SlideShare a Scribd company logo

GTB Data Loss Prevention

R
refaeli

Next Generation of Data Leakage & Loss Prevention Technologies. GTB Technologies provides products for data loss prevention in corporate networks and endpoints, in motion and at rest. Its flagship product, the GTB Inspector is a winner of multiple awards and rave reviews in the press . alon@gttb.com

1 of 13
Download to read offline
Enterprise Data Loss Prevention The most affordable DLP system in the space Alon Refaeli – EMEA Business Development Manager at GTB Technologies Inc. alon@gttb.com
DLP Issues Top Concern for CSOs Merrill Lynch CISO Survey, June 27, 2007 The 2008 Global Information Security Workforce Study, Frost & Sullivan, April 22, 2008 2
The Reality of Today’s Networks • Web Mail • File Transfers • Information • IM Sharing • Social Networking • Skype • Bots • SAAS • Virus • PAAS • Hackers • Cloud Computing • Port Hopping • Web Apps • Tunneling 3
Threats are Targeting Information • Business Partners • Webmail Leakage • Social Networking Uneducated User • Cloud Theft • Nation States Malicious Insider • Organized Non- State Actors (e.g., Terrorist groups) Exfiltration • Organized Crime External Threat • Advanced Persistent Actors Threats Copyright 2011 GTB DLP Suite
What the analysts say: Frost & Sullivan believes that GTB is on track to becoming the dominant provider of DLP/ILP solutions in the financial market. World dlp research September 2008 When using fingerprinted data, the catch rate is 100%. If you have sensitive data on your enterprise you need this device… you will sleep much better knowing your data is protected. SC Magazine 2007 Copyright 2011 GTB DLP Suite Slide
The GTB DLP components Network Endpoint eDiscovery • Scans all • Discover • Scan Desktops outbound traffic • Protect • Scans file shares • Highest • Audit • Reports on accuracy • Control vulnerable files • Able to block • Content-Aware Content- • Automatic batch without a proxy server • File format agnostic Supports all languages Centralized policy, reporting and workflow GTB DLP Suite Copyright 2011 Slide
DLP answers three questions: 1. Who is sending 2. What data is 3. Who is my data? being sent? receiving my data? • Insiders • PII • IP address • Intruders • PHI • Email destination • Spyware/Viruses • Source Code • Geographic • IP location GTB DLP Suite Copyright 2011 Slide
The 8 use-cases for Network DLP use- 1. Control a broken 2. Demonstrate 3. Automate Email 4. Detect or Block business process Compliance Encryption encrypted content •Who is sending, •I have no way of •How do I automate •Should I allow what data and to enforcing data loss encrypting emails encrypted data to whom? compliance which require it? leave without regulation content inspection? 7. Detect/Block TCP 8. Employees’ 5. Severity Blocking 6. Visibility to SSL from non-trusted non- Education users •Some breaches are •I have no visibility to •How do I detect •My employees are so severe that I SSL in general and transmissions from not complying with prefer to altogether HTTPS in particular! non- non-trusted users the Written block them! (Malware/Viruses/Tr Information ojans) Security Policy (WISP) Copyright 2011 GTB DLP Suite Slide
What data must be protected? Personal identifiable information (PII) • Credit card number • Social security number • Customer name • Address • Telephone number • Account number/Member number • PIN or password • Username & password • Drivers license number • Date of birth Copyright 2011 GTB DLP Suite Slide
Fingerprint Detection Engine –Structured Data The most accurate detection engine in the DLP space Feature Benefit Can fingerprint any database Highest flexibility Multi-field detection No false positives Automatic fingerprints refresh Easy maintenance and operation Automatically deletes fingerprints that are no longer Options for time-based sensitive content sensitive Supports user-defined fields Protects your direct business data Fingerprints 1 million fields in 10 minutes Very high performance Copyright 2011 GTB DLP Suite Slide 10
GTB advanced fingerprinting technology - Files
Fingerprint Detection Engine – Unstructured Data The most accurate detection engine in the DLP space Feature Benefit Multiple data stream fingerprints using Allows for partial file match proprietary algorithm Options for binary or text detection Detects images inside files Options for excluded content Detects sensitive data only Automatically deletes fingerprints that are no longer Options for time-based sensitive content sensitive User defined sensitivity (in bytes) Highest possible control on what is detected Virtual zero false positive rate Highest accuracy Multi-language support Files in any language can be protected Copyright 2011 GTB DLP Suite Slide 12
Data Patterns Detection • Extended REGEX templates out of the box • Patterns defined through REGEX in PHP • Lexicons support • User defined severity level per pattern rule • Multi field weights and occurrences • Support for all languages Copyright 2011 GTB DLP Suite Slide

Recommended

Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Sean Whalen
 
Kaseya Connect 2012 – A Kaspersky Researcher Perspective
Kaseya Connect 2012 – A Kaspersky Researcher PerspectiveKaseya Connect 2012 – A Kaspersky Researcher Perspective
Kaseya Connect 2012 – A Kaspersky Researcher Perspective
Kaseya
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
Sean Whalen
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an Attack
spoofyroot
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
Sean Whalen
 
Gtb Product Technical Present
Gtb Product Technical PresentGtb Product Technical Present
Gtb Product Technical Presentgtbsalesindia
 
One of 2 protect your business
One of 2 protect your businessOne of 2 protect your business
One of 2 protect your business
Management Insights LLC
 
Brochure protect operational_info_sm1
Brochure protect operational_info_sm1Brochure protect operational_info_sm1
Brochure protect operational_info_sm1Noel Waterman
 

Recommended

Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Sean Whalen
 
Kaseya Connect 2012 – A Kaspersky Researcher Perspective
Kaseya Connect 2012 – A Kaspersky Researcher PerspectiveKaseya Connect 2012 – A Kaspersky Researcher Perspective
Kaseya Connect 2012 – A Kaspersky Researcher Perspective
Kaseya
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
Sean Whalen
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an Attack
spoofyroot
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
Sean Whalen
 
Gtb Product Technical Present
Gtb Product Technical PresentGtb Product Technical Present
Gtb Product Technical Presentgtbsalesindia
 
One of 2 protect your business
One of 2 protect your businessOne of 2 protect your business
One of 2 protect your business
Management Insights LLC
 
Brochure protect operational_info_sm1
Brochure protect operational_info_sm1Brochure protect operational_info_sm1
Brochure protect operational_info_sm1Noel Waterman
 
Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security MonitoringAnton Goncharov
 
Sql injection to enterprise Owned - K.K. Mookhey
Sql injection to enterprise Owned - K.K. Mookhey Sql injection to enterprise Owned - K.K. Mookhey
Sql injection to enterprise Owned - K.K. Mookhey OWASP-Qatar Chapter
 
Fundamentals of Cryptography
Fundamentals of CryptographyFundamentals of Cryptography
Fundamentals of Cryptography
Dallas Web Security Group
 
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Positive Hack Days
 
Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012
Kurt Baumgartner
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and You
Mary Kelly Rich
 
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Nicholas Davis
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYjmical
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
Brian Pichman
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
Leveraging mobile & wireless technology for Law and Order
Leveraging mobile & wireless technology for Law and OrderLeveraging mobile & wireless technology for Law and Order
Leveraging mobile & wireless technology for Law and Order
c0c0n - International Cyber Security and Policing Conference
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day Conference
Brian Pichman
 
PaloAlto Ignite Conference 2015
PaloAlto Ignite Conference 2015PaloAlto Ignite Conference 2015
PaloAlto Ignite Conference 2015Mike Spaulding
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC Presentation
CloudComputing
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
Hykeos
 
Robin Hoods And Criminals
Robin Hoods And CriminalsRobin Hoods And Criminals
Robin Hoods And Criminals
Ziv Ichilov
 
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malwareDEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
Felipe Prado
 
Mengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatMengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatCharles Lim
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
 
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare InfrastructureFingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare Infrastructure
Positive Hack Days
 
GTB DLP Suite Presentation
GTB DLP Suite PresentationGTB DLP Suite Presentation
GTB DLP Suite Presentationgtbsalesindia
 
Gtb Dlp Suite Presentation
Gtb Dlp Suite PresentationGtb Dlp Suite Presentation
Gtb Dlp Suite Presentationgtbsalesindia
 

More Related Content

What's hot

Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security MonitoringAnton Goncharov
 
Sql injection to enterprise Owned - K.K. Mookhey
Sql injection to enterprise Owned - K.K. Mookhey Sql injection to enterprise Owned - K.K. Mookhey
Sql injection to enterprise Owned - K.K. Mookhey OWASP-Qatar Chapter
 
Fundamentals of Cryptography
Fundamentals of CryptographyFundamentals of Cryptography
Fundamentals of Cryptography
Dallas Web Security Group
 
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Positive Hack Days
 
Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012
Kurt Baumgartner
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and You
Mary Kelly Rich
 
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Nicholas Davis
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYjmical
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
Brian Pichman
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
Leveraging mobile & wireless technology for Law and Order
Leveraging mobile & wireless technology for Law and OrderLeveraging mobile & wireless technology for Law and Order
Leveraging mobile & wireless technology for Law and Order
c0c0n - International Cyber Security and Policing Conference
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day Conference
Brian Pichman
 
PaloAlto Ignite Conference 2015
PaloAlto Ignite Conference 2015PaloAlto Ignite Conference 2015
PaloAlto Ignite Conference 2015Mike Spaulding
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC Presentation
CloudComputing
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
Hykeos
 
Robin Hoods And Criminals
Robin Hoods And CriminalsRobin Hoods And Criminals
Robin Hoods And Criminals
Ziv Ichilov
 
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malwareDEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
Felipe Prado
 
Mengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatMengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatCharles Lim
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
 
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare InfrastructureFingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare Infrastructure
Positive Hack Days
 

What's hot (20)

Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security Monitoring
 
Sql injection to enterprise Owned - K.K. Mookhey
Sql injection to enterprise Owned - K.K. Mookhey Sql injection to enterprise Owned - K.K. Mookhey
Sql injection to enterprise Owned - K.K. Mookhey
 
Fundamentals of Cryptography
Fundamentals of CryptographyFundamentals of Cryptography
Fundamentals of Cryptography
 
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
 
Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and You
 
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
 
Leveraging mobile & wireless technology for Law and Order
Leveraging mobile & wireless technology for Law and OrderLeveraging mobile & wireless technology for Law and Order
Leveraging mobile & wireless technology for Law and Order
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day Conference
 
PaloAlto Ignite Conference 2015
PaloAlto Ignite Conference 2015PaloAlto Ignite Conference 2015
PaloAlto Ignite Conference 2015
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC Presentation
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
 
Robin Hoods And Criminals
Robin Hoods And CriminalsRobin Hoods And Criminals
Robin Hoods And Criminals
 
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malwareDEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
 
Mengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih DekatMengenal ZEUS Botnet Lebih Dekat
Mengenal ZEUS Botnet Lebih Dekat
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare InfrastructureFingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare Infrastructure
 

Similar to GTB Data Loss Prevention

GTB DLP Suite Presentation
GTB DLP Suite PresentationGTB DLP Suite Presentation
GTB DLP Suite Presentationgtbsalesindia
 
Gtb Dlp Suite Presentation
Gtb Dlp Suite PresentationGtb Dlp Suite Presentation
Gtb Dlp Suite Presentationgtbsalesindia
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
Andris Soroka
 
2012 Data Center Security
2012 Data Center Security2012 Data Center Security
2012 Data Center Security
Szymon Dowgwillowicz-Nowicki
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
Gianluca Varisco
 
GTB - Protecting PII in the EU
GTB - Protecting PII in the EUGTB - Protecting PII in the EU
GTB - Protecting PII in the EUVCW Security Ltd
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Symantec APJ
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
Skoda Minotti
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
Gtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment OverviewGtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment Overviewgtbsalesindia
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
Xavier Mertens
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
Novell
 
Homeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest linkHomeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest link
Flaskdata.io
 
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandThe New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
Tyler Shields
 
Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 Predictions
Raffael Marty
 
RSA 2010 Kevin Rowney
RSA 2010 Kevin RowneyRSA 2010 Kevin Rowney
RSA 2010 Kevin Rowney
Symantec
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
Aj Maurya
 
AGC - San Francisco - 2013
AGC - San Francisco - 2013AGC - San Francisco - 2013
AGC - San Francisco - 2013
Seculert
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
Christiaan Beek
 
Cyberscout Corporate Security
Cyberscout Corporate SecurityCyberscout Corporate Security
Cyberscout Corporate Security
Firoze Hussain
 

Similar to GTB Data Loss Prevention (20)

GTB DLP Suite Presentation
GTB DLP Suite PresentationGTB DLP Suite Presentation
GTB DLP Suite Presentation
 
Gtb Dlp Suite Presentation
Gtb Dlp Suite PresentationGtb Dlp Suite Presentation
Gtb Dlp Suite Presentation
 
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...
 
2012 Data Center Security
2012 Data Center Security2012 Data Center Security
2012 Data Center Security
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
GTB - Protecting PII in the EU
GTB - Protecting PII in the EUGTB - Protecting PII in the EU
GTB - Protecting PII in the EU
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16
 
Gtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment OverviewGtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment Overview
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
 
Homeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest linkHomeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest link
 
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandThe New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
 
Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 Predictions
 
RSA 2010 Kevin Rowney
RSA 2010 Kevin RowneyRSA 2010 Kevin Rowney
RSA 2010 Kevin Rowney
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
 
AGC - San Francisco - 2013
AGC - San Francisco - 2013AGC - San Francisco - 2013
AGC - San Francisco - 2013
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 
Cyberscout Corporate Security
Cyberscout Corporate SecurityCyberscout Corporate Security
Cyberscout Corporate Security
 

GTB Data Loss Prevention

  • 1. Enterprise Data Loss Prevention The most affordable DLP system in the space Alon Refaeli – EMEA Business Development Manager at GTB Technologies Inc. alon@gttb.com
  • 2. DLP Issues Top Concern for CSOs Merrill Lynch CISO Survey, June 27, 2007 The 2008 Global Information Security Workforce Study, Frost & Sullivan, April 22, 2008 2
  • 3. The Reality of Today’s Networks • Web Mail • File Transfers • Information • IM Sharing • Social Networking • Skype • Bots • SAAS • Virus • PAAS • Hackers • Cloud Computing • Port Hopping • Web Apps • Tunneling 3
  • 4. Threats are Targeting Information • Business Partners • Webmail Leakage • Social Networking Uneducated User • Cloud Theft • Nation States Malicious Insider • Organized Non- State Actors (e.g., Terrorist groups) Exfiltration • Organized Crime External Threat • Advanced Persistent Actors Threats Copyright 2011 GTB DLP Suite
  • 5. What the analysts say: Frost & Sullivan believes that GTB is on track to becoming the dominant provider of DLP/ILP solutions in the financial market. World dlp research September 2008 When using fingerprinted data, the catch rate is 100%. If you have sensitive data on your enterprise you need this device… you will sleep much better knowing your data is protected. SC Magazine 2007 Copyright 2011 GTB DLP Suite Slide
  • 6. The GTB DLP components Network Endpoint eDiscovery • Scans all • Discover • Scan Desktops outbound traffic • Protect • Scans file shares • Highest • Audit • Reports on accuracy • Control vulnerable files • Able to block • Content-Aware Content- • Automatic batch without a proxy server • File format agnostic Supports all languages Centralized policy, reporting and workflow GTB DLP Suite Copyright 2011 Slide
  • 7. DLP answers three questions: 1. Who is sending 2. What data is 3. Who is my data? being sent? receiving my data? • Insiders • PII • IP address • Intruders • PHI • Email destination • Spyware/Viruses • Source Code • Geographic • IP location GTB DLP Suite Copyright 2011 Slide
  • 8. The 8 use-cases for Network DLP use- 1. Control a broken 2. Demonstrate 3. Automate Email 4. Detect or Block business process Compliance Encryption encrypted content •Who is sending, •I have no way of •How do I automate •Should I allow what data and to enforcing data loss encrypting emails encrypted data to whom? compliance which require it? leave without regulation content inspection? 7. Detect/Block TCP 8. Employees’ 5. Severity Blocking 6. Visibility to SSL from non-trusted non- Education users •Some breaches are •I have no visibility to •How do I detect •My employees are so severe that I SSL in general and transmissions from not complying with prefer to altogether HTTPS in particular! non- non-trusted users the Written block them! (Malware/Viruses/Tr Information ojans) Security Policy (WISP) Copyright 2011 GTB DLP Suite Slide
  • 9. What data must be protected? Personal identifiable information (PII) • Credit card number • Social security number • Customer name • Address • Telephone number • Account number/Member number • PIN or password • Username & password • Drivers license number • Date of birth Copyright 2011 GTB DLP Suite Slide
  • 10. Fingerprint Detection Engine –Structured Data The most accurate detection engine in the DLP space Feature Benefit Can fingerprint any database Highest flexibility Multi-field detection No false positives Automatic fingerprints refresh Easy maintenance and operation Automatically deletes fingerprints that are no longer Options for time-based sensitive content sensitive Supports user-defined fields Protects your direct business data Fingerprints 1 million fields in 10 minutes Very high performance Copyright 2011 GTB DLP Suite Slide 10
  • 11. GTB advanced fingerprinting technology - Files
  • 12. Fingerprint Detection Engine – Unstructured Data The most accurate detection engine in the DLP space Feature Benefit Multiple data stream fingerprints using Allows for partial file match proprietary algorithm Options for binary or text detection Detects images inside files Options for excluded content Detects sensitive data only Automatically deletes fingerprints that are no longer Options for time-based sensitive content sensitive User defined sensitivity (in bytes) Highest possible control on what is detected Virtual zero false positive rate Highest accuracy Multi-language support Files in any language can be protected Copyright 2011 GTB DLP Suite Slide 12
  • 13. Data Patterns Detection • Extended REGEX templates out of the box • Patterns defined through REGEX in PHP • Lexicons support • User defined severity level per pattern rule • Multi field weights and occurrences • Support for all languages Copyright 2011 GTB DLP Suite Slide