Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly.
Together with our event partners Cisco, F5, and Bromium, Scalar brings you solutions to these problems, as well as a full presentation on our managed security services portfolio.
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
How can mobile device data be protected? This SANS webcast reviews the current and emerging services and practices designed to help secure and protect the data on these devices, and identifies areas where solutions are needed to fill the remaining gaps and provides recommendations for a holistic approach including mobile threat protection.
As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet, protecting all your users within minutes.
Cisco Advanced Malware Protection offers global threat intelligence, advanced sandboxing and real-time malware blocking to prevent breaches while it continuously analyzes file activity across your network, so that you can quickly detect, contain and remove advanced malware.
Presentation of Cisco Security Architecture and Solutions such as Cisco Advanced Malware Protection (AMP) and Cisco Umbrella during Simplex-Cisco Technology Session that took place at the Londa Hotel in Limassol on 14 March 2018.
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly.
Together with our event partners Cisco, F5, and Bromium, Scalar brings you solutions to these problems, as well as a full presentation on our managed security services portfolio.
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
How can mobile device data be protected? This SANS webcast reviews the current and emerging services and practices designed to help secure and protect the data on these devices, and identifies areas where solutions are needed to fill the remaining gaps and provides recommendations for a holistic approach including mobile threat protection.
As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet, protecting all your users within minutes.
Cisco Advanced Malware Protection offers global threat intelligence, advanced sandboxing and real-time malware blocking to prevent breaches while it continuously analyzes file activity across your network, so that you can quickly detect, contain and remove advanced malware.
Presentation of Cisco Security Architecture and Solutions such as Cisco Advanced Malware Protection (AMP) and Cisco Umbrella during Simplex-Cisco Technology Session that took place at the Londa Hotel in Limassol on 14 March 2018.
Watch the webinar recording: http://hubs.ly/y0XwTS0
In this RSA Conference webcast, security experts Adi Sharabani and Yair Amit describe the current threat landscape for mobile devices and discuss security strategies.
Advanced threat security - Cyber Security For The Real WorldCisco Canada
Cisco delivers intelligent cybersecurity for the real world, providing one of the industry's most comprehensive advanced threat protection portfolio of solutions and services that are integrated, pervasive, continuous and open.
Cisco's threat-centric approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly -- before, during, and after an attack.
More information on security here: http://bit.ly/1paUnZV
This presentations highlights the Cisco Security Architecture. For more information Cisco's security products and solutions please visit our website here: http://www.cisco.com/web/CA/products/vpn.html
Supply Chain Threats to the US Energy SectorKaspersky
This presentation by Cynthia James discusses steps to take towards cyber-securing the supply chain of Energy sector organizations in the U.S. From the biggest challenges to a review of regulation and compliance guidelines, this deck covers three areas of Energy: nuclear, electric and "other".
Cynthia James is a CISSP (Certified Information Systems Security Professional) and frequent presenter for the TABD group at Kaspersky Lab, global provider of cybersecurity solutions. With 9 years of experience in the cybersecurity space, Cynthia is a regular speaker on the subject and has authored a book on cybercrime: “Stop Cybercrime from Ruining Your Life".
Tools for Evaluating Mobile Threat Defense SolutionsSkycure
View recorded webinar - http://get.skycure.com/evaluating-mobile-threat-defense-solution
Get the tools and information you need to make the evaluation process of Mobile Threat Defense solutions easier and ensure your success.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Kaspersky Lab, one of the world’s fastest-growing cybersecurity companies and the largest that is privately-owned, presents a short story about the company - its Values, Business, Solutions, i.e. what we think and strive for in our business, how we develop our technologies and solutions to protect our customers and people around the globe against cyberthreats, as well as the results we've managed to achieve.
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...Skybox Security
If you’re tasked with keeping your enterprise network infrastructure secure against cyber attacks, then you’d better start thinking like a hacker. Do you know what your network looks like? Where are all the access points? Can you create a short list of the most vital vulnerabilities a hacker could exploit? And how long does it take you to get this info? Days? Weeks? Never?
In this webcast, we will discuss a practical game plan to continuously monitor your cyber security status and proactively fix concerns before they become a data breach or attack. Learn how to minimize risks by combining a detailed understanding of your network topology, cyber threats, and likely attack scenarios with everyday security management processes. This webcast is appropriate for firewall and network administrators, IT security managers, and CISOs in medium to large business and government agencies.
We will examine:
• Network mapping – How to create a virtual network model to use for security architecture planning and policy compliance checks
• Access analysis – Ways to identify all network access routes , to block unauthorized access and quickly troubleshoot network availability issues
• Securing the perimeter – Enable daily checks of firewalls and network devices to keep them configured securely
• Attack simulation – Find and fix the vulnerabilities most likely to be used in an attack – every day
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesSkybox Security
“How secure are we?” “What's our strategy for advanced threats?” “How do we manage changes?” “What should we focus on?” “How is risk changing over time?” These are the difficult questions that IT security and network operations professionals face daily. The answer is in your data. Risk analytics is critical to answering the questions you face every day, opening new paths to find and prioritise vulnerabilities, quickly find firewall rule errors, and determine potential threats before they can be exploited.
This presentation is targeted at enterprise IT professionals looking to add security metrics and analytics into their security program.
- Understand why the existing approaches, processes and technologies for IT security get less effective over time
- Know what metrics and analytics are missing from your current strategy
- Recognise how risk analytics can be used to automate and secure your network devices
- Understand how vulnerability management process can be optimized with risk analytics - See how a risk analytics platform can impact an organisation
Despite advances in security, hackers continue to break through network defenses. In this hour-long webinar, network security specialist Catherine Paquet will examine the favorite methods and targets of hackers and will introduce you to the different categories of security technologies. In this foundational presentation, you will learn about the benefits of security solutions such as firewalls, VPNs, IPS, identity services and BYOD.
Network security specialist Catherine Paquetl fills you in on advanced threat protection that integrates real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention, Sourcefire.
ABOUT THE PRESENTER
Catherine Paquet, CCSI, CCNP Security, CCNP Routing and Switching, is a network security specialist. She began her internetworking career as a LAN manager, then MAN manager, and eventually became a nationwide WAN manager with the Department of National Defence. Paquet lectures around the world on security topics, including firewalls, VPNs, intrusion prevention, identity systems, email and Web security, and router and switch security. During her spare time, she authors Cisco Press books, and she volunteers as a network security analyst to nonprofit organizations. Paquet attended the Royal Military College Saint-Jean (Canada) and holds an MBA in Management Information Systems (MIS) from York University.
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...patmisasi
Responding to cyber incidents is not what it used to be, the landscape has changed considerably; proactive response now requires the use of many tools and extensive coordination and expertise. Adding to the complexity is the common confusion between IR and forensics. Where does forensics begin and incident response start? What incidents require forensic investigation? And what should you know to pull the pieces together?
Embarking on creating an incident response (IR) program can be challenging and frustrating. This presentation discusses that in order to adequately prepare for security incidents you need an IR framework that can lay the foundation for your IR plan and in turn help describe attacks. Describing attacks is important because you cannot respond to what you cannot identify.
VERIS will be used as an example framework to help you along your path in creating a successful cyber response program.
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Decisions
On April 15, 2015, Scalar hosted our Security Roadshow in Toronto where we'll be focused on defence in three key areas - endpoint, application, and network. Led by our team of experts, these quick-fire, interactive sessions will arm you with the knowledge you need to improve your cyber security posture in some of the most common areas of vulnerability.
Defend the Endpoint with Bromium
Bromium is a new security protection tool for the host that relies on task-based virtualization. In this demo we'll look at how Bromium runs and protects the endpoint. We'll invite 0days from the audience and bring our own to show how the system really works. Much like how each virtual server is contained in a hypervisor, with Bromium each individual task on a host is contained in its own task-based virtual container. If you’ve ever looked at the Windows Task Manager, or the output of a Unix ‘ps’ process list, imagine if each group of processes, that makes up the task, was contained in its own hypervisor. That can be 40-50 tasks or more, each isolated in its own little hypervisor with no real access to the host.
Why is task virtualization helpful? By keeping each task in its own hypervisor, Bromium gives you a bottoms-up view of each individual task’s behaviour – without impacting system performance. If each process is contained in its own hypervisor, it’s easy to see when a process begins spawning other activities or creating any unusual traffic. Basically, it can very easily identify anything shifty. This is the most granular level of inspection you can get at a host level – Bromium is there at the very beginning when the virus begins to execute.
Defend the Application with WhiteHat
In this session we will look at a newer approach to application security and penetration testing, which combines persistent and automated testing processes to continuously monitor applications for vulnerabilities, as well as deep inspection of the business logic by trained specialists. This approach exceeds newer PCI 3 requirements and provides ongoing assurance that web application vulnerabilities are quickly detected and tracked to remediation.
We'll walk through the WhiteHat Security client management portal and discuss the WhiteHat methodology that can now be used, by you, to leverage the 150+ application specialists at WhiteHat to build a continuous application assessment process for your company's active web applications and software development teams.
Defend the Network with LogRhythm
As the security landscape changes, Security Information and Event Management (SIEM) tools that detect and investigate security breaches and threats have become increasingly complex to implement, integrate, and support. Inefficient solutions leave organizations slow to defend against and respond to complex attacks.
LogRhythm’s Security Intelligence Platform has removed the complexity from SIEM, while leveraging real-time threat intelligence with behavioural an
Watch the webinar recording: http://hubs.ly/y0XwTS0
In this RSA Conference webcast, security experts Adi Sharabani and Yair Amit describe the current threat landscape for mobile devices and discuss security strategies.
Advanced threat security - Cyber Security For The Real WorldCisco Canada
Cisco delivers intelligent cybersecurity for the real world, providing one of the industry's most comprehensive advanced threat protection portfolio of solutions and services that are integrated, pervasive, continuous and open.
Cisco's threat-centric approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly -- before, during, and after an attack.
More information on security here: http://bit.ly/1paUnZV
This presentations highlights the Cisco Security Architecture. For more information Cisco's security products and solutions please visit our website here: http://www.cisco.com/web/CA/products/vpn.html
Supply Chain Threats to the US Energy SectorKaspersky
This presentation by Cynthia James discusses steps to take towards cyber-securing the supply chain of Energy sector organizations in the U.S. From the biggest challenges to a review of regulation and compliance guidelines, this deck covers three areas of Energy: nuclear, electric and "other".
Cynthia James is a CISSP (Certified Information Systems Security Professional) and frequent presenter for the TABD group at Kaspersky Lab, global provider of cybersecurity solutions. With 9 years of experience in the cybersecurity space, Cynthia is a regular speaker on the subject and has authored a book on cybercrime: “Stop Cybercrime from Ruining Your Life".
Tools for Evaluating Mobile Threat Defense SolutionsSkycure
View recorded webinar - http://get.skycure.com/evaluating-mobile-threat-defense-solution
Get the tools and information you need to make the evaluation process of Mobile Threat Defense solutions easier and ensure your success.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Kaspersky Lab, one of the world’s fastest-growing cybersecurity companies and the largest that is privately-owned, presents a short story about the company - its Values, Business, Solutions, i.e. what we think and strive for in our business, how we develop our technologies and solutions to protect our customers and people around the globe against cyberthreats, as well as the results we've managed to achieve.
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...Skybox Security
If you’re tasked with keeping your enterprise network infrastructure secure against cyber attacks, then you’d better start thinking like a hacker. Do you know what your network looks like? Where are all the access points? Can you create a short list of the most vital vulnerabilities a hacker could exploit? And how long does it take you to get this info? Days? Weeks? Never?
In this webcast, we will discuss a practical game plan to continuously monitor your cyber security status and proactively fix concerns before they become a data breach or attack. Learn how to minimize risks by combining a detailed understanding of your network topology, cyber threats, and likely attack scenarios with everyday security management processes. This webcast is appropriate for firewall and network administrators, IT security managers, and CISOs in medium to large business and government agencies.
We will examine:
• Network mapping – How to create a virtual network model to use for security architecture planning and policy compliance checks
• Access analysis – Ways to identify all network access routes , to block unauthorized access and quickly troubleshoot network availability issues
• Securing the perimeter – Enable daily checks of firewalls and network devices to keep them configured securely
• Attack simulation – Find and fix the vulnerabilities most likely to be used in an attack – every day
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesSkybox Security
“How secure are we?” “What's our strategy for advanced threats?” “How do we manage changes?” “What should we focus on?” “How is risk changing over time?” These are the difficult questions that IT security and network operations professionals face daily. The answer is in your data. Risk analytics is critical to answering the questions you face every day, opening new paths to find and prioritise vulnerabilities, quickly find firewall rule errors, and determine potential threats before they can be exploited.
This presentation is targeted at enterprise IT professionals looking to add security metrics and analytics into their security program.
- Understand why the existing approaches, processes and technologies for IT security get less effective over time
- Know what metrics and analytics are missing from your current strategy
- Recognise how risk analytics can be used to automate and secure your network devices
- Understand how vulnerability management process can be optimized with risk analytics - See how a risk analytics platform can impact an organisation
Despite advances in security, hackers continue to break through network defenses. In this hour-long webinar, network security specialist Catherine Paquet will examine the favorite methods and targets of hackers and will introduce you to the different categories of security technologies. In this foundational presentation, you will learn about the benefits of security solutions such as firewalls, VPNs, IPS, identity services and BYOD.
Network security specialist Catherine Paquetl fills you in on advanced threat protection that integrates real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention, Sourcefire.
ABOUT THE PRESENTER
Catherine Paquet, CCSI, CCNP Security, CCNP Routing and Switching, is a network security specialist. She began her internetworking career as a LAN manager, then MAN manager, and eventually became a nationwide WAN manager with the Department of National Defence. Paquet lectures around the world on security topics, including firewalls, VPNs, intrusion prevention, identity systems, email and Web security, and router and switch security. During her spare time, she authors Cisco Press books, and she volunteers as a network security analyst to nonprofit organizations. Paquet attended the Royal Military College Saint-Jean (Canada) and holds an MBA in Management Information Systems (MIS) from York University.
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...patmisasi
Responding to cyber incidents is not what it used to be, the landscape has changed considerably; proactive response now requires the use of many tools and extensive coordination and expertise. Adding to the complexity is the common confusion between IR and forensics. Where does forensics begin and incident response start? What incidents require forensic investigation? And what should you know to pull the pieces together?
Embarking on creating an incident response (IR) program can be challenging and frustrating. This presentation discusses that in order to adequately prepare for security incidents you need an IR framework that can lay the foundation for your IR plan and in turn help describe attacks. Describing attacks is important because you cannot respond to what you cannot identify.
VERIS will be used as an example framework to help you along your path in creating a successful cyber response program.
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Decisions
On April 15, 2015, Scalar hosted our Security Roadshow in Toronto where we'll be focused on defence in three key areas - endpoint, application, and network. Led by our team of experts, these quick-fire, interactive sessions will arm you with the knowledge you need to improve your cyber security posture in some of the most common areas of vulnerability.
Defend the Endpoint with Bromium
Bromium is a new security protection tool for the host that relies on task-based virtualization. In this demo we'll look at how Bromium runs and protects the endpoint. We'll invite 0days from the audience and bring our own to show how the system really works. Much like how each virtual server is contained in a hypervisor, with Bromium each individual task on a host is contained in its own task-based virtual container. If you’ve ever looked at the Windows Task Manager, or the output of a Unix ‘ps’ process list, imagine if each group of processes, that makes up the task, was contained in its own hypervisor. That can be 40-50 tasks or more, each isolated in its own little hypervisor with no real access to the host.
Why is task virtualization helpful? By keeping each task in its own hypervisor, Bromium gives you a bottoms-up view of each individual task’s behaviour – without impacting system performance. If each process is contained in its own hypervisor, it’s easy to see when a process begins spawning other activities or creating any unusual traffic. Basically, it can very easily identify anything shifty. This is the most granular level of inspection you can get at a host level – Bromium is there at the very beginning when the virus begins to execute.
Defend the Application with WhiteHat
In this session we will look at a newer approach to application security and penetration testing, which combines persistent and automated testing processes to continuously monitor applications for vulnerabilities, as well as deep inspection of the business logic by trained specialists. This approach exceeds newer PCI 3 requirements and provides ongoing assurance that web application vulnerabilities are quickly detected and tracked to remediation.
We'll walk through the WhiteHat Security client management portal and discuss the WhiteHat methodology that can now be used, by you, to leverage the 150+ application specialists at WhiteHat to build a continuous application assessment process for your company's active web applications and software development teams.
Defend the Network with LogRhythm
As the security landscape changes, Security Information and Event Management (SIEM) tools that detect and investigate security breaches and threats have become increasingly complex to implement, integrate, and support. Inefficient solutions leave organizations slow to defend against and respond to complex attacks.
LogRhythm’s Security Intelligence Platform has removed the complexity from SIEM, while leveraging real-time threat intelligence with behavioural an
Presentations from the Toronto Stop of the Scalar Security Roadshow on March 4, covering technologies from Palo Alto Networks, F5, Splunk, and Infoblox.
Session delivered by Scalar on Network Functions Virtualization. NFV allows for:
Rapid Service Deployment
– Ability to template and image NFV devices
– Deployment is as easy as copying an image and
spinning up a new VM
– Integration with Orchestration Stack
Elasticity
– Ideal for situations where temporary but large
scale increases in traffic and services exist
Lower Deployment Costs
– No additional hardware to purchase, as long as
resources exist in virtual environment
Scalar Decisions: Emerging Trends and Technologies in Storagepatmisasi
From a Feb 2014 TGIF Lunch and Learn event in Toronto, @Scalardecisions' Solution Architect Neil Bunn discusses key emerging trends in storage, (Flash, Object Storage, and Software Defined Storage.) including both concepts and vendor technologies applicable to each major theme.
TGIFs are FREE, technical sessions, helping our community understand architecture and deployment best practices
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
This session will provide details on the new law and its requirements, as well as address the current threat landscape, summarize existing data security laws in the U.S., discuss the new EU cyber directive, and continued impact of the Safe Harbor decision. We will disentangle these regulatory changes and challenges and provide tips and tricks for compliance.
EMC XtremIO and EMC Isilon scale-out architectures make them an ideal fit to handle the demanding Splunk requirements around intensive workloads. EMC brings the same enterprise-class data services to Splunk that earned them best of breed status across the board in area such Scale-Out NAS storage, data protection, compliance and performance tiering.
Connect the Dots: Draw a Clear Picture of Social’s Impact on Business ResultsSpredfast
Every company has objectives for business growth. Social marketing should support these key goals. And measurement of social marketing efforts should speak directly to goal-based results. Learn how socially mature organizations are connecting the dots between social measurement and bottom line business results. Understand the principles guiding these efforts and see how social is being integrated with other areas (and systems) across the business.
2013 Overview of Scalar Decisions. Scalar Decisions is the Canadian leader in delivering innovative IT solutions focused on the data centre. Our practice focus is around virtualization & cloud, data management, networks and security. Our deliverables are built upon designing world class systems for our clients, deployment through services, validation of those designs and finally the ongoing monitoring and management of those systems. Recognized on the PROFIT list of the fastest-growing companies in Canada for the last four years (since we became eligible in year 5 of our business). In 2013, we were 94 on the overall list, but 15 within the IT industry, and one of the highest-revenue companies overall.
Canadian company with nationwide presence
Number 15 on the CDN List of Top 100 Solution Providers
Also named #46 on Branham300 of Canada’s leading ICT companies
We have a deep technical bench, we are not a call centre shipping product, we position ourselves as an extension of your business, and have the team in place to back this up
Though Scalar is in its 10th fiscal year, our founders have been doing this since 1990 when they were running Enterprise Technology Group (ETG). Since then that team has delivered over $1BN in mission-critical infrastructure.
Core infrastructure is our background, our experience, and the primary focus of what we do – it underpins our business.
As infrastructure has changed with the industry to be spread across public, private, hybrid etc, our customer needs have changed, and therefore so does our portfolio and focus. Today, we focus on building core infrastructure and then assisting our clients in securing it, ensuring it is running well (performance), and managing it (control).
Though core infrastructure is the delivery vehicle for all applications, we do not deal at the application layer – We deal with security, performance, and control only as they relate to core infrastructure. This focus allows us to be the very best at what we do.
We answer the questions:
Core Infrastructure – How to Build It?
Security – How to secure it?
Performance – How is it running?
Control – How to manage it?
Presentation from the 2016 Scalar Security Study Roadshow, highlighting the findings from the second annual Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, which examines trends among Canadian organizations in dealing with growing cyber threats.
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
Real World Threat Hunting
Security threats have grown from network annoyances to attacks on sensitive infrastructure; penetrating network perimeters, moving laterally within networks, breaching new device types, and cloaking movements. This presentation will share techniques utilized by Cisco to detect and investigate sophisticated, embedded threats.
The speaker, who has conducted monitoring and investigations on customer networks, will review recent real attacks observed on customer networks, from discovery to remediation, and provide lessons learned. These interactive case examples will highlight how to identify these threats using security intelligence, expert staff, and the Cisco OpenSOC platform.
Examples of attacks and illustrations:
* Sophisticated phishing attacks targeted at customer environments.
* Breaches and data exfiltration resulting from the high-profile HeartBleed and Shellshock vulnerabilities.
* Sophisticated malware targeting financial institutions with the goal of data theft.
* Use of full packet capture to identify data exfiltration.
Three Secrets to Becoming a Mobile Security SuperheroSkycure
View recorded webinar here - http://hubs.ly/H03W-Ns0
Learn the secrets of one mobile security superhero as he details his journey to defend his organization, the 2nd largest beverage distributor, against mobile threats.
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
James Brown, Director of Cloud Computing & Security Architecture, Alert Logic covers:
• The shared security model: what security you are responsible for to protect your content, applications, systems and networks vs AWS.
• Overview of the OWASP Top 10 most critical web application security risks (such as SQL injections)
• Best practices for how to protect your environment from the latest threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsEmulex Corporation
Data centers move exabytes of data through their networks. This explosive growth in network traffic has put demands on data centers to adapt and add new technologies and standards to keep pace and make information easily accessible. Our personal information, company IP assets and sensitive data run across these networks that are constantly under persistent and malicious cyber attacks to look for vulnerabilities in their networks. IT security teams have to protect complex networks that are growing in size and complexity. They call for a new approach to gaining full – rather than partial – visibility into network behavior to stop downtime losses and data leaks.
By providing 1 to 1 NetFlow generation then collecting the data and analyzing the flow records is essential in time-to-resolution (TTR). To help you take full advantage of valuable NetFlow data for use in network security management, Emulex and Lancope have created a best-in-class network and security solution that allows you to quickly and continuously monitor the makeup of the traffic traversing your network.
In this webinar, we’ll explore why network security management is crucial in managing functionality and visibility of an organization’s network infrastructure and how Emulex helps address these deployment requirements. We'll also explore what matters most when network security is breached, and share some best practice insights gleaned from working with customers that run some of the largest and most critical data networks on the planet.
David Cass discusses the role of security and how best practices can be used to accelerate cloud adoption and success.
Learn more by visiting our Bluemix Hybrid page: http://ibm.co/1PKN23h
Speaker: David Cass (Vice President, Cloud and SaaS CISO)
Security and Virtualization in the Data CenterCisco Canada
The evolving complexity of the data center is placing increased demand on the network and security teams to come up with inventive methods for enforcing security policies in these ever-changing environments. The goal of this session is to provide participants with an understanding of features and design recommendations for integrating security into the data center environment. This session will focus on recommendations for securing next-generation data center architectures. Areas of focus include security services integration, leveraging device virtualization, and considerations and recommendations for server virtualization. The target audience are security and data center administrators.
Protecting health and life science organizations from breaches and ransomwareCloudera, Inc.
3 Things to Learn About:
* 1. Ransomware is a particular problem and currently the highest priority for healthcare organizations. Machine learning can use the structure of a malicious email to detect an attack even before the email is opened.
* 2. Big data architectures provide the machine-learning models with the volume and variety of data required to achieve complete visibility across the spectrum of IT activity—from packets to logs to alerts.
* 3. Intel and industry partners are currently running one-hour, complimentary, confidential benchmark engagements for HLS organizations that want to see how their security compares with the industry .
Migrating Critical Applications to the Cloud - isaca seattle - sanitizedUnifyCloud
The magnitude of the migration effort to the Cloud, the complexity of both customized apps and Cloud environments, and the requirement for ongoing app-level monitoring suggests the need for what Gartner calls a “programmable security infrastructure capable of supporting security policy ‘toolchains’.”
In a confusing web world of "Like" buttons, tweets, Instagram'ing, and files being stored in clouds like Dropbox, organizations are challenged with how to protect the network, while not hindering business. To make matters worse, vendors are confusing the deployment methods by introducing On Premise Web Security Gateways, Cloud Web Security Gateways and Next Generation Firewalls.
This RVAsec presentation by Black Duck Software's Bill Weinberg explores the role of and requirements for secure development and deployment with open source software.
Companies realize, to be successful, they must transform and deliver an enriched and full experience for both customers and the employees by:
• Integrating the entire business to deliver the results the customer and employee want, at every touch point.
• Establishing a frictionless enterprise platform, governed by a new, flexible operating model with adaptive and easily configurable processes and systems.
Digital Transformation: Enriching the user experience through strategy, process, people, and technology.
Highlights of the 2017 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations. The third annual Scalar Security Study examines the cyber security readiness of Canadian organizations and the trends in dealing with growing cyber threats.
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
Executive Summary of the 2016 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2016. The full report can be downloaded at: scalar.ca/security-study-2016/
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...Scalar Decisions
Highlights of the 2016 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2016. The full report can be downloaded at: scalar.ca/security-study-2016
CloudForms is a comprehensive IaaS cloud management platform that improves your virtual and cloud infrastructures with advanced capacity planning and resource management features.
Scalar & RedHat present a technical session to learn about CloudForms as the experts in cloud management!
Discussion Topics:
Red Hat and the Open Hybrid Cloud
Cloud Management & Orchestration using Cloud Forms
XtremIO finally delivers the breakthrough scale-out architecture, consistent performance, data reduction, thin provisioning, and manageability you’ve been waiting for in an enterprise flash array.
Hyperconverged Infrastructure: The Leading Edge of VirtualizationScalar Decisions
Hyper-convergence is today's leading edge of virtualization. Technologies have entered the market that have greatly simplified the deployment and maintenance of virtualized workloads. In this session, we will discuss the complexity associated with these types of highly virtualized environments and the modern approaches to reducing it.
Presentation from Scalar and NetApp discussing why CDOT is the promised land of storage and the future of NetApp, followed by a walk-through of the path to CDOT by one of Scalar's technical thought leaders.
The Cyber Security Readiness of Canadian OrganizationsScalar Decisions
Highlights of the 2015 Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, published February 2015. The full report can be downloaded at: http://hubs.ly/y0tFbr0
Where Technology Meets Medicine: SickKids High Performance Computing Data CentreScalar Decisions
Case study look at the work Scalar conducted on the High-Performance Computing Data Centre at the Hospital for Sick Children (SickKids). The system is able to do 107 trillion calculations per second - one of the largest systems dedicated to health research.
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am GamesScalar Decisions
Toronto will soon host the largest international multi-sport Games in Canada, when more than 7,600 athletes from 41 countries across the Americas will compete at the TORONTO 2015 Pan Am/Parapan Am Games. Understandably,
IT security is top of mind for the Organizing Committee (known as TO2015). The event will rely on a number of applications and web portals, which include an interactive volunteer portal, athlete accreditation management
tools and a travel logistics site. Securing the data centre where these applications reside is of critical importance, ensuring risks are mitigated, threats are prevented and regulatory requirements are met.
Large-scale virtual desktop infrastructure for Sheridan College addresses multiple use cases, and contributes to College's goal to reduce energy consumption by 50% over the next 5 years.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
48. pe·rim·e·ter
1.the continuous line forming the boundary of a closed geometric figure.
"the perimeter of a rectangle"
synonyms: circumference, outside, outer edge
"the perimeter of a circle"
the outermost parts or boundary of an area or object.
"the perimeter of the garden"
synonyms: boundary, border, limits, bounds, confines, edge, margin, fringe(s),
periphery, borderline, verge; More
a defended boundary of a military position or base.
In Networking we call it…DMZ
50. Defense in depth
The principle of defense-in-depth is that layered security
mechanisms increase security of the system as a whole. If an
attack causes one security mechanism to fail, other mechanisms
may still provide the necessary security to protect the
system……Implementing a defense-in-depth strategy can add to
the complexity of an application, which runs counter to the
“simplicity” principle often practiced in security. That is, one could
argue that adding new protection functionality adds additional
complexity that might bring new risks with it.
https://www.owasp.org/index.php/Defense_in_depth
52. Perimeter Security Technologies
A long time ago… and then… present day… and now with F5!
Firewalls started out as
proxies
Stateless filters
accelerated firewalls, but
weakened security
Stateful firewalls added
security with deep
inspection, but still fall
short of proxies
F5 brings full proxy back
to firewalls: highest
security matched by a
high-scale and high-performance
architecture
F5 Agility 2014 52
53. Protecting against Threats is challenging
Webification of apps Device proliferation
71% of internet experts predict
most people will do work via web
or mobile by 2020.
95%of workers use at least
one personal device for work.
130 millionenterprises will
use mobile apps by 2014
Evolving security threats Shifting perimeter
58%of all e-theft tied
to activist groups.
81%of breaches
involved hacking
80%of new apps will
target the cloud.
72%IT leaders have or will
move applications to the cloud.
F5 Agility 2014 53
57. BIG-IP Application Security Manager
BIG-IP ® ASM™ protects the applications your business relies on most and scales
to meet changing demands.
Multiple deployment
options
Visibility and
analysis
Comprehensive
protections
• Standalone or ADC add-on
• Appliance or Virtual edition
• Manual or automatic policy
building
• 3rd party DAST integration
• Visibility and analysis
• High speed customizable syslog
• Granular attack details
• Expert attack tracking
and profiling
• Policy & compliance reporting
• Integrates with SIEM software
• Full HTTP/S request logging
• Granular rules on every HTTP
element
• Client side parameter
manipulation protection
• Response checks for error &
data leakage
• AV integrations
F5 Agility 2014 57
58. Comprehensive Protections
BIG-IP ASM extends protection to more than application vulnerabilities
L7 DDOS
Web Scraping
Web bot
identification
XML filtering,
validation &
mitigation
XML Firewall
Geolocation
blocking
ICAP anti-virus
Integration
ASM
F5 Agility 2014 58
59. Network Threats
Application
Threats
90% of security investment focused here Yet 75% of attacks are focused here
Attack Vectors
TCP SYN Flood
TCP Conn Flood
DNS Flood
HTTP GET Flood
Attack Vectors
HTTP Slow Loris
DNS Cache Poison
SQL Injection
Cross Site Scripting
F5 Agility 2014 59
62. Who’s Requesting Access?
Employees Partner Customer Administrator
Manage access based on identity
IT challenged to:
• Control access based on user-type and role
• Unify access to all applications (mobile, VDI, Web, client-server, SaaS)
• Provide fast authentication and SSO
• Audit and report access and application metrics
F5 Agility 2014 62
63. Security at the Critical Point in the Network
Physical
Virtual
Cloud
Storage
Total Application Delivery Networking
Services
Clients Remote
access
SSL
VPN
APP
firewall
F5 Agility 2014 63
64. BIG-IP APM Use Cases
Secure Web Gateway
Accelerated Remote
Access
Internet Apps
Enterprise Data
& Apps
Federation
Single Sign-on
Cloud, SaaS,
and Partner
Apps
Internet
VDI App Access Management
Exchange
Sharepoint
Oracle
Web
VPN
BIG-IP APM
F5 Agility 2014 64
65. Which Threat mitigation to use?
Content Delivery Network
Carrier Service Provider
Cloud-based DDoS Service
Cloud/Hosted Service
Network firewall with SSL inspection
Web Application Firewall
On-premise DDoS solution
Intrusion Detection/Prevention
On-Premise Defense
F5 Agility 2014 65
67. Full Proxy Security
Client / Server
Web application
Application
Session
Network
Physical
Application health monitoring and performance anomaly detection
HTTP proxy, HTTP DDoS and application security
SSL inspection and SSL DDoS mitigation
L4 Firewall: Full stateful policy enforcement and TCP DDoS mitigation
Client / Server
Web application
Application
Session
Network
Physical
F5 Agility 2014 67
68. F5 Provides Complete Visibility and Control
Across Applications and Users
DNS Web Access
Intelligent
Services
Platform
Users
Securing access to applications
from anywhere
Resources
Protecting your applications
regardless of where they live
Dynamic Threat Defense
DDoS Protection
Protocol Security
Network Firewall
TMOS
F5 Agility 2014 68
69. PROTECTING THE DATA CENTER
Use case
Load
Balancer
Firewall/VPN
• Consolidation of
firewall, app security,
traffic management
Network DDoS
DNS Security
Balancer & SSL
• Protection for data
centers and
application servers
Application DDoS
Web Application Firewall
Load
• High scale for the
most common
inbound protocols
Before f5
with f5
Web Access
Management
F5 Agility 2014 69
70. F5 Bringing deep application fluency to Perimeter security
One platform
SSL
inspection
Traffic
management
DNS
security
Access
control
Application
security
Network
firewall
EAL2+
EAL4+ (in process)
DDoS
mitigation
F5 Agility 2014 70
71. Application (7)
Presentation
(6)
Increasing difficulty of attack detection
DDoS MITIGATION
Physical (1) Data Link (2) Network (3) Transport (4) Session (5)
Network attacks Session attacks Application attacks
OWASP Top 10 (SQL
Injection, XSS, CSRF,
etc.), Slowloris, Slow
Post, HashDos, GET
Floods
SYN Flood, Connection Flood, UDP Flood, Push and ACK
Floods, Teardrop, ICMP Floods, Ping Floods and Smurf
Attacks
BIG-IP ASM
Positive and negative
policy reinforcement,
iRules, full proxy for
HTTP, server
performance anomaly
detection
DNS UDP Floods, DNS Query
Floods, DNS NXDOMAIN Floods,
SSL Floods, SSL Renegotiation
BIG-IP LTM and GTM
High-scale performance, DNS
Express, SSL termination, iRules,
SSL renegotiation validation
BIG-IP AFM
SynCheck, default-deny posture, high-capacity connection
table, full-proxy traffic visibility, rate-limiting, strict TCP
forwarding.
Packet Velocity Accelerator (PVA) is a purpose-built,
customized hardware solution that increases scale by an order
of magnitude above software-only solutions.
OSI
stack
F5 mitigation technologies
OSI
stack
F5 mitigation technologies
F5 Agility 2014 71
72. How do I implement
perimeter Security with
F5?
73. Reference Architectures
DDoS
Protection
S/Gi
Network
Simplificatio
n
Security for
Service
Providers
Application
Services
LTE
Roaming
Migration
to Cloud DevOps
Secure
Mobility
DNS
Cloud
Federation
Cloud
Bursting
F5 Agility 2014 73
INSTRUCTIONS – These first 8 slides are very short, and paint a picture of who Scalar is (size, reach, background). You can go through them at any speed but they were designed to be spoken to pretty quickly. Most slides have just one or two main points, so not much to say.
SPEAKER NOTES
From our 2 founders we’ve grown to 145 full time employees nationally (as of July 1 2014)
MORE THAN 80 ENGINEERS!!
All these employees share the focus on data centre & internet related infrastructure
NOTE – In keeping with the numbers theme, you can say “Another number – 145 – that’s the number of employees we have”
INSTRUCTIONS – These first 8 slides are very short, and paint a picture of who Scalar is (size, reach, background). You can go through them at any speed but they were designed to be spoken to pretty quickly. Most slides have just one or two main points, so not much to say.
SPEAKER NOTES
“54% - our compound (or cumulative, whichever you prefer) annual growth rate since we started in 2004”
INSTRUCTIONS – None.
SPEAKER NOTES
We are recognized for our expertise by our partners. Our expertise translates into trust, confidence, and success.
TO ACHIEVE CONTINUOUS ADVANCED THREAT PROTECTION, YOU NEED THE BEST RESEARCH CAPABILITIES AND EXPERTISE TO DELIVER THE BEST DETECTION ON THE PLANET.
IT ALL STARTS WITH OUR VULNERABILITY RESEARCH TEAM (VRT)
THE VRT AT CISCO IS A TEAM OF HIGHLY EXPERIENCED SECURITY EXPERTS WHOSE CORE MISSION IS TO INFUSE THE MOST UP TO DATE DETECTION INTO OUR ADVANCED THREAT PROTECTION
WE POSSESS A DISTINCT ADVANTAGE OVER ALL OTHER COMPANIES IN THE INDUSTRY.
WE OWN AND CONTROL TWO OF THE MOST POPULAR OPEN SOURCE SECURITY PROJECTS IN THE WORLD: SNORT AND CLAM AV
THESE OPEN SOURCE PROJECTS ARE A GOLDMINE OF EXPLOIT INTELLIGENCE – MILLIONS OF USERS, ALL OVER THE WORLD, ARE CONTRIBUTING INTELLIGENCE TO THE VRT EVERY DAY
WE ALSO SUBSCRIBE TO MANY PRIVATE AND PUBLIC FEEDS OF INTELLIGENCE, AS WELL AS PARTICIPATE IN INFORMATION SHARING WITH GOVERNMENTS AND COMPANIES ACROSS THE GLOBE
AS A CONSEQUENCE WE RECEIVE OVER 100,000 SAMPLES OF ATTACKS AND MALWARE EVERY DAY! AND YOUR SECURITY IS ONLY AS GOOD AS WHAT IT CAN SEE, UNDERSTAND, TAKE ACTION ON – IN REAL-TIME BUT ALSO RETROSPECTIVELY.
With Cisco ASA, all the different layers of security you see at the bottom of this slide work together, so we’re able to pull intelligence from these layers. Unlike traditional solutions, we layer security intelligence, for greater visibility and to protect against threats coming from multiple vectors across the attack continuum.
With our unique approach, all the solution parts know about each other. For example, the firewall knows about the IPS and its policies, the IPS sees data coming through the firewall, and the malware engine correlates its events with the IPS events.
Cisco FireSIGHT’s comprehensive impact assessment relies on information from passive discovery, including OS, clients, and server applications. It allows analysts to focus on the smaller subset of events they could be vulnerable to.
[NEED ADDITIONAL SPEAKER NOTES?]
Steve: Try to consolidate Impact Assessment + IOCs onto one slide
File extraction, and storage
For forensic, quarantine, and policy purposes
Example: “Store copies of all Neutral and Malicious EXE files downloaded from the internet by call center staff”
Sandbox execution of files to discover Zero-day malware
Capture file in transfer
Execute in sandbox
Trigger Retrospective events
Speak about the definition as it pertains to keep people out. Talk to most Apps are web based and you really want to get people IN. No longer is the DMZ for standonle systems its now a integral part of the network.
Speak about the definition as it pertains to keep people out. Talk to most Apps are web based and you really want to get people IN. No longer is the DMZ for standonle systems its now a integral part of the network.
Attackers are moving up the stack to not only deny service, but compromise the application infrastructure in more damaging ways. As an infosec industry, we’ve gotten pretty good at securing the network and placing good sensors and signaling to let us know when we’re under attack. Attackers are forced to move onto DNS, SSL, and HTTP to attempt to compromise a targeted organization in one way or another.
Without all three of these layers functional, it becomes difficult or even impossible to make an application available to the intended end-user.
With ASM you gain the ability to deploy effective advanced firewall measures for all applications.
BIG-IP ASM can secure any parameter from manipulation and validate login parameters and application flow. Upon inspection of requests, ASM can identify HTTP parameter pollution and block attacks and illegal URL requests.
Volumetric and rate limits enforces limits set for suspect traffic and invalid traffic conditions common to DDoS. Anomalies are detected when a large number of sessions or requests are from a specific IP address, and a large increase of sessions or requests from a specific IP address. This is common to web scraping.
BIG-IP ASM differentiates between a human and a bot behind a browser, recognizing an increase in request volumes and for web scraping distinguishing known whitelisted IP addresses approved to web scrape from those unknown.
ASM includes an integrated XML firewall that detects and prevents XML specific attacks such as extremely large messages, highly nested elements, coercive parsing, recursive parsing, schema and WSDL poisoning, and routing based attacks. All of which can overwhelm servers and cause an outage. ASM reports violations against a defied schema and blocks violations.
.
BIG-IP ASM provides anti-virus support by striping uploaded SOAP and SMTP files from the HTTP request and forwarding the files to an antivirus server over ICAP. If the file is clean, the antivirus server responds to accept the request. If the file is not clean, BIG-IP ASM blocks the request to protect the network from virus intrusion.
Want to touch on:
You’ve heard about ISP
The purpose of this preso is provide more info on the security services
Before we do that let’s talk about some technology trends
Mobility and elasticity of data centers (consolidation, webification, private & public clouds… data centers have changed)
Before ip we had sna, ipx
Each app had it’s own port
Now consolidating all these apps down to HTTPS
Complexity resides over HTTP
Impacting over all infrastructure
You may have read just a few months ago that even Symantec came out and said that AV is dead and cannot stop today’s modern attacks. This is backed up by all of the Gartner and Forrester analysts, who all recommend augmenting your traditional defenses.
All legacy security technologies rely on detecting malware or “known good” files to protect the endpoint.
Network Firewalls only allow unknown information into a network for a few types of programs, like the web browser and e-mail which are now the biggest risks.
Intrusion Prevention Systems require signatures for “known” attacks to be effective. “Unknown” attacks get through without a problem.
Gateways rely on “reputation systems” that attempt to determine if a web site or e-mail is “risky”. If the guess wrong the malware gets through.
PC Firewalls work just like network firewalls and have the same limitations, attacks targeted at e-mail or the web browser are allowed through.
Anti-virus systems use signatures or “heuristic algorithms” to detect known malware and have the same limitations of the network IPS.
Only hardware isolation is able to ensure that the endpoint remains immune to attacks as ALL data targeting the most risky programs, the browser and e-mail is prevented from actually getting to or running on the protected machine
Bromium is redefining the model of security. Over the last 20 plus years, the industry built up around detection-based methodologies, pattern-matching. Bromium is transforming this legacy model with a new model based on isolation and micro-virtualization. We were founded by the leaders of XenSource, who created the Xen hypervisor, now the foundational technology for cloud computing. Amazon and Google use it to power their cloud services, for example. We have the leaders in virtually every industry, such as Aetna, ADP, Blackrock, NYSE, Box, to name a few. We also have the 2 of the top 4 largest banks, 3 of the top 5 largest insurance companies, 2 of the top 5 largest private companies, etc….
There are many different advantages to the Bromium solution and every customer is different. Browsing is typically a major issue for every organization and the #1 source of breaches and Bromium delivers the most secure browsing experience available.
We have to be compliant!”
Auditing, regulators and compliance
Maturity Models
Risk Assessments
Frameworks
The Result?
Minimal effort on detecting the hackers and monitoring the data
One customers quote:
“We turned the IDS on last week. It was horrible. I haven’t looked at it since” “We only need to have it to be compliant anyway”
“We have a guy that manages the security for us” Really?
COBIT, ISO27001/2, ITIL
Large companies and Fis are doing their best. Even they are looking to partner. Cyber Intelligence is the new tool set
The Result?
Minimal effort on detecting the hackers and monitoring the data“
Infosec is hard
Many types of professionals needed
Analysts, Specialists, Incident responders, Anti-Malware Specialists, Forensics
Software and hardware tools, Labs
You cannot do this alone
- Find a partner who does this every day…all day
Get your teams up to speed
Plan/Budget to spend the money
You are going to have to fight for it
TRADITIONAL MODEL SPENDS MORE TIME AND MONEY ON PREVENTION
MITIGATES A MAJORITY OF PRIMITIVE THREATS
ALL IT TAKES IS ONE
REAL-TIME ACTIVITY: FROM IPS OR FIREWALL
LONG TERM PATTERNS: NETWORK TRAFFIC VOLUME, RECURRING VIRUSES
PATTERNS ACROSS PLATFORMS: FIREWALL > WEB SERVER > DATABASE
NOTES – THE NEXT SET OF SLIDES OUTLINE HOW WE CAN WORK WITH A CUSTOMER. THE SLIDES DESCRIBE BOTH A PROCESS (AUDIT, DESIGN, DEPLOY, MANAGE) AND OUR SERVICES (PS, MS, PRODUCT RESALE).
KEY MESSAGE – CONVEY TO THE CUSTOMER THAT WE CAN BE AS INVOLVED AS THEY WANT. WE CAN SET STRATEGY & WORK END TO END, OR WE CAN DEPLOY A TACTICAL SOLUTION AND LEAVE IT IN THEIR HANDS. UP TO THEM.
Two large Canadian banking institutions needed a technology partner to take them from a concept to a production environment in a few short months. They wanted to launch a new competitive mobile wallet platform, but had no resources to assign to the project, and nowhere to house the solution.
In 5 months, Scalar built and deployed a virtualized development environment in our elastic cloud, then designed and deployed multiple physical environments for testing and production. Working closely as a sales and services team, Scalar provides 100% of the ongoing 24x7 environment management and operations.
Scalar essentially helped two banks build a net new company before the ink was dry on their new business registration. Without Scalar, there is a good chance the project would not have gotten off the ground. The seamless integration with the architecture team, through the deployment, and into the ongoing management, Scalar acted with speed and agility to break down traditional barriers of building new IT environments, while maintaining low risk and high security (they are BANKS of course, with VERY high security demands)
Today Scalar continues to manage the platform, and continues to design new solutions, such as DR and archive solutions, as well as enhancing the development environment for our client.