Av is dead long live managed endpoint security

1

Antivirus is Dead**Long live Managed Endpoint Security

© 2014 N-able Technologies, Inc. All rights reserved.

2

Presented By


Ali MahmoudN-able Technologies

@alimahmoud_

3

Last 5 years in SecurityAre we getting better or worse?


4

Major Security Breaches(20 Mn or more records stolen)

1. “World’s Biggest Data Hacks”, Access 22 Oct 2014.Available at: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/


5

Top 5 Operating Systems Market Share


1. Operating System Market Share, by W3Counter. Available at: http://www.w3counter.com/globalstats.php?year=2014&month=9

6

Windows 8 is growing but will be a while before it overtakes Windows 7

1. “Windows 7 Licenses sold worldwide to 2012”, Statista, Accessed: 24 November 2014, Available at: http://www.statista.com/statistics/273490/global-amount-of-licenses-sold-of-windows-7/2. “After 15 months, Windows 8 has sold 100 million fewer copies than Windows 7 did”, Emil Protalinski, Published 13 February 2014. Accessed: 24 Nov, 2014. Available at: http://thenextweb.com/microsoft/2014/02/13/15-months-windows-8-sold-100-million-fewer-copies-windows-7/

0

100

200

300

400

500

600

700

800

Dec '09 Dec '10 Dec '11 Dec '12

Win 7 Licenses Sold (in millions)1

20 Mn copies per month on average

2


7

Vulnerabilities by operating system version

1. “The Secunia Vulnerabilty Review 2014” by Secunia. Available at: http://secunia.com/resources/reports/vr2014/


8

Web Browser Market Share

1. Web Browser Market Share, by W3Counter. Available at: http://www.w3counter.com/globalstats.php?year=2014&month=9


9

Vulnerabilities across top 5 browsers

1. “The Secunia Vulnerabilty Review 2014” by Secunia. Available at: http://secunia.com/resources/reports/vr2014/


10

Brian Dye of Symantec® estimates

antivirus now catches just 45% of all attacks


http://online.wsj.com/news/article_email/SB10001424052702303417104579542140235850578-lMyQjAxMTA0MDAwNTEwNDUyWj

http://online.wsj.com/news/article_email/SB10001424052702303417104579542140235850578-lMyQjAxMTA0MDAwNTEwNDUyWj

11

Antivirus is Dead**Long live managed endpoint security


12

Traditional way of preventing threats

New virus discovered Antivirus company creates a fix in the form of a “signature”

Users download signatures


13

Problem 1: Vulnerability window could be months

Fix Found User protected

TIME

Zero-Day

"hackers exploit security vulnerabilities in

software for 10 months on average before

details of the holes surface in public”

Source: Wikipedia.org

Available at: Wikipedia - Zero-day_attackDate sourced: 2014-07-10


http://en.wikipedia.org/wiki/Zero-day_attack

14

Problem 2: Depending on user to apply updates

Remind me later(so I can ignore it again)

Update Now

Its time to update your antivirus again…


15

Problem 3: No defense against modern attacks

Ransomware (e.g. Cryptolocker)


16

The reality behind signature based antivirus

• Detects < 50% of attacks

• Could take days before users is protected

• Does not protect against modern threats


17

The Solution?

Managed Endpoint Security


18

Signature Based Antivirus


Methodology File Signatures File SignaturesFile BehaviorHeuristics Algorithms

Elements of Network Security


19




Malware Classes File Infectors (virus) All Classes of malware(File infectors, Spyware, Greyware, Randsomware, Root kits, Spambots, Hijacker, etc)



20





User Control N/A Full Control



21





User Control N/A Full Control

Other Features • Ingress/Egress firewall• IPS/IDS sensors & warning systems• Data input/output control,

including portable devices



22

Behavior Based Protection

Heuristic Algorithms

Application Control /

User Management

Managed Endpoint SecurityProtection Against All Classes of Malware


23

Behavior Based Detection

Hook Installed in every process

Watches for suspiciousaction

Intercepts and evaluatesAPI calls

Keeps process statistics

Evaluates and Blocks/removes suspicious items


24


• Use rules to evaluate suspicious trends• Many to one signatures

• Catch all variants

• Sandboxing• Evaluate actions rather than files

• Find malware before it executes


25

You are only as strong as your weakest link

Window has detected that a problem exists between keyboard and chair.


26

Application Control & User Management

• Malware uses Social Engineering

• Reduce risk from user error

• Malware changes but behavior doesn’t


27

Protect Against All Classes of Malware

Full Malware Protection

Spyware

Greyware

Randsomware

Root kits

File infectors (virus)

Spambots

Hijacker

and more…

Behavior Based


User Control/Mgmnt


28

Managed Security Benefits

Protect Your Customers

• Modern Threats

• User Error

• Unprotected Endpoints

• Out of Date Endpoints

Show Your Value

• Continuously Audit

• Send Report To Your Customers


29

N-able Security ManagerBased on the Award Winning BitDefender


30

100% Protection in the May 2014

AV-comparatives test

N-able Security ManagerBased on Bitdefender’s® Award Winning Engine


31

Top 5 consumer antivirus software protection1 by market share2

1. “This is how well security packages protect porous XP systems” 28 August 2014.

Available at: http://www.av-test.org/en/news/news-single-view/this-is-how-well-security-packages-protect-porous-xp-systems/

2. “Antivirus and Threat Report January 2014” January 2014.Available at: https://www.opswat.com/about/media/reports/antivirus-january-2014


32

Security Manager: AV Defender

Bitdefender wins AV-TEST 2013

#1 in protection & performance1

Bitdefender aces AV-COMPARATIVES performance test2

Protection 6/6

Performance 6/6

Usability 6/6

1. “Bitdefender Wins AV-TEST #1 Spot in Protection and Performance”, 17 February 2014.

Available at: http://www.av-test.org/en/test-procedures/award/2013

2. “This is how well security packages protect porous XP systems” 28 August 2014.Available at: http://www.av-test.org/en/news/news-single-view/this-is-how-well-security-packages-protect-porous-xp-systems/


33

$70.00

Consumer Antivirus Pricing

1. Protection for your PCMicrosoft pricing., Accessed 22 Oct 2014.

Available at: http://windows.microsoft.com/en-CA/windows/security-essentials-download

2 Avast Pro Antivirus. pricing, Accessed 22 Oct 2014. Available at: http://www.avast.com/en-ca/pro-antivirus

3 AVG Internet Security 2015pricing, Accessed 22 Oct 2014. Available at: http://www.avg.com/ppc/ca-en/is_buy

4 ESET Smart Security. ESET pricing, Accessed 22 Oct 2014.

Available at: http://www.eset.com/us/store/smart-security/

5 Symantec pricing, Accessed 22 Oct 2014. Available at:

http://norton.symantec.com/norton/ps/3up_ca_en_navnis360_sym_3up.html?om_sem_cid=hho_sem_sy:ca:ggl:en:e|kw0000088753|26752847361|c&country=CA

$350.00


34

Start your 30-Day Free Trial

N-central® + Security Manager

Remote Management Made Simple

START MY FREE TRIAL

or

http://bit.ly/1neBB7w




35

Thank you!


36

Legal Information

The N-able Technologies and N-central trademarks are the exclusive property of N-able Technologies, Inc. and its affiliates, are registered with the U.S. Patent and Trademark Office and the Canadian Intellectual Property Office, and may be registered or pending registration in other countries. All other N-able trademarks, service marks, and logos may be common law marks, registered or pending registration in the United States, Canada, or in other countries. All other trademarks mentioned herein are used for identification purposes only and may be or are trademarks or registered trademarks of their respective companies.

© 2013 N-able Technologies, Inc. All rights reserved. © 2014 N-able Technologies, Inc. All rights reserved.

Av is dead long live managed endpoint security

Technology

Transcript of Av is dead long live managed endpoint security