Presentation is loading. Please wait.

Presentation is loading. Please wait.

Threat Monitoring Center

Published byHollie Carpenter Modified over 6 years ago

Similar presentations

Presentation on theme: "Threat Monitoring Center"— Presentation transcript:

1 Threat Monitoring Center
Focus on quick deployment of analysis capability for one full time person First deployment after two development iterations (4 weeks) Phase I analysis capabilities will be largely emergent, back-driving requirements Technology requirements will change rapidly over first 6 months as new use cases are learned TMC will be hand built and replicated, one for HBGary and one for HBGary Federal

2 Partnership Feed Agreements
Intelligence Feed Partnership Feed Agreements Feed Processor ~ $8K machines Meta Data $10K / yr Digital DNA

3 Additional Feed Sources
Intelligence Feed Additional Feed Sources Feed Processor Many more…. Meta Data Digital DNA

4 AV Updates as Feed Source
Intelligence Feed AV Updates as Feed Source Feed Processor avast! Free 5.0 AVG Anti-Virus 9.0 AVIRA AntiVir Premium 9 BitDefender Antivirus 2010 eScan Anti-Virus 10 ESET NOD32 Anti-Virus 4.0 F-Secure Anti-Virus 2010 G DATA AntiVirus 2010 Kaspersky Anti-Virus 2010 Kingsoft Antivirus 2009+ McAfee VirusScan Plus 2010 Microsoft Security Essentials 1.0 Norman Antivirus & Anti-Spyware 7.30 Sophos Anti-Virus 9.0 Symantec Norton Anti-Virus 2010 TrustPort Antivirus 2010 ~ $8K machines Meta Data Digital DNA

5 From raw data to intelligence
Malware Analysis Feed Processor Responder Active Defense Data Integration Meta Data Link Analysis $12K Maltego primary Dev free 4g Digital DNA Palantir i2 Analyst Workstation $4K

6 Ops path Malware Attack Tracking Digital DNA™ Active Threat Tracking
Mr. A Mr. B Mr. C Malware Attack Tracking Digital DNA™ Active Threat Tracking Detect relevant attacks in progress. Determine the scope of the attack. Focus is placed on Botnet / Web / Spam Distribution systems Potentially targeted spear/whalefishing Internal network infections at customer sites Development idioms are fingerprinted. Malware is classified into attribution domains. Special attention is placed on: Specialized attacks Targeted attacks Newly emergent methods Determine the person(s) operating the attack, and their intent: Leasing Botnet / Spam Financial Fraud Identity Theft Pump and Dump Targeted Threat & Documents Theft Intellectual Property Theft Deeper penetration

7 Cyber Command Integration
Malware Attack Tracking Digital DNA™ Active Threat Tracking Meta data from HBGary feed HBGary Global Threat Genome HBGary Threat Tracking Data Malware feed from internal sources Customer Genome Customer maintained threat tracking data Palantir Front End Feed: blacklist Alert: newly emergent method Alert: targeted threat Alert: known intent Alert: expected attack

Download ppt "Threat Monitoring Center"

Similar presentations

Solutions for businesses. Keep It Secure Contents Protection objectives Network secured Supplementary products Unique.

Solutions for businesses. Keep It Secure Contents Protection objectives Network secured Supplementary products Unique.
Warren Toomey North Coast TAFE Port Macquarie campus

Warren Toomey North Coast TAFE Port Macquarie campus
By Joshua T. I. Towers. 13.3 $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.

By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Barracuda Spam & Virus Firewall. Introduction to the Barracuda Spam & Virus Firewall Complete email server protection –Spam Blocking (95+ percent) Extremely.

Barracuda Spam & Virus Firewall. Introduction to the Barracuda Spam & Virus Firewall Complete server protection –Spam Blocking (95+ percent) Extremely.
Towards Extending the Antivirus Capability to Scan Network Traffic Mohammed I. Al-Saleh Jordan University of Science and Technology.

Towards Extending the Antivirus Capability to Scan Network Traffic Mohammed I. Al-Saleh Jordan University of Science and Technology.
1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.
EICAR 2009, 12 May 2009 Checkvir Realtime Anti-Malware Testing and Certification Dr. Ferenc Leitold, Veszprog Ltd.

EICAR 2009, 12 May 2009 Checkvir Realtime Anti-Malware Testing and Certification Dr. Ferenc Leitold, Veszprog Ltd.
TrustPort Net Gateway Web traffic protection. WWW.TRUSTPORT.COM Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
Digital Automata Unit 7-1 Managing the Digital Enterprise By Professor Michael Rappa.

Digital Automata Unit 7-1 Managing the Digital Enterprise By Professor Michael Rappa.
Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.

Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.
Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.

Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.
KASPERSKY ENDPOINT SECURITY

KASPERSKY ENDPOINT SECURITY
Computer viruses The effects of a virus are…  Slow loadings  Crashing  Not having control over the computer  Deleting documents.

Computer viruses The effects of a virus are…  Slow loadings  Crashing  Not having control over the computer  Deleting documents.
© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted Email & Web Traffic at the Perimeter.

© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted & Web Traffic at the Perimeter.
Computer Skills and Applications Computer Security.

Computer Skills and Applications Computer Security.
What’s new in SEP 12.1.5 Presenter’s Name Here Presenter’s Title Here.

What’s new in SEP Presenter’s Name Here Presenter’s Title Here.
Phishing with Worms Twenty Years of Digital Threats—What Have We Learned and Where Are We Now?

Phishing with Worms Twenty Years of Digital Threats—What Have We Learned and Where Are We Now?

Similar presentations

Ads by Google