Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

Published byFelicia Bishop Modified over 7 years ago

Similar presentations

Presentation on theme: "Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only."— Presentation transcript:

1 Tripwire Threat Intelligence Integrations

2 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only 51% of AV scanners detected new malware samples Lastline Labs 85% of breaches could be prevented by remediating known vulnerabilities US CERT Percentage of unauthorized data access was through compromised servers Verizon DBIR

3 3 Enterprise Cyberthreat Gap Response Gap Time between discovery to remediation to limit damage Detection Gap Time between actual breach and discovery Prevention Gap Time to put preventative measures in place to avoid future attacks Have we been breached? Can we avoid this from happening again? How bad is it? DETECTION GAP RESPONSE GAP PREVENTION GAP

4 4 Challenge to Close the Gap Advanced attacks—harder to detect and faster compromises – do I have an advanced threat? Limited context – need high-confidence, accurate information – where is the threat? is it on a critical system? Inadequate resources/time – need better prioritization – what is at risk? what do I fix first?

5 5 Tripwire Cyberthreat Security Portfolio Detecting indicators of breach, compromise, and vulnerability

6 6 Tripwire Dynamically Integrates Threat Intelligence Enabling zero-day and advanced threat detection and response Detect, analyze and report zero-day exploits and advanced persistent threats Automatic, immediate analysis of suspicious files and malware Complete forensics about all your secured assets Close the Detection Gap Close the Prevention Gap Automatically block files identified as malicious Control, monitor and adjust configurations Close the Response Gap Prioritize alerts and response by business context

7 7 Quickly Identify Potential Threats on High-Risk Assets Customer Use Case Identify suspicious files on critical assets Send files to partner for analysis Update controls based on identified threats !

8 8 Automated Threat Monitoring to Reduce Attack Surface Automatically download Indicators of Compromise Apply Tripwire policies to monitor for IOCs Drive workflow for remediation IOCs Customer Use Case

9 9 Quickly Detect & Respond to Advanced Threats Do I have an advanced threat? Real-time detection with advanced security intelligence High-confidence source if asset is compromised Empowering instant threat analytics and response Where is the threat? Is it on a critical system? What do I fix first? Focus on high-value assets based on business context Trigger rapid investigation based on detection & threat intel Targeted attack protection through Cybercrime Controls How can I avoid this from happening again? Continuous discovery, profiling, vulnerability and configuration assessment Control, Monitor and Adjust - configurations and policies based on new threat intelligence and new IOCs Harden configurations and adjust policies to reduce threat surface

10 THANK YOU!

Download ppt "Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only."

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
Security Life Cycle for Advanced Threats

Security Life Cycle for Advanced Threats
The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
Real-time Security Analytics: Automating the Discovery, Understanding, and Action Against Advanced Security Threats Neal Hartsell, Vice President Marketing.

Real-time Security Analytics: Automating the Discovery, Understanding, and Action Against Advanced Security Threats Neal Hartsell, Vice President Marketing.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
David Flournoy Bit9 Mid-Atlantic Regional Manager

David Flournoy Bit9 Mid-Atlantic Regional Manager
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Boost your network security with NETASQ Vulnerability Manager.

Boost your network security with NETASQ Vulnerability Manager.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.

© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
1 Figure 1-17: Security Management Security is a Primarily a Management Issue, not a Technology Issue Top-to-Bottom Commitment  Top-management commitment.

1 Figure 1-17: Security Management Security is a Primarily a Management Issue, not a Technology Issue Top-to-Bottom Commitment  Top-management commitment.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

Similar presentations

Ads by Google