Presentation is loading. Please wait.

Presentation is loading. Please wait.

Winning with Check point

Published byCaroline Skinner Modified over 8 years ago

Similar presentations

Presentation on theme: "Winning with Check point"— Presentation transcript:

1 Winning with Check point
Mobile Threat Prevention

2 Agenda Mobile Threats 101 The Check Point Advantage
Mobile Threat Prevention Competitive Landscape [Protected] Non-confidential content

3 Consumerization of IT Enterprise Systems Consumer Services
[Protected] Non-confidential content

4 Rapidly Expanding Mobile Threats
MOBILE THREATS are ESCALATING in frequency and sophistication EVERY YEAR 11.6 million mobile devices infected2 2014 2007 First iPhone 2008 First Android Spyware Ransomware 2012 2010 2005 First mobile virus1 Script: The first mobile Virus, the CABIR worm appeared just ten years ago. Today, there are more than 11.6 million mobile devices infected with malware. The explosion in mobile malware came after the introduction of the first iPhone and Android devices. Mobile threats continue to escalate in frequency and sophistication every year. As more and more people adopt mobile technology for business and personal use, organizations are left struggling to keep up with the security risks associated with increased mobile device use. Additional Information: The first mobile virus Cabir appeared in 2004 (Some say "Timofonica“ was the first in 2000, but most sources site the 2004 date). this is a worm, targeted Symbian OS, spreading via Bluetooth between devices that are close to each other and accept a Bluetooth connection Sources: Symantec, “A Brief History of Mobile Malware”, February 2014 and Kindsight Security Labs Malware Report, 2013 Root exploits Banking malware 2004 1st malware for Android and iOS SMS Trojans CABIR worm, Infecting Symbian OS via Bluetooth connection 1Source: Symantec, “A Brief History of Mobile Malware” February 2014 2Source: Kindsight Security Labs Malware Report 2013 [Restricted] ONLY for designated groups and individuals ©2014 Check Point Software Technologies Ltd

5 Malware & MRATS Mobile Threats 101 Network Attacks Exploits

6 WHEN CYBERCRIMINALS GET IN WHAT’S THE WORST THAT COULD HAPPEN?
Extract Information (app data, contact lists, etc.) Track Device Location (follow comings and goings) Turn on the Microphone (eavesdrop into conversations) Send and SMS Messages (impersonate the user) Turn on the Camera (look around, steal images) Change PIN and Lock Device (hold device for ransom)

7 Agenda Mobile Threats 101 The Check Point Advantage
Mobile Threat Prevention Competitive Landscape [Protected] Non-confidential content

8 The Challenge Unknown, Targeted & 0day Cyber Threats
(Missing!) Advanced Threat Detection & Mitigation Static Policy Enforcement Data Leakage Prevention Mobile Device Management Secure Containers & Wrappers Protection Against Known Threats Anti-Virus, App Reputation

9 Comprehensive Mobile Threat Prevention
Devices Apps Networks Mobile Threat Prevention Advanced Threat Prevention Visibility & Intelligence Adaptive Risk Mitigation

10 Check Point MTP Industry’s best catch-rate
UNKNOWN MALWARE IN MOBILE APPLICATION 100 90 80 70 60 50 40 30 20 10 99 88 21 71 CHECK POINT FIREEYE Palo Alto Networks AVG LOOKOUT Source: Lacoon competitive benchmark 2015 %

11 Delivering Best-in-Class Threat Prevention for All Mobile Devices
Behavioral Risk Engine 2 Risk Score 3 Active Agent 1 Real-Time Intelligence and Control SIEM Integration 4 MDM/EMM Integration On-Device Protection & Mitigation Risk Based Network Protection How it Works: 1 - Agent runs in background sending risk data to BRE 2 – BRE Analyzes device, application and network activities detecting attacks 3 – BRE assigns real-time risk score identifying threat level 4 - Immediate on-device and network remediation 5 - Dynamic policy adjustments via MDM/EMM system How it Works 1 Agent runs in background; sends data to Behavioral Risk Engine Analyzes device, application and network detecting attacks Assigns real-time risk score identifying threat level Immediate on-device, MDM and network remediation 2 3 4

12 Threat Technologies Advanced App Analysis Network Anomaly Detection
Sandboxing (Emulation) Advanced Static Code Analysis Uncovers new malware and targeted exploits Network Anomaly Detection Wi-Fi Man-in- the-Middle (MitM) attacks Evasive botnets and time bomb malware Host Threat Analysis Malicious Configurations Exploits and file system manipulation Threat Framework Multi-dimensional Risk/Trust assessments Accurate risk classifications to effectively mitigate risk

13 Agenda Mobile Threats 101 The Check Point Advantage
Mobile Threat Prevention Competitive Landscape [Protected] Non-confidential content

14 Competitive Analysis ✓ Partial Insertion Point Malware
Network & Exploits Network Application based Threats Partial Network & OS based Threats Vulnerability Management Multi-Platform Adaptive Mitigation - Confidential and Proprietary -

15 Lookout Enterprise (SF based, Employees: ~300, $132M funding)
Description Consumer AV trying to get into Enterprise mobile protection AV + backup + device wipe Capabilities Signature-based AV, Reputation Weaknesses Only detects known signatures No App behavior detection, no-advanced detection and network/MitM detection capabilities Limited ability to detect or protect against iOS attacks No Active risk-based mitigation option Not a mature enterprise App: limited dashboard, enterprise integration (MDM, SIEM) Website zimperium.com Stage and company info Startup (Israeli R&D, management is in SV).  Run by: Avraham Zuk (CEO) Backed by: Sierra Ventures (Series A - $8M) Advisors: Kevin Mitnick Competing Product zIPS + zConsole Value Proposition zIPS - intrusion prevention system for Android devices.  Main use-cases Protection of BYOD devices from MitM attacks and MitM attacks on corporate WiFis Technology Protects from MitM attacks, exploits and also profiles mobile applications. The technology is mainly client based threat detection (i.e. the detection is done on the device) with a web console (zConsole) available for the enterprise. Includes the following modules within their Android application: MitM detection within rogue-wifi-hotspot, mainly when there is ARP poising on the WiFi Detection of exploits by profiling the processes on the device - very limited in terms of detection capabilities (can mainly detect very old exploits) Profiling applications on the device based on battery and logs on device using ML (Machine learning)  Differentiation Available only for Android - no support for iOS (iPhone / iPads) Doesn't have mobile application reputation engine (Virtual execution / Sandbox + Advanced Static Code Analysis) No MDM integration   Customer Feedback 

16 Skycure (Startup - Israeli R&D, Employees: ~20, $3M seed funding)
Description Mobile Firewall, on device protection for iOS, just added very basic Android client (network, MITM focus) Capabilities Focus on protecting against WiFi and network attacks Very slick iOS attack demo Weaknesses Unable to protect against the main attack vector on Android: Applications. Cannot analyze and detect app behavior. No ability to detect or protect against exploits on device Not a mature enterprise App: limited dashboard, enterprise integration (MDM, SIEM) Stage and company info Startup (Israeli R&D).  Run by: Adi Sharabani (CEO), Yair Amit (CTO)   Backed by: Pitango Ventures (Seed / $3M) Employees: ~20 Competing Product SkyCure Value Proposition Mobile firewall, on device protection for iOS, just added very basic Android client (network, MITM focus) Main use-cases Protection of BYOD devices from holistic cyber threats, mostly positioning against MitM attacks and Malicious Configuration Profile for iOS. Just delivered similar (basic) capabilities for Android. Technology iOS on device detection capabilities for malicious configuration profiles, JB devices and warning that the OS is not up to date. Some crowd-sourcing detection of rouge-WiFi by trace-route (hopes counting) to nodes in the internet Working on a solution for Android, malicious apps will be detected by signatures  Integration with AirWatch Description Differentiation Customer Feedback  3/30/ Isracard: Only focused on WiFi and network attacks Had no malware detection / no app analysis Dashboard was very immature No MDM Integration (not with MobileIron)

17 Zimperium (Startup - Israeli R&D, SF - HQ, Employees: ~20, $8M funding)
Description Intrusion Prevention System for Android devices Capabilities Focus on Android client-based threat detection (basic iOS) Weaknesses Basic ability to detect or protect against iOS Attacks Unable to protect against the main attack vector on Android: Applications. Cannot analyze and detect App behavior. No ability to detect or protect against exploits in the network Not a mature enterprise App: limited dashboard, enterprise integration (MDM, SIEM) Website zimperium.com Stage and company info Startup (Israeli R&D, management is in SV).  Run by: Avraham Zuk (CEO) Backed by: Sierra Ventures (Series A - $8M) Advisors: Kevin Mitnick Competing Product zIPS + zConsole Value Proposition zIPS - intrusion prevention system for Android devices.  Main use-cases Protection of BYOD devices from MitM attacks and MitM attacks on corporate WiFis Technology Protects from MitM attacks, exploits and also profiles mobile applications. The technology is mainly client based threat detection (i.e. the detection is done on the device) with a web console (zConsole) available for the enterprise. Includes the following modules within their Android application: MitM detection within rogue-wifi-hotspot, mainly when there is ARP poising on the WiFi Detection of exploits by profiling the processes on the device - very limited in terms of detection capabilities (can mainly detect very old exploits) Profiling applications on the device based on battery and logs on device using ML (Machine learning)  Differentiation Available only for Android - no support for iOS (iPhone / iPads) Doesn't have mobile application reputation engine (Virtual execution / Sandbox + Advanced Static Code Analysis) No MDM integration   Customer Feedback 

18 Marble Security (Private, founded 2005. Funding: $43
Marble Security (Private, founded Funding: $43.20M) (formerly IRONKEY) Description Mobile Security Management Platform Capabilities Trying to be All Things Mobile (Security + MDM + MAM + Secure Messaging) Weaknesses Lack sophisticated detection and prevention capabilities on the device Partner with Appthority for app reputation Vendor lock-in: many enterprises already have MDM/MAM from large MDM vendors Morphing – split focus to develop broad, shallow feature set Website Stage and company info Private, founded Funding: $43.20M (formerly Known as IRONKEY) Competing Product Mobile Security Management also provides MDM+MAM+Secure Messaging. Launched mobile security service: May 2013. Value Proposition Marble’s mobile security management platform defends against the sophisticated and constantly evolving attacks to enterprise networks. By combining primary threat research with its big data analytics engine, Marble provides comprehensive protection against compromised Wi-Fi networks, spear phishing, SMS phishing, malicious apps, malware, jailbreak jamming and poisoned DNS. Main use-cases Technology Description Weaknesses Try to do it all MDM+MAM: compete directly with the established MDM vendors History of the company… Customer Feedback 

19 THANK YOU!

20 MDM MAM CONTAIN-ERS GATE-WAYS MOBILE AV APP REP SAND-BOX SKYCURE ZIMPER -IUM LOOK OUT MARBLE SECURITY Check Point MTP Attack Detection On Device In Apps In Network Device Support IOS Android Proactive Protection On-Device Access Management Check Point MTP Delivers Comprehensive Mobile Security to enable Enterprises to Confidently Roll Out and Support Mobility Initiatives & Lower TCO

Download ppt "Winning with Check point"

Similar presentations

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.

CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
William Enck, Machigar Ongtang, and Patrick McDaniel.

William Enck, Machigar Ongtang, and Patrick McDaniel.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.
VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.

VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.
A Comprehensive Guide to Mobile Targeted Attacks (and What Can You Do About It) Ohad Bobrov, CTO twitter.com/LacoonSecurity.

A Comprehensive Guide to Mobile Targeted Attacks (and What Can You Do About It) Ohad Bobrov, CTO twitter.com/LacoonSecurity.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영 2015. 04. 21.

All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영

Similar presentations

Ads by Google