SlideShare a Scribd company logo

Dissecting ssl threats

Zscaler
Zscaler

This document summarizes a webcast by Zscaler on analyzing security threats hiding in encrypted SSL/TLS traffic. Some key points: - Over 70% of enterprise web traffic and 54% of threats blocked by Zscaler are encrypted. - Threats like malware downloads, phishing attacks, and botnet callbacks are increasingly being hidden in encrypted traffic. - Zscaler's global cloud security platform is able to inspect encrypted traffic at scale using its cloud sandbox and advanced threat protection techniques. - Case studies show how Zscaler has helped organizations catch more threats than traditional on-premise security solutions, which often cannot inspect SSL/TLS traffic.

Internet
1 of 27
©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION1 Zscaler ThreatLabz dissects the latest SSL security attacks WEBCASTS Steve Grossenbacher Sr. Product Marketing Manager | Zscaler sgrossenbacher@Zscaler.com Deepen Desai VP, Security Research & Operations | Zscaler ddesai@zscaler.com
©2018 Zscaler, Inc. All rights reserved.2 To ask a question • Type your questions into the chat box in the Webex panel or email us at communications@zscaler.com • We’ll try to get to all questions during the Q&A session. If we do not get to your question, we’ll make sure to follow up afterwards • At the end of the webcast – please let us know how we did! ©2018 Zscaler, Inc. All rights reserved. Ask your question here…
©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION3 Zscaler: The Market Leader in Cloud Security Enterprise Customers 2,800 CUSTOMERS Over 200 of the Fortune Global 2000 Global Partners 100 Data centers 40B Daily requests 185 Countries served Cloud Scale The Pioneer in Cloud Security Mature Global Cloud Operations
©2018 Zscaler, Inc. All rights reserved.4 The Rise of the SSL Attack Ironically, increased use of SSL in attempt to make our online lives more secure can create ‘blind spots’ that can actually reduce security… NSS Labs “ ” 70% of all enterprise web traffic over Zscaler is encrypted 70% 54% of the threats Zscaler blocks are hidden inside SSL Traffic 54%
©2018 Zscaler, Inc. All rights reserved.5 Web properties are quickly adopting SSL by default to stem privacy concerns SSL is great for privacy, but a challenge for content inspection, whether for enterprise or national security SSL inspection can cause significant performance degradation on security appliances Implementing SSL inspection will raise privacy/regulatory concerns, but compromise must be achieved 70% …of all web traffic on Zscaler Cloud is SSL encrypted 70% …of all pages loaded on Firefox were using HTTPS 54% …of APT’s use SSL encryption 25% … of Zscaler customers block unscannable files 32% … of Zscaler customers block password protected files ©2018 Zscaler, Inc. All rights reserved. Threats Hiding Deep in Encrypted Communications
• Over 800,000 threat blocks each day that use SSL. • Q12018 SSL/TLS threats highlights: • Over 1.2 million malware downloads blocked • Over 200K phishing attacks blocked • Over 136K botnet callbacks blocked • Over 42K browser exploits blocked • Upward trend expected to continue • CoinMining, Encrypted Phishing & SMiShing An In Depth Threat Study from the World’s Largest Security Cloud Current Malicious SSL/TLS Activity Trends 6 ©2018 Zscaler, Inc. All rights reserved Zscaler Security Cloud SSL Trends
Zscaler Cloud Threat Intelligence - Phishing 7 ©2018 Zscaler, Inc. All rights reserved Zscaler Security Cloud Security Trends Phishing page hosted on legitimate domain that has been compromised • More legitimate sites support SSL Newly registered cyber squatted domains to imitate legitimate brands • nnicrosoftoffice.com [real attack] • {name}-sharepoint.com [targeted attack] A 300% increase in Phishing content delivered in 2018 over SSL compared to 2016 Top Phishing Campaigns
©2018 Zscaler, Inc. All rights reserved.8 SSL/TLS threats case study - Phishing Double Encryption Scare Tactics!
©2018 Zscaler, Inc. All rights reserved.9 Parenting in 1989 Parenting in 2014-2017
Zscaler Cloud Threat Intelligence - Malware Zscaler Security Cloud Security Trends • Locky remains most prevalent ransomware family. • Uptick in SamSam ransomware activity targeting healthcare and Government • New ransomware family – GandCrab distributed by Eks • Android Mobile Malware • Google Play Store – Spyware, Fortnite, Windows infected apps (over 200 apps discovered and cleaned up) • Banking Trojans, Ransomware
Zscaler Cloud Threat Intelligence – Sandbox 11 ©2018 Zscaler, Inc. All rights reserved Zscaler Security Cloud Security Trends • New unique payloads seen in Cloud Sandbox – Q12018 • Malicious documents, JARs, APKs, executables.. • Many payloads delivered over SSL from Box, Dropbox, AWS, Google.. • Emotet remains one of the most prevalent malware family • Over 50% increase in coinmining malware payloads
Distribution of new unique malicious payloads seen in Zscaler Cloud Sandbox leveraging SSL/TLS for C&C activity Taking callbacks to a new level Zscaler Cloud Threat Intelligence – Sandbox SSL/TLS threats 68 percent were comprised of multiple Banking Trojan families (Emotet, Trickbot, Zbot etc.) 23 percent were comprised of Infostealer and RAT families. Cobalt Strike APT19 payloads targeting manufacturing & healthcare verticals SSL Blacklist (sslbl.abuse.ch)
©2018 Zscaler, Inc. All rights reserved.13 SSL use in Browser Exploit and Payload Delivery Using SSL enabled Advertising networks Used for injecting malicious scripts into legitimate websites Abuse of free SSL providers Leveraging free certificates for enabling HTTPS support in their malicious domains Bypasses SSL integrity checks in web browser Hiding in the Infection Chain Distribution by Certificate Authorities
©2018 Zscaler, Inc. All rights reserved.14 SSL Certificates and Validity Period – Security Blocks • DV vs. OV vs. EV Certificates • Distribution of certificates involved in security blocks by validation method Hiding in the Infection Chain Validity Period Distribution • Majority of the certificates had a shorter validity period (<= 3 months) • Usually free certs
©2018 Zscaler, Inc. All rights reserved.15 Over 11,500 certificates with the string “paypal” were issued by let’s encrypt!! Let’s Encrypt issued SSL Certificates with string paypal
©2018 Zscaler, Inc. All rights reserved.16 Q12018 Top Trending Threats – Web-based CryptoMining (Cryptojacking!) • A paradigm shift in website monetization techniques leading to exponential growth in web-based cryptomining traffic • 2.5 billion cryptomining transactions blocked over last 6 months • Streaming media and porn/nudity domain categories had the highest hit rate • Legitimate vs. Compromised hosts • Activity seen over HTTP, HTTPS, and WSS
©2018 Zscaler, Inc. All rights reserved.17 Q12018 Top Trending Threats - SMiShing SMiShing also known as SMS phishing is an attack method used to steal sensitive credentials from mobile users. Attack starts with the end user receiving a SMS message containing a specially crafted link that points to a phishing site. SMiShing campaigns targeting (Q12018): • Social networking sites - Facebook, WhatsApp • Financial institutions and services - Natwest, HSBC, Paypal, Tax Refunds, Impots • Popular productivity software and services
Objectives Ransom ExfiltratePropagate .Exe, Archive or Embedded Script How Files and Websites Spread Malware Infection StageHunting Stage Malware .EXE delivers final payload. Enables final hacking objectives. Enables command and control. 4 User browses trusted web page with compromised content 1 Hackers web servers deliver initial file and keeps exploit server hidden 2 Exploit Server Creates new malware samples on demand to bypass signature detection 3 iFrame redirect Exploit & Call home
Web content scanning, Risk based analysis, App Control Browser Control Risk Based Scoring File, User, Group and QoS Control, Signature-based AV and IPS Inline Content Control Complete Packet ByteScan Malicious Hosts, Sites, Botnets Phishing, GEO, Protocol & ACLs Destination Based Blocking Dynamic & Behavioral Analysis of User ContentSandboxing Breaking the kill chain with Zscaler Recon and Creation Survey defenses Planning attack Create Payload Delivery Via trusted/untrusted sites and web content Exploitation Payload exploits unpatched vulnerability Installation Installing malware onto asset Command & Control (C2) Remote Control. Additional malware downloads Action on Objectives Lateral movement, data exfiltration, disruption, etc. DNS Security Botnet and Callback Detection DLP Security Full SSL Inspection Full SSL Inspection Find and stop more malicious threats
©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION20 Direct to Internet Block the bad, protect the good The best approach for SD-WAN and Office 365 Zscaler Internet Access – Fast, secure access to the Internet and SaaS Data Center APPSMPLS HQMOBILE BRANCHIOT Your security stack as a service Data Loss Prevention Cloud Apps (CASB) File Type Controls Data Protection Cloud Firewall URL Filtering Bandwidth Control DNS Filtering Access Control Adv. Protection Cloud Sandbox Anti-Virus DNS Security Threat PreventionReal-time policy engine Polices follow the user Changes are immediately enforced, worldwide Business analytics Global visibility into apps and threats blocked Identify botnet infected machines for remediation Real-time policy and analytics SaaS Open Internet
21 Zscaler - Purpose Built, Global Security Cloud 21©2018 Zscaler, Inc. All rights reserved Denver Toronto New York Paris London Amsterdam Brussels Stockholm Moscow Mumbai Singapore SydneyCape Town Madrid Riyadh Johannesburg San Francisco Atlanta Dallas Frankfurt Sao Paulo Lagos Kuala Lumpur Tel Aviv Washington DC Chicago Los Angeles Copenhagen Melbourne Milan Hong Kong Taipei Zurich Chennai Tianjin Tokyo Doha Dubai Abu Dhabi Miami Jeddah Al Khobar Warsaw Seattle Oslo Shanghai 45B+ Requests processed/day 100M+ Threats blocked/day 120K+ Unique security updates/day 100 data centers across 6 continents Secure Ongoing third- party testing CertifiedReliable Redundancy within and failover across DCs Transparent Trust portal for service availability monitoring Egress O365 close to user Avoid network hairpins Internet Peering across 150 Vendors O365 Peering Data Center Deliver a fast connection regardless of location!
©2018 Zscaler, Inc. All rights reserved. Traditional Sandboxes vs Zscaler Cloud Sandbox Better Protection, Scalability and Intelligence HQBranchMobile Unlimited Capacity with full SSL inspection HQ Branch Mobile Sandbox Alert Limited Capacity with no SSL inspection ? ? Easily scale across all users/locations Inline architecture holds file until clean Cloud effect shares blocks to all customers Zscaler Cloud Sandbox Users off network go unprotected Sandbox allows files to pass and infect Threat data is often localized and not shared Traditional Sandbox
©2018 Zscaler, Inc. All rights reserved. Case Study: A Transition to Better User Security After full deployment Zscaler caught more threats and eliminated the need for FireEye US Healthcare Provider with 8100 users Zscaler deployment with Cloud Sandbox and SSL Inspection 28 11 8 18 11 7 8 6 3 1 5 12 39 73 60 87 180 202 291 181 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 1 10 100 1000 Mar-16 Apr-16 May-16 Jun-16 Jul-16 Aug-16 Sep-16 Oct-16 Nov-16 Dec-16 Zscaler 100% Deployed FireEye DetectionsZscaler Deployment Zscaler Blocks Advanced Threats Found During Deployment
©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION24 A three-step journey to secure IT transformation (BROADBAND) Enable secure SD-WAN / local Internet breakouts – optimize backhaul Deliver a better and more secure user experience TRANSFORM Cloud-enable your network SIMPLIFY Remove point products Phase out gateway appliances at your own pace Reduce cost and management overhead SECURE Up-level your security Make Zscaler your next hop to the Internet Fast to deploy No infrastructure changes required
©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION25 Security Best Practices • 70% of total traffic is SSL/TLS encrypted – Zscaler Cloud Insight • DV certificates with shorter duration are most abused SSL certs • SSL/TLS encrypted attacks are not just limited to APT campaigns • Multi-layered defense-in-depth strategy is key • SSL/TLS inspection for all secure web transactions is essential
CxOs CIOs, CTOs and CISOs Architects and Engineers Security, Network, Cloud & Enterprise Operations Security & Networking Who should Attend Scott Guthrie, EVP / Satya Nadella, CEO Chris Drumgoole, CTO General Electric Frederik Janssen Global Head, IT Infrastructure Pat Gelsinger, CEO / Michael Dell, CEO DELL June 25 – 27, 2018 The Cosmopolitan, Las Vegas Register at zenithlive.zscaler.com Where CIOs, CTOs, CISOs, and networking/security experts exchange cloud transformation experiences with thought leaders of leading global companies
©2018 Zscaler, Inc. All rights reserved.27 Thank You! Questions and Next Steps 27 ©2018 Zscaler, Inc. All rights reserved. Deepen Desai VP, Security Research & Operations @ddesai_av ddesai@zscaler.com Learn more about Zscaler Cloud Sandboxing Zero-Day Best Practices zscaler.com/resources Zscaler ThreatLabZ Research Blog blog.zscaler.com On Demand Webcasts (zscaler.com – resources – webcasts) Accelerate the Migration to Microsoft Azure with Zscaler Private Access Steve Grossenbacher Sr. Product Marketing Manger @grossenbacher_1 sgrossenbacher@zscaler.com Calculate the cost of Zero-days zscaler.com/gaps How Zscaler enables simpler Office 365 deployment and a fast user experience Thursday, May 31st, 2018 | Americas - 10:00 am PST Tuesday, June 5th, 2018 | Americas - 10:00 am PST

Recommended

Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler
 
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler
 
SD-WAN plus cloud security
SD-WAN plus cloud securitySD-WAN plus cloud security
SD-WAN plus cloud security
Zscaler
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
Ankit Dua
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
Zscaler
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
Zscaler
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 

Recommended

Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler
 
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacksZscaler ThreatLabz dissects the latest SSL security attacks
Zscaler ThreatLabz dissects the latest SSL security attacks
Zscaler
 
SD-WAN plus cloud security
SD-WAN plus cloud securitySD-WAN plus cloud security
SD-WAN plus cloud security
Zscaler
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
Ankit Dua
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
Zscaler
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
Zscaler
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
 
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudOvercoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
Zscaler
 
Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1
Zscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
Zscaler
 
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerMigration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscaler
Zscaler
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18
Zscaler
 
The secure, direct to-internet branch
The secure, direct to-internet branchThe secure, direct to-internet branch
The secure, direct to-internet branch
Zscaler
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
Zscaler
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will love
Zscaler
 
3 reasons-sdp-is-replacing-vpn-in-2019
3 reasons-sdp-is-replacing-vpn-in-20193 reasons-sdp-is-replacing-vpn-in-2019
3 reasons-sdp-is-replacing-vpn-in-2019
Zscaler
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
Zscaler
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
Zscaler
 
O365 quick with fast user experience
O365 quick with fast user experienceO365 quick with fast user experience
O365 quick with fast user experience
Zscaler
 
Office 365 deployment
Office 365 deploymentOffice 365 deployment
Office 365 deployment
Zscaler
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copySchneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copy
Zscaler
 
Office 365 kelly services
Office 365 kelly servicesOffice 365 kelly services
Office 365 kelly services
Zscaler
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
Zscaler
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed Security
Darryl Santa
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
Zscaler
 

More Related Content

What's hot

Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
 
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudOvercoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
Zscaler
 
Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1
Zscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
Zscaler
 
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerMigration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscaler
Zscaler
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18
Zscaler
 
The secure, direct to-internet branch
The secure, direct to-internet branchThe secure, direct to-internet branch
The secure, direct to-internet branch
Zscaler
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
Zscaler
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will love
Zscaler
 
3 reasons-sdp-is-replacing-vpn-in-2019
3 reasons-sdp-is-replacing-vpn-in-20193 reasons-sdp-is-replacing-vpn-in-2019
3 reasons-sdp-is-replacing-vpn-in-2019
Zscaler
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
Zscaler
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
Zscaler
 
O365 quick with fast user experience
O365 quick with fast user experienceO365 quick with fast user experience
O365 quick with fast user experience
Zscaler
 
Office 365 deployment
Office 365 deploymentOffice 365 deployment
Office 365 deployment
Zscaler
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
Zscaler
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copySchneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copy
Zscaler
 
Office 365 kelly services
Office 365 kelly servicesOffice 365 kelly services
Office 365 kelly services
Zscaler
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
Zscaler
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed Security
Darryl Santa
 

What's hot (20)

Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
 
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the CloudOvercoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
 
Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerMigration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscaler
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18
 
The secure, direct to-internet branch
The secure, direct to-internet branchThe secure, direct to-internet branch
The secure, direct to-internet branch
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will love
 
3 reasons-sdp-is-replacing-vpn-in-2019
3 reasons-sdp-is-replacing-vpn-in-20193 reasons-sdp-is-replacing-vpn-in-2019
3 reasons-sdp-is-replacing-vpn-in-2019
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
 
O365 quick with fast user experience
O365 quick with fast user experienceO365 quick with fast user experience
O365 quick with fast user experience
 
Office 365 deployment
Office 365 deploymentOffice 365 deployment
Office 365 deployment
 
How sdp delivers_zero_trust
How sdp delivers_zero_trustHow sdp delivers_zero_trust
How sdp delivers_zero_trust
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copySchneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copy
 
Office 365 kelly services
Office 365 kelly servicesOffice 365 kelly services
Office 365 kelly services
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed Security
 

Similar to Dissecting ssl threats

Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
Zscaler
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
AlgoSec
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
Symantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec
 
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets
Digital Transformation EXPO Event Series
 
Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015
RapidSSLOnline.com
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
NormShield, Inc.
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated Ransomware
IBM Security
 
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformKey Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
John Pollack
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochure
Mark Gibson
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Amazon Web Services
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
Cloudflare
 
EverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in CybersecurityEverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in Cybersecurity
Cyphort
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?
Samvel Gevorgyan
 
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceThe cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
Jason Bloomberg
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
Sebastien Deleersnyder
 
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdfCloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
petchphumsanit40
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
AlgoSec
 

Similar to Dissecting ssl threats (20)

Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
 
DNS Security, is it enough?
DNS Security, is it enough? DNS Security, is it enough?
DNS Security, is it enough?
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets Threat Landscape Lessons from IoTs and Honeynets
Threat Landscape Lessons from IoTs and Honeynets
 
Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated Ransomware
 
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformKey Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochure
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
 
EverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in CybersecurityEverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in Cybersecurity
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?
 
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceThe cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdfCloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 

More from Zscaler

Zscaler mondi webinar
Zscaler mondi webinarZscaler mondi webinar
Zscaler mondi webinar
Zscaler
 
Top 5 mistakes deploying o365
Top 5 mistakes deploying o365Top 5 mistakes deploying o365
Top 5 mistakes deploying o365
Zscaler
 
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZenith Live - Security Lab - Phantom
Zenith Live - Security Lab - Phantom
Zscaler
 
Moving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospitalMoving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospital
Zscaler
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
 
Top reasons o365 deployments fail
Top reasons o365 deployments failTop reasons o365 deployments fail
Top reasons o365 deployments fail
Zscaler
 
GDPR - are you ready?
GDPR - are you ready?GDPR - are you ready?
GDPR - are you ready?
Zscaler
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
Zscaler
 

More from Zscaler (8)

Zscaler mondi webinar
Zscaler mondi webinarZscaler mondi webinar
Zscaler mondi webinar
 
Top 5 mistakes deploying o365
Top 5 mistakes deploying o365Top 5 mistakes deploying o365
Top 5 mistakes deploying o365
 
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - PhantomZenith Live - Security Lab - Phantom
Zenith Live - Security Lab - Phantom
 
Moving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospitalMoving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospital
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
Top reasons o365 deployments fail
Top reasons o365 deployments failTop reasons o365 deployments fail
Top reasons o365 deployments fail
 
GDPR - are you ready?
GDPR - are you ready?GDPR - are you ready?
GDPR - are you ready?
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
 

Recently uploaded

一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
ufdana
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
GTProductions1
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
keoku
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptxInternet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
VivekSinghShekhawat2
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
Arif0071
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
Rogerio Filho
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
Gal Baras
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
JungkooksNonexistent
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
3ipehhoa
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
nirahealhty
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Sanjeev Rampal
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
Javier Lasa
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
laozhuseo02
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
natyesu
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
laozhuseo02
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Brad Spiegel Macon GA
 

Recently uploaded (20)

一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptxInternet-Security-Safeguarding-Your-Digital-World (1).pptx
Internet-Security-Safeguarding-Your-Digital-World (1).pptx
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
 

Dissecting ssl threats

  • 1. ©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION1 Zscaler ThreatLabz dissects the latest SSL security attacks WEBCASTS Steve Grossenbacher Sr. Product Marketing Manager | Zscaler sgrossenbacher@Zscaler.com Deepen Desai VP, Security Research & Operations | Zscaler ddesai@zscaler.com
  • 2. ©2018 Zscaler, Inc. All rights reserved.2 To ask a question • Type your questions into the chat box in the Webex panel or email us at communications@zscaler.com • We’ll try to get to all questions during the Q&A session. If we do not get to your question, we’ll make sure to follow up afterwards • At the end of the webcast – please let us know how we did! ©2018 Zscaler, Inc. All rights reserved. Ask your question here…
  • 3. ©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION3 Zscaler: The Market Leader in Cloud Security Enterprise Customers 2,800 CUSTOMERS Over 200 of the Fortune Global 2000 Global Partners 100 Data centers 40B Daily requests 185 Countries served Cloud Scale The Pioneer in Cloud Security Mature Global Cloud Operations
  • 4. ©2018 Zscaler, Inc. All rights reserved.4 The Rise of the SSL Attack Ironically, increased use of SSL in attempt to make our online lives more secure can create ‘blind spots’ that can actually reduce security… NSS Labs “ ” 70% of all enterprise web traffic over Zscaler is encrypted 70% 54% of the threats Zscaler blocks are hidden inside SSL Traffic 54%
  • 5. ©2018 Zscaler, Inc. All rights reserved.5 Web properties are quickly adopting SSL by default to stem privacy concerns SSL is great for privacy, but a challenge for content inspection, whether for enterprise or national security SSL inspection can cause significant performance degradation on security appliances Implementing SSL inspection will raise privacy/regulatory concerns, but compromise must be achieved 70% …of all web traffic on Zscaler Cloud is SSL encrypted 70% …of all pages loaded on Firefox were using HTTPS 54% …of APT’s use SSL encryption 25% … of Zscaler customers block unscannable files 32% … of Zscaler customers block password protected files ©2018 Zscaler, Inc. All rights reserved. Threats Hiding Deep in Encrypted Communications
  • 6. • Over 800,000 threat blocks each day that use SSL. • Q12018 SSL/TLS threats highlights: • Over 1.2 million malware downloads blocked • Over 200K phishing attacks blocked • Over 136K botnet callbacks blocked • Over 42K browser exploits blocked • Upward trend expected to continue • CoinMining, Encrypted Phishing & SMiShing An In Depth Threat Study from the World’s Largest Security Cloud Current Malicious SSL/TLS Activity Trends 6 ©2018 Zscaler, Inc. All rights reserved Zscaler Security Cloud SSL Trends
  • 7. Zscaler Cloud Threat Intelligence - Phishing 7 ©2018 Zscaler, Inc. All rights reserved Zscaler Security Cloud Security Trends Phishing page hosted on legitimate domain that has been compromised • More legitimate sites support SSL Newly registered cyber squatted domains to imitate legitimate brands • nnicrosoftoffice.com [real attack] • {name}-sharepoint.com [targeted attack] A 300% increase in Phishing content delivered in 2018 over SSL compared to 2016 Top Phishing Campaigns
  • 8. ©2018 Zscaler, Inc. All rights reserved.8 SSL/TLS threats case study - Phishing Double Encryption Scare Tactics!
  • 9. ©2018 Zscaler, Inc. All rights reserved.9 Parenting in 1989 Parenting in 2014-2017
  • 10. Zscaler Cloud Threat Intelligence - Malware Zscaler Security Cloud Security Trends • Locky remains most prevalent ransomware family. • Uptick in SamSam ransomware activity targeting healthcare and Government • New ransomware family – GandCrab distributed by Eks • Android Mobile Malware • Google Play Store – Spyware, Fortnite, Windows infected apps (over 200 apps discovered and cleaned up) • Banking Trojans, Ransomware
  • 11. Zscaler Cloud Threat Intelligence – Sandbox 11 ©2018 Zscaler, Inc. All rights reserved Zscaler Security Cloud Security Trends • New unique payloads seen in Cloud Sandbox – Q12018 • Malicious documents, JARs, APKs, executables.. • Many payloads delivered over SSL from Box, Dropbox, AWS, Google.. • Emotet remains one of the most prevalent malware family • Over 50% increase in coinmining malware payloads
  • 12. Distribution of new unique malicious payloads seen in Zscaler Cloud Sandbox leveraging SSL/TLS for C&C activity Taking callbacks to a new level Zscaler Cloud Threat Intelligence – Sandbox SSL/TLS threats 68 percent were comprised of multiple Banking Trojan families (Emotet, Trickbot, Zbot etc.) 23 percent were comprised of Infostealer and RAT families. Cobalt Strike APT19 payloads targeting manufacturing & healthcare verticals SSL Blacklist (sslbl.abuse.ch)
  • 13. ©2018 Zscaler, Inc. All rights reserved.13 SSL use in Browser Exploit and Payload Delivery Using SSL enabled Advertising networks Used for injecting malicious scripts into legitimate websites Abuse of free SSL providers Leveraging free certificates for enabling HTTPS support in their malicious domains Bypasses SSL integrity checks in web browser Hiding in the Infection Chain Distribution by Certificate Authorities
  • 14. ©2018 Zscaler, Inc. All rights reserved.14 SSL Certificates and Validity Period – Security Blocks • DV vs. OV vs. EV Certificates • Distribution of certificates involved in security blocks by validation method Hiding in the Infection Chain Validity Period Distribution • Majority of the certificates had a shorter validity period (<= 3 months) • Usually free certs
  • 15. ©2018 Zscaler, Inc. All rights reserved.15 Over 11,500 certificates with the string “paypal” were issued by let’s encrypt!! Let’s Encrypt issued SSL Certificates with string paypal
  • 16. ©2018 Zscaler, Inc. All rights reserved.16 Q12018 Top Trending Threats – Web-based CryptoMining (Cryptojacking!) • A paradigm shift in website monetization techniques leading to exponential growth in web-based cryptomining traffic • 2.5 billion cryptomining transactions blocked over last 6 months • Streaming media and porn/nudity domain categories had the highest hit rate • Legitimate vs. Compromised hosts • Activity seen over HTTP, HTTPS, and WSS
  • 17. ©2018 Zscaler, Inc. All rights reserved.17 Q12018 Top Trending Threats - SMiShing SMiShing also known as SMS phishing is an attack method used to steal sensitive credentials from mobile users. Attack starts with the end user receiving a SMS message containing a specially crafted link that points to a phishing site. SMiShing campaigns targeting (Q12018): • Social networking sites - Facebook, WhatsApp • Financial institutions and services - Natwest, HSBC, Paypal, Tax Refunds, Impots • Popular productivity software and services
  • 18. Objectives Ransom ExfiltratePropagate .Exe, Archive or Embedded Script How Files and Websites Spread Malware Infection StageHunting Stage Malware .EXE delivers final payload. Enables final hacking objectives. Enables command and control. 4 User browses trusted web page with compromised content 1 Hackers web servers deliver initial file and keeps exploit server hidden 2 Exploit Server Creates new malware samples on demand to bypass signature detection 3 iFrame redirect Exploit & Call home
  • 19. Web content scanning, Risk based analysis, App Control Browser Control Risk Based Scoring File, User, Group and QoS Control, Signature-based AV and IPS Inline Content Control Complete Packet ByteScan Malicious Hosts, Sites, Botnets Phishing, GEO, Protocol & ACLs Destination Based Blocking Dynamic & Behavioral Analysis of User ContentSandboxing Breaking the kill chain with Zscaler Recon and Creation Survey defenses Planning attack Create Payload Delivery Via trusted/untrusted sites and web content Exploitation Payload exploits unpatched vulnerability Installation Installing malware onto asset Command & Control (C2) Remote Control. Additional malware downloads Action on Objectives Lateral movement, data exfiltration, disruption, etc. DNS Security Botnet and Callback Detection DLP Security Full SSL Inspection Full SSL Inspection Find and stop more malicious threats
  • 20. ©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION20 Direct to Internet Block the bad, protect the good The best approach for SD-WAN and Office 365 Zscaler Internet Access – Fast, secure access to the Internet and SaaS Data Center APPSMPLS HQMOBILE BRANCHIOT Your security stack as a service Data Loss Prevention Cloud Apps (CASB) File Type Controls Data Protection Cloud Firewall URL Filtering Bandwidth Control DNS Filtering Access Control Adv. Protection Cloud Sandbox Anti-Virus DNS Security Threat PreventionReal-time policy engine Polices follow the user Changes are immediately enforced, worldwide Business analytics Global visibility into apps and threats blocked Identify botnet infected machines for remediation Real-time policy and analytics SaaS Open Internet
  • 21. 21 Zscaler - Purpose Built, Global Security Cloud 21©2018 Zscaler, Inc. All rights reserved Denver Toronto New York Paris London Amsterdam Brussels Stockholm Moscow Mumbai Singapore SydneyCape Town Madrid Riyadh Johannesburg San Francisco Atlanta Dallas Frankfurt Sao Paulo Lagos Kuala Lumpur Tel Aviv Washington DC Chicago Los Angeles Copenhagen Melbourne Milan Hong Kong Taipei Zurich Chennai Tianjin Tokyo Doha Dubai Abu Dhabi Miami Jeddah Al Khobar Warsaw Seattle Oslo Shanghai 45B+ Requests processed/day 100M+ Threats blocked/day 120K+ Unique security updates/day 100 data centers across 6 continents Secure Ongoing third- party testing CertifiedReliable Redundancy within and failover across DCs Transparent Trust portal for service availability monitoring Egress O365 close to user Avoid network hairpins Internet Peering across 150 Vendors O365 Peering Data Center Deliver a fast connection regardless of location!
  • 22. ©2018 Zscaler, Inc. All rights reserved. Traditional Sandboxes vs Zscaler Cloud Sandbox Better Protection, Scalability and Intelligence HQBranchMobile Unlimited Capacity with full SSL inspection HQ Branch Mobile Sandbox Alert Limited Capacity with no SSL inspection ? ? Easily scale across all users/locations Inline architecture holds file until clean Cloud effect shares blocks to all customers Zscaler Cloud Sandbox Users off network go unprotected Sandbox allows files to pass and infect Threat data is often localized and not shared Traditional Sandbox
  • 23. ©2018 Zscaler, Inc. All rights reserved. Case Study: A Transition to Better User Security After full deployment Zscaler caught more threats and eliminated the need for FireEye US Healthcare Provider with 8100 users Zscaler deployment with Cloud Sandbox and SSL Inspection 28 11 8 18 11 7 8 6 3 1 5 12 39 73 60 87 180 202 291 181 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 1 10 100 1000 Mar-16 Apr-16 May-16 Jun-16 Jul-16 Aug-16 Sep-16 Oct-16 Nov-16 Dec-16 Zscaler 100% Deployed FireEye DetectionsZscaler Deployment Zscaler Blocks Advanced Threats Found During Deployment
  • 24. ©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION24 A three-step journey to secure IT transformation (BROADBAND) Enable secure SD-WAN / local Internet breakouts – optimize backhaul Deliver a better and more secure user experience TRANSFORM Cloud-enable your network SIMPLIFY Remove point products Phase out gateway appliances at your own pace Reduce cost and management overhead SECURE Up-level your security Make Zscaler your next hop to the Internet Fast to deploy No infrastructure changes required
  • 25. ©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION25 Security Best Practices • 70% of total traffic is SSL/TLS encrypted – Zscaler Cloud Insight • DV certificates with shorter duration are most abused SSL certs • SSL/TLS encrypted attacks are not just limited to APT campaigns • Multi-layered defense-in-depth strategy is key • SSL/TLS inspection for all secure web transactions is essential
  • 26. CxOs CIOs, CTOs and CISOs Architects and Engineers Security, Network, Cloud & Enterprise Operations Security & Networking Who should Attend Scott Guthrie, EVP / Satya Nadella, CEO Chris Drumgoole, CTO General Electric Frederik Janssen Global Head, IT Infrastructure Pat Gelsinger, CEO / Michael Dell, CEO DELL June 25 – 27, 2018 The Cosmopolitan, Las Vegas Register at zenithlive.zscaler.com Where CIOs, CTOs, CISOs, and networking/security experts exchange cloud transformation experiences with thought leaders of leading global companies
  • 27. ©2018 Zscaler, Inc. All rights reserved.27 Thank You! Questions and Next Steps 27 ©2018 Zscaler, Inc. All rights reserved. Deepen Desai VP, Security Research & Operations @ddesai_av ddesai@zscaler.com Learn more about Zscaler Cloud Sandboxing Zero-Day Best Practices zscaler.com/resources Zscaler ThreatLabZ Research Blog blog.zscaler.com On Demand Webcasts (zscaler.com – resources – webcasts) Accelerate the Migration to Microsoft Azure with Zscaler Private Access Steve Grossenbacher Sr. Product Marketing Manger @grossenbacher_1 sgrossenbacher@zscaler.com Calculate the cost of Zero-days zscaler.com/gaps How Zscaler enables simpler Office 365 deployment and a fast user experience Thursday, May 31st, 2018 | Americas - 10:00 am PST Tuesday, June 5th, 2018 | Americas - 10:00 am PST

Editor's Notes

  1. Missed by 9 AV engines
  2. 54m avg of 0.5m
  3. Platform approach a key piece
  4. Zscaler Cloud Sandbox easily scale protection to all users regardless of location. Typical centralized appliances are not able to deliver complete protection for users off network. Malware can exploit the system, and then spread laterally when connected to the network. Additionally, centralized appliances usually remain in tap mode and rarely make it inline, which limits their effectiveness. Malware is allowed to pass, and detection occurs after the fact By way of it’s architecture, Zscaler delivers a sandbox that always sits inline. Files can be quarantined and confirmed sandbox clean before delivery. Lastly, Zscaler Cloud Sandbox delivers the Cloud-effect which shares new threat detections across the cloud in seconds. Add to all this the fact that Zscaler can accommodate all a customers SSL traffic with no capacity limitation, and Zscaler is the clear winner over traditional appliance based solutions.
  5. As one of our customers deployed Zscaler, they noticed a change in their security logs. They were so excited that the forward the data to us without us even asking. We often get unsolicited feedback from customers on how excited they are about their Zscaler installation. In this case, you can see this customer did a controlled rollout of Zscaler over a 6 month period. As you can see, the more they deployed Zscaler, threat blocks increased on the Zscaler side, and FireEye detection reduced. There are a couple interesting notes about this case study: 1. Zscaler was able to block FAR more threats than FireEye due to the fact that all users on and off network can be covered 2. Many of the alerts FireEye saw after deployment were found to benign 3. The value of SSL inspection can’t be overstated. Customer found far more threats. FireEye is unable to inspect SSL traffic without costly additional hardware. With Zscaler at full deployment and actively blocking FAR more threats that FireEye ever was detecting (not blocking), it seems FireEye’s days are numbered!
  6. With Zscaler it’s simple to get started. In fact, we’ve cut over 40,000 in 1 weekend night and 160,000 users over 60 days. All you need to do to make Zscaler your next hop to the Internet is to make Zscaler your default route. A number of customers did this to block threats that were going undetected by their current security appliances without making any policy changes. Some also start by securing their mobile workers, then migrating their office locations. This allows them to take their security from a 6 or 7 to a 9 or 9.5 out of 10. No one is perfect. One ZPA customer got started with one of the uses cases before replacing their entire VPN infrastructure. The second phase of the journey involves phasing out security appliances to reduce cost and complexity. This can be done at your pace, but more often than not, this is typically shortly after or in tandem with starting to send traffic to Zscaler. With Zscaler in place, the third phase of the journey is about routing traffic locally via Internet breakouts to Zscaler. By routing traffic locally companies can optimize their MPLS spend and deliver a more secure and better user experience. Office 365 has been a key accelerator for local breakouts as Microsoft now recommends routing traffic locally and doing local DNS. So users are connecting to the closest Office 365 pop and on their CDN Network as fast as possible. ExpressRoute is now only recommending for very specific use cases. Microsoft also cautions against hub-and spoke-architectures with centralized proxies for a variety of reasons.