SlideShare a Scribd company logo

TrendMicro: 從雲到端,打造安全的物聯網

Amazon Web Services
Amazon Web Services

This document discusses Trend Micro and its IoT security solution. It provides background on Trend Micro as a company founded in 1989 with over 5,000 employees globally. It then discusses the growing threat of IoT attacks and how the Trend Micro IoT Security solution provides security across the entire IoT device lifecycle from the device level to the cloud. Key capabilities of the solution include anomaly detection, vulnerability detection, and integrating with platforms like AWS Greengrass to enable secure edge computing.

Technology
1 of 23
Download to read offline
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Peter Yang, Sr. Product Manager June 7th 2017 從雲到端,打造安全的物聯網 Trend Micro IoT Security
趨勢科技
趨勢科技  Founded in 1989 (28 years), IT security dedicated company  5,258 employees, cover 30 countries, 60% (3,300+) are engineers  500,000 enterprise customer and 155 million endpoints globally  >$1 billion annual sales  Founded in U.S. Headquartered in Japan  Tokyo Exchange Nikkei Index (4704) | >$5 billion market cap  Customers include 45 of top 50 global corporations, and 100% of the top 10: Auto Telecom Banks Oil
Gartner Magic Quadrant for Endpoint Protection Platforms Feb 2016 This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from https://resources.trendmicro.com/Gartner-Magic-Quadrant-Endpoints.html Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Trend Micro TippingPoint® Named a Leader in 2017 Gartner Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS) Jan 2017
重大 IoT 駭客案例回顧
2009 2010 2011 2012 2013 2014 2015 2016 CarShark Software Lets You Hack Into, Control And Kill Any Car Tesla fixes bug after hackers hijack Model S Hackers remotely kill a Jeep on the highway • Recall of 1.4M vehicles • Cost of $140M+ Controlling vehicle features of Nissan LEAFs across the globe • Nissan shut down an app which controls Leaf cars Hackers take remote control of Tesla Model S from 12 miles away • Push Tesla to provide new firmware for bug fix Researchers reveal methods behind car hack (2010 Ford Escape) at Defcon Hack into the OnStar telematics system of a 2009 Chevrolet Impala • GM TOOK 5 YEARS TO FIX FULL CONTROL HACK IN MILLIONS OF VEHICLES EQUIPPED WITH ONSTAR Flaws in 2.2M BMW ConnectedDrive Infotainment System allow remote hack OnStar hack remotely starts cars • GM fix the RemoteLink App download 3M+ times Hackers compromise Prius, seize control of wheel, brakes and more Friendly Hackers Exploit Loophole to Disable Alarm on Mitsubishi Outlander Car Hacking
IoT DDoS 攻擊事件簿 Dyn 2016/10/21 KrebsOnSecurity 2016/9/20 Jun, 2016 2014 OVH 2016/9/21 Mirai 殭屍 網路程式 碼公開 75萬封垃圾 郵件 (家電) 5萬次/秒 HTTP連線要求 (2萬5千台 CCTV) 620Gbs DDoS攻擊 (18萬台IoT設備) 14.5萬台IoT設備 發動DDoS攻擊 49.3萬台IoT 發動1.2Tbs DNS DDoS IoT 裝置 = 受害者 + 幫凶
問題的根源以及解決方式
IoT 終端裝置的安全考量 雲端終端雲端
IoT 終端裝置威脅來源 • Insecure Design/Code • Third Party Libraries • Existing Vulnerabilities Open Network Ports (WannaCry) • Insecure Network Protocols • Insecure FOTA/SOTA Poor Authentication/Authorization (Mirai) • Undetected File Changes • Undetected Process Behavior
Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update ..….............. Retiring First cycle Second cycle N cycle Last cycle Termination Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Next Cycle IoT 終端設備生命週期
IoT 終端設備生命週期及保護 Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Next Cycle (Secure) FOTA Secure Boot Firmware Check Reduce the Attack Surface Health / Risk Check Block Attack Attempts Trend Micro FocusPlatform Provider Platform Provider TMIS
File Integrity & App Whitelisting System Vulnerability Self Protection (Whitelist lockdown) Network Protection (IPS) Security Management Console Risk Detection System Protection Incident Response TMIS IoT Security SDK/API 1 2 3 Network Behavior Anomaly Trend Micro IoT Security 功能概述 須於產品開發 階段整合
TMIS 架構及設計理念 Security Service Security Management Endpoint SDK/ API Learning Device Behavior Global Threats Intelligent Behavior Baseline Anomaly Detection Engine Security Attestation Logs Baseline (WL) Management Protection Rule Management Alert/Report Responder Protection Rule Execution Behavior Collector Feedback Validate 最小化終端負擔 (運算, 儲存, 耗電…) 最大化雲端效用 (全球威脅搜集, 機器學習,準確性, 即時回應) 全面整合控管 (終端安全管理, 視覺化威脅分析, SOC整合)
客戶案例分享
使用 TMIS 保護關鍵物聯網終端裝置 CoralEdge Box 利用弱點攻擊 (或是Mirai案例) 入侵 IoT 終端 • 竊取機密監控影片 • 銷毀監控影片 • 癱瘓監視器 • …. • NAD • File Integrity • App WL Virtual Patch TMIS
Anomaly Detection Make sure all IoT devices still work as originally design. Vulnerability Detection & Virtual Patch Understand whether IoT devices were exposed to the latest threats and take action to protect them. Detail the cyber security status of the firmware. Find an anomaly of IoT devices, track trends of the anomaly, and plan the next fix or take mitigate actions. TMIS 管理平台
Unusual IP Unusual Access Timing Unusual Data Usage
檢視你的 IoT 裝置
Class 1 Class 2 Class 3 Class 4 Control unit MCU (8 bit/16bit) MCU (32bit) MPU (32bit) GPU, MPU, CPU (32bit/64bit) OS Non Low cost RTOS RTOS/Embedded Linux Embedded Linux/Android/Full feature RTOS/Win 10 IoT Core Network ZigBee, NFC, Bluetooth Cellar, Wi-Fi Ethernet, Wi-Fi Wi-Fi with other multiple network protocols Application Lighting, Wearables, Thermostats Medical devices, low-end network appliances, telematics Larger/ expensive medical or industrial automation devices; robotics; vending machines Gateways, high-end medical devices, military devices, autonomous driving car IoT Device Security Root of Trust HW SE (Secure Element) HW/SW PKI HW/SW PKI PKI/TPM TMIS (Function) Risk Detection (Planning) Risk Detection (Planning) Risk Detection/System Protection Risk Detection/System Protection TMIS (Method) Restful API (Planning) Restful API (Planning) SDK (Agent) SDK (Agent) OTA/Roll back OTA OTA OTA/Roll back OTA/Roll back DeviceLifeCycle IoT 終端裝置分類以及安全防護對策
以 AWS Greengrass 為例 TMIS
Cloud DATA + 雲端保護 SecurityIoTProtection VMEDGE DEVICES CLOUDDEVICES MANAGEMENT USAGE ENVIRONMENT IoT Devices Security 終端保護 + Security SecuritySecurity 趨勢科技與AWS打造雲到端的安全物聯網環境
Thank You Peter_yang@trend.com.tw

Recommended

No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 
Super Easy Memory Forensics
Super Easy Memory ForensicsSuper Easy Memory Forensics
Super Easy Memory ForensicsIIJ
 
Hydra
HydraHydra
Hydrapenetration Tester
 
Trace kernel code tips
Trace kernel code tipsTrace kernel code tips
Trace kernel code tipsViller Hsiao
 
WebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis Tool
WebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis ToolWebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis Tool
WebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis ToolJeffrey West
 
Meltdown & spectre
Meltdown & spectreMeltdown & spectre
Meltdown & spectreSergio Shevchenko
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsBrendan Gregg
 
RDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA Interconnects
RDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA InterconnectsRDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA Interconnects
RDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA Interconnectsinside-BigData.com
 

Recommended

No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 
Super Easy Memory Forensics
Super Easy Memory ForensicsSuper Easy Memory Forensics
Super Easy Memory ForensicsIIJ
 
Hydra
HydraHydra
Hydrapenetration Tester
 
Trace kernel code tips
Trace kernel code tipsTrace kernel code tips
Trace kernel code tipsViller Hsiao
 
WebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis Tool
WebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis ToolWebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis Tool
WebLogic's ClassLoaders, Filtering ClassLoader and ClassLoader Analysis ToolJeffrey West
 
Meltdown & spectre
Meltdown & spectreMeltdown & spectre
Meltdown & spectreSergio Shevchenko
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsBrendan Gregg
 
RDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA Interconnects
RDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA InterconnectsRDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA Interconnects
RDMA, Scalable MPI-3 RMA, and Next-Generation Post-RDMA Interconnectsinside-BigData.com
 
Malware analysis using volatility
Malware analysis using volatilityMalware analysis using volatility
Malware analysis using volatilityYashashree Gund
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machineAlexei Starovoitov
 
llvm 소개
llvm 소개llvm 소개
llvm 소개Minhyuk Kwon
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
Présentation du stockage RAID
Présentation du stockage RAIDPrésentation du stockage RAID
Présentation du stockage RAIDEmmanuel Florac
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewLinaro
 
TLS v1.3
TLS v1.3TLS v1.3
TLS v1.3Siddhartha Rao
 
A Journey into Hexagon: Dissecting Qualcomm Basebands
A Journey into Hexagon: Dissecting Qualcomm BasebandsA Journey into Hexagon: Dissecting Qualcomm Basebands
A Journey into Hexagon: Dissecting Qualcomm BasebandsPriyanka Aash
 
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編CRI Japan, Inc.
 
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARM
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARMSFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARM
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARMLinaro
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemRoss Wolf
 
LAS16 111 - Raspberry pi3, op-tee and jtag debugging
LAS16 111 - Raspberry pi3, op-tee and jtag debuggingLAS16 111 - Raspberry pi3, op-tee and jtag debugging
LAS16 111 - Raspberry pi3, op-tee and jtag debugging96Boards
 
Petit potam slides-rtfm-ossir
Petit potam slides-rtfm-ossirPetit potam slides-rtfm-ossir
Petit potam slides-rtfm-ossirLionelTopotam
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Linaro
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3Linaro
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network StackAdrien Mahieux
 
Oscp preparation
Oscp preparationOscp preparation
Oscp preparationManich Koomsusi
 
Using eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumUsing eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumScyllaDB
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialDalton Valadares
 
Pancreas Cancer
Pancreas CancerPancreas Cancer
Pancreas CancerRobert J Miller MD
 
Digital forensics track schroader-rob when forensics collide
Digital forensics track schroader-rob when forensics collideDigital forensics track schroader-rob when forensics collide
Digital forensics track schroader-rob when forensics collideISSA LA
 

More Related Content

What's hot

Malware analysis using volatility
Malware analysis using volatilityMalware analysis using volatility
Malware analysis using volatilityYashashree Gund
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machineAlexei Starovoitov
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
Présentation du stockage RAID
Présentation du stockage RAIDPrésentation du stockage RAID
Présentation du stockage RAIDEmmanuel Florac
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewLinaro
 
A Journey into Hexagon: Dissecting Qualcomm Basebands
A Journey into Hexagon: Dissecting Qualcomm BasebandsA Journey into Hexagon: Dissecting Qualcomm Basebands
A Journey into Hexagon: Dissecting Qualcomm BasebandsPriyanka Aash
 
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編CRI Japan, Inc.
 
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARM
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARMSFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARM
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARMLinaro
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemRoss Wolf
 
LAS16 111 - Raspberry pi3, op-tee and jtag debugging
LAS16 111 - Raspberry pi3, op-tee and jtag debuggingLAS16 111 - Raspberry pi3, op-tee and jtag debugging
LAS16 111 - Raspberry pi3, op-tee and jtag debugging96Boards
 
Petit potam slides-rtfm-ossir
Petit potam slides-rtfm-ossirPetit potam slides-rtfm-ossir
Petit potam slides-rtfm-ossirLionelTopotam
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Linaro
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3Linaro
 
Using eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumUsing eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumScyllaDB
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialDalton Valadares
 

What's hot (20)

Malware analysis using volatility
Malware analysis using volatilityMalware analysis using volatility
Malware analysis using volatility
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
 
llvm 소개
llvm 소개llvm 소개
llvm 소개
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
 
Présentation du stockage RAID
Présentation du stockage RAIDPrésentation du stockage RAID
Présentation du stockage RAID
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
 
TLS v1.3
TLS v1.3TLS v1.3
TLS v1.3
 
A Journey into Hexagon: Dissecting Qualcomm Basebands
A Journey into Hexagon: Dissecting Qualcomm BasebandsA Journey into Hexagon: Dissecting Qualcomm Basebands
A Journey into Hexagon: Dissecting Qualcomm Basebands
 
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編
SX1302ベース LoRaWAN HAT for Rasberry Pi - PG1302 - コマンドライン・インストール編
 
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARM
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARMSFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARM
SFO15-205: OP-TEE Content Decryption with Microsoft PlayReady on ARM
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find Them
 
LAS16 111 - Raspberry pi3, op-tee and jtag debugging
LAS16 111 - Raspberry pi3, op-tee and jtag debuggingLAS16 111 - Raspberry pi3, op-tee and jtag debugging
LAS16 111 - Raspberry pi3, op-tee and jtag debugging
 
Petit potam slides-rtfm-ossir
Petit potam slides-rtfm-ossirPetit potam slides-rtfm-ossir
Petit potam slides-rtfm-ossir
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
 
Oscp preparation
Oscp preparationOscp preparation
Oscp preparation
 
Using eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumUsing eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in Cilium
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build Tutorial
 

Viewers also liked

Digital forensics track schroader-rob when forensics collide
Digital forensics track schroader-rob when forensics collideDigital forensics track schroader-rob when forensics collide
Digital forensics track schroader-rob when forensics collideISSA LA
 
全面保護企業的關鍵智慧資產
全面保護企業的關鍵智慧資產全面保護企業的關鍵智慧資產
全面保護企業的關鍵智慧資產NVIDIA Taiwan
 
Deep Learning - CNN and RNN
Deep Learning - CNN and RNNDeep Learning - CNN and RNN
Deep Learning - CNN and RNNAshray Bhandare
 
Future of AI: Blockchain and Deep Learning
Future of AI: Blockchain and Deep LearningFuture of AI: Blockchain and Deep Learning
Future of AI: Blockchain and Deep LearningMelanie Swan
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017NVIDIA
 

Viewers also liked (6)

Pancreas Cancer
Pancreas CancerPancreas Cancer
Pancreas Cancer
 
Digital forensics track schroader-rob when forensics collide
Digital forensics track schroader-rob when forensics collideDigital forensics track schroader-rob when forensics collide
Digital forensics track schroader-rob when forensics collide
 
全面保護企業的關鍵智慧資產
全面保護企業的關鍵智慧資產全面保護企業的關鍵智慧資產
全面保護企業的關鍵智慧資產
 
Deep Learning - CNN and RNN
Deep Learning - CNN and RNNDeep Learning - CNN and RNN
Deep Learning - CNN and RNN
 
Future of AI: Blockchain and Deep Learning
Future of AI: Blockchain and Deep LearningFuture of AI: Blockchain and Deep Learning
Future of AI: Blockchain and Deep Learning
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017
 

Similar to TrendMicro: 從雲到端,打造安全的物聯網

Security Architecture for Cyber Physical Systems
Security Architecture for Cyber Physical SystemsSecurity Architecture for Cyber Physical Systems
Security Architecture for Cyber Physical SystemsAlan Tatourian
 
Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527August Lin
 
How to secure and manage modern IT - Ondrej Vysek
How to secure and manage modern IT - Ondrej Vysek How to secure and manage modern IT - Ondrej Vysek
How to secure and manage modern IT - Ondrej VysekITCamp
 
Highly dependable automotive software
Highly dependable automotive softwareHighly dependable automotive software
Highly dependable automotive softwareAlan Tatourian
 
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfNXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfssuser57b3e5
 
Connected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality CheckConnected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality CheckSecurity Innovation
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Micro Technologies India ltd
Micro Technologies India ltdMicro Technologies India ltd
Micro Technologies India ltdNehul Gupta
 
CE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the CloudCE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the CloudCase IQ
 
Automatizovaná bezpečnost – nadstandard nebo nutnost?
Automatizovaná bezpečnost – nadstandard nebo nutnost?Automatizovaná bezpečnost – nadstandard nebo nutnost?
Automatizovaná bezpečnost – nadstandard nebo nutnost?MarketingArrowECS_CZ
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...GARL
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAPNIC
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Barry Greene
 
IRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing SuiteIRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing SuiteIRJET Journal
 
2008 Trends
2008 Trends2008 Trends
2008 TrendsTBledsoe
 

Similar to TrendMicro: 從雲到端,打造安全的物聯網 (20)

Security Architecture for Cyber Physical Systems
Security Architecture for Cyber Physical SystemsSecurity Architecture for Cyber Physical Systems
Security Architecture for Cyber Physical Systems
 
Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527
 
How to secure and manage modern IT - Ondrej Vysek
How to secure and manage modern IT - Ondrej Vysek How to secure and manage modern IT - Ondrej Vysek
How to secure and manage modern IT - Ondrej Vysek
 
Fortinet k
Fortinet kFortinet k
Fortinet k
 
JacksonvilleJUG_CVE101.pdf
JacksonvilleJUG_CVE101.pdfJacksonvilleJUG_CVE101.pdf
JacksonvilleJUG_CVE101.pdf
 
Highly dependable automotive software
Highly dependable automotive softwareHighly dependable automotive software
Highly dependable automotive software
 
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfNXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
 
Fortinet broch
Fortinet brochFortinet broch
Fortinet broch
 
Connected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality CheckConnected Cars - Poster Child for the IoT Reality Check
Connected Cars - Poster Child for the IoT Reality Check
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Micro Technologies India ltd
Micro Technologies India ltdMicro Technologies India ltd
Micro Technologies India ltd
 
CE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the CloudCE Cybersecurity Trends and Strategies for Hosting in the Cloud
CE Cybersecurity Trends and Strategies for Hosting in the Cloud
 
Automatizovaná bezpečnost – nadstandard nebo nutnost?
Automatizovaná bezpečnost – nadstandard nebo nutnost?Automatizovaná bezpečnost – nadstandard nebo nutnost?
Automatizovaná bezpečnost – nadstandard nebo nutnost?
 
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrighton
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
 
Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
 
IRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing SuiteIRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing Suite
 
2008 Trends
2008 Trends2008 Trends
2008 Trends
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxMarkSteadman7
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuidePixlogix Infotech
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data SciencePaolo Missier
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceWSO2
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...caitlingebhard1
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 

Recently uploaded (20)

Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 

TrendMicro: 從雲到端,打造安全的物聯網

  • 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Peter Yang, Sr. Product Manager June 7th 2017 從雲到端,打造安全的物聯網 Trend Micro IoT Security
  • 3. 趨勢科技  Founded in 1989 (28 years), IT security dedicated company  5,258 employees, cover 30 countries, 60% (3,300+) are engineers  500,000 enterprise customer and 155 million endpoints globally  >$1 billion annual sales  Founded in U.S. Headquartered in Japan  Tokyo Exchange Nikkei Index (4704) | >$5 billion market cap  Customers include 45 of top 50 global corporations, and 100% of the top 10: Auto Telecom Banks Oil
  • 4. Gartner Magic Quadrant for Endpoint Protection Platforms Feb 2016 This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from https://resources.trendmicro.com/Gartner-Magic-Quadrant-Endpoints.html Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Trend Micro TippingPoint® Named a Leader in 2017 Gartner Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS) Jan 2017
  • 6. 2009 2010 2011 2012 2013 2014 2015 2016 CarShark Software Lets You Hack Into, Control And Kill Any Car Tesla fixes bug after hackers hijack Model S Hackers remotely kill a Jeep on the highway • Recall of 1.4M vehicles • Cost of $140M+ Controlling vehicle features of Nissan LEAFs across the globe • Nissan shut down an app which controls Leaf cars Hackers take remote control of Tesla Model S from 12 miles away • Push Tesla to provide new firmware for bug fix Researchers reveal methods behind car hack (2010 Ford Escape) at Defcon Hack into the OnStar telematics system of a 2009 Chevrolet Impala • GM TOOK 5 YEARS TO FIX FULL CONTROL HACK IN MILLIONS OF VEHICLES EQUIPPED WITH ONSTAR Flaws in 2.2M BMW ConnectedDrive Infotainment System allow remote hack OnStar hack remotely starts cars • GM fix the RemoteLink App download 3M+ times Hackers compromise Prius, seize control of wheel, brakes and more Friendly Hackers Exploit Loophole to Disable Alarm on Mitsubishi Outlander Car Hacking
  • 7. IoT DDoS 攻擊事件簿 Dyn 2016/10/21 KrebsOnSecurity 2016/9/20 Jun, 2016 2014 OVH 2016/9/21 Mirai 殭屍 網路程式 碼公開 75萬封垃圾 郵件 (家電) 5萬次/秒 HTTP連線要求 (2萬5千台 CCTV) 620Gbs DDoS攻擊 (18萬台IoT設備) 14.5萬台IoT設備 發動DDoS攻擊 49.3萬台IoT 發動1.2Tbs DNS DDoS IoT 裝置 = 受害者 + 幫凶
  • 10. IoT 終端裝置威脅來源 • Insecure Design/Code • Third Party Libraries • Existing Vulnerabilities Open Network Ports (WannaCry) • Insecure Network Protocols • Insecure FOTA/SOTA Poor Authentication/Authorization (Mirai) • Undetected File Changes • Undetected Process Behavior
  • 11. Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update ..….............. Retiring First cycle Second cycle N cycle Last cycle Termination Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Next Cycle IoT 終端設備生命週期
  • 12. IoT 終端設備生命週期及保護 Device is loading up the firmware and start to work as it defined. 1. Boot Up Boot up completed, system will read configuration, establish connection or sync up data etc. 2. Initialization Device performs its designed purpose continually. 3. Operation New firmware arrived, devices reboots then start to load the new firmware. 4. Update Next Cycle (Secure) FOTA Secure Boot Firmware Check Reduce the Attack Surface Health / Risk Check Block Attack Attempts Trend Micro FocusPlatform Provider Platform Provider TMIS
  • 13. File Integrity & App Whitelisting System Vulnerability Self Protection (Whitelist lockdown) Network Protection (IPS) Security Management Console Risk Detection System Protection Incident Response TMIS IoT Security SDK/API 1 2 3 Network Behavior Anomaly Trend Micro IoT Security 功能概述 須於產品開發 階段整合
  • 14. TMIS 架構及設計理念 Security Service Security Management Endpoint SDK/ API Learning Device Behavior Global Threats Intelligent Behavior Baseline Anomaly Detection Engine Security Attestation Logs Baseline (WL) Management Protection Rule Management Alert/Report Responder Protection Rule Execution Behavior Collector Feedback Validate 最小化終端負擔 (運算, 儲存, 耗電…) 最大化雲端效用 (全球威脅搜集, 機器學習,準確性, 即時回應) 全面整合控管 (終端安全管理, 視覺化威脅分析, SOC整合)
  • 16. 使用 TMIS 保護關鍵物聯網終端裝置 CoralEdge Box 利用弱點攻擊 (或是Mirai案例) 入侵 IoT 終端 • 竊取機密監控影片 • 銷毀監控影片 • 癱瘓監視器 • …. • NAD • File Integrity • App WL Virtual Patch TMIS
  • 17. Anomaly Detection Make sure all IoT devices still work as originally design. Vulnerability Detection & Virtual Patch Understand whether IoT devices were exposed to the latest threats and take action to protect them. Detail the cyber security status of the firmware. Find an anomaly of IoT devices, track trends of the anomaly, and plan the next fix or take mitigate actions. TMIS 管理平台
  • 18. Unusual IP Unusual Access Timing Unusual Data Usage
  • 20. Class 1 Class 2 Class 3 Class 4 Control unit MCU (8 bit/16bit) MCU (32bit) MPU (32bit) GPU, MPU, CPU (32bit/64bit) OS Non Low cost RTOS RTOS/Embedded Linux Embedded Linux/Android/Full feature RTOS/Win 10 IoT Core Network ZigBee, NFC, Bluetooth Cellar, Wi-Fi Ethernet, Wi-Fi Wi-Fi with other multiple network protocols Application Lighting, Wearables, Thermostats Medical devices, low-end network appliances, telematics Larger/ expensive medical or industrial automation devices; robotics; vending machines Gateways, high-end medical devices, military devices, autonomous driving car IoT Device Security Root of Trust HW SE (Secure Element) HW/SW PKI HW/SW PKI PKI/TPM TMIS (Function) Risk Detection (Planning) Risk Detection (Planning) Risk Detection/System Protection Risk Detection/System Protection TMIS (Method) Restful API (Planning) Restful API (Planning) SDK (Agent) SDK (Agent) OTA/Roll back OTA OTA OTA/Roll back OTA/Roll back DeviceLifeCycle IoT 終端裝置分類以及安全防護對策
  • 21. 以 AWS Greengrass 為例 TMIS