VeriSign iDefense provides security intelligence services including vulnerability research, malware analysis, and threat reports. They have a global team of analysts that track threats from public and private sources. The document discusses VeriSign iDefense's intelligence gathering process and how they integrate threat intelligence into security tools and incident response. Customers can access intelligence through various reports and an integration service to help manage security risks.
Slides for the webinar presented by Risk Focus on automating large scale Splunk deployments with Cloud Orchestration.
More details available here:
http://cloudify.co/webinar/Automating-Splunk-Large-Scale
Digital Velocity 2014: "The Holy Grail of Digital Data Analytics"Tealium
Presentation by Rahul Deshmukh, Director, Digital Intelligence, Splunk & Joe Brown, Director Digital Analytics, Lincoln Financial Group
What happens when you collect the richest data possible from your web and mobile apps, enrich it with other relevant digital data and leverage a platform designed for real-time, ad-hoc analysis?
Empower Splunk and other SIEMs with the Databricks Lakehouse for CybersecurityDatabricks
Cloud, Cost, Complexity, and threat Coverage are top of mind for every security leader. The Lakehouse architecture has emerged in recent years to help address these concerns with a single unified architecture for all your threat data, analytics and AI in the cloud. In this talk, we will show how Lakehouse is essential for effective Cybersecurity and popular security use-cases. We will also share how Databricks empowers the security data scientist and analyst of the future and how this technology allows cyber data sets to be used to solve business problems.
Deep Learning in Security - Examples, Infrastructure, Challenges, and Suggest...DataWorks Summit
Recently, deep learning has delivered ground-breaking advances in many industries by delivering human-like understanding for difficult cognition problems. We will share our empirical experiences of applying deep learning to some real-world security challenges, together with leant lessons and suggestions.
1. Examples
We are going to explain our innovative User & Entity Behavior Analytics (UEBA) solution which includes 2 deep learning examples: 1. user and entity behavior anomaly detection using Convolutional Neural Network (CNN), 2. stateful user risk scoring using Long Short Term Memory (LSTM), in order to detect slow-gestating and multi-stage targeted attacks. We are also going to share several real-life use cases of successfully detecting compromised users and malicious insiders in big enterprises.
2. Infrastructure
The production data processing and analytics workflow is developed using Spark, Spark Streaming and TensorFlow. We will share the experience of managing and tuning distributed TensorFlow and Spark on a middle/small size cluster in both SAS and on-premises deployments. This includes how to manage and split resources between Spark and TensorFlow, how to split and tune workloads between parameter servers and worker servers in TensorFlow, etc.
3. Challenges and Guidance
At the end, we are going to discuss the special challenges of applying deep learning (or general ML) into security than most other consumer industries, e.g., lack of large volume of high-quality labeled data, interpretation of models, fast detection, high cost of inaccurate detections.
Human intelligence – including knowledge of both enterprise business context and security heuristics – is a very precious resource to help cover these gaps. Thus any effective security ML solution has to have well integrated human and machine intelligence.
To achieve this partnership, there are several suggestions based on our current experiences, e.g., mix of complex and simple models, reinforcement learning based on human feed, pairing probabilistic ML results with deterministic forensic data.
2016 Cybersecurity Analytics State of the UnionCloudera, Inc.
3 Things to Learn About:
-Ponemon Institute's 2016 big data cybersecurity analytics research report
-Quantifiable returns organizations are seeing with big data cybersecurity analytics
-Trends in the industry that are affecting cybersecurity strategies
Big Data Analytics to Enhance Security
Predictive Analtycis and Data Science Conference May 27-28
Anapat Pipatkitibodee
Technical Manager
anapat.p@Stelligence.com
Slides for the webinar presented by Risk Focus on automating large scale Splunk deployments with Cloud Orchestration.
More details available here:
http://cloudify.co/webinar/Automating-Splunk-Large-Scale
Digital Velocity 2014: "The Holy Grail of Digital Data Analytics"Tealium
Presentation by Rahul Deshmukh, Director, Digital Intelligence, Splunk & Joe Brown, Director Digital Analytics, Lincoln Financial Group
What happens when you collect the richest data possible from your web and mobile apps, enrich it with other relevant digital data and leverage a platform designed for real-time, ad-hoc analysis?
Empower Splunk and other SIEMs with the Databricks Lakehouse for CybersecurityDatabricks
Cloud, Cost, Complexity, and threat Coverage are top of mind for every security leader. The Lakehouse architecture has emerged in recent years to help address these concerns with a single unified architecture for all your threat data, analytics and AI in the cloud. In this talk, we will show how Lakehouse is essential for effective Cybersecurity and popular security use-cases. We will also share how Databricks empowers the security data scientist and analyst of the future and how this technology allows cyber data sets to be used to solve business problems.
Deep Learning in Security - Examples, Infrastructure, Challenges, and Suggest...DataWorks Summit
Recently, deep learning has delivered ground-breaking advances in many industries by delivering human-like understanding for difficult cognition problems. We will share our empirical experiences of applying deep learning to some real-world security challenges, together with leant lessons and suggestions.
1. Examples
We are going to explain our innovative User & Entity Behavior Analytics (UEBA) solution which includes 2 deep learning examples: 1. user and entity behavior anomaly detection using Convolutional Neural Network (CNN), 2. stateful user risk scoring using Long Short Term Memory (LSTM), in order to detect slow-gestating and multi-stage targeted attacks. We are also going to share several real-life use cases of successfully detecting compromised users and malicious insiders in big enterprises.
2. Infrastructure
The production data processing and analytics workflow is developed using Spark, Spark Streaming and TensorFlow. We will share the experience of managing and tuning distributed TensorFlow and Spark on a middle/small size cluster in both SAS and on-premises deployments. This includes how to manage and split resources between Spark and TensorFlow, how to split and tune workloads between parameter servers and worker servers in TensorFlow, etc.
3. Challenges and Guidance
At the end, we are going to discuss the special challenges of applying deep learning (or general ML) into security than most other consumer industries, e.g., lack of large volume of high-quality labeled data, interpretation of models, fast detection, high cost of inaccurate detections.
Human intelligence – including knowledge of both enterprise business context and security heuristics – is a very precious resource to help cover these gaps. Thus any effective security ML solution has to have well integrated human and machine intelligence.
To achieve this partnership, there are several suggestions based on our current experiences, e.g., mix of complex and simple models, reinforcement learning based on human feed, pairing probabilistic ML results with deterministic forensic data.
2016 Cybersecurity Analytics State of the UnionCloudera, Inc.
3 Things to Learn About:
-Ponemon Institute's 2016 big data cybersecurity analytics research report
-Quantifiable returns organizations are seeing with big data cybersecurity analytics
-Trends in the industry that are affecting cybersecurity strategies
Big Data Analytics to Enhance Security
Predictive Analtycis and Data Science Conference May 27-28
Anapat Pipatkitibodee
Technical Manager
anapat.p@Stelligence.com
Machine Learning + AI for Accelerated Threat-HuntingInterset
How quickly can your enterprise find the cyberthreats that matter? In case you missed our talk at #MPOWER17, this is how the new Interset-McAfee security ecosystem helps security teams find them faster.
In security, rules and thresholds create an excess of security alerts. This slows down security teams, and buries real threats to the enterprise. Analytics, in contrast, will take billions of events and distill them into a handful of true threat leads. This presentation explains—through case studies—how to use statistical methods to validate threats and reduce false positives.
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl
Organizations are utilizing Sqrrl Enterprise to securely integrate vast amounts of multi-structured data (e.g., tens of petabytes) onto a single Big Data platform and then are building real-time applications using this data and Sqrrl Enterprise’s analytical interfaces. The secure integration is enabled by Accumulo’s innovative cell-level security capabilities and Sqrrl Enterprise’s security extensions, such as encryption.
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]Druva
According to CNN, ransomware incidents are expected to cost enterprises $1B in 2016 and no organization is immune. Healthcare, law enforcement and others have been attacked with malware, restricting access to systems and data until a ransom is paid. With ransomware attacks on the rise, organizations have found themselves vulnerable and struggling to reduce risk or proactively prepare for an attack response.
John Shier, Sr. Security Officer at Sophos and Sey Verma, Product Marketing Manager at Druva provide insights into how to confidently prepare your organization to combat ransomware threat including:
* Proactive strategies to protect data before a malicious attack occurs
* Factors and issues that can complicate your organization’s risks
* Measures to gain immediate access to data during and after an attack.
As attacks become more sophisticated, IT organizations need to become ever-vigilant and proactive in mitigating ransomware and other malware attacks.
You can access the live recording at: http://pages2.druva.com/Proactive-Approach-to-Combat-Ransomware-Webinar-On-Demand.html
El contexto de la integración masiva de datosSoftware Guru
http://sg.com.mx/sgce/2013/sessions/el-contexto-la-integraci%C3%B3n-masiva-datos
Los ejecutivos de las áreas de TI saben con certeza que la información de negocio más importante, se encuentra escondida en billones de eventos de seguridad. La habilidad de integrar datos para obtener una fotografía clara de la situación actual, es esencial en la manera que hoy día se detectan los ataques clandestinos. Basado en la colección, manejo y análisis; la seguridad de los datos puede ser un gran activo o un enorme dolor de cabeza.
Los desafíos de las llamadas soluciones “SIEM legacy” combinadas con metodologías de inteligencia en seguridad, pueden llevar su organización al siguiente nivel cuando ataques internos y externos se presentan, siempre en cumplimiento reportando, administrando y entregando un valor excepcional y rentabilidad. Conozca como responder ante las necesidades del Big Data mediante la integración de inteligencia global de amenazas (GTI).
A New Approach to Threat Detection: Big Data Security Analytics Interset
Learn how to distill billions of events into a handful of security leads. Security analytics powered by machine learning is proven to make your SOC more efficient. This presentation includes four case studies.
DataWorks 2018: How Big Data and AI Saved the DayInterset
In this presentation titled "How Big Data and AI Saved the Day: Critical IP Almost Walked Out the Door," Interset Field Data Scientist Roy Wilds discussed real-world examples of how businesses can expand their threat analysis using security analytics powered by artificial intelligence in a big data environment. This was presented at DataWorks Summit 2018.
Information security is a big problem today. With more attacks happening all the time, and increasingly sophisticated attacks beyond the script-kiddies of yesterday, patrolling the borders of our networks, and controlling threats both from outside and within is becoming harder. We cannot rely on endpoint protection for a few thousand PCs and servers anymore, but as connected cars, internet of things, and mobile devices become more common, so the attack surface broadens. To face these problems, we need technologies that go beyond the traditional SIEM, with human operators writing rules. We need to use the power of the Hadoop ecosystem to find new patterns, machine learning to uncover subtle signals and big data tools to help humans analysts work better and faster to meet these new threats. Apache Metron is a platform on top of Hadoop that meets these needs. Here we will look at the platform in action, and how to use it to trace a real world complex threat, and how it compares to traditional approaches. Come and see how to make your SOC more effective with automated evidence gathering, Hadoop-powered integration, and real-time detection.
Information security is a big problem today. With more attacks happening all the time, and increasingly sophisticated attacks beyond the script-kiddies of yesterday, patrolling the borders of our networks, and controlling threats both from outside and within is becoming harder. We cannot rely on endpoint protection for a few thousand PCs and servers anymore, but as connected cars, internet of things, and mobile devices become more common, so the attack surface broadens. To face these problems, we need technologies that go beyond the traditional SEIM, which human operators writing rules. We need to use the power of the Hadoop ecosystem to find new patterns, machine learning to uncover subtle signals and big data tools to help humans analysts work better and faster to meet these new threats. Apache Metron is a platform on top of Hadoop that meets these needs. Here we will look at the platform in action, and how to use it to trace a real world complex threat, and how it compares to traditional approaches. Come and see how to make your SOC more effective with automated evidence gathering, Hadoop-powered integration, and real-time detection.
Speaker
Simon Elliston Ball, Director Product Management, Cyber Security, Hortonworks
Perspectives on Ethical Big Data GovernanceCloudera, Inc.
Enterprise data governance is a critical, yet challenging, business process, and the rapidly expanding universe of data volumes and types make it a more significant undertaking, particularly for public sector organizations. In this session, attendees will learn how to bring comprehensive data governance to their organizations to ensure data collected and managed is handled and protected as required. Discover practical information on how to use the components and frameworks of the Hadoop stack to support your requirements for data auditing, lineage, metadata management, and policy enforcement, and hear recommendations on how to get started with measuring the progress of ethical big data usage--including what’s legal and what’s right. Bring your questions and join this lively, interactive dialogue.
To take action before IT security attacks become critical, organizations need the analytics capabilities necessary to identify anomalous and suspicious behavior quickly.Our Anomalous Behavior Detection Solution addresses security issues that conventional methods can’t. It can help to detect and prevent theft of data or intellectual property (IP), for instance at the behest of nation states, organized crime, or by a disenchanted employee. It can quickly identify when a user is behaving in a way that is abnormal for them and take appropriate action to limit what they can do, or flag up the situation for managerial attention. It can also predict when anomalous behavior is likely to occur, flagging events of interest for further investigation for potential security breach.
Protecting health and life science organizations from breaches and ransomwareCloudera, Inc.
3 Things to Learn About:
* 1. Ransomware is a particular problem and currently the highest priority for healthcare organizations. Machine learning can use the structure of a malicious email to detect an attack even before the email is opened.
* 2. Big data architectures provide the machine-learning models with the volume and variety of data required to achieve complete visibility across the spectrum of IT activity—from packets to logs to alerts.
* 3. Intel and industry partners are currently running one-hour, complimentary, confidential benchmark engagements for HLS organizations that want to see how their security compares with the industry .
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
There is some really great stuff coming out of the CSA working & research groups these days. I found this particular research paper from the big data working group to be extremely relevant and useful
Ulf Mattsson will highlight current trends in the security landscape based on major industry report findings, and discuss how we should re-think our security approach.
Big data security challenges and recommendations!cisoplatform
What will you learn:
- Key Insights on Existing Big Data Architecture
- Unique Security Risks and Vulnerabilities of Big Data Technologies
- Top 5 Solutions to mitigate these security challenges
An overview on the application of data science methods and data analytics tools to complement cyber risk quantification, cyber insurance valuation, and cyber risk assessment.
Machine Learning + AI for Accelerated Threat-HuntingInterset
How quickly can your enterprise find the cyberthreats that matter? In case you missed our talk at #MPOWER17, this is how the new Interset-McAfee security ecosystem helps security teams find them faster.
In security, rules and thresholds create an excess of security alerts. This slows down security teams, and buries real threats to the enterprise. Analytics, in contrast, will take billions of events and distill them into a handful of true threat leads. This presentation explains—through case studies—how to use statistical methods to validate threats and reduce false positives.
Sqrrl Enterprise: Big Data Security Analytics Use CaseSqrrl
Organizations are utilizing Sqrrl Enterprise to securely integrate vast amounts of multi-structured data (e.g., tens of petabytes) onto a single Big Data platform and then are building real-time applications using this data and Sqrrl Enterprise’s analytical interfaces. The secure integration is enabled by Accumulo’s innovative cell-level security capabilities and Sqrrl Enterprise’s security extensions, such as encryption.
Taking a Proactive Approach to Combat Ransomware [Druva Webinar]Druva
According to CNN, ransomware incidents are expected to cost enterprises $1B in 2016 and no organization is immune. Healthcare, law enforcement and others have been attacked with malware, restricting access to systems and data until a ransom is paid. With ransomware attacks on the rise, organizations have found themselves vulnerable and struggling to reduce risk or proactively prepare for an attack response.
John Shier, Sr. Security Officer at Sophos and Sey Verma, Product Marketing Manager at Druva provide insights into how to confidently prepare your organization to combat ransomware threat including:
* Proactive strategies to protect data before a malicious attack occurs
* Factors and issues that can complicate your organization’s risks
* Measures to gain immediate access to data during and after an attack.
As attacks become more sophisticated, IT organizations need to become ever-vigilant and proactive in mitigating ransomware and other malware attacks.
You can access the live recording at: http://pages2.druva.com/Proactive-Approach-to-Combat-Ransomware-Webinar-On-Demand.html
El contexto de la integración masiva de datosSoftware Guru
http://sg.com.mx/sgce/2013/sessions/el-contexto-la-integraci%C3%B3n-masiva-datos
Los ejecutivos de las áreas de TI saben con certeza que la información de negocio más importante, se encuentra escondida en billones de eventos de seguridad. La habilidad de integrar datos para obtener una fotografía clara de la situación actual, es esencial en la manera que hoy día se detectan los ataques clandestinos. Basado en la colección, manejo y análisis; la seguridad de los datos puede ser un gran activo o un enorme dolor de cabeza.
Los desafíos de las llamadas soluciones “SIEM legacy” combinadas con metodologías de inteligencia en seguridad, pueden llevar su organización al siguiente nivel cuando ataques internos y externos se presentan, siempre en cumplimiento reportando, administrando y entregando un valor excepcional y rentabilidad. Conozca como responder ante las necesidades del Big Data mediante la integración de inteligencia global de amenazas (GTI).
A New Approach to Threat Detection: Big Data Security Analytics Interset
Learn how to distill billions of events into a handful of security leads. Security analytics powered by machine learning is proven to make your SOC more efficient. This presentation includes four case studies.
DataWorks 2018: How Big Data and AI Saved the DayInterset
In this presentation titled "How Big Data and AI Saved the Day: Critical IP Almost Walked Out the Door," Interset Field Data Scientist Roy Wilds discussed real-world examples of how businesses can expand their threat analysis using security analytics powered by artificial intelligence in a big data environment. This was presented at DataWorks Summit 2018.
Information security is a big problem today. With more attacks happening all the time, and increasingly sophisticated attacks beyond the script-kiddies of yesterday, patrolling the borders of our networks, and controlling threats both from outside and within is becoming harder. We cannot rely on endpoint protection for a few thousand PCs and servers anymore, but as connected cars, internet of things, and mobile devices become more common, so the attack surface broadens. To face these problems, we need technologies that go beyond the traditional SIEM, with human operators writing rules. We need to use the power of the Hadoop ecosystem to find new patterns, machine learning to uncover subtle signals and big data tools to help humans analysts work better and faster to meet these new threats. Apache Metron is a platform on top of Hadoop that meets these needs. Here we will look at the platform in action, and how to use it to trace a real world complex threat, and how it compares to traditional approaches. Come and see how to make your SOC more effective with automated evidence gathering, Hadoop-powered integration, and real-time detection.
Information security is a big problem today. With more attacks happening all the time, and increasingly sophisticated attacks beyond the script-kiddies of yesterday, patrolling the borders of our networks, and controlling threats both from outside and within is becoming harder. We cannot rely on endpoint protection for a few thousand PCs and servers anymore, but as connected cars, internet of things, and mobile devices become more common, so the attack surface broadens. To face these problems, we need technologies that go beyond the traditional SEIM, which human operators writing rules. We need to use the power of the Hadoop ecosystem to find new patterns, machine learning to uncover subtle signals and big data tools to help humans analysts work better and faster to meet these new threats. Apache Metron is a platform on top of Hadoop that meets these needs. Here we will look at the platform in action, and how to use it to trace a real world complex threat, and how it compares to traditional approaches. Come and see how to make your SOC more effective with automated evidence gathering, Hadoop-powered integration, and real-time detection.
Speaker
Simon Elliston Ball, Director Product Management, Cyber Security, Hortonworks
Perspectives on Ethical Big Data GovernanceCloudera, Inc.
Enterprise data governance is a critical, yet challenging, business process, and the rapidly expanding universe of data volumes and types make it a more significant undertaking, particularly for public sector organizations. In this session, attendees will learn how to bring comprehensive data governance to their organizations to ensure data collected and managed is handled and protected as required. Discover practical information on how to use the components and frameworks of the Hadoop stack to support your requirements for data auditing, lineage, metadata management, and policy enforcement, and hear recommendations on how to get started with measuring the progress of ethical big data usage--including what’s legal and what’s right. Bring your questions and join this lively, interactive dialogue.
To take action before IT security attacks become critical, organizations need the analytics capabilities necessary to identify anomalous and suspicious behavior quickly.Our Anomalous Behavior Detection Solution addresses security issues that conventional methods can’t. It can help to detect and prevent theft of data or intellectual property (IP), for instance at the behest of nation states, organized crime, or by a disenchanted employee. It can quickly identify when a user is behaving in a way that is abnormal for them and take appropriate action to limit what they can do, or flag up the situation for managerial attention. It can also predict when anomalous behavior is likely to occur, flagging events of interest for further investigation for potential security breach.
Protecting health and life science organizations from breaches and ransomwareCloudera, Inc.
3 Things to Learn About:
* 1. Ransomware is a particular problem and currently the highest priority for healthcare organizations. Machine learning can use the structure of a malicious email to detect an attack even before the email is opened.
* 2. Big data architectures provide the machine-learning models with the volume and variety of data required to achieve complete visibility across the spectrum of IT activity—from packets to logs to alerts.
* 3. Intel and industry partners are currently running one-hour, complimentary, confidential benchmark engagements for HLS organizations that want to see how their security compares with the industry .
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
There is some really great stuff coming out of the CSA working & research groups these days. I found this particular research paper from the big data working group to be extremely relevant and useful
Ulf Mattsson will highlight current trends in the security landscape based on major industry report findings, and discuss how we should re-think our security approach.
Big data security challenges and recommendations!cisoplatform
What will you learn:
- Key Insights on Existing Big Data Architecture
- Unique Security Risks and Vulnerabilities of Big Data Technologies
- Top 5 Solutions to mitigate these security challenges
An overview on the application of data science methods and data analytics tools to complement cyber risk quantification, cyber insurance valuation, and cyber risk assessment.
Palestra do evento "Cybersecurity: a nova era em resposta a incidentes e auditoria de dados"
Sam Maccherola - VP and General Manager Public Sector Guidance Software Inc.
Brasília, 04 de agosto de 2010
This PowerPoint presentation accompanied my Senior Synthesis presentation during March 2010. The project was based around my creation of a discussion group in which I function as the facilitator. The project explored the importance of dialogue and how I believe we can facilitate empowerment through discourse.
What are the myths & legends around securing Industrial Controlled Systems? In a short presentation some of the day to day experiences are explained around problems/risks, fairy-tales around securing ICS. After reading the presentation will lead to start doing some homework....
As soluções da NetWitness capturam todos os dados que circulam na rede e os contextualizam, filtrando o que pode ser crítico ou não. O usuario pode ver quem está indo aonde e vendo o quê.
Are you looking for an IT Infrastructure Services & Management? We help to manage IT risks at all levels of an Organization with a focus on planning & protect your information from security breaches. For more details, please visit our site: http://www.webindia.com/infrastructure.php
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
View on-demand presentation: http://securityintelligence.com/events/ibm-2015-cyber-security-intelligence-index/
The cyber threat landscape is increasing in complexity and frequency. Organizations that have historically not been the target of cyber attacks now make headline news with large data losses and compromised transactions. Organizations need a clear point of view on how to respond to these threats, and one that incorporates not only the relevant technology but also the organizational changes needed.
Nick Bradley, Practice Leader of the IBM Threat Research Group and the X-Force Threat Analysis Team, and Nick Coleman, Global Head Cyber Security Intelligence Services outline what organizations need to do now and in the future to stay ahead of the growing cyber security threat.
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...patmisasi
Responding to cyber incidents is not what it used to be, the landscape has changed considerably; proactive response now requires the use of many tools and extensive coordination and expertise. Adding to the complexity is the common confusion between IR and forensics. Where does forensics begin and incident response start? What incidents require forensic investigation? And what should you know to pull the pieces together?
Embarking on creating an incident response (IR) program can be challenging and frustrating. This presentation discusses that in order to adequately prepare for security incidents you need an IR framework that can lay the foundation for your IR plan and in turn help describe attacks. Describing attacks is important because you cannot respond to what you cannot identify.
VERIS will be used as an example framework to help you along your path in creating a successful cyber response program.
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
Are Cybersecurity threats increasing? Learn about protecting your business with a security program and understanding ransomware threats. Join us as Google's Biodun Awojobi and Wade Walters join us to discuss "Security Programs and Ransomware in the Cloud." We expect to have additional Cybersecurity events in future to cover security posture, Zero Trust, Google's Cybersecurity products & more!
#cybersecurity #ransomware #google #gdg #gdgcloudsouthlake
Key Security Insights: Examining 2014 to predict emerging threats Dell World
Cyber-crimes are alive and well on the global stage and will only continue to be pervasive as long as organizations prolong taking the necessary defense measures to stop threats from slipping through the cracks. In this session, we’ll present the most common attacks Dell SonicWALL observed since 2014 and the ways we expect emergent threats to affect small and medium businesses, as well as large enterprises moving forward. This session is perfect for anybody who is interested in learning more about the state of the union in security.
¨Auditando as falhas das camadas de proteção e detecção¨ - Palestra realizada pelo consultor sênior da TechBiz Forense Digital, Marcelo Souza, no CNASI Latino Americano 2012.
O National Security Alliance’s (InSA) Cyber Council, organização norte-americana de inteligência e segurança, publica o primeiro de vários relatórios destinados a ampliar a visão dos tomadores de decisão da indústria e do governo sobre a importância do desenvolvimento de uma “inteligência cibernética”.
Sandro Suffert marcou presença na sexta edição do Workshop de Segurança da Informação - Seginfo, no Centro de Convenções da Bolsa de Valores do Rio de Janeiro. O evento tem abordagem acadêmica, técnica e empresarial e trata de assuntos técnico-científico, jurídico e social. Palestras, debates, jogos e dinâmicas abordaram a segurança da informação nos seus mais variados aspectos, de técnico a social.
Em Maio, a Kaspersky Lab detectou o primeiro rootkit bancário criado para infectar sistemas de 64-bit. Foi detectado após um ataque feito por cibercriminosos Brasileiros. Confira o relatório da RSA sobre o assunto
A Plataforma ArcSight ETRM captura dados, gerencia e retém todos os eventos, analisa os eventos em tempo real, identifica comportamentos anômalos e responde rapidamente, para prevenir perdas.
Visão geral sobre a solução iDefense da VeriSign de resposta a incidentes em tempo real, remediação de fraudes on-line, gerenciamento de riscos, conhecimentos dos impactos globais das ameaças, proteção proativa, entre outros benefícios.
Se a prevenção às ameaças digitais é considerada, nos dias de hoje, uma commodity no mundo empresarial – que investe pesadamente em antivírus, firewall, antispam, antispyware etc. – os esforços para detectar e reagir aos incidentes cibernéticos ainda precisam se intensificar, especialmente no Brasil.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
2. Security Incidents Dominate Headlines Oracle to fix 73 security bugs next week Computerworld, April 2011 WikiLeaks Releases Guantánamo Bay Prisoner Reports Wired , April 2011 Royal Navy hacker claims to have broken into space agency site The Register , April 2011 Malware Aimed at Iran Hit Five Sites, Report Says New York Tim , February 2011 Sony PlayStation suffers massive data breach Reuters , April 2011
3. Increased Sophistication of Attacks / Attackers More than 286 million new malware variants detected in 2010 1 93% increase in malware attacks in 2011 1 56% of malicious code infections were Trojans in 2010 1 Reported online crime losses totaled $559.7M USD in 2009 – a total of 336,655 complaints, a 111% and 22.3% increase from 2008, respectively. 2 Cyber criminals are targeting Web 2.0 and cloud technologies Ecommerce fraud in 2010 estimated to $2.7 billion 3 More than 115,000 reported phishing attacks in 2010 4
4.
5. The Challenge of Keeping Up Which patches are critical? Which aren’t? Is this a real threat ? Are there threats I don’t know about? How do I get the most out of our security infrastructure investments ? How can I stay ahead of the threat curve? How do I maximize our incident response efforts? How can I make sense of global thr eat implications? How do I best inform executive management of the most relevant risk factors ?
6. The Solution Proactively Protect Respond In Real-time Understand Global Implications Remediate Online Fraud Prioritized Vulnerability and Patch Management Enable Risk Management
7.
8.
9.
10. The VeriSign iDefense Intelligence Process VeriSign iDefense executes a disciplined process to get intelligence data to users Discovery Analysis Publication Delivery XML Appliance Portal Email Original Vulnerabilities Geopolitical Threats Malicious Code Intelligence Report Archive Archive Intelligence Reports Publish Intelligence Reports Create Intelligence Reports Analyst Desktop Original Vulnerabilities & VeriSign iDefense Labs The World Public Sources Centralized Data Collection Public Vulnerabilities Desktop Tools & Freeware VeriSign Intelligence Network RSS Feed Int’l Cyber Intelligence
11. The VeriSign iDefense Original Vulnerability Process Each Vendor Works with VeriSign on Public Disclosure Schedule Discovery Notification Responsible Disclosure Public Disclosure By Vendor The World VeriSign iDefense Vulnerability Advanced Research Labs Verification Original Vulnerabilities VeriSign iDefense process for notifying customers and vendors of vulnerabilities VCP Network VeriSign iDefense Customers Vendor
19. Intelligence In Action—A Case Study A top 10 enterprise services firm saved about $5M by using VeriSign iDefense analysis to decide—correctly—not to install three out-of-cycle patches … even though other security organizations were recommending them Vulnerability Management Assistance Save time and money
20. Intelligence In Action—A Case Study On Feb 26, 2009, a mass mailer virus was identified internally within a top global enterprise services firm attempting to spread to all addresses within an address book. Within 3 hours of submission to VeriSign iDefense Rapid Response Team, analysis and remediation strategies were delivered that enabled institution of immediate and accurate file restrictions and updated AV signatures to thwart the threat of the Waledec Mass Email Worm. Incident Response Faster and smarter remediation
21. Intelligence In Action—A Case Study A top 10 US bank leveraged VeriSign iDefense world-class malcode analysis services that lead to the identification and cancelation of a fraudulent online bank transaction in the amount of $82K. Fraud Mitigation Gain visibility and confidence
22. Intelligence In Action—A Case Study Recently, a VeriSign iDefense client was considering expansion into Russia and need to understand how this might impact their risk level. By leveraging iDefense Global Threat Intelligence Services, the organization increased awareness of prominent insider threats in the region . As a result, intelligence delivered in the context of the client’s geographical needs was used in making better decisions around review of local security practices, hiring of local personnel and background checks. Global Threat Intelligence Drives Threat Awareness
39. Security Incidents Dominate Headlines Monster.com Hit With Possible Monster-Sized Data Breach InformationWeek , January 2009 Cyber Attacks Jam Government and Commercial Web Sites in U.S. and South Korea New York Times , July 2009 Updated MyDoom Responsible for DDoS Attacks computerworld.com, July 2009 Electricity Grid in U.S. Penetrated By Spies Wall Street Journal, April 2009 Obama's Copter Plans Turn Up On The Web New York Post , March 2009 Vast Spy System Loots Computers in 103 Countries New York Times , March 2009 Former employee accused of stealing secrets from Goldman Sachs Group Chicago Tribune , July 2009 DOD seeks defense against denial-of-service attacks fcw.com, July 2009 Data breaches cost $6.6 million on average, survey finds CNET , February 2009
PlayStation Network Hack Leaves Credit Card Info at Risk Wired, April 2011 http://www.wired.com/gamelife/2011/04/playstation-network-hacked/ 'Anonymous' attacks Visa.com, Mastercard.com in support of WikiLeaks The Washington Post, Dec. 2010 http://voices.washingtonpost.com/blog-post/2010/12/mastercardcom_hacked_by_wikile.html Malware Aimed at Iran Hit Five Sites, Report Says New York Times, February 2011 http://www.nytimes.com/2011/02/13/science/13stuxnet.html?ref=stuxnet Sony PlayStation suffers massive data breach http://www.reuters.com/article/2011/04/26/us-sony-stoldendata-idUSTRE73P6WB20110426 reuters.com - 04/27/2011 WikiLeaks Releases Guantánamo Bay Prisoner Reports http://www.wired.com/threatlevel/2011/04/wikileaks-gitmo Wired, April 2011 Royal Navy hacker claims to have broken into space agency site The Register, April 2011 http://www.theregister.co.uk/2011/04/18/esa_website_hack Oracle to fix 73 security bugs next week Computerworld, April 2011 http://www.computerworld.com/s/article/9215838/Oracle_to_fix_73_security_bugs_next_week
Overall, spam made up 74.68 percent of all messages in March 2011 State of Spam & Phishing Report, Symantec, April 2011 http://www.symantec.com/business/theme.jsp?themeid=state_of_spam [1] Symantec Internet Security Threat Report - trends for 2010 Volume 16, April 2011 http://www.symantec.com/business/threatreport/index.jsp http://news.techworld.com/security/3272431/malware-attacks-increased-by-93-in-2010-symantec-says/ - more than 286 million new malware variants Symantec detected in 2010 93% increase in the volume of Web-based attacks in 2010 over the volume observed in 2009. Trojans made up the highest percentage of the top 50 potential malicious code infections for 2010. In 2010, the percentage of potential infections by Trojans was 56 percent. [2] IC3 2009 Annual Report on Internet Crime http://www.ic3.gov/media/2010/100312.aspx - The Internet Crime Complaint Center (IC3) received a total of 336,655 complaints, a 22.3 percent increase from 2008. The total loss linked to online fraud was $559.7 million; this is up from $265 million in 2008. [3] http://www.internetretailer.com/2011/01/18/fraud-losses-fall [4] APWG Global Phishing Survey: Domain Name Use and Trends in 2H2010 The bad guys are getting more sophisticated and targeted in their motives: DDoS attacks Malware increasing to include data stealing trojans Phishing schemes becoming more and more prominent Taking advantage of economic downturn is working in the favor of attackers … Traditional network security is not enough 1 Kaspersky Labs 2 McAfee 2009 threat predictions report 3 Symantec, Internet Security Report XIV, April 09 4 Trend Micro, Focus Report: Data Stealing Malware . July 7, 2009 SC Magazine 5 APACS, UK Payments Association, October 2008 6 McAfee 7 SC magazine, Dan Raywood, May 22, 2009
Underground Evolution – critical mass has been reached The cyber security landscape has fundamentally changed and professionalized cyber criminals have emerged Muslim extremists use cyber fraud as a way to fund their agendas Amateur hacker groups practice cyber espionage in the open in China and elsewhere Cyber war has become a legitimate tool to accomplish political goals, as in Estonia and Georgia. Malicious Infrastructures are present Malicious hackers seem to be applying increased scrutiny to their victims’ critical infrastructure All the while building their own infrastructure to increase efficiency and survivability Bullet Proof Hosting Fastflux iFrames Security Disruptors Security disruptors, which result from new technologies or developments in the culture that will fundamentally change how the business enterprise secures its environments. Mobile Device & Application = Mobile Threat IPv6 Virtualization
Conflict Internal security teams can’t keep up with the soaring volume of sophisticated threats. Late detection, poor clarity around which threats are most severe, and the difficulty of reprioritizing resources for remediation puts your entire business on the line. Security breaches can and do destroy businesses – costing millions in lost revenue, shareholder value and customer trust. Market share loss swiftly follows. The volume of threats is massive, and accelerating: new vulnerabilities, new attacks, and new players. Each threat is constantly evolving. Internal security teams can’t keep up. It’s almost impossible for over-tapped internal teams to confidently prioritize which threats present the greatest risk. Companies inevitably over-spend on false ‘emergencies.’
The solution to keeping up directly addresses many of the biggest challenges that prospects face, especially today. Any security partnership or intelligence organization must deliver Accurate, actionable and detailed threat intelligence to equip an organization’s security team with the following capabilities: Proactively protect your business from the threats that matter most. Actively respond in real-time to malicious threats with deep analysis of what the threat is, where it is coming from and how to mitigate it. Understand the global implications of any emerging or existing threat, as it evolves. Remediate online fraud with rapid credential recovery and constant monitoring of malicious IPs. Prioritize your threat and vulnerability management strategy – and maximize internal resources. Move from ‘security management’ to ‘risk management’ – and take the lead in communicating this strategy to the executive team.
We are the leading security intelligence research shop. No one else approaches security the way we do. 24 hours a day, every day, we provide vendor neutral security intelligence as our core competency If you look at our marquee customer base you can see that our services are taken seriously as again we are integrated into many of the 3 letter government organizations as a trusted intelligence source, largest financial services companies like Goldman Sachs, insurance, healthcare, retailers like Wal-Mart, and large software companies like Microsoft use our services every day. All of our intelligence is created by six highly specialized teams that work in a matrixes function to discover and analyze emerging threats. Additionally, we have been gathering intelligence since 98 and are our primary team is located in the greater Washington DC area (Dulles, VA) with global visibility and presence through VCP and ongoing field operations. Examples of 24 x 7 – Team worked non-stop between Christmas and New Years 2006, 2007 and 2008
This slide shows the process we go through to deliver intelligence. I show this slide because some of what I’ve spoken about so far is kind of “cloak and dagger”. We have a discovery phase where information is collected in all sorts of ways, which is then.. Fed to our analysts at various locations in the world at different times who then. Turn that information into intelligence reports of various types such as original vulnerabilities, threats, malicious code, etc. The information is then delivered to our customers in one of four primary means. XML webservice or appliance. We have a XML webservice where report data can be sent to you via a XML webservice or also through an appliance that you can keep onsite where you can utilize the data how ever you want. We also have a secure portal that you can log into to perform research into past threats or read up on recent reports. Also in the portal you can customize your profiles for delivery. Delivery profiles which help customze your e-mail delivery can allow you to make sure your only getting the reports you want from the hundreds created every day. You can get the Oracle reports directly to your oracle guy, or the Malicious Code reports to your malicious code guy, or even reports of only a certain severity of a certain product set once a week to a specific person. The options are endless You can also choose to receive alerts as well via RSS.
This slide shows our exclusive vulnerability life cycle from discovery to disclosure. The first section here is when one of our 400 researchers in one of 46 different countires in our VCP network discover a new vulnerability. They send this vulnerability to our VeriSign iDefense labs team who verifies the vulnerability is in fact a vulnerability that would be of importance to the security of the internet and to our customers. We then perform our own research documenting how the vulnerability and its associated exploit code works and then work with the Vendor of the vulnerable product to ensure patch development begins. We share this information with the Vendors to better assist them in creating the patch and then share the information with our customers usually the same day. This allows our customers to understand that they may have a device or application in their environment that is vulnerable and they can use our mitigation and work arounds if available to proactively protect themselves. Now the next portion is important, the Disclosure phase. The actual disclosure time from when we notify our customers and vendor to when the vendor makes the actual public disclosure is measured in months… not days… Right now for the last couple years of VeriSign iDefense exclusive vulnerabilities the average time it takes vendors to make a public disclosure of a vulnerability we discover is 121 days on average over the last two years.
The following VeriSign iDefense capabilities help organizations develop a complete threat picture: A private, worldwide network of independent security researchers who provide exclusive advance notification of unpublished vulnerabilities and exploit code Identification and technical verification of original vulnerabilities Aggregation of raw data originating from more than 1,550 sources, including mailing lists, Web sites, and proprietary resources Around-the-clock monitoring and reporting on threats posed by viruses, worms, Trojan horses, spyware, and adware Analysis of the motivation behind cyber attacks and hacker groups to determine whether such groups will actually exploit a vulnerability Risk research and reporting as it pertains to global threats and emerging technologies and trends
http://www.microsoft.com/technet/security/Bulletin/MS08-dec.mspx This slide represents what VeriSign iDefense can do for its customers when a real threat emerges. This particular threat came from the Microsoft announced Out of Band Patch in December 2008. Microsoft announced that they would release an out of band patch later on that same day (Dec 9 2008). Our Vulnerability team issued an alert to our customers about the upcoming event and alerted our team about the same. One of our Chinese analysts immediately found the exploit code referenced in the Microsoft Bulletin on a Chinese speaking forum and grabbed it for analysis. At 2 AM, the Vulnerability Team Leader and the Advanced Research Labs leader began discussing the seriousness of the issue and what VeriSign iDefense should do about it. At 5 AM, the team leads woke up the intelligence director to recommend going into War Room Mode. War Room mode is when VeriSign iDefense changes its operational tempo from every 24 hours to 3 hours; in other words, instead of meeting once a day to discuss intelligence matters, the team meets every three hours until an issue is resolved. In the mean time, the VeriSign iDefense Advanced Research Lab (ARL) collected its first set of PCAP files and created its first set of SNORT IDS signatures based on the Chinese sample collected earlier. The Vuln Aggregation Team (VAT) pushed those signatures to all customers. At 10 AM, VeriSign iDefense held its first War Room Meeting. We assigned research tasks. We gathered all customer questions that had begun to come in because of the MS announcement. By 1 PM, the ARL had developed their own Exploit Code that leveraged the Vulnerability description from MS. Now we had two distinct sets of exploit code for the same vulnerability. We knew this was dangerous. We recommended to customers to patch this vulnerability immediately, out of cycle if they could,. But definitely ahead of schedule. MS released the patch at 1 PM We closed the War Room down at 3 PM and hosted a customer call at 5:30 to discuss all that we learned. In 17 hours, we updated the alert for this one vulnerability 7 times with new information about how the vulnerability works, what the potential impact may be and how to mitigate it both with the patch and other work-arounds.
Patch Management Assistance: Save time and money A top 10 enterprise services firm saved about $5M by using VeriSign iDefense Vulnerability Aggregation Team analysis to decide - correctly - not to install three out-of-cycle patches… even though other security organizations were recommending them Fraud Response: Gain visibility and confidence A top 10 US bank credential recovery, supported by VeriSign iDefense with additional malcode analysis, lead to the identification and cancelation of a fraudulent online bank transaction in the amount of $82K. Global Threat Awareness: Protect even against unknown threats On April 22nd, Finjan discovered a botnet with 1.9M users that had been in use since February and was hosted in the Ukraine and allowing malware to bypassed 90% of common anti-virus software. Nothing about this botnet stood out before the event since it appeared to be a completely average bot. However, the unnamed botnet was previously seen by VeriSign iDefense allowing all VeriSign iDefense customers to be protected against the threat months earlier. Incident Response: Extend your team for faster remediation On Feb 26 2009, a mass mailer virus was identified internally within a top global enterprise services firm attempting to spread to all addresses within an address book. A code sample was obtained and submitted to VeriSign iDefense Rapid Response team and within several minutes, receipt of the submission was confirmed by phone. Within 3 hours of submission, an VeriSign iDefense Rapid Report was delivered with analysis and remediation strategies that enabled institution of immediate and accurate file restrictions and updated AV signatures to thwart the threat of the Waledec Mass Email Worm. #4b Incident Response 2 of 2: Extend your team for faster remediation In November 2008, an VeriSign iDefense retail client was confronted with a critical attack whereby a user reported that they were having problems on one of the company websites—home page of a sub-site had been corrupted. A pop-up would appear that requests the user to purchase a fake antivirus product that once installed, the victim is asked to purchase the full version for $50 and redirection takes over the entire browser resulting in a useless fake page. The client quickly reached out to the VeriSign iDefense Rapid Response team as they were having some problems reproducing the error. VeriSign iDefense immediately identified and narrowed down the problem to a malicious advertisement fed into the website through advertising partners, not through a direct attack. The client was notified that all that was required was the removal of the advertisement to mitigate the attack. From the time the incident was reported to VeriSign iDefense to takedown of the ad was less than two hours. The biggest value to client was that with such a quick turnaround, not a single bit of negative press was released about the attack, which could have been detrimental during the holiday season.
Patch Management Assistance: Save time and money A top 10 enterprise services firm saved about $5M by using VeriSign iDefense Vulnerability Aggregation Team analysis to decide - correctly - not to install three out-of-cycle patches… even though other security organizations were recommending them Fraud Response: Gain visibility and confidence A top 10 US bank credential recovery, supported by VeriSign iDefense with additional malcode analysis, lead to the identification and cancelation of a fraudulent online bank transaction in the amount of $82K. Global Threat Awareness: Protect even against unknown threats On April 22nd, Finjan discovered a botnet with 1.9M users that had been in use since February and was hosted in the Ukraine and allowing malware to bypassed 90% of common anti-virus software. Nothing about this botnet stood out before the event since it appeared to be a completely average bot. However, the unnamed botnet was previously seen by VeriSign iDefense allowing all VeriSign iDefense customers to be protected against the threat months earlier. Incident Response: Extend your team for faster remediation On Feb 26 2009, a mass mailer virus was identified internally within a top global enterprise services firm attempting to spread to all addresses within an address book. A code sample was obtained and submitted to VeriSign iDefense Rapid Response team and within several minutes, receipt of the submission was confirmed by phone. Within 3 hours of submission, an VeriSign iDefense Rapid Report was delivered with analysis and remediation strategies that enabled institution of immediate and accurate file restrictions and updated AV signatures to thwart the threat of the Waledec Mass Email Worm. #4b Incident Response 2 of 2: Extend your team for faster remediation In November 2008, an VeriSign iDefense retail client was confronted with a critical attack whereby a user reported that they were having problems on one of the company websites—home page of a sub-site had been corrupted. A pop-up would appear that requests the user to purchase a fake antivirus product that once installed, the victim is asked to purchase the full version for $50 and redirection takes over the entire browser resulting in a useless fake page. The client quickly reached out to the VeriSign iDefense Rapid Response team as they were having some problems reproducing the error. VeriSign iDefense immediately identified and narrowed down the problem to a malicious advertisement fed into the website through advertising partners, not through a direct attack. The client was notified that all that was required was the removal of the advertisement to mitigate the attack. From the time the incident was reported to VeriSign iDefense to takedown of the ad was less than two hours. The biggest value to client was that with such a quick turnaround, not a single bit of negative press was released about the attack, which could have been detrimental during the holiday season.
Patch Management Assistance: Save time and money A top 10 enterprise services firm saved about $5M by using VeriSign iDefense Vulnerability Aggregation Team analysis to decide - correctly - not to install three out-of-cycle patches… even though other security organizations were recommending them Fraud Response: Gain visibility and confidence A top 10 US bank credential recovery, supported by VeriSign iDefense with additional malcode analysis, lead to the identification and cancelation of a fraudulent online bank transaction in the amount of $82K. Global Threat Awareness: Protect even against unknown threats On April 22nd, Finjan discovered a botnet with 1.9M users that had been in use since February and was hosted in the Ukraine and allowing malware to bypassed 90% of common anti-virus software. Nothing about this botnet stood out before the event since it appeared to be a completely average bot. However, the unnamed botnet was previously seen by VeriSign iDefense allowing all VeriSign iDefense customers to be protected against the threat months earlier. Incident Response: Extend your team for faster remediation On Feb 26 2009, a mass mailer virus was identified internally within a top global enterprise services firm attempting to spread to all addresses within an address book. A code sample was obtained and submitted to VeriSign iDefense Rapid Response team and within several minutes, receipt of the submission was confirmed by phone. Within 3 hours of submission, an VeriSign iDefense Rapid Report was delivered with analysis and remediation strategies that enabled institution of immediate and accurate file restrictions and updated AV signatures to thwart the threat of the Waledec Mass Email Worm. #4b Incident Response 2 of 2: Extend your team for faster remediation In November 2008, an VeriSign iDefense retail client was confronted with a critical attack whereby a user reported that they were having problems on one of the company websites—home page of a sub-site had been corrupted. A pop-up would appear that requests the user to purchase a fake antivirus product that once installed, the victim is asked to purchase the full version for $50 and redirection takes over the entire browser resulting in a useless fake page. The client quickly reached out to the VeriSign iDefense Rapid Response team as they were having some problems reproducing the error. VeriSign iDefense immediately identified and narrowed down the problem to a malicious advertisement fed into the website through advertising partners, not through a direct attack. The client was notified that all that was required was the removal of the advertisement to mitigate the attack. From the time the incident was reported to VeriSign iDefense to takedown of the ad was less than two hours. The biggest value to client was that with such a quick turnaround, not a single bit of negative press was released about the attack, which could have been detrimental during the holiday season.
Patch Management Assistance: Save time and money A top 10 enterprise services firm saved about $5M by using VeriSign iDefense Vulnerability Aggregation Team analysis to decide - correctly - not to install three out-of-cycle patches… even though other security organizations were recommending them Fraud Response: Gain visibility and confidence A top 10 US bank credential recovery, supported by VeriSign iDefense with additional malcode analysis, lead to the identification and cancelation of a fraudulent online bank transaction in the amount of $82K. Global Threat Awareness: Protect even against unknown threats On April 22nd, Finjan discovered a botnet with 1.9M users that had been in use since February and was hosted in the Ukraine and allowing malware to bypassed 90% of common anti-virus software. Nothing about this botnet stood out before the event since it appeared to be a completely average bot. However, the unnamed botnet was previously seen by VeriSign iDefense allowing all VeriSign iDefense customers to be protected against the threat months earlier. Incident Response: Extend your team for faster remediation On Feb 26 2009, a mass mailer virus was identified internally within a top global enterprise services firm attempting to spread to all addresses within an address book. A code sample was obtained and submitted to VeriSign iDefense Rapid Response team and within several minutes, receipt of the submission was confirmed by phone. Within 3 hours of submission, an VeriSign iDefense Rapid Report was delivered with analysis and remediation strategies that enabled institution of immediate and accurate file restrictions and updated AV signatures to thwart the threat of the Waledec Mass Email Worm. #4b Incident Response 2 of 2: Extend your team for faster remediation In November 2008, an VeriSign iDefense retail client was confronted with a critical attack whereby a user reported that they were having problems on one of the company websites—home page of a sub-site had been corrupted. A pop-up would appear that requests the user to purchase a fake antivirus product that once installed, the victim is asked to purchase the full version for $50 and redirection takes over the entire browser resulting in a useless fake page. The client quickly reached out to the VeriSign iDefense Rapid Response team as they were having some problems reproducing the error. VeriSign iDefense immediately identified and narrowed down the problem to a malicious advertisement fed into the website through advertising partners, not through a direct attack. The client was notified that all that was required was the removal of the advertisement to mitigate the attack. From the time the incident was reported to VeriSign iDefense to takedown of the ad was less than two hours. The biggest value to client was that with such a quick turnaround, not a single bit of negative press was released about the attack, which could have been detrimental during the holiday season.
Wrap up With VeriSign iDefense, companies have the world’s most experienced multinational network of security experts acting as an extension of their teams and exclusive access to the most in-depth cyber threat intelligence available. This translates into a security strategy that consistently delivers significant return-on-investment through cost savings – with proactive insights on true threats, and the intelligence to avoid false alarms – revenue and reputation protection through improved system and application availability -- through fraud mitigation and response support, etc. –Also emphasized making our customer exec look good, avoid attacks and support customer security teams in working faster, smarter through integration of intelligence, and analyst access… and share knowledge with security teams that results in evolution of security program maturity. What Next Steps do we want? Manage security risk. Not just threats. Cyber attacks can, and do, destroy companies, and the volume and severity of threats is explosive. Companies can’t keep up. VeriSign iDefense’s global cyber-intelligence team puts you in control, with proactive, accurate intelligence – and informed recommendations for threat mitigation. Basic ‘threat feeds’ don’t come close. Know which threats matter most. (And which ones don’t). Accuracy, detail and context are what make intelligence valuable. VeriSign iDefense delivers the most in-depth analysis of the complete threat landscape, so your team can focus on real threats, avoiding daily ‘emergencies’ and costly fire-drills. Stay 100+ days ahead of threats. The only way to protect your network is to spot threats early – and know which ones pose real risk. VeriSign iDefense is consistently 100 days ahead of everyone else, with deep analysis, accurate and actionable insight, and customized threat intelligence. This time advantage means you’re secure, when others are spending millions to fix damage that could have been prevented. Strengthen your security team VeriSign iDefense puts 60 of the world’s top security experts on your team, delivering exclusive research that goes far beyond publicly known vulnerabilities. While you watch your perimeter, we watch the world – bringing you actionable threat intelligence to keep your company safe. Trust the industry’s only truly vendor-independent provider of global cyber threat intelligence Hundreds of companies rely on VeriSign iDefense as their No. 1 trusted security partner, including 20 of the top 30 banks . As part of this select group, you gain access to the world’s best strategies for risk management and cyber intelligence.
Growth of threats and exposure/risk has exponentially increase as organizations move beyond the enterprise to be competitive making information, data, application available to customers, partners and mobile workforce. Threats are growing in number as more critical data is being pushed beyond the enterprise and through online. With the addition of new attack vectors that are on not just seen on the horizon, they are real and closer… This has created-- The Perfect Storm Attacks are threatening your company’s defenses every hour, putting you at increased risk Risk in terms of multi-million-dollar costs: Loss of revenue And the devastating loss of reputation, Customer trust Market share
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx This slide represents what VeriSign iDefense can do for its customers when a perceived threat is not real. This particular threat came from the media scare about what the Conficker Worm might do on 1 April, April Fool’s Day, of this year. VeriSign iDefense began tracking the worm when MS annouced the OOB patch back in October 2008 and reverse engineered all of the variants for the next few months. We knew exactly what this worm was doing and when it would do it. By january, we even published a prediction algorithm that accurately predicted what domains Conficker would occupy as it spread. And, we published a detection tool to our customers so that they could see if they were infected. In late Mar, the media began reporting that the Internet would melt down because Conficker was going to do something drastic on 1 Apr. We knew by reverse engineering the code that what OCnficker was going to do on 1 Apr was massively update itself with new functionality but that nobody on the internet would be affected. The work could still be used for nefarious purposes, but the 1 Apr update was just an upgrade to the software. All of the VeriSign iDefense customers new this situation well before the media began to hype it and could talk their leadership down form the ledge because of the NPR story they heard that morning.
Here are the tangible benefits (business, bandwidth, financial value, knowledge sharing/improved security program management) Should this be where we put the key stats mentioned above? With VeriSign iDefense, companies have the world’s most experienced multinational network of security experts acting as an extension of their teams and exclusive access to the most in-depth cyber threat intelligence available. This translates into a security strategy that consistently delivers substantial cost savings – with proactive insights on true threats, the intelligence to avoid false alarms and revenue protection through improved system and application availability . reputation protection through fraud mitigation and response support,
Slides that walk through teams and focus Add visibility of VRSN Global Infrastructure
Not sure if this is where we should place this page… Research/Report Packages—more info to follow Business Application (PM, IR, Fraud Response, Global Threat Awareness) Integrated Intelligence: Integrating deep and analytical research from VeriSign iDefense brings value to the landscape of security management tools and platforms
Get crucial new insights within days – finding unexpected threats and shoring up looming vulnerabilities Know about upcoming attacks that matter to you -- and have an action plan in place – for zero exposure Gain new control over real threats, empty scares and scarce budget – with targeted knowledge that filters out the needles from the haystacks Custom recommendations for action – and the confidence that each is 100% vendor-neutral Extend your team with the resources of the world’s savviest security users – and more than 60 dedicated specialists watching your network Get the peace of mind that comes from being proactive – finally. And transform how your C-team thinks about security