a new era of cybersecurity -...
TRANSCRIPT
Copyright © 2015 Raytheon Company. All rights reserved.
A New Era of Cybersecurity
Neil Mohammed, Sales Engineer
R|W Market Advantages
Strong Financial Backing Accelerated Innovation Increased Breadth and Depth
– Full spectrum of security solutions that span the full life cycle of advanced external attacks
– Sophisticated insider theft controls
Greater Integration– Tighter security unified across networks, the cloud, endpoints and mobile
devices– Higher value through less hardware, fewer consoles, and lower training
requirements
Learning from History
Recent Failures–General Dynamics
–Boeing
Commercial and Federal are Different
Separation must be at the Highest Level
Product Synergy Must Make Sense
ThreatScope™ Sandbox Technology
• Applies ACE analytics– Infection process– post-infection activity
• Track infected system activity– System level events/behavior/changes– Processes, registries, files, etc.
• Communication monitoring– Connection type, method, etc.
SureView® Threat Protection
7
■ Detection framework encompasses static, behavioral, heuristic, signature-based, file context, metadata and machine learning methods
■ Proprietary hypervisor technology thwarts attacker attempts to evade virtual machines
■ Enhanced visibility with advanced endpoint capabilities
■ Detection and Prevention modes of operation
■ Extensible detection framework to quickly integrate proprietary and third-party solutions
Capabilities and Differentiators
Threat Sandbox detects zero-day attacks across web, email, and endpoints
SureView® Threat ProtectionMalware (Email) Infection Detection
8
1. Email platform receives email with attachment
2. Email platform queries SureView Threat Protection platform in real-time to determine whether or not email attachment contains malware
3. SureView Threat Protection platform runs file through multiple malware detection algorithms, including sandboxing and machine learning
4. If presence of malware is determined, SureView Threat Protection platform can block the email in real-time
5. Analyst receives malware alert in Web UI
Use Case: Malware Detected from Email Attachment
Visibility is at the Crux of the Issue
1
The digital revolution has obfuscated visibility
Organizations cannot manage threats they cannot see
Capabilities and Differentiators
SureView® Insider Threat
13
■ Comprehensive user activity monitoring across all channels at endpoint
■ DVR-like playback forensics capabilities
■ Easy-to-author and flexible policy creation capabilities with pre-packaged policy packs
■ Easy aggregation of external data and integration of third-party and custom analytics
■ Proven scalability and performance based on deployment at some of the largest environments
■ Built-in privacy protectionComplete visibility into and context around end user activity and behavior
1
SureView® Insider Threat Management Controls
Access based on role, business needs, and authorization
■ Segregation of Collected Data
■ Robust Operator Auditing
■ Role-based Access
■ Chain of Custody Features
■ Non-technical Oversight
■ Integration with 3rd party enterprise tools such as ePO and various SIEM’s
■ -ArcSight, Splunk, etc.
AUDITED ACTIVITY AUDIT RECORD
‐ SAP code names‐ fingerprinted text
• File write to removable media• File contains sensitive data
• Date/Time, Username, Workstation• Offending Device• Action: Capture File• Action: <email> Security Staff• Action: <forward> ArcSight
SureView® Policy-Driven Auditing
Specify what to audit / what should be in the audit record Specify what not to collect
Ex: “Do not collect email to/from [email protected]”
Leverage simple “If/Then” statements Enable Multiple Stakeholders
US DoD Image
1
1
Return on Investment
Source: The Total Economic Impact of Raytheon’s SureView. Forrester, 2014
Forrester Research recently completed a study entitled, “The Total Economic Impact of Raytheon’s SureView.”
117
Intuitive User Experience
17Provides end-to-end visibility, context, and protection across enterprise
© 2015 Websense, Inc. Proprietary and Confidential.
BUSINESS
CUSTOMERS
MONEY$
IDEAS
GOODS &SERVICES DATADATADATA
© 2015 Websense, Inc.
20174.25 million
20132.25 million
CYBERSECURITY SKILLS GAP CONTINUES TO GROWMarket indicators show the need for as many as 4.25 million security professionals by 2017, representing the potential for a 47% shortage in qualified personnel.
2013 (ISC)2 Global Information Workforce Study = 250,000 security professionals
© 2015 Websense, Inc. Proprietary and Confidential.
APTs
Botnets
Zero-day
Exploits
Spear-phishing
SandboxingReal-time Analytics
Application Controls
Threat Intelligence
Forensics
DLP
DATA THEFT PREVENTION
© 2015 Websense, Inc. Proprietary and Confidential.
For rapidly changing technologyand threat landscapes.1
DEPLOY ADAPTIVE SECURITY
For in the cloud data and applicationsas well as off-premise workers.2
PROTECT EVERYWHERE
For more skilled security professionalsand more risk aware employees.3
RAISE THE SECURITY IQ
Analytics takes Center Stage
Understand and Prioritize• Discover more about an entity that you know about (reactive/prevent)• Investigate to understand patterns, find anomalies (proactive/detect)
ENTER A NEW ERA OF CYBERSECURITY
WHILE INNOVATING & GROWING IN THIS AGE OF DISRUPTIVE CHANGE.
WE ENABLE ORGANIZATIONS TO PREVENT DATA THEFT