrypts data on the local client m Ransomware encrypts data on network drives Infected Email Command & Control Internet
Targeted Ransomware Attack Intrusion (Seconds – Minutes) Intrusion Outside the Network Active Breach (Hours - Weeks) Establish Backdoor Recon & Lateral Movement Ransomware Installation Inside the Network  Attacker compromises a client or server in the network k Attacker moves laterally to infect as many machines as possible with ransomware
Steps to Defeat Ransomware: Prevention Educate employees Patch vulnerable client and server software Inspect network traffic for malware Install endpoint protection (anti-virus software) Back up files regularly
Challenges with Preventing Ransomware Polymorphic malware with new strains generated everyday bypass AV signatures Many delivery methods: email, malvertising, compromised sites, targeted attacks May use default processes like Explorer to encrypt files, making it difficult to terminate
DMZ Internet SPAN Detection by LightCyber Magna • Lateral movement of ransomware • Pathfinder identifies anomalous tools and processes • Encryption of file servers and shares Security Ecosystem Servers: DHCP, DNS, AD, File Servers How LightCyber Detects Targeted Ransomware How Ransomware Spreads • Attackers gain persistent access • System tools and scripts are used • Ransomware is installed on other machines • File servers are encrypted Ayehu Remediation
Why Automation? People don’t scale very well
Ransomware Comprised of 2 Enemies
Speed of Response is Critical to Defeat Ransomware
Speed of Response is Critical to Defeat Ransomware Cyber Security Incident Response Automation
Automating Cyber Security Incident Response POSSIBLE QUESTIONS • Do we really have a ransomware infection? • Is only one computer infected? Multiple computers? • Did the ransomware infect any shared folders? • Have the latest security updates (Antivirus/Patches) been applied to infected computer(s)? POSSIBLE ACTIONS • Send the host to a different VLAN using NAC/IPS. • Inform the user via SMS or email. • Report every step in the ITSM system. • Update watch list for communication with the C&C Server. Ransomware Quarantine Automatic Playbook
Building an Automated Security Playbook No Programming Required ! Over 500 pre-built activities Over 150 pre-built workflows / playbooks Easy-to-use drag-and-drop interface
Integrating with Your Infrastructure
Live Demo!
Sandboxing StatefulFW IPS/IDS NetworkAV SIEM Active Attack Phase (Weeks – Months) Intrusion Attempt Phase (Seconds – Minutes) Security Expenditure Incident Response (Weeks – Months) LightCyber Finds Active Threats, Ayehu Eliminates Them Breach Detection Gap+ NetworkFileEncryption
Detect Threats w/LightCyber, Eliminate Them w/Ayehu +
Questions?
Thank You! LightCyber Ayehu Kasey Cross Guy Nadivi kasey@lightcyber.com guy@ayehu.com www.lightcyber.com www.ayehu.com

Recommended

Extend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureExtend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureFidelis Cybersecurity
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis Cybersecurity
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security StrategyCloudflare
 
Putting Cyber Attackers on the Defensive
Putting Cyber Attackers on the DefensivePutting Cyber Attackers on the Defensive
Putting Cyber Attackers on the DefensiveFidelis Cybersecurity
 
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateInsider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateFidelis Cybersecurity
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
Dns security overview
Dns security overviewDns security overview
Dns security overviewVladimir2003
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Pro Mrkt
 

Recommended

Extend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureExtend Network Visibility and Secure Applications and Data in Azure
Extend Network Visibility and Secure Applications and Data in AzureFidelis Cybersecurity
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis Cybersecurity
 
The 2019 Security Strategy
The 2019 Security StrategyThe 2019 Security Strategy
The 2019 Security StrategyCloudflare
 
Putting Cyber Attackers on the Defensive
Putting Cyber Attackers on the DefensivePutting Cyber Attackers on the Defensive
Putting Cyber Attackers on the DefensiveFidelis Cybersecurity
 
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateInsider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateFidelis Cybersecurity
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
Dns security overview
Dns security overviewDns security overview
Dns security overviewVladimir2003
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Pro Mrkt
 
Threat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and ResearchThreat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and ResearchFidelis Cybersecurity
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallAlienVault
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyCloudflare
 
Palo Alto Networks - Magnifier
Palo Alto Networks - MagnifierPalo Alto Networks - Magnifier
Palo Alto Networks - MagnifierJisc
 
Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Gregory McCardle
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XTaking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XSophos Benelux
 
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...Jisc
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comAravind R
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...Rachel Wandishin
 
Spo1 w25 spo1-w25
Spo1 w25 spo1-w25Spo1 w25 spo1-w25
Spo1 w25 spo1-w25SelectedPresentations
 
Netpluz corp presentation 2020
Netpluz corp presentation 2020Netpluz corp presentation 2020
Netpluz corp presentation 2020Netpluz Asia Pte Ltd
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
Network Security
Network SecurityNetwork Security
Network SecurityJoe Baker
 

More Related Content

What's hot

Threat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and ResearchThreat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and ResearchFidelis Cybersecurity
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCCloudflare
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallAlienVault
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedNetpluz Asia Pte Ltd
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyCloudflare
 
Palo Alto Networks - Magnifier
Palo Alto Networks - MagnifierPalo Alto Networks - Magnifier
Palo Alto Networks - MagnifierJisc
 
Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Gregory McCardle
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XTaking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XSophos Benelux
 
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...Jisc
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comAravind R
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...Rachel Wandishin
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 

What's hot (20)

Threat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and ResearchThreat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and Research
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare data
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
 
eSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform SimplifiedeSentinel™ – 360° Cybersecurity Platform Simplified
eSentinel™ – 360° Cybersecurity Platform Simplified
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation Strategy
 
Palo Alto Networks - Magnifier
Palo Alto Networks - MagnifierPalo Alto Networks - Magnifier
Palo Alto Networks - Magnifier
 
Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Cyber Crimes: The next five years.
Cyber Crimes: The next five years.
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
 
Taking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept XTaking the battle to Ransomware with Sophos Intercept X
Taking the battle to Ransomware with Sophos Intercept X
 
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF Provider
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
 
Spo1 w25 spo1-w25
Spo1 w25 spo1-w25Spo1 w25 spo1-w25
Spo1 w25 spo1-w25
 
Netpluz corp presentation 2020
Netpluz corp presentation 2020Netpluz corp presentation 2020
Netpluz corp presentation 2020
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providers
 

Similar to Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu

Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
Network Security
Network SecurityNetwork Security
Network SecurityJoe Baker
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Alert Logic
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?TechSoup
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyJames Mulhern
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabiltiesSneha .
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Osama Salah
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Alert Logic
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Jim Kaplan CIA CFE
 
Preparing a Next Generation IT Strategy
Preparing a Next Generation IT StrategyPreparing a Next Generation IT Strategy
Preparing a Next Generation IT StrategyBishop Fox
 
Hyperledger Blockchain
Hyperledger BlockchainHyperledger Blockchain
Hyperledger BlockchainAfraz Khan
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Protecting Your Business
Protecting Your BusinessProtecting Your Business
Protecting Your BusinessAll Covered
 

Similar to Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu (20)

Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015
 
Network Security
Network SecurityNetwork Security
Network Security
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015
 
Malware
MalwareMalware
Malware
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
 
Modern vs. Traditional SIEM
Modern vs. Traditional SIEM Modern vs. Traditional SIEM
Modern vs. Traditional SIEM
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security Breakfast
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the Union
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabilties
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...
 
Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Preparing a Next Generation IT Strategy
Preparing a Next Generation IT StrategyPreparing a Next Generation IT Strategy
Preparing a Next Generation IT Strategy
 
Hyperledger Blockchain
Hyperledger BlockchainHyperledger Blockchain
Hyperledger Blockchain
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
Protecting Your Business
Protecting Your BusinessProtecting Your Business
Protecting Your Business
 

More from Ayehu Software Technologies Ltd.

Automating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAutomating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAyehu Software Technologies Ltd.
 
How to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesHow to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesAyehu Software Technologies Ltd.
 
How Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsHow Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsAyehu Software Technologies Ltd.
 
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Ayehu Software Technologies Ltd.
 
How To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingHow To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingAyehu Software Technologies Ltd.
 
What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...Ayehu Software Technologies Ltd.
 
How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)Ayehu Software Technologies Ltd.
 

More from Ayehu Software Technologies Ltd. (11)

Automating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an HourAutomating Your Service Desk With ServiceNow and Slack in Less Than an Hour
Automating Your Service Desk With ServiceNow and Slack in Less Than an Hour
 
How to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 MinutesHow to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
How to Integrate BMC Remedy With Any 3rd-Party System in 5 Minutes
 
How Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gapsHow Intelligent Automation can plug ServiceNow's integration gaps
How Intelligent Automation can plug ServiceNow's integration gaps
 
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
Automating IT Processes in a Code-Filled World: Why Scripting is Not Real Aut...
 
How to Detect and Resolve Today's High-Profile Threats
How to Detect and Resolve Today's High-Profile ThreatsHow to Detect and Resolve Today's High-Profile Threats
How to Detect and Resolve Today's High-Profile Threats
 
How To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without ProgrammingHow To Automate Labor-IntensiveServiceNow Tasks Without Programming
How To Automate Labor-IntensiveServiceNow Tasks Without Programming
 
How to Keep Your CMDB up to-date With IT Automation
How to Keep Your CMDB up to-date With IT AutomationHow to Keep Your CMDB up to-date With IT Automation
How to Keep Your CMDB up to-date With IT Automation
 
What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...What's the value proposition in adding automation/orchestration on top of Ser...
What's the value proposition in adding automation/orchestration on top of Ser...
 
How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)How to Measure IT Process Automation Return on Investment (ROI)
How to Measure IT Process Automation Return on Investment (ROI)
 
Network Operation Center Best Practices
Network Operation Center Best PracticesNetwork Operation Center Best Practices
Network Operation Center Best Practices
 
Ayehu eyeShare Overview
Ayehu eyeShare OverviewAyehu eyeShare Overview
Ayehu eyeShare Overview
 

Recently uploaded

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 

Recently uploaded (20)

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 

Defeat Ransomware and Ward off Extortionists with LightCyber+Ayehu

  • 1. Defeat Ransomware and Ward off Extortionists with LightCyber + Ayehu
  • 2. Guy Nadivi Director, Business Development Peter Lee Director, Professional Services Today’s Webinar is Presented by: Kasey Cross Sr. Product Marketing Manager
  • 3. Behavioral Attack Detection Magna Platform Overview • Network-Centric Detection • Agentless & Signature-less • Post-Intrusion: NTA/UEBA Differentiation • Most Accurate & Efficient: Proven & Measured Success • Broadest Context: Network + Endpoint + User • Broadest Attack Coverage with Integrated Remediation Verticals Served • Finance & Insurance • Public Sector • Retail, Healthcare, Legal • Service Providers • Media, Technology, & More Operations Overview • US HQ - CA • EMEA HQ - Amsterdam • IL HQ - Ramat Gan • Customers World-Wide MAGNA About LightCyber
  • 4. FOUNDED: 2007 (bootstrapped) FOUNDERS: Gabby Nizri Yaron Levy FUNDING: July 2015: $3M Series A, BGV & KEC (Palo Alto & NY) CUSTOMERS: 100+ Mid-Large Ent. (and growing) OFFICES: Tel Aviv New York (2015) Bay Area (2016) EMPLOYEES: 20+ (and growing) PRODUCT: eyeShare™ v4.8 first GA 2009 About Ayehu
  • 5. State of Ransomware • Ransomware is getting more advanced, using targeted attack techniques to maximize damage • $209M paid out by US victims in Q1/2016* • 38% of companies hit by ransomware in 2016* • 38% and 17% of ransomware attacks target the service and manufacturing industries, despite many, high-profile healthcare attacks * FBI, KnowBe4 Survey of 1,138 companies, Symantec
  • 6. Opportunistic Ransomware Attacks Laptop File Servers Malicious Website k Infected client contacts command and control server and receives a unique cryptographic key  User downloads ransomware From a website or opens a malicious email attachment l Ransomware encrypts data on the local client m Ransomware encrypts data on network drives Infected Email Command & Control Internet
  • 7. Targeted Ransomware Attack Intrusion (Seconds – Minutes) Intrusion Outside the Network Active Breach (Hours - Weeks) Establish Backdoor Recon & Lateral Movement Ransomware Installation Inside the Network  Attacker compromises a client or server in the network k Attacker moves laterally to infect as many machines as possible with ransomware
  • 8. Steps to Defeat Ransomware: Prevention Educate employees Patch vulnerable client and server software Inspect network traffic for malware Install endpoint protection (anti-virus software) Back up files regularly
  • 9. Challenges with Preventing Ransomware Polymorphic malware with new strains generated everyday bypass AV signatures Many delivery methods: email, malvertising, compromised sites, targeted attacks May use default processes like Explorer to encrypt files, making it difficult to terminate
  • 10. DMZ Internet SPAN Detection by LightCyber Magna • Lateral movement of ransomware • Pathfinder identifies anomalous tools and processes • Encryption of file servers and shares Security Ecosystem Servers: DHCP, DNS, AD, File Servers How LightCyber Detects Targeted Ransomware How Ransomware Spreads • Attackers gain persistent access • System tools and scripts are used • Ransomware is installed on other machines • File servers are encrypted Ayehu Remediation
  • 13. Speed of Response is Critical to Defeat Ransomware
  • 14. Speed of Response is Critical to Defeat Ransomware Cyber Security Incident Response Automation
  • 15. Automating Cyber Security Incident Response POSSIBLE QUESTIONS • Do we really have a ransomware infection? • Is only one computer infected? Multiple computers? • Did the ransomware infect any shared folders? • Have the latest security updates (Antivirus/Patches) been applied to infected computer(s)? POSSIBLE ACTIONS • Send the host to a different VLAN using NAC/IPS. • Inform the user via SMS or email. • Report every step in the ITSM system. • Update watch list for communication with the C&C Server. Ransomware Quarantine Automatic Playbook
  • 16. Building an Automated Security Playbook No Programming Required ! Over 500 pre-built activities Over 150 pre-built workflows / playbooks Easy-to-use drag-and-drop interface
  • 17. Integrating with Your Infrastructure
  • 19. Sandboxing StatefulFW IPS/IDS NetworkAV SIEM Active Attack Phase (Weeks – Months) Intrusion Attempt Phase (Seconds – Minutes) Security Expenditure Incident Response (Weeks – Months) LightCyber Finds Active Threats, Ayehu Eliminates Them Breach Detection Gap+ NetworkFileEncryption
  • 20. Detect Threats w/LightCyber, Eliminate Them w/Ayehu +
  • 22. Thank You! LightCyber Ayehu Kasey Cross Guy Nadivi kasey@lightcyber.com guy@ayehu.com www.lightcyber.com www.ayehu.com