In this webinar; our Wireless & Network Security Product Expert, will walk you through how to secure connected devices and understanding wireless threats
2. Helping customers improve security posture since 2001
Full stack security assessment
Over 2,000 customers in all regions of the world
Really good at breaking technology
Recently acquired Pwnie Express
3. Outpost24 Template
2019
Today’s topic
3
• Shadow devices and potential wireless
threats
• How hackers use airborne attacks to bypass
security measures
• Why asset and device visibility is critical to
wireless security
• Improving threat detection
• Monitoring and enforcing network access
policies
• Takeaways
4. Outpost24 Template
2019
Today’s topic
4
Why risk is the new normal
Adapting to the threat landscape
Bringing in the business context
Business aligned remediation
Takeaways
View from a:
• business perspective
• With a little added tech
6. Traditional wired networks had a simple security model
• One Way in, One way out
• Everything inside is ‘trusted’
7. Traditional wired networks had a simple security model
• One Way in, One way out
• Everything inside is ‘trusted’
…but wireless networks, quite literally, turn your network inside-out…
14. Evil Twin Access Points
14
Weak Wireless signal
Strong Wireless signal
Safe Corporate WirelessUnsafe Access Point
SSID: Acme_WirelessSSID: Acme_Wireless
Rogue access point
broadcasts the same
SSID as the corporate
access point
25. Meet Brian
25
• Brian is a problem.
• Almost nobody knows Brian is a problem
• Brian knows he is a problem
… and so does the guy outside……
26. But that’s Ok…..We have a wireless audit…
Take an example Security Standard: PCI DSS. 11.1
11.1 - Implement processes to test for the presence of wireless access
points (802.11)
26
27. But that’s Ok…..We have a wireless audit…
Take an example Security Standard: PCI DSS. 11.1
11.1 - Implement processes to test for the presence of wireless access
points (802.11) and detect and identify all authorized and unauthorized
wireless access points
27
28. But that’s Ok…..We have a wireless audit…
Take an example Security Standard: PCI DSS. 11.1
11.1 - Implement processes to test for the presence of wireless access
points (802.11) and detect and identify all authorized and unauthorized
wireless access points on a quarterly basis. Maintain an inventory of
authorized wireless access points and implement incident response
procedures in the event unauthorized wireless access points are
detected.
28
32. 3232
Understanding the airspace
Classify and Normalize
Take Discovered data and transform
into more meaningful data
Report
View historical data which has previously been
gathered about a specific device
Continuousmonitoring
Always looking at the wireless airspace
to identify any threats as and when
they are seen
Correlate
Correlate with previously discovered
data to identify anomalies and risks
Alert
If alert required due to
configuration of alerts.
Discover
Start with Raw data
36. • Wireless networking has changed the
way we need to think
• Its an old problem, that’s growing
rapidly
• You can only protect yourself from
what you know about
• Securing the airspace is no different
to securing a traditional network
• Don’t let a Brian disrupt your
business.
Takeaways