This document discusses how DNS can be used as an attack vector and the importance of DNS security. It provides examples of how attackers can use DNS for command and control of botnets, data exfiltration, and domain generation algorithms. The document also describes Cisco's Umbrella security solution, which uses DNS enforcement and threat intelligence to protect networks and devices from internet malware, C2 botnets, phishing, and other threats.
In this breakout session Cerdant's top engineers, Jeremiah Johnson and Jason Palm displayed how to get the most out of your SonicWALL device by utilizing advanced features like Capture ATP and DPI-SSL.
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
This project is devoted to presenting a solution to protect web pages that acquire passwords and user names against HTML brute force.
By performing a brute force password auditing against web servers that are using HTTP authentication with Nmap and detect this attack using snort IDS/IPS on PFSense Firewall.
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
Building secure software starts from the very beginning of the development process. Trying to fix security at the end of the development cycle is much harder. And even if it is impossible to build systems that would be totally secure from every breach attempt and that have no flaws, you can build systems that cyber attackers will find extremely hard to breach. Find out more how to build secure systems from the webinar recording in the following link and the presentation slides.
https://business.f-secure.com/how-to-build-systems-that-resist-attacks/
Auditing Archives: The Case of the File Sharing FranchiseeSecurityMetrics
An unfortunate franchisee with hundreds of restaurant locations hired an IT company with little security skills to configure their restaurant POS systems across multiple locations. By allowing every restaurant access to the same programs and files back at corporate HQ, it promoted process consistency across each restaurant management system, making information exchange easy, but also opening security holes.
In this breakout session Cerdant's top engineers, Jeremiah Johnson and Jason Palm displayed how to get the most out of your SonicWALL device by utilizing advanced features like Capture ATP and DPI-SSL.
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
This project is devoted to presenting a solution to protect web pages that acquire passwords and user names against HTML brute force.
By performing a brute force password auditing against web servers that are using HTTP authentication with Nmap and detect this attack using snort IDS/IPS on PFSense Firewall.
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
Building secure software starts from the very beginning of the development process. Trying to fix security at the end of the development cycle is much harder. And even if it is impossible to build systems that would be totally secure from every breach attempt and that have no flaws, you can build systems that cyber attackers will find extremely hard to breach. Find out more how to build secure systems from the webinar recording in the following link and the presentation slides.
https://business.f-secure.com/how-to-build-systems-that-resist-attacks/
Auditing Archives: The Case of the File Sharing FranchiseeSecurityMetrics
An unfortunate franchisee with hundreds of restaurant locations hired an IT company with little security skills to configure their restaurant POS systems across multiple locations. By allowing every restaurant access to the same programs and files back at corporate HQ, it promoted process consistency across each restaurant management system, making information exchange easy, but also opening security holes.
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
This webinar looks at Isolation from different viewpoints. Learn from a Menlo Security customer, along with John Pescatore, Director of Emerging Technologies at SANS Institute, and Kowsik Guruswamy, Menlo Security CTO, as they explore why organizations around the globe are looking at isolation as the means to protect their users from ever-present web and email dangers.
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
This Session will focus on Mobile Top 10 2014-M3 : Insufficient Transport Layer protection. We will try to understand Transport Layer, Transport layer security (TLS), insecurities in TLS/SSL, and how this affects the overall security of Mobile Devices as well as what kind of protection can be applied and how this can be identified..
This shared slides is containing some of the basic information about Router Hardening project which my team and I did in our network security class project and we used it to present our project's process and procedures. Our project scenario was to harden the network and routers for hypothetical organization so we decided to do it for a bank and we called it ANS bank referring to first letters of the team members.
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
This project is devoted to presenting a solution to protect web pages that acquire passwords and user names against HTML brute force.
By performing a brute force password auditing against web servers that are using HTTP authentication with Nmap and detect this attack using snort IDS/IPS on PFSense Firewall.
OWASP Top 10 2017 - New VulnerabilitiesDilum Bandara
New Vulnerabilities introduced in OWASP Top 10 2017. Cover Broken Access Control ,
XML External Entities (XXE), Insecure Deserialization, and Insufficient Logging & Monitoring, as well as solutions
There are many ways to protect servers from cyber-attacks. However, in the end, your best defense is to limit the attacker’s options. You can do this by minimizing the possible entry points into your network, by minimizing the tools available on the server, by making the data difficult to access in various ways, and by making the data useless when extracted from the content. Learn more about the ways to defend servers by watching the webinar recording from the following link and find more information in this presentation slides.
https://business.f-secure.com/defending-servers-recording-from-cyber-security-webinar-3/
There is nothing mystical about cyber security. Any company can be a target – if not specifically selected, then a target of opportunity. Cyber attackers try to get their victims any way they can, and will do anything to profit. Watch the recording of cyber-security first webinar and download the presentation materiel to learn more how you can prevent from targeted cyber attacks.
Article URL : https://business.f-secure.com/cyber-security-what-is-it-all-about/
Cerdant is celebrating its 15th year providing the best security possible to all our customers. Our system enhancements and increased IDS capabilities will shorten the time interval on “discovery and containment” to reduce or eliminate “exfiltration”. Mike also reviewed the top information security stories of 2016 and revealed the top tools for combatting cybercriminals.
Cybercrime is a business just like any other. And in business, there are budgets to stick to, and bosses to report to. Therefore, most cyber criminals are after easy money. They want quick wins with minimal effort – just because they can! Mass production is the key to profitability, even in the malware business.
Learn more about the specific actions you can and should take to secure your workstations in the webinar recording in the following link and the presentation slides here.
https://business.f-secure.com/defending-workstations-recording-from-cyber-security-webinar-2/
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAlienVault
During this technical one-hour session, Santiago Gonzalez, an OSSEC core team member (System integration, rules & SIEM) and AlienVault Director of Professional Services, will demonstrate how to integrate OSSEC with other 3rd party applications for greater security visibility and response.
To learn more, check out the video: https://www.alienvault.com/resource-center/webcasts/advanced-ossec-training-integration-strategies-for-open-source-security
This gives insight on how people manipulate online servers to do harm, *without* exposing security risks.This simply explains whats going on during this activity and how to protect yourself.
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
This webinar looks at Isolation from different viewpoints. Learn from a Menlo Security customer, along with John Pescatore, Director of Emerging Technologies at SANS Institute, and Kowsik Guruswamy, Menlo Security CTO, as they explore why organizations around the globe are looking at isolation as the means to protect their users from ever-present web and email dangers.
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer ProtectionAnant Shrivastava
This Session will focus on Mobile Top 10 2014-M3 : Insufficient Transport Layer protection. We will try to understand Transport Layer, Transport layer security (TLS), insecurities in TLS/SSL, and how this affects the overall security of Mobile Devices as well as what kind of protection can be applied and how this can be identified..
This shared slides is containing some of the basic information about Router Hardening project which my team and I did in our network security class project and we used it to present our project's process and procedures. Our project scenario was to harden the network and routers for hypothetical organization so we decided to do it for a bank and we called it ANS bank referring to first letters of the team members.
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
This project is devoted to presenting a solution to protect web pages that acquire passwords and user names against HTML brute force.
By performing a brute force password auditing against web servers that are using HTTP authentication with Nmap and detect this attack using snort IDS/IPS on PFSense Firewall.
OWASP Top 10 2017 - New VulnerabilitiesDilum Bandara
New Vulnerabilities introduced in OWASP Top 10 2017. Cover Broken Access Control ,
XML External Entities (XXE), Insecure Deserialization, and Insufficient Logging & Monitoring, as well as solutions
There are many ways to protect servers from cyber-attacks. However, in the end, your best defense is to limit the attacker’s options. You can do this by minimizing the possible entry points into your network, by minimizing the tools available on the server, by making the data difficult to access in various ways, and by making the data useless when extracted from the content. Learn more about the ways to defend servers by watching the webinar recording from the following link and find more information in this presentation slides.
https://business.f-secure.com/defending-servers-recording-from-cyber-security-webinar-3/
There is nothing mystical about cyber security. Any company can be a target – if not specifically selected, then a target of opportunity. Cyber attackers try to get their victims any way they can, and will do anything to profit. Watch the recording of cyber-security first webinar and download the presentation materiel to learn more how you can prevent from targeted cyber attacks.
Article URL : https://business.f-secure.com/cyber-security-what-is-it-all-about/
Cerdant is celebrating its 15th year providing the best security possible to all our customers. Our system enhancements and increased IDS capabilities will shorten the time interval on “discovery and containment” to reduce or eliminate “exfiltration”. Mike also reviewed the top information security stories of 2016 and revealed the top tools for combatting cybercriminals.
Cybercrime is a business just like any other. And in business, there are budgets to stick to, and bosses to report to. Therefore, most cyber criminals are after easy money. They want quick wins with minimal effort – just because they can! Mass production is the key to profitability, even in the malware business.
Learn more about the specific actions you can and should take to secure your workstations in the webinar recording in the following link and the presentation slides here.
https://business.f-secure.com/defending-workstations-recording-from-cyber-security-webinar-2/
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAlienVault
During this technical one-hour session, Santiago Gonzalez, an OSSEC core team member (System integration, rules & SIEM) and AlienVault Director of Professional Services, will demonstrate how to integrate OSSEC with other 3rd party applications for greater security visibility and response.
To learn more, check out the video: https://www.alienvault.com/resource-center/webcasts/advanced-ossec-training-integration-strategies-for-open-source-security
This gives insight on how people manipulate online servers to do harm, *without* exposing security risks.This simply explains whats going on during this activity and how to protect yourself.
How to hack a telecom and stay alive
Speaker: Sergey Gordeychik
Penetration testing of telecommunication companies' networks is one of the most complicated and interesting tasks of this kind. Millions of IPs, thousands of nodes, hundreds of Web servers and only one spare month. What challenges are waiting for an auditor during the telecom network testing? What to pay attention on? How to use the working time more effectively? Why is the subscriber more dangerous than hacker? Why is contractor more dangerous than subscriber? How to connect vulnerability with financial losses? Sergey Gordeychik will tell about it and the most significant and funny cases of penetration testing of telecommunication networks in his report.
A presentation+class delivered to a PHP developer group at Brown University that discussed Web Application Security with a heavy emphasis on PHP, and discussed security in the SDLC, and showed with some examples what to do and not do
Ethical Hacking: Safeguarding Systems through Responsible Security Testingchampubhaiya8
This PowerPoint presentation provides an in-depth exploration of ethical hacking, a crucial practice in the realm of cybersecurity. Ethical hacking involves authorized and controlled attempts to identify vulnerabilities in computer systems, networks, or applications to strengthen overall security. The presentation covers key aspects such as legal considerations, the ethical framework, methodologies, and best practices for conducting ethical hacking.
Revista Cisco Live, a revista mais tecnológica de todas. Fique por dentro das tendências do mundo de TI e das opiniões de profissionais de diversos setores.
Como empresas investem em tecnologia e iniciam a jornada da transformação digital, com melhor atendimento ao cliente, mobilidade no espaço de trabalho, conectividade, segurança e sistemas digitais.
VAREJO – Rede Aliansce usa WiFi para estimular consumo em shoppings
SEGURANÇA – Cisco incorpora CloudLock e amplia portfólio de proteção às corporações
MERCADO – Setor de Óleo & Gás pode usar novas tecnologias para aumentar eficiência
Nova plataforma funciona como uma máquina do tempo para o data center, permitindo que as empresas possam analisar o que aconteceu, acompanhar o que está acontecendo em tempo real e mapear o que pode acontecer.
A Tetration visa atender operações críticas dos data centers, tais como o cumprimento das políticas, aplicação de análise forense e mudança para um modelo de segurança com atribuição de permissões. Por meio de monitoramento contínuo, análise e elaboração de relatórios, a plataforma Tetration Analytics oferece aos gestores de tecnologia uma compreensão mais aprofundada sobre o data center, capaz de simplificar drasticamente a confiabilidade operacional, operações do modelo de segurança “Zero Trust” e migrações de aplicativos para soluções definidas por software (SDN) e para a nuvem.
Em 2015, Cisco assumiu a liderança do mercado de servidores blade na America Latina, com 29,46% de market share e crescimento anual de 6,75%, segundo a IDC.
Às vezes, todos nós precisamos de um guia.
Algo que nos leve de onde estamos para onde queremos chegar. Nada mais justo. Se existem guias para a exploração de mundos de jogos, deveríamos também ter um guia que mostre como atingir o objetivo da transformação da rede.
Nós concordamos.
A transformação digital com a internet de todas as coisasCisco do Brasil
Casos de Sucesso de clientes.
Agora o termo “digital” está por toda parte – transformação digital, empresa digital e digitalização são os principais tópicos em quase todas as discussões sobre tecnologia e negócios. Embora atualmente muitos estejam definindo o que significa ser digital, poucas pessoas definiram como os mercados, as cidades e os países estão se tornando digitais.
A Cisco e os nossos parceiros têm trabalhado com clientes inovadores em todo o mundo para ajudá-los a se tornarem digitais. Estamos criando e implementando roadmaps digitais e transformações nos mercados, desde a produção até varejo e governo. Ajudamos países a transformarem a experiência dos cidadãos, bancos a reinventarem a experiência do cliente e provedores de energia a serem mais eficientes. E já estamos em ação.
Nós o convidamos a ler as histórias de empresas inovadoras que estão usando a Internet de Todas as Coisas para se tornarem digitais. Elas estão transformando a tecnologia em resultados comerciais e promovendo mudanças reais na forma como trabalhamos, vivemos, nos divertimos e aprendemos.
Relatório anual de segurança da Cisco de 2016 Cisco do Brasil
Criminosos e defensores desenvolvem tecnologias e táticas cada
vez mais sofisticadas. Os criminosos criam infraestruturas sólidas
de back-end, com as quais iniciam e apoiam suas campanhas.
Criminosos on-line aprimoram suas técnicas para tirar dinheiro
das vítimas e burlar a detecção, enquanto continuam roubando
dados e propriedade intelectual.
O Relatório Anual de Segurança da Cisco de 2016, que apresenta
dados de pesquisa, insights e perspectivas da Cisco Security
Research, destaca os desafios que os defensores enfrentam
para detectar e bloquear invasores que empregam um arsenal de
ferramentas variadas e em constante evolução. O relatório também
inclui a pesquisa de especialistas externos, como a Level 3 Threat
Research Labs, para esclarecer melhor as atuais tendências
de ameaças.
Analisamos atentamente os dados compilados pelos pesquisadores
da Cisco para mostrar as mudanças ao longo do tempo, fornecer
insights sobre o que esses dados significam e explicar como
os profissionais de segurança devem responder às ameaças.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
When stars align: studies in data quality, knowledge graphs, and machine lear...
O seu DNS está protegido
1. Fernando Zamai – fzamai@cisco.com
Security Consulting
Aug, 2016
Ele pode ser seu vetor de ataques.
Seu DNS está protegido?
2. enterprise network
Attacker
Perimeter
(Inbound)
Perimeter
(Outbound)
Research targets
11
C2 Server
Spear Phishing
(you@acme.com)
2
https://welcome.to.jangle.com/exploit.php
Victim clicks link unwittingly3
Bot installed, back door established and
receives commands from C2 server
4
Scan LAN for vulnerable hosts to exploit &
find privileged users
5
Privileged account found.6
Admin Node
Data exfiltrated7
System compromised and data breached.8
Vulnerabilities, Exploits, Malware
Hacked Mail Server – acme.com
Hacked Web Server – jangle.com
Main Vectors
4. DNS Tunnel
DNS Server
bad.net
10011001
11100010
11010100
10010010
01001000
DNS Query
alknfijuqwelrkmmvclkmzxcladlfmaelrkjalm.bad.net
DNS Answer
alknfijuqwelrkmmvclkmzxcladlfmaelrkjalm.bad.net = 2.100.4.30
10011001
11100010
11010100
10010010
01001000
http://blog.talosintel.com/2016/06/detecting-dns-data-exfiltration.html
Authoritative DNS
root
com.
cisco.com.
5. INTERNET
MALWARE
C2/BOTNETS
PHISHING
AV
AV
AV AV
ROUTER/UTM
AV AV
ROUTER/UTM
SANDBOX
PROXY
NGFW
NETFLOW
AV AV
AV AV
MID LAYER
LAST LAYER
MID LAYER
LAST LAYER
MID LAYER
FIRST
LAYER
Where Do You Enforce Security?
Perimeter
Perimeter Perimeter
Endpoint
Endpoint
CHALLENGES
Too Many Alerts via
Appliances & AV
Wait Until Payloads
Reaches Target
Too Much Time to
Deploy Everywhere
BENEFITS
Alerts Reduced 2-10x;
Improves Your SIEM
Traffic & Payloads
Never Reach Target
Provision Globally in
UNDER 30 MINUTES
8. Our View of the Internet
providing visibility into global Internet activity (e.g. BGP, AS, Whois, DNS)
9. We See Where Attacks Are Staged
using modern data analysis to surface threat activity in unique ways
10. Apply
statistical models and
human intelligence
Identify
probable
malicious sites
Ingest
millions of data
points per second
How Our Security Classification Works
a.ru
b.cn
7.7.1.3
e.net
5.9.0.1
p.com/jpg
12. A New Layer of Breach Protection
Threat Prevention
Not just threat detection
Protects On & Off Network
Not limited to devices forwarding traffic through on-prem
appliances
Turn-Key & Custom API-Based Integrations
Does not require professional services to setup
Block by Domains, IPs & URLs for All Ports
Not just ports 80/443 or only IPs
Always Up to Date
No need for device to VPN back to an on-prem server for
updates
UMBRELLA
Enforcement
13. A Single, Correlated Source of Information
INVESTIGATE
WHOIS record data
ASN attribution
IP geolocation
IP reputation scores
Domain reputation scores
Domain co-occurrences
Anomaly detection (DGAs, FFNs)
DNS request patterns/geo. distribution
Passive DNS database
25. OpenDNS Works With Everything You Use
FUTURE-PROOF
EXTENSIBILITY
ANY
NETWORK
Routers, Wi-Fi,
SDN
ANY
ENDPOINT
VPN, IoE ANY
TECHNOLOGY
Firewalls,
Gateways
SECURE APIs
OPEN TO EVERYONE
SECURITY
PROVIDERS
FireEye, Cisco,
Check Point
NETWORK
PROVIDERS
Meraki, Aruba,
Aerohive
CUSTOMERS
In-house
Security
Systems
26. ENDPOINT
SECURITY
(block by
file, behavior)
How OpenDNS Complements On-Network
Security Stack
NETWORK
FIREWALL
(block by
IP, packet)
WEB
PROXY
(block by
URL, content)
OpenDNS
UMBRELLA
(block by
domain/IP, URL)
28. 1 2 3
CLOUD SERVICE W/FULL
SELF-PROVISIONED TRIAL
Point DNS traffic from one office without
hardware or software and without network
topology changes
or device configuration changes
ADD OFF-NET COVERAGE &
PER-DEVICE VISIBILITY
Protect your weakest links and identify
which specific devices (or users) are
targeted by attacks; self-updating software
is required
EXTEND PROTECTION &
ENRICH DATA VIA APIs
Help SOC teams to get more value out
of existing investments like FireEye and
incident response teams investigate
threats faster
Get Started in 30 Seconds…Really