Presentation is loading. Please wait.

Presentation is loading. Please wait.

Real-time protection for web sites and web apps against ATTACKS

Published byElvin Melton Modified over 6 years ago

Similar presentations

Presentation on theme: "Real-time protection for web sites and web apps against ATTACKS"— Presentation transcript:

1 Real-time protection for web sites and web apps against ATTACKS
Uwe Nelkel Security Sales Lead EMEA Advanced Technologies Team Juniper Networks April 9th 2013

2 The Customer Problem 73% 53% 60%
Of security professionals say current next-generation solutions don’t address the problem Companies hacked through web applications in past 24 months Of attacks were external, targeting the data center Signature and IP/reputation blocking are inadequate Web application security solutions not solving the problem Continued DDoS attacks at scale not being stopped No intelligence sharing Ongoing confusion around securing virtual infrastructure Sources: KRC Research and Juniper Mobile Threat Center

3 Agenda New DataCenter Security Junos WebApp Secure (formerly Mykonos)
Junos Spotlight Secure Global Attacker Database Junos DDoS Secure Junos SRX Secure

4 Today’s Attackers Script Kiddie Scripts Library Attacks IP Scan
Generic scripts and tools against one site. Scripts Library Attacks Script run against multiple sites seeking a specific vulnerability. IP Scan Targeted Scans Targets a specific site for any vulnerability. Targeted Scan Advanced Persistent Threat (APT) JAN JUNE DEC Sophisticated, targeted attack (APT). Low and slow to avoid detection. Human Hacker Script loaded onto a bot network to carry out attack. Botnet Advanced Persistent Threat (APT) JAN JUNE DEC Sophisticated, targeted attack (APT). Low and slow to avoid detection. Human Hacker

5 The Cost Of An Attack Theft Revenue Reputation
Ponemon Institute| Average breach costs $214 per record stolen Sony Stolen Records | 100M Theft Revenue Reputation Sony Direct Costs | $171M 23 day network closure Lost customers Security improvements Sony Lawsuits| $1-2B

6 Traditional Web Security Systems
The 5 Phases Of An Attack Traditional Web Security Systems Automate 4 Attack 3 Mainte-nance 5 Script 2 WebApp Secure Reconnaissance 1

7 The WebApp Secure Advantage
Intrusion Deception Deception Points - detect threats without false positives. Detect Track individual devices Track Understand attacker’s capabilities and intent Profile Adaptive responses, including block, warn and deceive. Respond

8 Detection by Deception
Tar Traps Query String Parameters Network Perimeter WebApp Secure Hidden Input Fields Client Firewall Database App Server Server Configuration

9 Track Software and Script Attacks
Track Attackers At The Device Track IP Address Track Browser Attacks Persistent Token Capacity to persist in all browsers including various privacy control features. Track Software and Script Attacks Fingerprinting HTTP communications.

10 Every attacker assigned a name
Smart Profile Of An Attacker Every attacker assigned a name Attacker threat level Incident history

11 Respond and Deceive  Warn attacker Block user Force CAPTCHA
WebApp Secure Responses Human Hacker Botnet Targeted Scan IP Scan Scripts &Tools Exploits Warn attacker Block user Force CAPTCHA Slow connection Simulate broken application Force log-out All responses are available for any type of threat. Highlighted responses are most appropriate for each type of threat.

12 Security Administration
Real-time Web-based console Reporting Engine Integrates into SIEM tools

13 Unified Protection Across Platforms
Deployment Models Connective Tissue Internal App Server Database WebApp Secure WebApp Secure Virtualized Cloud WebApp Secure

14 Spotlight Secure Attacker Database
Juniper’s Spotlight Secure global attacker database is a one-of-a-kind, cloud-based security solution that identifies specific attackers and delivers that intelligence to Junos security products WebApp Secure DDoS Secure Spotlight Attacker Database WebApp Secure Spotlight Attacker Database DDoS Secure SRX Secure SRX Secure

15 Spotlight Secure Attacker Database
Spotlight Attacker Database What it is Aggregates hacker profile information from global sources in a cloud-based database Distributes aggregated hacker profile information to global subscribers Why it’s different High accuracy zero day attacker detection and threat mitigation Only solution to offer device-level hacker profiling service Can block a single device/attacker WebApp Secure DDoS Secure Spotlight Attacker Database WebApp Secure DDoS Secure SRX Secure SRX Secure

16 Spotlight Secure Attacker Database
Spotlight Attacker Database WebApp Secure DDoS Secure WebApp Secure What it is Continuously monitors web apps to stop hackers and botnets Collects forensic data on hacker device, location, and methods Continuously updates on-board hacker profile information Why it’s different Accurate threat mitigation with near-zero false positives Hacker profile sharing for global protection surface Flexible deployment (i.e., appliance, VM, AWS) Spotlight Attacker Database DDoS Secure SRX Secure SRX Secure

17 Spotlight Secure Attacker Database
Spotlight Attacker Database WebApp Secure DDoS Secure WebApp Secure DDoS Secure What it is Large-scale DDoS attack mitigation Slow and low DDoS attack mitigation Zero-day protection via combination of behavioral and rules-based detection Why it’s different Broadest protection with deployment ease Industry leading performance – 40Gb throughput Ease of use through automated updating Flexible deployment (i.e., 1U appliance, VM) Spotlight Attacker Database SRX Secure SRX Secure

18 Spotlight Secure Attacker Database
Spotlight Attacker Database WebApp Secure DDoS Secure WebApp Secure DDoS Secure SRX Secure What it is Provides network security services WebApp Secure communicates attacker information to SRX upon detection of attempted breach SRX uses WebApp Secure intelligence about ongoing attack to block offending IP(s) Why it’s different Only security provider to leverage hacker profile intelligence in network firewalling Provides large-scale web attack mitigation and web DDoS prevention Extends existing SRX capabilities with web DDoS mitigation Spotlight Attacker Database SRX Secure

19 THANK YOU! 19

Download ppt "Real-time protection for web sites and web apps against ATTACKS"

Similar presentations

Network Systems Sales LLC

Network Systems Sales LLC
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Next Generation Monitoring in Cisco Security Cloud Leon De Jager and Nitin.

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Next Generation Monitoring in Cisco Security Cloud Leon De Jager and Nitin.
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Check Point DDoS Protector June 2012.

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Check Point DDoS Protector June 2012.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
Department Of Computer Engineering

Department Of Computer Engineering
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Imperva Total Application Security Idan Soen, CISSP Security Engineer SecureSphere – The First Dynamic Profiling Firewall Idan Soen, CISSP Security Engineer.

Imperva Total Application Security Idan Soen, CISSP Security Engineer SecureSphere – The First Dynamic Profiling Firewall Idan Soen, CISSP Security Engineer.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
Web Application Firewall (WAF) RSA ® Conference 2013.

Web Application Firewall (WAF) RSA ® Conference 2013.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C97-721796-00.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

Similar presentations

Ads by Google