De nombreux entreprises, à travers leurs responsables informatiques et DSI ne reconnaissent toujours pas les logiciels malveillants mobiles comme une menace imminente. Selon une étude de Duo Security, un tiers des utilisateurs mobiles Android n'utilisent ne verrouillent pas l'écran de leurs appareils à l'aide d'un Mot de Passe, et la plupart ne prennent aucunes mesures de sécurité. En outre, les responsables informatiques et DSI déploient de nouvelles applications vers leurs clients et employés sans y intégrer de mesure de sécurité favorisant l'authentification et la mitigation des menaces.
Cependant, les logiciels malveillants mobiles ont évolué au fil des dernières années et constituent aujourd'hui des menaces réelle. Business Insider a noté que ces menaces sont désormais équivalentes à celles des PC en terme de distribution et de niveau de risque.
Attacking and Defending Apple iOS DevicesTom Eston
IT loves to use Apple iPhones and iPads, but hates supporting them. For most environments, they represent the exception, and are not subject to standard corporate controls. The reason the exception is allowed is usually the fact that the CEO bought an iPhone and iPad the day they were released, and then quickly filled them with sensitive corporate data. With their portability and popularity, it is only a matter of time before one of these devices ends up missing. How worried should you be? This presentation will cover the latest real-world attack techniques for compromising Apple’s iOS devices, introduce a new assessment methodology that can be used by penetration testers, and discuss the latest defensive techniques for securely deploying iOS devices within your enterprise.
Smart Bombs: Mobile Vulnerability and ExploitationTom Eston
Kevin Johnson, John Sawyer and Tom Eston have spent quite a bit of time evaluating mobile applications in their respective jobs. In this presentation they will provide the audience an understanding of how to evaluate mobile applications, examples of how things have been done wrong and an understanding of how you can perform this testing within your organization.
This talk will work with applications from the top three main platforms; iOS, Android and Blackberry. Kevin, Tom and John have used a variety of the top 25 applications for each of these platforms to provide real world examples of the problems applications face.
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Tom Eston
Breaking in is easy, real security is hard. Breaching the security of a Casino doesn't have to be as dramatic or dangerous as depicted in the Ocean's Eleven movies. In fact, by simply sitting in a hotel room of a Casino, hackers can find ways to breach the high security that Casino's have been known for. This type of attack has a simple goal: steal the Casino's money and cheat the system. All of this can be done without anyone seeing you and is much easier then walking directly into the Casino vault armed with guns and explosives.
In this presentation Tom Eston from SecureState walks us through some of the more interesting and exciting penetration tests his team have conducted. These include breaking into Casinos, Banks, Energy companies and other high security facilities (with permission of course). Tom's stories not only show how attackers break in but also show important lessons on how businesses can better secure their physical as well as network assets.
Attacking and Defending Apple iOS DevicesTom Eston
IT loves to use Apple iPhones and iPads, but hates supporting them. For most environments, they represent the exception, and are not subject to standard corporate controls. The reason the exception is allowed is usually the fact that the CEO bought an iPhone and iPad the day they were released, and then quickly filled them with sensitive corporate data. With their portability and popularity, it is only a matter of time before one of these devices ends up missing. How worried should you be? This presentation will cover the latest real-world attack techniques for compromising Apple’s iOS devices, introduce a new assessment methodology that can be used by penetration testers, and discuss the latest defensive techniques for securely deploying iOS devices within your enterprise.
Smart Bombs: Mobile Vulnerability and ExploitationTom Eston
Kevin Johnson, John Sawyer and Tom Eston have spent quite a bit of time evaluating mobile applications in their respective jobs. In this presentation they will provide the audience an understanding of how to evaluate mobile applications, examples of how things have been done wrong and an understanding of how you can perform this testing within your organization.
This talk will work with applications from the top three main platforms; iOS, Android and Blackberry. Kevin, Tom and John have used a variety of the top 25 applications for each of these platforms to provide real world examples of the problems applications face.
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Tom Eston
Breaking in is easy, real security is hard. Breaching the security of a Casino doesn't have to be as dramatic or dangerous as depicted in the Ocean's Eleven movies. In fact, by simply sitting in a hotel room of a Casino, hackers can find ways to breach the high security that Casino's have been known for. This type of attack has a simple goal: steal the Casino's money and cheat the system. All of this can be done without anyone seeing you and is much easier then walking directly into the Casino vault armed with guns and explosives.
In this presentation Tom Eston from SecureState walks us through some of the more interesting and exciting penetration tests his team have conducted. These include breaking into Casinos, Banks, Energy companies and other high security facilities (with permission of course). Tom's stories not only show how attackers break in but also show important lessons on how businesses can better secure their physical as well as network assets.
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
View on-demand webinar: http://ibm.co/21C0aKO
Recent research shows that mobile has become the hackers’ new playground. However, most users and IT professionals do not think this is a real and substantial threat.
In this on-demand session, we will outline the broad scope of risk that mobile malware poses today on iOS and Android, and explain the potential business threats. The enterprise is at a critical juncture where advanced cyber-attacks targeting mobile users are now threatening both corporate and personal information.
Listen in to IBM Security product specialist, Shaked Vax to learn how to reduce risk of data leakage and protect against malicious activity with a comprehensive approach that combines enterprise mobility management (EMM) and mobile threat management.
Smart Bombs: Mobile Vulnerability and ExploitationSecureState
Tom Eston has spent quite a bit of time evaluating mobile applications. In this presentation he will provide the audience with a high level understanding of what the risks are, how to evaluate mobile applications and provide examples of how things have been done wrong. Tom has used a variety of the top 25 applications downloaded from the Apple App Store and Google Play to provide real world examples of the problems applications face. Tom has mapped out how these applications are vulnerable to the OWASP Mobile Top 10 security issues.
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
Application development has come a long way in last two decades, but it is puzzling to see that despite major security breaches, security testing takes a back seat as compared to other forms of quality testing measures such as usability or functional testing.
This presentation is based on the security and encryption measures adopted by Apple for its iPhones.
It was submitted to RTU, Kota during final year seminars.
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
The modern organization has recognized the need to embrace mobile devices in the workplace, but this increase in mobile devices brings important security implications.
Slides for a college course at City College San Francisco. Based on "Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018.
Instructor: Sam Bowne
Class website: https://samsclass.info/128/128_S17.shtml
Slides for a college course at City College San Francisco. Based on "Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018.
Instructor: Sam Bowne
Class website: https://samsclass.info/128/128_S17.shtml
Préparez vous à une immersion profonde dans la gestion des applications et contenus mobiles et des outils de collaboration pour améliorer la réactivité des employés partout ou ils se trouvent. Nos experts vous montreront comment mettre en service, protéger et de gérer en permanence les données d'entreprise sur les appareils iOS, Android et Windows avec IBM MobileFirst Protect.
esta es una pequeña presentación sobre la carrera de medicina de la universidad de ciencias aplicadas y ambientales UDCA en que se conocerá la misión, visión y objetivos entre otros puntos de la carrera en esta universidad.
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
View on-demand webinar: http://ibm.co/21C0aKO
Recent research shows that mobile has become the hackers’ new playground. However, most users and IT professionals do not think this is a real and substantial threat.
In this on-demand session, we will outline the broad scope of risk that mobile malware poses today on iOS and Android, and explain the potential business threats. The enterprise is at a critical juncture where advanced cyber-attacks targeting mobile users are now threatening both corporate and personal information.
Listen in to IBM Security product specialist, Shaked Vax to learn how to reduce risk of data leakage and protect against malicious activity with a comprehensive approach that combines enterprise mobility management (EMM) and mobile threat management.
Smart Bombs: Mobile Vulnerability and ExploitationSecureState
Tom Eston has spent quite a bit of time evaluating mobile applications. In this presentation he will provide the audience with a high level understanding of what the risks are, how to evaluate mobile applications and provide examples of how things have been done wrong. Tom has used a variety of the top 25 applications downloaded from the Apple App Store and Google Play to provide real world examples of the problems applications face. Tom has mapped out how these applications are vulnerable to the OWASP Mobile Top 10 security issues.
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
Application development has come a long way in last two decades, but it is puzzling to see that despite major security breaches, security testing takes a back seat as compared to other forms of quality testing measures such as usability or functional testing.
This presentation is based on the security and encryption measures adopted by Apple for its iPhones.
It was submitted to RTU, Kota during final year seminars.
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
The modern organization has recognized the need to embrace mobile devices in the workplace, but this increase in mobile devices brings important security implications.
Slides for a college course at City College San Francisco. Based on "Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018.
Instructor: Sam Bowne
Class website: https://samsclass.info/128/128_S17.shtml
Slides for a college course at City College San Francisco. Based on "Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018.
Instructor: Sam Bowne
Class website: https://samsclass.info/128/128_S17.shtml
Préparez vous à une immersion profonde dans la gestion des applications et contenus mobiles et des outils de collaboration pour améliorer la réactivité des employés partout ou ils se trouvent. Nos experts vous montreront comment mettre en service, protéger et de gérer en permanence les données d'entreprise sur les appareils iOS, Android et Windows avec IBM MobileFirst Protect.
esta es una pequeña presentación sobre la carrera de medicina de la universidad de ciencias aplicadas y ambientales UDCA en que se conocerá la misión, visión y objetivos entre otros puntos de la carrera en esta universidad.
NFV Ecosystem Enabler - a well-enabled VNF package catalystJenny Huang
A TM Forum catalyst project addresses VNF package onboarding & lifecycle management automation issues in a multi-stakeholder ecosystem environment. This project won the "Most Innovative Catalyst - Technical" category award at the 2016 TM Forum Live event.
Can You Steal From Me Now? Mobile and BYOD Security RisksMichael Davis
Presentation I gave at BriForum 2012 where I discuss Mobile Security Risks, BYOD and mobile privacy issues. Lastly, I wrap up with a discussion of Document Rights Management and mobile.
The Mobile Security Risks as adapted and updated from the Veracode Top 10 Mobile Security issues (With permission from Chris Wysopal)
Mobile Apps and Security Attacks: An IntroductionNagarro
A general overview of why the security of your mobile device is important, what are the possible threats to mobile devices, and how you can detect the threats.
This course provides an introduction to security for mobile applications. It walks through a basic threat model for a mobile application. This threat model is then used as a framework for making good decisions about designing and building applications as well as for testing the security of existing applications. Examples are provided for both iOS (iPhone and iPad) and Android platforms and sample code is provided to demonstrate mobile security assessment techniques.
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologies that we buy and helps organizations align their vendors to have the right suite of capabilities to execute their information security mission.
See the 2019 version at: http://bit.ly/cyberdefensematrixreloaded
See the 2022 version at: http://bit.ly/cyberdefensematrixrevolutions
Mobile application security and threat modelingShantanu Mitra
From Telegraph to 5G, there is huge evolution and transformation in the network accessibility, application design, security threats and risk assessment - the change is getting reflected everywhere. The presentation describes here how good we can follow the best practices in our developments, how best we can we gain the trust of our clients.
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Denis Gorchakov
Honeypot is used for botnet analysis, traffic capturing and revealing C&C hostnames. It’s also used for detecting subscribers with infected devices and monitoring malware activities like funds withdrawal and remote control.
Very much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be readVery much helpful and should be Read Very much .
RAPPORT Magic Quadrant 2022 de Gartner pour la gestion des accès à privilè...AGILLY
Alors que les produits PAM de base continuent d'être des outils de sécurité importants, l'évolution de la demande sur le marché a mis l'accent sur le cloud, de la livraison SaaS d'outils PAM à l'extension des fonctionnalités de sécurité cloud dans les outils PAM, y compris la gestion des secrets et le CIEM.
Définition/Description du marché
Un outil de gestion des accès privilégiés (PAM) est utilisé pour atténuer le risque d'accès privilégié. En d'autres termes, les comptes , les informations d'identification et les opérations qui offrent un niveau d'accès élevé (ou "privilégié"). Les outils PAM sont utilisés par les machines (logiciels) et par les personnes qui administrent ou configurent l'infrastructure informatique . Une solution PAM peut être déployée sous forme de logiciel sur site, de SaaS ou d'appliance matérielle.
Les principales fonctionnalités de PAM incluent :
• Découverte de comptes privilégiés sur plusieurs systèmes, infrastructures et applications
• Gestion des informations d'identification pour les comptes privilégiés
• C redential v aulting et contrôle d'accès aux comptes privilégiés
• Établissement, gestion, surveillance et enregistrement de session pour un accès privilégié interactif
AGILLY-CISO-Guide de prévention des ransonwares.fr (1).pdfAGILLY
Les attaques de ransomware ont transformé le paysage des cyberattaques. Ces menaces sophistiquées et persistantes peuvent éteindre rapidement les ordinateurs, arrêter les opérations commerciales, déstabiliser les économies etlimiter l'accès aux biens et services en quelques minutes. Les principales cibles des attaques de ransomwares incluent les organisations des secteurs des services financiers, de lasanté, de la technologie, de la fabrication et de la construction, bien que de nombreux attaquants de ransomwares se soient avérés aveugles dans le choix des cibles. Les gangs de cybercriminalité sondent les vulnérabilités au sein d'une organisation, déterminent comment créer le chaos et la perturbation, puis planifient le profit. Certains hackers optent pour une approche "smashn'grab", tandis que d'autres se cachent discrètement dans les systèmes pendant des mois afin de maximiser les niveaux de perturbation et de gain financier. Une attaque de rançongiciel moyenne coûte aux entreprises environ 3,86 millions de dollars. Des cas exceptionnels, comme le ver rançongiciel WannaCry, ont entraîné des dépenses impayées. On estime que WannaCry a causé 4 milliards de dollars de dommages dans lemonde. 2
Alors que le coût total des ransomwares et des rançons continue d'augmenter, les attaques de ransomwares ne doivent pas nécessairement être une dépense commerciale der outine ni être incluses dans le coût d'exploitation d'une entreprise. Avec des niveaux plus élevés de maturité en matière de cybersécurité, les organisations peuvent développer des environnements plus résilients.
Les entreprises du secteur financier sont confrontées à un paysage de menaces particulièrement hostile car elles sont extrêmement attrayantes pour les cybercriminels.
Afin de défendre efficacement leurs réseaux, leur infrastructure et les données de leurs clients, les équipes de sécurité des institutions financières doivent s'armer des derniers outils antifraude et tirer parti des informations les plus récentes sur les techniques et les attaques courantes. Il est également crucial de comprendre comment les attaques sont menées et qui en est responsable.
Cette brochure a été créée pour fournir au secteur financier des informations détaillées et aider les entreprises à garder une longueur d'avance sur les acteurs de la menace.
Bonne lecture!!
AGILLY-sécurisez vos emails, qui le fait le mieux ?(1).pdfAGILLY
Ce rapport traite de Microsoft 365 et de son produit Defender pour le courrier électronique.
En général, Microsoft 365 est un service très sécurisé. C'est le résultat d'un investissement massif et continu de Microsoft. En fait, c'est l'un des services SaaS les plus sécurisés du marché. Ce rapport n'indique pas le contraire.
Ce que ce rapport note, c'est le défi que Microsoft a. En tant que sécurité par défaut pour la plupart des organisations, de nombreux pirates considèrent le courrier électronique et Microsoft 365 comme leurs points de compromis initiaux. Un bon exemple de la façon dont les pirates se concentrent sur Microsoft 365vient dans une série de blogs de Microsoft qui détaille les tentatives d'un groupe parrainé par l'État pour compromettre leurs services.
5 façons de transformer la connectivité cloudAGILLY
Rechercher et tirer le meilleur parti des réseaux étendus (WAN) est devenu un impératif
commercial. Alors que les applications hébergées dans le cloud ont augmenté les enjeux des
performances du réseau de périphérie, les entreprises exigent désormais une fiabilité, une
agilité et des performances encore plus grandes de leur WAN pour tirer parti des économies
d'échelle du cloud. Cette tendance a stimulé les technologies de mise en réseau comme le SDWAN qui apportent des changements transformationnels dans la façon dont les entreprises
déploient l'architecture WAN de nouvelle génération.
Ce livre blanc révèle cinq façons dont Oracle SD-WAN peut transformer la connectivité de
votre réseau périphérique vers le cloud pour répondre à toutes les exigences de votre
entreprise. Au lieu d'un WAN qui limite l'expansion, la famille de produits Oracle SD-WAN
permet à votre entreprise d'accomplir plus que ce à quoi vous vous attendiez.
Une vulnérabilité critique de sécurité de serveur dans la bibliothèque de journalisation Java Log4j prend d'assaut Internet, car le code permettant d'exploiter activement cette vulnérabilité est déjà largement distribué sur le Web.
Les cyberattaques frappent rapidement et sans relâche. Chaque vague devient plus ciblée, évasive et potentiellement plus mortelle pour votre organisation. Selon Cybercrime: The CredentialConnection d’IDC, plus de 70 % des atteintes réussies aux données commencent sur les points de terminaison, de sorte que la nécessité d’une sécurité efficace des points de terminaison est claire.SandBlastAgent est une protection complète des points de terminaison et une solution EDR qui offre des technologies de prévention des menaces pour la défense de haut niveau contre les cyberattaques connues et inconnues à jour zéro. Une stratégie de prévention des menaces d’abord contrecarre les attaques avant qu’elles ne puissent déclencher leur destruction sur votre organisation.
Sand Blast Agent Anti Ransomware PresentationAGILLY
Le dernier trimestre 2020 a vu une augmentation significative des attaques de ransomware, dominees par Ryuk et Emotet. Dans cette presentation nos experts vous proposent une approche efficace pour eviter cette vague d'attaques Ransomware et celles a venir.
Sécurité Mobile : Votre Entreprise est-elle préparée pour 2020?AGILLY
Bonjour,
Nous avons pensé que ce webinar devrait vous intéresser.
Comment la mobilité, l'Internet des objets et l'intelligence artificielle vont impacter la votre transformation digitale.
Toutes les entreprises modernes s'activent pour accélérer leur transformation numérique, mettant une pression immense sur les responsables informatiques pour la réalisation de projets nouveaux et ambitieux. Cela arrive à un moment où les équipes informatique et de sécurité sont invitées à s'intégrer davantage. Pendant ce temps, la travail quotidien de la gestion des utilisateurs, des appareils, des applications et du contenu devient plus encombrant.
Revivez ce webinar qui présente sur l'étude Forrester, basée sur la contribution de 556 professionnels de l'IT. Découvrez ce que l'avenir réserve pour mobilité, les terminaux et l'IoT en 2020:
Quel équipe IT sera responsable de la sécurisation de l'IoT?
Combien de systèmes seront nécessaires pour gérer les terminaux du futur?
Dans quelle mesure votre environnement de base changera-t-il radicalement dans quelques années?
D'ici 2020, quel pourcentage d'organisations utiliseront l'informatique propulsée par l'Intelligence Artificielle et l'Analyse Cognitive?
12 Prédictions Majeures sur la Cyber Sécurité en 2017AGILLY
Après une année 2016 très mouvementée et marquée par une résurgence des Malware, que nous réserve l'année 2017? Voici 12 Prédictions Majeures sur la Cyber Sécurité en 2017, sélectionnée par IBM Security
Mobility Training Series : Mobility 301 protectAGILLY
Découvrez les meilleures façons de sécuriser les applications, les documents, et le cœur de votre réseau pour bien aborder votre phase de maturité mobile. Des fonctionnalités natives à la conteneurisation totale et la détection des logiciels malveillants, nous allons vous guider à travers toutes les options pour protéger les données d'entreprise et les applications avec IBM MaaS360.
Le Nouveau Défi des Applis et leur Adoption dans l'EntreprisesAGILLY
Les organisations mettent en place des technologies mobiles à un rythme accéléré, mais les problèmes de sécurité peuvent être le facteur d'inhibition plus important du déploiemen tle . Rejoignez-nous que nous prenons une vue sans précédent sur l'application adoption dans les affaires et dévoiler de nouvelles améliorations de produits IBM MaaS360 pour préparer votre organisation pour adoption massive et mobiles succès.
Dans cette session, nous allons plonger dans les détails de plus de cent mille applications et 10 millions de distributions d'applications, à partir de la plate-forme MaaS360. Nous allons décomposer les données montrant comment les organisations les plus lourdes applications à gérer et à sécuriser des centaines d'applications dans leurs catalogues d'applications d'entreprise.
Joignez-vous à Jimmy Tsang, IBM MaaS360 Gestionnaire de portefeuille et Clint Adams, IBM Mobile Advisor, car ils révèlent ces nouvelles données d'applications et de nouvelles capacités IBM MaaS360. Voir une démonstration en direct des nouveaux catalogues d'applications IBM MaaS360 pour iOS et Android, une expérience utilisateur améliorée pour les applications de productivité, et une intégration transparente avec les outils de sécurité.
Les participants apprendront:
App Statistiques de déploiement de vos pairs sur la base de 10 millions de distributions d'applications
Comment faciliter de nouveaux niveaux d'habilitation de l'utilisateur et la protection des données
Comment l'impact Identité et Sécurité Intelligence votre stratégie mobile
Windows 10 A Guide to Secure Mobility in the EnterpriseAGILLY
Windows 10 connaît croissance significative dans l'entreprise; De 150 millions de PCs aujourd'hui, les projections prévoient 1 milliard de PCs d'ici la mi-2018. Êtes-vous prêt à gérer les nouvelles fonctionnalités et de sécuriser les terminaux mobiles dotés du dernier OS de Microsoft?
Rejoignez Chuck Brown, d'IBM MaaS360 et Jimmy Tsang pour découvrir comment les amélioration de Windows 10 sont en train de changer la donne pour les entreprises:
- Des API de sécurité universel pour smartphones, tablettes et ordinateurs portables
- Les systèmes d'exploitation convergents à travers les ordinateurs de bureau, ordinateurs portables et appareils mobiles
- Gestion unifiée des points de terminaison et appareils Mobile grâce à un seul console
- Effacement sélectif des périphériques gérés pour protéger les données sensibles de l'entreprise
Nous vous présenterons également les clé de gestion de mobilité d'entreprise permettant une intégration parfaite entre la fournitures des services IT Mobiles et le contrôle des appareils Windows XP à 10, iOS, Android avec IBM MaaS360.
Ici, nous vous montrons les détails de l'inscription (enrollement) des appareils iOS, Android et Windows, la distribution des applications et nous abordons les politiques de sécurité pour intégrer la mobilité dans votre environnement - le tout sous l'oeil vigilant des équipes informatiques. Nous allons vous montrer comment configurer les paramètres over-the-air, suivre l'inventaire des appareils, gérer de manière centralisée et surveiller les périphériques, prendre des mesures, et supporter vos utilisateurs avec IBM MobileFirst Protect.
Apprenez les meilleures façons de sécuriser les applications, documents, et votre réseau pour mieux amorcer votre phase de maturité dans la mobility. Des fonctionnalités natives à la conteneurisation complète et la détection des logiciels malveillants, nous allons vous guider à travers toutes les options pour protéger les données d'entreprise et des applications avec IBM MobileFirst Protect.
Tour d'horizons de la Sécurité Mobile en 2015 et prédictions 2016AGILLY
Avec 2015 qui s'achève, IBM et son invité Richard Absalom, Analyste Ovum , observez la croissance exponentielle de l'entreprise mobile cette année et découvrez les prédictions 2016 sur ce que nous réserve la nouvelle année.
Il est pas un secret que le mobile s'est imposé comme moyen privilégié pour travailler rapidement. Mais la question qui demeure pour les responsables informatiques est : "qu'est ce qu'il faut protéger dans le Mobile? et dans quel ordre de priorité". Ce qui était au départ considéré comme la gestion des devices et des applications mobiles, est devenu la gestion de la Mobilité d'Entreprise (EMM), un moyen de sécuriser les dispositifs, les données, les accès et les applications.
Rejoignez notre session live pour un regard rétrospectif sur les questions de productivité et de sécurité en 2015, et les tendances mobiles à considérer en 2016 comme:
- L'inadéquation entre l'informatique et l'employé en matière de mobilité
- L’accélération du mouvement vers l'espace de travail numérique
- Les Apps et les tâches et dominent la sphère de la gestion de la mobilité
- Un aperçu du paysage des nouvelles solutions EMM
N'attendez pas d'avoir des surprises, mettez en place votre stratégie aujourd'hui pour une véritable sécurité et la productivité mobile en 2016!
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Hivelance Technology
Cryptocurrency trading bots are computer programs designed to automate buying, selling, and managing cryptocurrency transactions. These bots utilize advanced algorithms and machine learning techniques to analyze market data, identify trading opportunities, and execute trades on behalf of their users. By automating the decision-making process, crypto trading bots can react to market changes faster than human traders
Hivelance, a leading provider of cryptocurrency trading bot development services, stands out as the premier choice for crypto traders and developers. Hivelance boasts a team of seasoned cryptocurrency experts and software engineers who deeply understand the crypto market and the latest trends in automated trading, Hivelance leverages the latest technologies and tools in the industry, including advanced AI and machine learning algorithms, to create highly efficient and adaptable crypto trading bots
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Cyaniclab : Software Development Agency Portfolio.pdf
Malware on Smartphones and Tablets - The Inconvenient Truth
1. Malware on Smartphones and
Tablets - The Inconvenient Truth
Shaked Vax
Trusteer Products Strategist
Kaushik Srinivas
MaaS360 Strategy & Offering Management
2. Agenda
• Mobile is everywhere – Mobile Threats
• A look at Mobile Malware
• Threat landscape
– iOS
– Android
• Safeguard mobile devices with MaaS360 + Trusteer
• View consolidated MaaS360 event reports on QRadar
3. Mobile banking channel
development is the #1
technology priority of
N.A. retail banks (2013)
#1 Channel
Of customers won't
mobile bank because of
security fears
19%
Mobile Access to Everything
All businesses are leveraging mobile these days as a main communication channel with customers, as
well as collaboration and productivity tool for employees
• In Banking:
– Mobile banking is the most important deciding factor when switching
banks (32%)
– More important than fees (24%) or branch location (21%) or
services (21%)… a survey of mobile banking customers in the U.S. 1
• However for many end-users – Security concerns are a main
inhibitor to adoption
• And apparently….. For a good reason.
4. Mobile Malware Threats Scope
Line of Business Threats (Customer
Facing)
•Credential stealing via phishing /
malware
•In App session fraud (from mobile)
•Account take over (from / using
mobile)
•2nd Factor Authentication
circumvention
Enterprise Threats
(Employees)
•Employee identity theft by stealing
contacts / emails / calendar / SMS /
location
•Tempering/Stealing corporate data
and IP
•Files
•Photos of whiteboard drawings
•Recordings of phone calls / meetings
•Use stolen data to perform actions on
employee’s behalf:
•Send Mail/SMS
•Perform phone calls
Threats for individuals
•Monetary losses
•Ransomware
•Premium rate SMS/calls
•Apps purchase
•Privacy loss
•Mobile RATs
•InfoStealers
•Extortionware
•Device abuse
•Advertisement hijacking
•Illicit use of B/W, CPU
5. Mobile Malware Threats Scope
Line of Business Threats (Customer
Facing)
•Credential stealing via phishing /
malware
•In App session fraud (from mobile)
•Account take over (from mobile)
•2nd Factor Authentication
circumvention
Enterprise Threats
(Employees)
•Employee identity theft by stealing
contacts / emails / calendar / SMS /
location
•Tempering/Stealing corporate data
and IP
•Files
•Photos of whiteboard drawings
•Recordings of phone calls / meetings
•Use stolen data to perform actions on
behalf of employee:
•Send Mail/SMS
•Perform phone calls
Threats for individuals
•Monetary losses
•Ransomware
•Premium rate SMS/calls
•Apps purchase
•Privacy loss
•Mobile RATs
•InfoStealers
•Extortionware
•Device abuse
•Advertisement hijacking
•Illicit use of B/W, CPU
Sensitive
Information
Stealing Using the Mobile
device/channel to perform
Attack/Fraud
Monetary loss to
the user
6. Anatomy of a Mobile Attack – How to Get In?
Attack Surface: Data Center
WEB SERVER
Platform Vulnerabilities
Server Misconfiguration
Cross-Site Scripting (XSS)
Cross Site Request Forgery
(CSRF)
Weak Input Validation
Brute Force Attacks
DATABASE
SQL Injection
Privilege Escalation
Data Dumping
OS Command Execution
Attack Surface: Network
Wi-Fi (No/Weak Encryption)
Rouge Access Point
Packet Sniffing
Man-in-the-Middle (MiTM)
Session Hijacking
DNS Poisoning
SSL Stripping
Fake SSL Certificate
Attack Surface: Mobile Device
BROWSER
Phishing
Pharming
Clickjacking
Man-in-the-Middle (MitM)
Buffer overflow
Data Caching
PHONE/SMS
Baseband Attacks
SMishing
APPS
Sensitive Data Storage
No/Weak Encryption
Improper SSL Validation
Dynamic Runtime Injection
Unintended Permissions
garneting
OPERATING SYSTEM
No/Weak Passcode
iOS Jailbreak
Android Root
OS Data Caching
Vendor/Carrier loaded
OS/Apps
No/Weak Encryption
8. Apple’s Walled Garden Security by Design
• Looking at the Apple eco-system “as designed” - legit devices without Jail-Break
• Only Apple controls AppStore
– No “alternative market” support*
– Apple reviews all apps
– Apple can remove apps and ban developers
• iOS Enforces Integrity
– Boot chain is signed
– Only signed code can be installed and executed
• iOS Sandbox
– Process memory isolation
– Filesystem isolation
– Some operations require entitlements (e.g., change
passcode, access camera)
9. Infection Vectors of Non-JB Devices
• Enterprise provisioning (299$/y, valid credit card, D-U-N-S)
• Distributed mostly via link (email/webpage/SMS), or USB
• Legitimate use
– MDM providers and “alternative markets” to some degree
– Other “alternative” markets (Emu4iOS, iNoCydia, …)
• Used maliciously in APT/targeted attacks
Pop Quiz:
Which of the
below pop-ups
is legit?
10. What Can Be Done Inside the Garden (non-JB)?
• Everything legitimately allowed to an app
• Private APIs and vulnerabilities
– Masque attack – replacing legit app with another app
• Trojanized versions of social apps found in Hakcing Team’s leak (August 2015)
12. What Can Be Done Inside the Garden (non-JB)?
• Everything legitimately allowed to an app
• Private APIs and vulnerabilities
– Masque attack – replacing legit app with another app
• Trojanized versions of social apps found in Hakcing Team’s leak (August 2015)
– xCode Ghost (Sept 2015) –
• Infecting Apps through rouge App development environment targeted at credentials stealing
• 300 (or more…) rouge apps removed by Apple from AppStore
– Hiding apps
– Running in background background keylogging
– Running on boot
– Taking screenshots
– Simulating screen/button presses
– Blocking OCSP (online certificate status protocol)
– Privilege escalation / sandbox escape
13. What Can Be Done Inside the Garden (non-JB)?
• APT/Malware
– RCS (2015) – installs alternative keyboard for keylogging + trojanized apps
– WireLurker (2014) – installs additional apps (Chinese game, 3rd party AppStore client,
comic reader)
– Find and Call (2012) – steal user’s contacts
• Apple usually responds fast – eliminating the Apps from the AppStore
14. Jailbreak Land
• What is Jailbreak process?
– Disables iOS enforcements / sandbox
– Introduces 3rd party application stores (e.g., Cydia)
• WW General estimation (2014): ~ 8% of all devices are JB, in China: ~14%
• Trusteer stats (2015) shows only 0.15%, however it may be attributed to the
fact it is detected and enforced by most customers
• Jailbreak hiders attempting to hide the device state
– xCON
– FLEX
• Infection vectors of JB devices
– Rogue apps via 3rd party AppStores
– USB (WireLurker, CloudAtlas)
15. Malware for Jailbroken Devices
• APT / targeted attacks
– Hacking Team RCS – steals contacts, calendar, screen, monitors user inputs, location,
network traffic. Remote exploit to crack device passcode
– Xsser mRAT – Chinese Trojan that steals device info, SMS and emails. Installed via
rogue Cydia
– CloudAtlas – steals device information, contacts, accounts, Apple ID,…
– XAgent “PawnStorm” - steals SMS, contacts, photos, GPS location, installed apps, wifi
status, remotely activates audio recording
– WireLurker – PC trojanize installed apps, steals contacts, SMS, iMessages, Apple ID,
device serial
• “Non-enterprise” malware
– Unfold “Baby Panda” – Chinese Trojan that steals Apple ID and password
– AdThief – hijacks advertisement of installed apps for revenue
17. Android Infection Vectors
• Link via SMS/email (may contain exploits)
– E.g., Xsser mRAT distributed via whatsapp message
• Device preloaded with malware
– DeathRing, Mouabad, “Coolpad” backdoor
– Most common in Asia, some appearance in Spain and Africa
• Physical access of attacker (PC kit to deploy malware)
• USB from infected PC (e.g., DroidPak, WireLurker, AndroidRCS)
18. Android Infection Vectors
• Remote exploit
– 95% of Android devices exposed to Stagefright vulnerability
– On July 2015 ~28% of devices had OS 4.3 or lower which is vulnerable to
AOSP Browser & Masterkey (4years old!!)
• App markets – alternative markets and official Google Play
• Apps could deploy malware, weaponize, use exploits or have
trojanized functionality
20. Android Malware Types
• RATs - commercial or underground surveillanceware
– Tens of variants
– Some publicly available, some in underground, one is even open source
• Network proxy
– NotCompatible malware family
• InfoStealers
– Keyloggers, Overlay malware
21. The appearance of PC grade mobile malware
• “GM Bot” / “Mazar Banking Software” – recently appeared in global mobile malware
landscape
• Extensive PC malware like capabilities including:
– Dynamic Configuration via C&C
– Configurable Banking App injection/Overlay capabilities
– Ready made modules being sold to attack WW banks and financial services users in Australia,
Austria, France, Czech Republic, Hungary, Spain, Singapore, Germany, Poland, India, Turkey, New
Zealand, US
22. Android Malware Types
• High-end APT/targeted attacks
– Hacking Team RCS in Saudi Arabia (?-2015) - “Qatif Today” repack
– Xsser mRAT (2014)
• Chinese trojan spies on HongKong activists, steals contacts, SMS, calls, location, photos, mails, browser history,
audio (microphone), remote shell, and call
– RedOctober/CloudAtlas (2014)
• steals accounts, locations, contacts, files, calls, SMS, calendar, bookmarks, audio (microphone)
– APT1 (2013) - “Kakao Talk” repack
• spies on Tibetan activists contacts/SMS/location
– Word Uyghur Congress (2013)
• spies on Tibetan activists contacts/SMS/calls/location
– LuckyCat APT campaign (2012)
• phone info, file dir/upload/download, remote shell
– FinSpy mobile (2011) – Gamma Group’s APT, tied to Egypt
23. Android Malware and RATs Capabilities Overview
• Information theft
– Contacts
– Call log history
– Messages (SMS, LINE, Whatsapp, Viber, Skype,
Gtalk, Facebook, Twitter, …)
– Emails
– Geographical location
– Network data (wireless network SSID/password),
location, network state
– Phone information
(number/IMEI/IMSI/Vendor/model/Operator/SIM
serial/OS)
– Google Account
– Browsing history
– Photos/Videos/Audio
– Screenshots
– Clipboard content
– Arbitrary files on SD card
• Remote control
– Activation/delayed activation and capturing of
audio/video/photos/phone calls
– Execute shell / run exploits
– Launch browser
– Send SMS
– Make phone call
– Download/delete files
24. Commercial RAT Examples – SandroRAT/DroidJack Evolution
• Sandroid -> SandroRAT -> DroidJack
No root access
required!
8,380 DriodJack tutorials
currently on Google
26. Network Proxy to Corporate Resources
• NotCompatible.C
– General purpose, proxying network (TCP/UDP)
– Has been used for spam, bruteforce, bulk ticket purchase
• Banks & other Enterprises could be a next target
27. Threats Summary
• Advanced/targeted attacks are real
– More dominant Asia, China being major player
– Global threat - HackingCrew , HackingTeam
• Most dominant threat are RATs
– Android – most easy to infect, highly commercialized
– Jailbroken iOS – has been done only in targeted attacks
– Non-JB iOS – effectively no (reported) harm done, even in targeted attacks but threat is imminent
• Vulnerabilities
– Applicable to iOS and Android, more problematic for Android due to highly segregated market
– Associated only with advanced/targeted attacks
• Network based attacks
– Imminent threat, no malicious incident reported yet
28. Taking action is easy
IBM Mobile Threat Management can effectively prevent
and take action against malware & threats
30. Taking action is easy - using layered security
Secure
the Device
Secure
the Content
Secure
the App
Secure
the Network
The MaaS360 layered security model
31. Taking action is easy
Managed Devices
(Owned/BYOD)
• Device level Security
• Using EMM/MDM to enforce
sensitive information access
policy
• MDM should include advanced
rooting/jailbreak & malware
detection
• Scan Home grown apps for
vulnerabilities
Unmanaged Devices
(Customers, partners, agents,
brokers, contractors)
• Application Level Security
• Every App should have
capabilities to assess device
security
• In-app enforcement of sensitive
info/operations
• Scan home grown apps for
vulnerabilities
32. IBM MaaS360 Mobile Threat Management
Detects, analyzes and remediates mobile risks
delivering a new layer of security for Enterprise Mobility
Management (EMM) with the integration of IBM
Security Trusteer® to protect against:
• Mobile malware
• Suspicious system configurations
• Compromised jailbroken or rooted devices
33. IBM Security QRadar integration with MaaS360
• Continuous Mobile Visibility
– Detect when smartphones and tablets are attempting to connect to the network
– Monitor enrollment of personally owned and corporate-liable devices
– Gain awareness of unauthorized devices
– Learn when users install blacklisted apps and access restricted websites
• Compromised Device Remediation
– Uncover devices infected with malware before they compromise your enterprise data
– Identify jailbroken iOS devices and rooted Android devices
– Set security policies and compliance rules to automate remediation
– Block access, or perform a selective wipe or full wipe of compromised devices
View MaaS360 compliance rule violations through IBM Security QRadar
34. View Out of Compliance events from MaaS360 on QRadar
35. 34
Summary
• Malware exists on mobile and can pose a significant threat to your
organization’s IP / data
• Trusteer can aid in safeguarding this on mobile
• MaaS360 + Trusteer can detect and take actions on mobile devices
• MaaS360 reports mobile device events to QRadar for consolidated
reporting
36. Talk to a Mobile Expert: Visit IBM MaaS360 in the Expo Hall
Talk to an IBM MaaS360 Expert, Watch a Demo and Receive a
Mobile Themed Giveaway!
• Charge your Device Courtesy of MaaS360
• IBM Security Booth #314 (**charger location)
• IBM MobileFirst Booth #530 (**charger location)
• IBM Box Booth #202
• AT&T Booth #561
Like what you see? Try us out!
• Visit ibm.com/maas360 for free trial details
35
38. Notices and Disclaimers Con’t.
37
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not
tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products.
Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the
ability of any such third-party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
The provision of the information contained h erein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual
property right.
IBM, the IBM logo, ibm.com, Aspera®, Bluemix, Blueworks Live, CICS, Clearcase, Cognos®, DOORS®, Emptoris®, Enterprise Document Management System™, FASP®,
FileNet®, Global Business Services ®, Global Technology Services ®, IBM ExperienceOne™, IBM SmartCloud®, IBM Social Business®, Information on Demand, ILOG,
Maximo®, MQIntegrator®, MQSeries®, Netcool®, OMEGAMON, OpenPower, PureAnalytics™, PureApplication®, pureCluster™, PureCoverage®, PureData®,
PureExperience®, PureFlex®, pureQuery®, pureScale®, PureSystems®, QRadar®, Rational®, Rhapsody®, Smarter Commerce®, SoDA, SPSS, Sterling Commerce®,
StoredIQ, Tealeaf®, Tivoli®, Trusteer®, Unica®, urban{code}®, Watson, WebSphere®, Worklight®, X-Force® and System z® Z/OS, are trademarks of International Business
Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM
trademarks is available on the Web at "Copyright and trademark information" at: www.ibm.com/legal/copytrade.shtml.
39. Thank You
Your Feedback is Important!
Access the InterConnect 2016 Conference Attendee
Portal to complete your session surveys from your
smartphone, laptop or conference kiosk.