Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sky Advanced Threat Prevention

Published byMadeleine Marilyn Greer Modified over 8 years ago

Similar presentations

Presentation on theme: "Sky Advanced Threat Prevention"— Presentation transcript:

1 Sky Advanced Threat Prevention

2 Agenda Industry Trends Sky Advanced Threat Prevention Description

3 Industry Trends

4 54% 60% 75% $11M Market Situation
of the data breaches were related to compromised servers 60% of breaches were took weeks or months to discover In today’s security market environment, these statistics offer a telling story of the need for security. Consider: 54% of the data breaches were related to compromised servers Where critical data assets reside 60% of breaches took weeks or months to discover Meaning attackers can continue compromising your business and efforts without your knowing 75% of attacks are driven by financial motives No longer are attackers only seeking notoriety, they are seeking to make money and these groups have $11M is the average cost to a company due to a data breach This loss can certainly set companies back and in some cases even bankrupt them Sources: the first three stats are form the Verizon 2013 Data Breach Investigations Report the fourth stat is from the Ponemon study sponsored by Juniper 75% of attacks are driven by financial motives $11M average cost due to data breach

5 Market Situation Hacking is a multinational enterprise
Security incident every 7 minutes Stats from the Verizon 2015 Data Breach Investigation Report Cost increasing per security incident $ Data breaches – 6 successful per day Source: Verizon 2015 Data Breach Investigation Report.

6 Sky Advanced Threat Prevention Description

7 Sky Advanced Threat Prevention
Advanced Anti-malware Service in the Cloud Cloud-based Advanced Anti-malware Service With SRX Series Delivers protection against sophisticated “zero-day” threats Watches ingress/egress traffic for malware and indicators of compromise Delivers deep inspection, actionable reporting, inline malware blocking Advanced Threat Prevention Integration with SRX enables detection and prevention of threats Exceptional efficacy against malware via proprietary deception techniques Actionable output (compromised host auto-quarantine, rich reporting) Augments sandboxing with additional analysis to detect evasive malware Cooperative defense –all customers benefit from Juniper global footprint Advanced Threat Prevention is a new cloud-based advanced Anti-Malware service for the SRX Firewall that is scheduled for release in Q4’15. Advanced Threat Prevention will delivers protection against sophisticated “0-day” threats and it does this by watches both ingress and egress traffic for malware and indicators of compromise. The Advanced Threat Prevention service delivers deep inspection – scanning file contents for signs of malicious intent – and actionable reporting. Our goal is to not just report on malware that came across the perimeter, but to offer inline blocking when possible as well. There are three key differentiators for Advanced Threat Prevention: First, Advanced Threat Prevention’s integration with the SRX that allows both detection and prevention of threats Second, we are making a big investment in ensuring that our efficacy against sophisticated malware is world class. To accomplish this, we will be leveraging some Juniper techniques that utilize “deception” to trick malware into identifying itself and, therefore, raising our confidence in alerts that are generated. Much like security intelligence, minimizing false positives is essential as we incorporate this type of technology into an inline device like the SRX. Finally, we will leverage our SecIntel service to push actionable intelligence of compromised hosts to the SRX so that customers can implement quarantine policies when infected clients are detected on the network.

8 Sky Advanced Threat Prevention
Exploit (hacking) Attacks Multiple Attack Vectors to Defend Against Phishing Attacks install Trojans Your Network Off Network Walk-in Threats Infected System Command & Control Documents Containing exploits

9 Sky Advanced Threat Prevention
Solution Overview SRX extracts potentially malicious objects and files SRX sends potentially malicious content to Advanced Threat Prevention cloud Advanced Threat Prevention cloud performs static and dynamic analysis Advanced Threat Prevention cloud provides malware results and C&C server data to the SRX SRX blocks known malicious file downloads and outbound C&C traffic Sky Advanced Threat Prevention Cloud Sandbox w/Deception Static Analysis ATP Juniper Cloud Customer Customer SRX

10 Sky Advanced Threat Prevention Detail
Data Feed Distribution (Spotlight Secure) C&C Feed GeoIP Known C&C Servers Infected Host Feed SRX Malware Inspection Content (File) Extraction on SRX Inspection Pipeline Manager Cache AV and Static Analysis Dynamic Analysis (Sandbox) Fast Verdicts for In-line Blocking Events (C&C “Hits”) Host Analyzer Identified Malware Log Hits Indicators of Compromise Management and Configuration Service Portal Licensing & Entitlement Config & Mgmnt API Reporting API Admin

11 Sky Advanced Threat Prevention Cloud
Machine Learning Verdicts determined at every level Additive verdict determination ensures accuracy Over 50 deception techniques employed to trick malware into exposing itself Cache Inline Blocking Multiple Anti-Virus Static Analysis Sandbox Behavioral Analysis Deception Potentially malicious files Cloud Infrastructure

12 Freemium Model – Premium Model
Limited file types (EXE) No guarantee on when files will reach deception environment (premium customers are highest priority). Attach & Learn Full file support (adds Office docs, PDF, Android applications, ZIP archives, etc.) Auto-quarantine service to automatically stop outbound traffic from compromised hosts inside network. Full detailed reports on dynamic analysis. Innovate & Expand

13 Thank You

Download ppt "Sky Advanced Threat Prevention"

Similar presentations

Worry-Free Business Security 7

Worry-Free Business Security 7
1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
Nathan Labadie Systems Engineer, US-Central FireEye

Nathan Labadie Systems Engineer, US-Central FireEye
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 FireEye Overview John Bolger Manager Channels, US-Central FireEye.

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 FireEye Overview John Bolger Manager Channels, US-Central FireEye.
Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel

Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.

Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Department Of Computer Engineering

Department Of Computer Engineering
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.

Similar presentations

Ads by Google