SlideShare a Scribd company logo

How to Reduce the Attack Surface Created by Your Cyber-Tools

Enterprise Management Associates
Enterprise Management Associates

Today, being connected on-line is a foundational aspect of many businesses. Everything from our computers and cars to phones and refrigerators are connected in the race to digital transformation. But it comes with a cost. Every device and application in use increases our cyber-attack surface. These slides--based on the webinar from leading IT research firm Enterprise Management Associates (EMA) and Risk IQ--provide information on: - How to get an accurate picture of your attack surface - How threat actors exploit our Internet presence within the context of business and security management tools, issues, and practices - How you can reduce your risk of an attack

Technology
1 of 38
Download to read offline
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING David Monahan Managing Research Director EMA How to Reduce the Attack Surface Created by Your Cyber-Tools Benjamin Powell Technical Marketing Manager RiskIQ
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Watch the On-Demand Webinar Slide 2 • How to Reduce the Attack Surface Created by Your Cyber- Tools On-Demand webinar is available here: http://info.enterprisemanagement.com/how-to-reduce-the- attack-surface-created-by-your-cyber-tools-webinar-ws • Check out upcoming webinars from EMA here: http://www.enterprisemanagement.com/freeResearch
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Today’s Speakers Benjamin Powell, Technical Marketing Manager, RiskIQ Benjamin has worked in IT for over 30 years, focused on IT security for the last 14 years. Prior to RiskIQ he was a founding employee at AccelOps, a SIEM company where he ran Professional Services and Product Marketing. Benjamin has worked and managed IT and cyber security teams in numerous industries (state government, international airport, port district, education, biotech, file encryption software, and financial services). David Monahan, Managing Research Director, Security and Risk Management, EMA David is a senior information security executive with several years of experience. He has organized and managed both physical and information security programs, including security and network operations (SOCs and NOCs) for organizations ranging from Fortune 100 companies to local government and small public and private companies. He has diverse audit and compliance and risk and privacy experience such as providing strategic and tactical leadership to develop, architect, and deploy assurance controls; delivering process and policy documentation and training; and working on educational and technical solutions.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Logistics for Today’s Webinar An archived version of the event recording will be available at www.enterprisemanagement.com • Log questions in the chat panel located on the lower left-hand corner of your screen • Questions will be addressed during the Q&A session of the event QUESTIONS EVENT RECORDING A PDF of the speaker slides will be distributed to all attendees PDF SLIDES Logistics for Today’s Webinar
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING David Monahan Managing Research Director EMA How to Reduce the Attack Surface Created by Your Cyber-Tools
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Defining the Attack Surface 6 © 2019 Enterprise Management Associates, Inc. • The attack surface is the collection of all exposed assets that create points in which an unauthorized entity may be able to access the environment or access sensitive information about the environment or about its users. The attack surface is constantly changing as the business moves to meet its customers’ and users’ needs.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING7 © 2019 Enterprise Management Associates, Inc. Attack Surfaces are Pervasive Cloud Digital Transformation Projects Mobile Tools Infrastructure Social Media Software Dark Web IoT
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Digital Transformation 8 © 2019 Enterprise Management Associates, Inc. • 73% of organizations already have some form of digital transformation underway • Digital Transformation Goals • Reduced risk overall (29%) • Improved IT productivity (22%) • Reduced security costs (16%) • Improved security productivity (16%) • Digital transformation intentionally exposes more IT resources to its business partners and external customers. • Reduced IT costs (15%) • Reduced risk in vulnerability management (15%) • Better collaboration within IT groups (14%)
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Software and Apps 9 © 2019 Enterprise Management Associates, Inc. • Programmers get paid to produce functional code, not secure code • 92% of applications share the same flawed open-source and other third-party components • Attackers exploit flaws in business processes through software interfaces • Apps can leak data • Database SQL-injections • Web-attacks and redirects • Malicious advertisements • Admin interfaces (internal and external) Organizations of 5K or more people have been found to have over 1M vulnerabilities across all systems and applications in the course of one year. EMA- “Day in the Life of A security Professional” Research
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Tools 10 © 2019 Enterprise Management Associates, Inc. Antivirus/NGAV/EPP/EDR SIEM Vulnerability Management Cloud Data Encryption WAF Risk Management (Internal) IAM/PAM/Etc. Security Analytics Web Security Gateway DDoS Protection HSM Remote Access User Awareness Training Threat Intel Feed NAC Advanced Breach Detection App Sec Testing RASP Third-Party Risk Management IRM/DRM CASB SOAR Bot Detection and Protection DLP Deception Technology Security Policy Automation eGRC Attack Simulation On average, security teams use 10 different consoles to manage their security tools. Some use as many as 22 different consoles. Each deployed tool creates an attack surface internally and/or externally
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IoT, IIoT, OT 11 © 2019 Enterprise Management Associates, Inc. • 82% of enterprise organizations indicate they have an IoT/IIoT or OT project underway or are in the planning phase • Consumer IoT = Privacy, IP, and trade secrets • Commercial IoT = Direct effect on business operations and personnel health and welfare • Industrial IIoT and OT = Largescale effect on populace health and welfare 73% 68% 51% Commercial Consumer Industrial Types of IoT devices deployed, operated, or managed within enterprise environments
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Current Threat from IoT, IIoT, and OT devices 12 © 2019 Enterprise Management Associates, Inc. Extreme to Very High 73% Others 27% Managed IoT Extreme to Very High 49% Others 51% Unmanaged IoT 49% 26% 25% My organization has been attacked using an IoT device One of my organization's IoT devices was identified as part of an attack None of the above
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING • Brand jacking/infringement • Fraud • Reputation damage • Customer hijacking • Over-clicking • Malware injection and other attacks • Oversharing/unauthorized disclosures • M&A • Intellectual property • Internal projects • Data/accounts • Launchpad for other attacks 13 © 2019 Enterprise Management Associates, Inc. Social Media • More than 500 fraud-driven groups with more than 250K members have been identified across social media • 57% of organizations have a High to Very High concern with their risk of sensitive data leakage due to inappropriate sharing
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Infrastructure and Cloud 14 © 2019 Enterprise Management Associates, Inc. • Every exposed system is a target • UI • Credentials • Unmaintained, lost/forgotten sites/systems • Data • Know your security responsibilities in the cloud • Each delivery method has different customer requirements • IaaS, PaaS, SaaS, shadow IT During asset discovery, in any given organization there are at least 25% more assets connected to the network than are cataloged. ForeScout Technologies research
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Mobile 15 © 2018 Enterprise Management Associates, Inc. • Fake/Copycat apps • Trojan or malicious apps • In-app Adware • Leaky Apps • Unauthorized connections • Phishing • Wi-Fi Attacks Depending upon the country, between 10% of US users and as many as 40% of users in other countries had a malicious app try to install malware on their device 3rd-party app stores are as many as 1 in 5 apps were malicious Lessons from the War on Malicious Mobile Apps
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING What to Do!?! 16 © 2019 Enterprise Management Associates, Inc. • Define your attack surface • Identify each surface (We just covered those…) • Identify and map to define a risk profile for each  Group targets by function or type • Maintain the exercise over time • Watch for new external authorized and unauthorized surfaces  Continual assessment and update as things change • Not a “one and done”  This is a formal risk management exercise! • Automation is imperative at Internet-scale • Another Resource: OWASP Attack Surface Analysis
ATTACK SURFACE MANAGEMENT The New Security Imperative Benjamin Powell Technical Marketing Manager
© 2018 RiskIQ | Confidential Information 1 8 YOUR ATTACK SURFACE IS DYNAMIC & GROWING. What's Driving Attack Surface Growth? 5x Cloud Spend Growth vs IT Spend Digital Transformation 25% of Budgets 60+% IT Spend Driven by Business Units Multi-Channel Apps & Engagement Web, Mobile, Social Is it Truly Managed?
© 2018 RiskIQ | Confidential Information 1 9 THE RISK ARE HIGH - THE IMPACT'S SIGNIFICANT 2016 57 million customers and drivers 2017 148 million customer accounts 2018 40,000 account holders 2017 200,000 computers were infected across 150 countries 2018 380,000 customers affected WannaCry 2018 45 million monthly visitors affected 75% of breaches are initiated from outside the firewall
© 2018 RiskIQ | Confidential Information 2 0 TRADITIONAL PERIMETER-BASED DEFENSE STRATEGIES ARE INSUFFICIENT Proactive Attack Surface Management is Required
© 2018 RiskIQ | Confidential Information 2 1 ATTACK SURFACE – Digital Asset Layer All Internet Accessible Assets Known Inventoried, Managed & Leveraged Unknown Shadow or Orphaned IT Rogue Malicious & Impersonating Deep Broad Breadth, Depth, Timeliness & Accuracy Matter
© 2018 RiskIQ | Confidential Information 2 2 ATTACK SURFACE – Digital Asset Layer All Internet Accessible Assets Known Inventoried, Managed & Leveraged Unknown Shadow or Orphaned IT Rogue Malicious & Impersonating Mobile Apps Social Media Open Web Deep Web Dark Web Deep Broad Breadth, Depth, Timeliness & Accuracy Matter
© 2018 RiskIQ | Confidential Information 2 3 ATTACK SURFACE – Digital Asset Layer All Internet Accessible Assets Known Inventoried, Managed & Leveraged Unknown Shadow or Orphaned IT Rogue Malicious & Impersonating Deep Broad Breadth, Depth, Timeliness & Accuracy Matter IP’s Domains Mobile Apps Executives Social Media Services 3rd Party Components Brands Hosts URLs Open Ports SSL Certs Email DNS Whois
RISKIQ ATTACK SURFACE PLATFORM
© 2018 RiskIQ | Confidential Information 2 5 RiskIQ Attack Surface Platform Target Hunt, Observe & Interact Multiple Layers Capture (Multiple Digital Channels) Analyze Discovery/ Alert Enforce Manage Structure and Curate RiskIQ Internet Data Warehouse
Target Brands Logos Keywords Domains URLs IPs Names Integrations Hosts Customers Partners Keywords Domains IPs Hosts Internet Hashes URLs IPs Integrations DMARCWeb Referrers Abuse Boxes API Submittals URLs Search Continuous Scanning
Virtual User Globalized Internet Proxy Social Media Sites Digital Advertisements Mobile App Store Monitoring DNS Sensors Port & Service Scanners IP Scanners Hunt, Observe & Interact Multiple Layers Full Stack Visibility
Capture (Multiple Digital Channels with Glocalization Perspective) Advanced Internet Reconnaissance Open Source Intelligence SSL Certificates IoT CookiesJavaScript Passive DNS Phishin g Client Side DOM Active DNS Malware Social Media Mobile Apps WHOIS Port Info Banner s Service s Comprehensive & Scalable Collections • 250k New Domain Resolutions/day • 5.5M New Host Resolutions/day • 106B+ Total Unique DNS Records • 2B+ Web Requests/ day • 300K+ New Port Observations • 300+ Mobile App Stores – 34M+ apps
Analyze Multi Layer Processing
Analyze Orchestration & Recursion
RiskIQ Internet Data Warehouse Structure and Curate INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs Analyze Orchestration & Recursion
RiskIQ Internet Data Warehouse Discovery/ Alert Structure and Curate Infections & IOCs Fake Mobile Apps OWASP CVE CVSS Data Leakage/ Exfiltration Non Authorized Services Custom Compromise & Defacement Rogue Phishing Sites Infringing Domains & Hosts Social Media Impersonations Compliance Asset Discovery INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs Analyze Orchestration & Recursion
RiskIQ Internet Data Warehouse Discovery/ Alert Enforce Structure and Curate Infections & IOCs Fake Mobile Apps OWASP CVE CVSS Data Leakage/ Exfiltration Non Authorized Services Custom Compromise & Defacement Rogue Phishing Sites Infringing Domains & Hosts Social Media Impersonations Compliance Asset Discovery INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs GSB/MSS Mitigation Email Alerts In App Enforcement Integrations Restful API Analyze Orchestration & Recursion
RiskIQ Internet Data Warehouse Discovery/ Alert Enforce Manage Structure and Curate Infections & IOCs Fake Mobile Apps OWASP CVE CVSS Data Leakage/ Exfiltration Non Authorized Services Custom Compromise & Defacement Rogue Phishing Sites Infringing Domains & Hosts Social Media Impersonations Compliance Asset Discovery INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs Change Monitoring Correspondence Tracking Correlations Reporting Trends GSB/MSS Mitigation Email Alerts In App Enforcement Integrations Restful API Analyze Orchestration & Recursion
© 2018 RiskIQ | Confidential Information 3 5 RiskIQ Attack Surface Platform Target Hunt, observe & interact multiple layers Capture (Multiple Digital Channels) Analyze Discovery/ Alert Enforce Manage Structure and Curate RiskIQ Internet Data Warehouse
© 2018 RiskIQ | Confidential Information 3 6 VISIBILITY IS THE FOUNDATION You Can’t Protect What You Don’t Know About 20-40% is Unknown or Rogue Changes 10% per Month - but varies dramatically Proactive Monitoring of Even Critical Assets is the Exception
© 2018 RiskIQ | Confidential Information 3 7 VISIUALIZE AND DEFEND YOUR ATTACK SURFACE Dramatically Lower Your Risk Profile and Increase Your Efficiency Continuous, live discovery of your attack surface – see and defend based on what attackers see Automate identification of risks & threats across all digital channels & infrastructure—manage & minimize your cyber risk exposure Focus & prioritize your staff and automate remediation activities based on business value, context and risk – dramatically shorten time-to-detect and remediate Better protect your company, brand, people and data - eliminate threats before they impact your business
https://www.riskiq.com/attack-surface-management/ Q&A

Recommended

Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
 
Cyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedCyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedSounil Yu
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...JamieWilliams130
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Frameworkn|u - The Open Security Community
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CKArpan Raval
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 

Recommended

Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
 
Cyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedCyber Defense Matrix: Reloaded
Cyber Defense Matrix: ReloadedSounil Yu
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...
ATT&CKing Your Adversaries - Operationalizing cyber intelligence in your own ...JamieWilliams130
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Frameworkn|u - The Open Security Community
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CKArpan Raval
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overviewJulia Urbina-Pineda
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Introduction to Tenable
Introduction to TenableIntroduction to Tenable
Introduction to TenableBharat Jindal
 
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterProjects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterMITRE ATT&CK
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You ArePutting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You AreKatie Nickels
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleEnterpriseGRC Solutions, Inc.
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudMITRE ATT&CK
 
Cyber Defense Matrix: Revolutions
Cyber Defense Matrix: RevolutionsCyber Defense Matrix: Revolutions
Cyber Defense Matrix: RevolutionsSounil Yu
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
A Definitive Market Guide to Deception Technology
A Definitive Market Guide to Deception TechnologyA Definitive Market Guide to Deception Technology
A Definitive Market Guide to Deception TechnologyEnterprise Management Associates
 
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsUsing Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsEnterprise Management Associates
 

More Related Content

What's hot

Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centersBrencil Kaimba
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overviewJulia Urbina-Pineda
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Introduction to Tenable
Introduction to TenableIntroduction to Tenable
Introduction to TenableBharat Jindal
 
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterProjects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterMITRE ATT&CK
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You ArePutting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You AreKatie Nickels
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architectureHybrid IT Europe
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awarenesshubbargf
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleEnterpriseGRC Solutions, Inc.
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudMITRE ATT&CK
 
Cyber Defense Matrix: Revolutions
Cyber Defense Matrix: RevolutionsCyber Defense Matrix: Revolutions
Cyber Defense Matrix: RevolutionsSounil Yu
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 

What's hot (20)

Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
 
Governance of security operation centers
Governance of security operation centersGovernance of security operation centers
Governance of security operation centers
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overview
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
 
Introduction to Tenable
Introduction to TenableIntroduction to Tenable
Introduction to Tenable
 
Projects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the CenterProjects to Impact- Operationalizing Work from the Center
Projects to Impact- Operationalizing Work from the Center
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You ArePutting MITRE ATT&CK into Action with What You Have, Where You Are
Putting MITRE ATT&CK into Action with What You Have, Where You Are
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
 
New Hire Information Security Awareness
New Hire Information Security AwarenessNew Hire Information Security Awareness
New Hire Information Security Awareness
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
 
Cyber Defense Matrix: Revolutions
Cyber Defense Matrix: RevolutionsCyber Defense Matrix: Revolutions
Cyber Defense Matrix: Revolutions
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 

Similar to How to Reduce the Attack Surface Created by Your Cyber-Tools

Using Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsUsing Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsEnterprise Management Associates
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Enterprise Management Associates
 
Accelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationAccelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationEnterprise Management Associates
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionTop 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionEnterprise Management Associates
 
The Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot AttacksThe Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot AttacksEnterprise Management Associates
 
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...Enterprise Management Associates
 
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills GapHow Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills GapEnterprise Management Associates
 
Breached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseBreached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseResilient Systems
 
Event-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEvent-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEnterprise Management Associates
 
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...Enterprise Management Associates
 
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...Enterprise Management Associates
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Advancing Identity and Access Management to the Next Level with Contextual Aw...
Advancing Identity and Access Management to the Next Level with Contextual Aw...Advancing Identity and Access Management to the Next Level with Contextual Aw...
Advancing Identity and Access Management to the Next Level with Contextual Aw...Enterprise Management Associates
 
Network Performance Management Strategies for the Digital Enterprise
Network Performance Management Strategies for the Digital EnterpriseNetwork Performance Management Strategies for the Digital Enterprise
Network Performance Management Strategies for the Digital EnterpriseEnterprise Management Associates
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM Sverige
 
Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...SolarWinds
 
Advancing Consumer Engagements by Improving Customer Identity and Access Mana...
Advancing Consumer Engagements by Improving Customer Identity and Access Mana...Advancing Consumer Engagements by Improving Customer Identity and Access Mana...
Advancing Consumer Engagements by Improving Customer Identity and Access Mana...Enterprise Management Associates
 

Similar to How to Reduce the Attack Surface Created by Your Cyber-Tools (20)

A Definitive Market Guide to Deception Technology
A Definitive Market Guide to Deception TechnologyA Definitive Market Guide to Deception Technology
A Definitive Market Guide to Deception Technology
 
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat ThreatsUsing Digital Threat Intelligence Management (DTIM) to Combat Threats
Using Digital Threat Intelligence Management (DTIM) to Combat Threats
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
 
EMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-SecurityEMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-Security
 
Accelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationAccelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident Investigation
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionTop 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
 
The Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot AttacksThe Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot Attacks
 
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...
Stress Testing for the Digital Economy: Are YOU Ready to Deliver High Perform...
 
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills GapHow Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
 
Breached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident ResponseBreached! App Attacks, Application Protection and Incident Response
Breached! App Attacks, Application Protection and Incident Response
 
Event-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEvent-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming Strategies
 
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
 
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
 
Enterprise Network Automation for 2020 and Beyond
Enterprise Network Automation for 2020 and BeyondEnterprise Network Automation for 2020 and Beyond
Enterprise Network Automation for 2020 and Beyond
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Advancing Identity and Access Management to the Next Level with Contextual Aw...
Advancing Identity and Access Management to the Next Level with Contextual Aw...Advancing Identity and Access Management to the Next Level with Contextual Aw...
Advancing Identity and Access Management to the Next Level with Contextual Aw...
 
Network Performance Management Strategies for the Digital Enterprise
Network Performance Management Strategies for the Digital EnterpriseNetwork Performance Management Strategies for the Digital Enterprise
Network Performance Management Strategies for the Digital Enterprise
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and Trends
 
Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...Government and Education Webinar: How the New Normal Could Improve your IT Op...
Government and Education Webinar: How the New Normal Could Improve your IT Op...
 
Advancing Consumer Engagements by Improving Customer Identity and Access Mana...
Advancing Consumer Engagements by Improving Customer Identity and Access Mana...Advancing Consumer Engagements by Improving Customer Identity and Access Mana...
Advancing Consumer Engagements by Improving Customer Identity and Access Mana...
 

More from Enterprise Management Associates

Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryObservability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryEnterprise Management Associates
 
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...Enterprise Management Associates
 
Modern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsModern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsEnterprise Management Associates
 
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Enterprise Management Associates
 
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Enterprise Management Associates
 
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Enterprise Management Associates
 
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityNavigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityEnterprise Management Associates
 
Kubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesKubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesEnterprise Management Associates
 
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...Enterprise Management Associates
 
Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Enterprise Management Associates
 
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Enterprise Management Associates
 
Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?Enterprise Management Associates
 
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessMoving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessEnterprise Management Associates
 
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...Enterprise Management Associates
 
The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...Enterprise Management Associates
 

More from Enterprise Management Associates (20)

Real-world incident response, management, and prevention
Real-world incident response, management, and preventionReal-world incident response, management, and prevention
Real-world incident response, management, and prevention
 
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryObservability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
 
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
 
Modern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsModern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizations
 
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
 
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
 
Transcending Passwords: Emerging Trends in Authentication
Transcending Passwords: Emerging Trends in AuthenticationTranscending Passwords: Emerging Trends in Authentication
Transcending Passwords: Emerging Trends in Authentication
 
Modernize NetOps with Business-Aware Network Monitoring
Modernize NetOps with Business-Aware Network MonitoringModernize NetOps with Business-Aware Network Monitoring
Modernize NetOps with Business-Aware Network Monitoring
 
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
 
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityNavigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
 
Kubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesKubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and Opportunities
 
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
 
Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...
 
CMDB in Cloud Times: Myths, Mistakes, and Mastery
CMDB in Cloud Times: Myths, Mistakes, and Mastery CMDB in Cloud Times: Myths, Mistakes, and Mastery
CMDB in Cloud Times: Myths, Mistakes, and Mastery
 
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
 
Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?
 
Five Managed SD-WAN Trends to Watch in 2023
Five Managed SD-WAN Trends to Watch in 2023Five Managed SD-WAN Trends to Watch in 2023
Five Managed SD-WAN Trends to Watch in 2023
 
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessMoving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
 
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
 
The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...The Critical Role of Workload Automation in Achieving Successful Digital Tran...
The Critical Role of Workload Automation in Achieving Successful Digital Tran...
 

Recently uploaded

Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Recently uploaded (20)

Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 

How to Reduce the Attack Surface Created by Your Cyber-Tools

  • 1. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING David Monahan Managing Research Director EMA How to Reduce the Attack Surface Created by Your Cyber-Tools Benjamin Powell Technical Marketing Manager RiskIQ
  • 2. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Watch the On-Demand Webinar Slide 2 • How to Reduce the Attack Surface Created by Your Cyber- Tools On-Demand webinar is available here: http://info.enterprisemanagement.com/how-to-reduce-the- attack-surface-created-by-your-cyber-tools-webinar-ws • Check out upcoming webinars from EMA here: http://www.enterprisemanagement.com/freeResearch
  • 3. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Today’s Speakers Benjamin Powell, Technical Marketing Manager, RiskIQ Benjamin has worked in IT for over 30 years, focused on IT security for the last 14 years. Prior to RiskIQ he was a founding employee at AccelOps, a SIEM company where he ran Professional Services and Product Marketing. Benjamin has worked and managed IT and cyber security teams in numerous industries (state government, international airport, port district, education, biotech, file encryption software, and financial services). David Monahan, Managing Research Director, Security and Risk Management, EMA David is a senior information security executive with several years of experience. He has organized and managed both physical and information security programs, including security and network operations (SOCs and NOCs) for organizations ranging from Fortune 100 companies to local government and small public and private companies. He has diverse audit and compliance and risk and privacy experience such as providing strategic and tactical leadership to develop, architect, and deploy assurance controls; delivering process and policy documentation and training; and working on educational and technical solutions.
  • 4. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Logistics for Today’s Webinar An archived version of the event recording will be available at www.enterprisemanagement.com • Log questions in the chat panel located on the lower left-hand corner of your screen • Questions will be addressed during the Q&A session of the event QUESTIONS EVENT RECORDING A PDF of the speaker slides will be distributed to all attendees PDF SLIDES Logistics for Today’s Webinar
  • 5. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING David Monahan Managing Research Director EMA How to Reduce the Attack Surface Created by Your Cyber-Tools
  • 6. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Defining the Attack Surface 6 © 2019 Enterprise Management Associates, Inc. • The attack surface is the collection of all exposed assets that create points in which an unauthorized entity may be able to access the environment or access sensitive information about the environment or about its users. The attack surface is constantly changing as the business moves to meet its customers’ and users’ needs.
  • 7. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING7 © 2019 Enterprise Management Associates, Inc. Attack Surfaces are Pervasive Cloud Digital Transformation Projects Mobile Tools Infrastructure Social Media Software Dark Web IoT
  • 8. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Digital Transformation 8 © 2019 Enterprise Management Associates, Inc. • 73% of organizations already have some form of digital transformation underway • Digital Transformation Goals • Reduced risk overall (29%) • Improved IT productivity (22%) • Reduced security costs (16%) • Improved security productivity (16%) • Digital transformation intentionally exposes more IT resources to its business partners and external customers. • Reduced IT costs (15%) • Reduced risk in vulnerability management (15%) • Better collaboration within IT groups (14%)
  • 9. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Software and Apps 9 © 2019 Enterprise Management Associates, Inc. • Programmers get paid to produce functional code, not secure code • 92% of applications share the same flawed open-source and other third-party components • Attackers exploit flaws in business processes through software interfaces • Apps can leak data • Database SQL-injections • Web-attacks and redirects • Malicious advertisements • Admin interfaces (internal and external) Organizations of 5K or more people have been found to have over 1M vulnerabilities across all systems and applications in the course of one year. EMA- “Day in the Life of A security Professional” Research
  • 10. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Tools 10 © 2019 Enterprise Management Associates, Inc. Antivirus/NGAV/EPP/EDR SIEM Vulnerability Management Cloud Data Encryption WAF Risk Management (Internal) IAM/PAM/Etc. Security Analytics Web Security Gateway DDoS Protection HSM Remote Access User Awareness Training Threat Intel Feed NAC Advanced Breach Detection App Sec Testing RASP Third-Party Risk Management IRM/DRM CASB SOAR Bot Detection and Protection DLP Deception Technology Security Policy Automation eGRC Attack Simulation On average, security teams use 10 different consoles to manage their security tools. Some use as many as 22 different consoles. Each deployed tool creates an attack surface internally and/or externally
  • 11. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IoT, IIoT, OT 11 © 2019 Enterprise Management Associates, Inc. • 82% of enterprise organizations indicate they have an IoT/IIoT or OT project underway or are in the planning phase • Consumer IoT = Privacy, IP, and trade secrets • Commercial IoT = Direct effect on business operations and personnel health and welfare • Industrial IIoT and OT = Largescale effect on populace health and welfare 73% 68% 51% Commercial Consumer Industrial Types of IoT devices deployed, operated, or managed within enterprise environments
  • 12. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Current Threat from IoT, IIoT, and OT devices 12 © 2019 Enterprise Management Associates, Inc. Extreme to Very High 73% Others 27% Managed IoT Extreme to Very High 49% Others 51% Unmanaged IoT 49% 26% 25% My organization has been attacked using an IoT device One of my organization's IoT devices was identified as part of an attack None of the above
  • 13. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING • Brand jacking/infringement • Fraud • Reputation damage • Customer hijacking • Over-clicking • Malware injection and other attacks • Oversharing/unauthorized disclosures • M&A • Intellectual property • Internal projects • Data/accounts • Launchpad for other attacks 13 © 2019 Enterprise Management Associates, Inc. Social Media • More than 500 fraud-driven groups with more than 250K members have been identified across social media • 57% of organizations have a High to Very High concern with their risk of sensitive data leakage due to inappropriate sharing
  • 14. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Infrastructure and Cloud 14 © 2019 Enterprise Management Associates, Inc. • Every exposed system is a target • UI • Credentials • Unmaintained, lost/forgotten sites/systems • Data • Know your security responsibilities in the cloud • Each delivery method has different customer requirements • IaaS, PaaS, SaaS, shadow IT During asset discovery, in any given organization there are at least 25% more assets connected to the network than are cataloged. ForeScout Technologies research
  • 15. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Mobile 15 © 2018 Enterprise Management Associates, Inc. • Fake/Copycat apps • Trojan or malicious apps • In-app Adware • Leaky Apps • Unauthorized connections • Phishing • Wi-Fi Attacks Depending upon the country, between 10% of US users and as many as 40% of users in other countries had a malicious app try to install malware on their device 3rd-party app stores are as many as 1 in 5 apps were malicious Lessons from the War on Malicious Mobile Apps
  • 16. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING What to Do!?! 16 © 2019 Enterprise Management Associates, Inc. • Define your attack surface • Identify each surface (We just covered those…) • Identify and map to define a risk profile for each  Group targets by function or type • Maintain the exercise over time • Watch for new external authorized and unauthorized surfaces  Continual assessment and update as things change • Not a “one and done”  This is a formal risk management exercise! • Automation is imperative at Internet-scale • Another Resource: OWASP Attack Surface Analysis
  • 17. ATTACK SURFACE MANAGEMENT The New Security Imperative Benjamin Powell Technical Marketing Manager
  • 18. © 2018 RiskIQ | Confidential Information 1 8 YOUR ATTACK SURFACE IS DYNAMIC & GROWING. What's Driving Attack Surface Growth? 5x Cloud Spend Growth vs IT Spend Digital Transformation 25% of Budgets 60+% IT Spend Driven by Business Units Multi-Channel Apps & Engagement Web, Mobile, Social Is it Truly Managed?
  • 19. © 2018 RiskIQ | Confidential Information 1 9 THE RISK ARE HIGH - THE IMPACT'S SIGNIFICANT 2016 57 million customers and drivers 2017 148 million customer accounts 2018 40,000 account holders 2017 200,000 computers were infected across 150 countries 2018 380,000 customers affected WannaCry 2018 45 million monthly visitors affected 75% of breaches are initiated from outside the firewall
  • 20. © 2018 RiskIQ | Confidential Information 2 0 TRADITIONAL PERIMETER-BASED DEFENSE STRATEGIES ARE INSUFFICIENT Proactive Attack Surface Management is Required
  • 21. © 2018 RiskIQ | Confidential Information 2 1 ATTACK SURFACE – Digital Asset Layer All Internet Accessible Assets Known Inventoried, Managed & Leveraged Unknown Shadow or Orphaned IT Rogue Malicious & Impersonating Deep Broad Breadth, Depth, Timeliness & Accuracy Matter
  • 22. © 2018 RiskIQ | Confidential Information 2 2 ATTACK SURFACE – Digital Asset Layer All Internet Accessible Assets Known Inventoried, Managed & Leveraged Unknown Shadow or Orphaned IT Rogue Malicious & Impersonating Mobile Apps Social Media Open Web Deep Web Dark Web Deep Broad Breadth, Depth, Timeliness & Accuracy Matter
  • 23. © 2018 RiskIQ | Confidential Information 2 3 ATTACK SURFACE – Digital Asset Layer All Internet Accessible Assets Known Inventoried, Managed & Leveraged Unknown Shadow or Orphaned IT Rogue Malicious & Impersonating Deep Broad Breadth, Depth, Timeliness & Accuracy Matter IP’s Domains Mobile Apps Executives Social Media Services 3rd Party Components Brands Hosts URLs Open Ports SSL Certs Email DNS Whois
  • 25. © 2018 RiskIQ | Confidential Information 2 5 RiskIQ Attack Surface Platform Target Hunt, Observe & Interact Multiple Layers Capture (Multiple Digital Channels) Analyze Discovery/ Alert Enforce Manage Structure and Curate RiskIQ Internet Data Warehouse
  • 27. Virtual User Globalized Internet Proxy Social Media Sites Digital Advertisements Mobile App Store Monitoring DNS Sensors Port & Service Scanners IP Scanners Hunt, Observe & Interact Multiple Layers Full Stack Visibility
  • 28. Capture (Multiple Digital Channels with Glocalization Perspective) Advanced Internet Reconnaissance Open Source Intelligence SSL Certificates IoT CookiesJavaScript Passive DNS Phishin g Client Side DOM Active DNS Malware Social Media Mobile Apps WHOIS Port Info Banner s Service s Comprehensive & Scalable Collections • 250k New Domain Resolutions/day • 5.5M New Host Resolutions/day • 106B+ Total Unique DNS Records • 2B+ Web Requests/ day • 300K+ New Port Observations • 300+ Mobile App Stores – 34M+ apps
  • 31. RiskIQ Internet Data Warehouse Structure and Curate INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs Analyze Orchestration & Recursion
  • 32. RiskIQ Internet Data Warehouse Discovery/ Alert Structure and Curate Infections & IOCs Fake Mobile Apps OWASP CVE CVSS Data Leakage/ Exfiltration Non Authorized Services Custom Compromise & Defacement Rogue Phishing Sites Infringing Domains & Hosts Social Media Impersonations Compliance Asset Discovery INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs Analyze Orchestration & Recursion
  • 33. RiskIQ Internet Data Warehouse Discovery/ Alert Enforce Structure and Curate Infections & IOCs Fake Mobile Apps OWASP CVE CVSS Data Leakage/ Exfiltration Non Authorized Services Custom Compromise & Defacement Rogue Phishing Sites Infringing Domains & Hosts Social Media Impersonations Compliance Asset Discovery INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs GSB/MSS Mitigation Email Alerts In App Enforcement Integrations Restful API Analyze Orchestration & Recursion
  • 34. RiskIQ Internet Data Warehouse Discovery/ Alert Enforce Manage Structure and Curate Infections & IOCs Fake Mobile Apps OWASP CVE CVSS Data Leakage/ Exfiltration Non Authorized Services Custom Compromise & Defacement Rogue Phishing Sites Infringing Domains & Hosts Social Media Impersonations Compliance Asset Discovery INTERNET DATA SETS • Full DOM Capture & Analysis • Passive DNS • Crawl Index • SSL Certificates • Web Components • Trackers • Historic Data • Mobile Apps • WHOIS • IP Port & Banner DERIVED DATA SETS • IoT • Zero-day • Accomplice • Spam • Scam • Cookie • IP Reputation Data • Domain Infringement • Malware • Blacklist • Phishing • Host Pairs Change Monitoring Correspondence Tracking Correlations Reporting Trends GSB/MSS Mitigation Email Alerts In App Enforcement Integrations Restful API Analyze Orchestration & Recursion
  • 35. © 2018 RiskIQ | Confidential Information 3 5 RiskIQ Attack Surface Platform Target Hunt, observe & interact multiple layers Capture (Multiple Digital Channels) Analyze Discovery/ Alert Enforce Manage Structure and Curate RiskIQ Internet Data Warehouse
  • 36. © 2018 RiskIQ | Confidential Information 3 6 VISIBILITY IS THE FOUNDATION You Can’t Protect What You Don’t Know About 20-40% is Unknown or Rogue Changes 10% per Month - but varies dramatically Proactive Monitoring of Even Critical Assets is the Exception
  • 37. © 2018 RiskIQ | Confidential Information 3 7 VISIUALIZE AND DEFEND YOUR ATTACK SURFACE Dramatically Lower Your Risk Profile and Increase Your Efficiency Continuous, live discovery of your attack surface – see and defend based on what attackers see Automate identification of risks & threats across all digital channels & infrastructure—manage & minimize your cyber risk exposure Focus & prioritize your staff and automate remediation activities based on business value, context and risk – dramatically shorten time-to-detect and remediate Better protect your company, brand, people and data - eliminate threats before they impact your business