Kaspersky Enterprise Cybersecurity Powered by HuMachine … · 2018-03-13 · POWERFUL...
Transcript of Kaspersky Enterprise Cybersecurity Powered by HuMachine … · 2018-03-13 · POWERFUL...
Freddy Girón Nexsys LAtam
Kaspersky Enterprise Cybersecurity Powered by HuMachineTM Intelligence
Cuales son los principales desafíos de Seguridad que tienen las empresas y corporaciones hoy en día….
3
Tendencias tecnológicas y Amenazas Nosotros entendemos las Tendencias globales y las Amenazas ellas traen
Consumismo y movilidad Comercio en línea
Infraestructura critica en rieso Big data
Internet de las cosas Virtualización y la Nube
Desafíos para proteger la data y la privacidad
Fragmentación del internet
Automóviles inteligentes Ciudades inteligentes
Amenazas moviles
banking at risk Massive data leaks
Decreasing cost of APTs
Comercialización de APTs
Supply chain attacks
Cyber-mercenaries
“Wipers” & cyber-sabotage
Ataques dirigidos
Financial phishing attacks Ransomware
Malware for ATMs
Attacks on PoS terminals
Merger of cybercrime and APTs
Targeting hotel networks
Hacktivism Vulnerabilidades en Autos
Ransomware in Targeted Attacks
Online Threats
to Smart Cities
Ataques a ciudades inteligentes IoT botnets
Trends and Threats
6
Our Major Discoveries
Cyber-espionage malware Classification
Detection
Active since
Description
Targets
GAUSS
2012
Sophisticated Toolkit with
modules that perform a variety of functions
July 2012
FLAME
>600 specific targets
2007
Spreads over a local
network or via
a USB-stick
Records screen-
shots, audio, keyboard activity
and network traffic
May 2012
Cyber-espionage campaigns
RED OCTOBER
101–500 diplomatic and governmental
agencies
2004
One of the first massive global
espionage campaigns
Contains Russian language text in the code notes
January 2013
Series of cyber-espionage
campaigns
CARETO /THE MASK
>10,000 victims in 31 countries
2014
Complex toolset with malware,
rootkit, bootkit, one of the most advanced APTs
ever
Attacks devices Running
on Windows, Mac OS X & Linux
February 2014
2002
Up to 1,000 high-profile victims in
nanotechnology, nuclear industry
and other industries, as well as activists, mass
media & others
Equation malware is able to infect the hard drive
firmware, it uses “interdiction” technique to
infect Victims, and
mimics criminal malware
2014
EQUATION
Complex cyberattack platform
2014
Malware infections linked
to the P5+1 events and
venues for high level meetings between world
leaders
A highly Sophisticated
malware platform exploiting up to
three 0-day vulnerabilitiess
2015
DUQU 2.0
2009
2016
LAZARUS
A group believed to be behind the
attack on Sony Pictures
Entertainment in 2014 and the
Central Bank of Bangladesh in
2016. Responsible for data
destruction and financial theft as
well as conventional
cyber-espionage operations against
multiple businesses around
the world
2011
The gang responsible for
creating infected computers
networks that resulted in the theft of more than $45M. from banks, other
financial institutions and
businesses since 2011. The group was looking for a way into remote banking services so that it could
steal money from customer accounts
2016
LURK
Banks, other financial
institutions and businesses
PROJECT- SAURON
Up to 100 victims among
telecoms, government
entities, multi-national political bodies
and others
2003
Spring of 2012
REGIN
The first Cyberattack
platform known to penetrate and monitor
GSM networks in addition to
other “standard” spying tasks
SOFACY
2008
2014
Cyber-espionage malware
Sofacy (also known as “Fancy Bear”, “Sednit”, “STRONTIUM” and “APT28”)
is a highly professional threat actor. Suspected of a connection
with the notorious Miniduke actors, Sofacy has been
notable for its extensive use of 0-day exploits
2011
2016
Military and government
entities worldwide
Media, financial institutions, Casinos, Software
developers for investment companies,
Crypto-currency businesses
A threat actor attacking state
organizations with a unique set of tools for each victim,
making traditional indicators of
compromise almost useless. Project-
Sauron deliberately avoids patterns, customizing its implants and
infrastructure for each individual
target, and never reusing them
The vast majority of
victims were located in Lebanon
Mainly state organizations.
Over 30 victims in Russia, Iran and Rwanda
Cybercriminal operation
Cyber-espionage malware
Cyber-espionage & sabotage, financial
attacks
Our Major Discoveries
Endpoint Security The leading multi-layered endpoint protection platform, based on Next Gen cybersecurity technologies
True Cybersecurity 9
True Cybersecurity
True cybersecurity doesn’t just prevent cybersecurity incidents: it predicts, detects and responds to them – effectively, flexibly and reliably.
Our comprehensive portfolio of solutions achieves all this. thanks to our unique combination of HuMachineTM intelligence and an Adaptive approach, protecting your business rigorously against Next Gen and all other kinds of threats and minimizing the damage an incident could cause.
Reliable Efficient Adaptive To detect effectively we use our global cyber-brain combined with machine learning algorithms and powered by the unequalled expertise
The whole product portfolio is built to help implement the completely adaptive security architecture cycle of Prediction, Prevention, Detection and Response
For 20 years, we have developed the most tested, most awarded solutions and technologies that protect 400 million users worldwide
Endpoint Threats are evolving every day
10 Endpoint Threats
325,000 New Endpoint Threats per day
Increased threats to Mac
machines
Exponential growth of mobile
malware
Continued exploitation of vulnerabilities
in 3rd party software
Targeted attacks and malware campaigns
Dramatic increase
in Ransomware
Multi-Layered Protection powered by Machine Learning
The best security foundation possible — Kaspersky Lab’s industry-leading protection against known, unknown and advanced threats
POWERFUL MULTI-LAYERED PROTECTION FROM ALL FORMS OF CYBER-THREAT
File, Web and Mail Threat Prediction
Cloud-based Intelligence
Anti-Ransomware Protection
HIPS and Network Threat Protection
Exploit Prevention
Machine Learning and Behavior Detection
38 Multi-Layered Protection
Kaspersky Endpoint Security
12
ADVANCED CONTROL TOOLS Application, device and web controls
— Including Default Deny test environment
• DATA PROTECTION • fully integrated data encryption
— Including 2-stage authentication
VULNERABILITY MANAGEMENT Vulnerability detection & patch management plus extended client management capabilities
— Including SIEM support Kaspersky
Security Center THREAT PREVENTION Protection against known, unknown and advanced threats based on machine learning
smartphone and tablet security and management
MOBILE SECURITY
— Including self-service portal and web console Endpoint Security
Kaspersky Lab ENTERPRISE Solutions & Services
Kaspersky Adaptive Security Framework
14
Security Assessment Penetration Testing Custom Reports
Threat Intelligence sharing Defense Strengthening PREDICT PREVENT
Expert Analysts
Embedded Security Cybersecurity Awareness Professional Services
Big Data / Threat Intelligence
Machine Learning
APT Reports Threat Intelligence Portal Endpoint Security Cloud Security
THREAT INTELLIGENCE RISK MITIGATION
HuMachine™
DETECT Multi-Vector Discovery
Threat Data Feeds
Targeted Attack Discovery
APT Reports Endpoint Detection & Response
Managed Protection Anti Targeted Attack
CONTINUOUS MONITORING
RESPOND Effective Countermeasures
Malware Analysis Digital Forensics
Incident Response
Premium Support
Endpoint Detection & Response
SECURITY INCIDENT MANAGEMENT
Kaspersky Adaptive Security Framework
15
Kaspersky Enterprise Security Solutions
Anti Targeted Attack Discovering and mitigating the risk associated with advanced threats and targeted attacks
Endpoint Security The leading multi-layered endpoint protection platform, based on Next Gen cybersecurity technologies
Cloud Security Borderless security engineered for your hybrid cloud environment
Cybersecurity Services Threat Intelligence, Security Training, Incident Response and Risk Assessment from the world leader
Security Operations Center Empowering your SOC with the tools and information to efficiently detect and remediate threats
Fraud Prevention Proactive detection of cross-channel fraud in Real Time
Financial Services Cybersecurity Raising security levels through predicting, preventing and responding to financially motivated cybercrime
Telecom Cybersecurity Securing telecoms data, applications and networks against the most advanced cyberthreats.
Healthcare Cybersecurity Protecting IT networks, medical equipment and confidential clinical data from cyberthreats
Data Center Security Empowering your data center to detect and respond to the most advanced cyberthreats
Government Cybersecurity Meeting the most stringent security requirements of government organizations and related public bodies
Industrial Cybersecurity Specialized protection for industrial control systems
Technological By Industry
Enterprise Security Solutions
Cybersecurity Training
16
DIGITAL FORENSICS – STANDARD AND ADVANCED
Develop and enhance practical skills in searching for digital cybercrime tracks and analyzing different types of
data to uncover attack timelines and sources
MALWARE ANALYSIS AND REVERSE ENGINEERING –
STANDARD AND ADVANCED Understand how to analyze malicious software,
collect IOCs, write signatures to detect malware, and restore infected files and documents
Kaspersky®
Security Training
INCIDENT RESPONSE Guidance through all stages of the
incident response process, ensuring successful remediation
Incident Response
Incident Response
17
DIGITAL FORENSICS Analysis of the acquired digital evidence and
reconstruction of the attack chronology and logic, revealing the root cause of the incident
MALWARE ANALYSIS Gaining a complete understanding of the behavior
and objectives of specific malware files
Kaspersky®
Incident Response
INCIDENT RESPONSE Covering the entire incident
investigation cycle to completely eliminate the threat to your organization
Incident Response
Kaspersky Lab In The Market
Independent Awards & Recognition
No of independent tests/reviews
Independent Awards & Recognition 19
first places* 55
second places* 10
third places* 5
* Notes: According to summary results of independent tests in 2016 for corporate, consumer and mobile products. Summary includes independent tests conducted by : AV-Comparatives, AV-Test, SELabs, MRG Effitas, VirusBulletin, ICSA Labs. Tests performed in these programs assess all protection technologies against known, unknown and advanced threats. The size of the bubble reflects the number of 1st places achieved.
*78 independent tests completed by Kaspersky Lab products in 2016 alongside 15 competitors
0%
20%
40%
60%
80%
100%
20 40 60 80 100
Bitdefender
Sophos
G DATA
Symantec
F-Secure Intel Security (McAfee)
Trend Micro
Avira
Avast
AVG
ESET
Quick Heal
Microsoft
VIPRE
In 2016 Kaspersky Lab products participated in 78 independent tests and reviews. Our products were awarded 55 firsts and achieved 70 top-three finishes. Kaspersky Lab
1st places – 55 Participation in 78
tests/reviews TOP 3 = 90%
BullGuard
Score
of T
OP
3 p
laces
Source: Magic Quadrant for Endpoint Protection Platforms, 30 January 2017 GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affi l iates in the U.S. and internationally, and is used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from the link. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner 's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to th is research, including any warranties of merchantability or fitness for a particular purpose.
2017 marks Kaspersky Lab’s sixth time as a Leader in Gartner’s Magic Quadrant. It’s also the year we mark our company’s 20th anniversary. We view consistently high performance as a hallmark of true leadership, and Kaspersky Lab’s success is built on True Cybersecurity: protecting the authenticity of your digital world using the latest technologies combined with the best of human expertise. True Cybersecurity means always moving forward, always working to stay one step ahead of cyberthreats, wherever they may originate. Gartner Magic Quadrant Leaders are selected for completeness of vision, and the ability to execute and deliver on that vision. We believe this kind of leadership and vision is why Kaspersky Lab’s 400 million users worldwide trust us to future-proof their security.111
Six Years a Leader in Gartner’s Magic Quadrant
Microsoft
VISIONARIES
Invincea
NICHE PLAYERS
LEADERS
Kaspersky Lab
CHALLENGERS
COMPLETENESS OF VISION As of January 2017
AB
ILIT
Y TO
EXE
CU
TE
CrowdStrike
SentinelOne
Cylance
Carbon Black
Intel Security Symantec
Sophos Trend Micro
Eset
F-Secure
360 Enterprise Security Group
AhnLab
Panda Security
G Data Software
Palo Alto Networks
Comodo
Bitdefender
Malwarebytes
Webroot
20 Six Years a Leader in Gartner’s Magic Quadrant
21 Technology and OEM Partners
Technology and OEM Partners
industry leaders trust us to protect their customers ~120 Technology Integration
Private Labelling / Co-branding Pre-installation / Bundling Preload
Let’s Talk? Kaspersky Lab Freddy Girón González Nexsys Latam www.kaspersky.com