Scalar Security Roadshow April 2015
1 like1,143 views
In April 2015, Scalar held events in Toronto and Vancouver showcasing advanced security defense technologies, emphasizing three key areas: endpoint, application, and network security. The document discusses the importance of threats primarily from web and email channels and highlights technologies like endpoint isolation and application security testing to mitigate breaches. It underscores the necessity for continuous security assessments and provides insights into the benefits of their service offerings, urging organizations to enhance their cybersecurity posture.
Scalar Security Roadshow April 2015
- 2. Earlier this month, we had over 150 people join us in Toronto and Vancouver as our technical team demonstrated some of the best security defence technologies on the market today. We focused on defence in three key areas: ENDPOINT APPLICATION NETWORK
- 3. WHY? We studied the Canadian market and…
- 4. Believe they are winning the Cyber Security war Suffered a breach leading to loss or disclosure of sensitive data Average annual number of attacks Average cost to address a security breach 41% 46% 34 $200,000
- 5. High performing organization have 25% less breaches by… DEFENDING
- 8. WHY BROMIUM? Open anything, from anyone, anywhere…
- 9. ANY CO. PLC THEM vs US
- 10. Prioritize Focus The key security threat channels are Web and Email. The key threat vectors are web- links and downloaded files. Your security posture is significantly improved by negating the key security issues of users clicking malicious web-links and opening infected attachments. &
- 11. Endpoint Isolation Technology Untrusted user tasks and any malware are isolated in a super-efficient micro-VM. All micro-VMs destroyed, eliminating all traces of malware with them.
- 12. Interested in learning more about ? Contact us here.
- 14. WHY WHITEHAT? Application security testing leader with over 30,000 sites under management
- 15. • Integrates into your development process • Directly connects to source code repository • Designed for Agile • Your code stays onsite • Verified vulnerabilities avoid false positives • Assesses partial code, as often as needed SAST – “Sentinel Source” Static Testing
- 16. • Assesses both iOS and Android applications • Tests native mobile code and server-side APIs • Identifies critical vulnerabilities including OWASP Mobile Top 10 • Verified findings: • Zero false positives reduce overhead for developers • Results prioritized by risk • Covers traffic analysis between client and server-side Sentinel Mobile – Secure Mobile Devices
- 17. •Non-intrusive, non-disruptive, 24x7 coverage •Meets and exceeds PCI 6.5/6.6 requirements •Full service and support included in all offerings •Unlimited retests, integration support, and remediation guidance at no additional charge •Persistent, consistent testing and results DAST – Dynamic Application Testing
- 18. Application Security Lifecycle Integrated Application Security Lifecycle Software Development Lifecycle SAST
- 19. Continuous Testing • Full SDLC coverage: training, development, QA, and production • Stop using Tiger teams! Expert hands-on guidance from the Threat Research Center • 100% verified vulnerabilities, 0 false positives • 150+ security engineers available by phone/email/WebEx Retest, Retest, Retest • Trending of vulnerabilities across time and continuous assessment of deployment How to Remediate Vulnerabilities
- 20. Baseline Edition (Static Webpages) • Unauthenticated, Verified Results Standard Edition (Directed/Opportunistic) • Custom configured logins and multi-step sequences • Comprehensive coverage for technical vulnerabilities Sentinel PE (Fully Targeted / High Risk) • Ideal for high impact sites with sensitive user and financial information • Technical and business logic vulnerabilities, complete WASC v2 How Deep to Test?
- 21. • Web & PDF Based • Bi-Directional XML API • Integration with popular technologies like Jira, Archer, F5 & Imperva Flexible Reporting
- 22. Interested in learning more about ? Contact us here.
- 24. WHY LOGRHYTHM? Global leader in security intelligence and analytics empowering organizations to rapidly detect, respond, and neutralize cyber threats.
- 25. Retail Cyber Crime Module • New processes • New authentications • New FIM access events • Any FIM modification event • Any DLD activity • New common event • New network activity Use Case: Detect compromised back office systems Details: Identify suspicious changes on back office systems and the network activity they generate AIE Rules look for:
- 26. Data Classification LogRhythm not only structures incoming data, but adds contextual information such as: • Classification • Common Event • Risk Score Reduces time required for analysis and ensure query results are complete Provides deep intelligence on more than 600 different systems, devices, apps, databases, etc… • 20-30 added each quarter
- 27. Scenario Building Blocks Log Observed Log Not Observed Log Not Observed Scheduled Threshold Observed Threshold Not Observed Threshold Not Observed Scheduled Unique Value Observed Unique Value Not Observed Unique Value Not Observed Scheduled Whitelist Trend Statistical
- 28. The Platform for Security IntelligenceInput Analytics Output
- 29. Privileged User Monitoring • New admin activity • Mass object deletion • Users added to privileged group • Recently disabled privileged account activity Use Case: Detect a rogue administrator account Details: Identify when a privileged user is abusing authority, indicating either insider threat activity or compromised credentials AIE Rules look for:
- 30. Analytics Modules • Industry experts • Machine data intelligence • Security compliance • Advanced Threat Research Rapid-Time to-Value Knowledge • Embedded expertise • Ready-to-use content • Frequent, automatic updates • Knowledge aligned to organizational goals • Quick benefit recognition • Ongoing additional value
- 31. Interested in learning more about ? Contact us here.
- 32. Is your company High Performing? Find out in our 2015 Security Study . Download here.