Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
Conquering the Threat LandscapeThe Defenses You Need against the Top 5 Threat Trends
Himanshu VermaDirector, Product Management
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
2
• 80% of malware is delivered by phishing – Threatsim
• Ransomware spam up 6000% in 2016 –IBM
• 1 in 131 emails contained malware in 2016, the highest rate in 5 year –Symantec
• 76% of organizations reported being victim of a phishing attack in 2016 -Wombat Security
• 91% of targeted attacks start with spear-phishing – Trend Micro
Increase in Phishing and Spear Phishing
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
3
Preventative Measures
DNS Blocking
• DNSWatch Filtering
Phishing Training and Education
Threat Landscape - Spear Phishing
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
4
Increase in Advanced Malware
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
5
Preventative Measures
Advanced Malware Detection• Virtualizes a full victim system
• Runs unknown content in protected environment
• Analyzes behaviors
• Detects sandbox evasion
• Tracks additional malware and C&Cs
Threat Landscape - Ransomworms
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
6
Preventative Measures
Threat Detection Systems• Threat Detection and Response
• ThreatSync TI identifies malicious processes
• Dynamic heuristic process finds suspicious
activities
• HRP Behavior Detection
Threat Landscape – File-less Malware
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
7
Preventative Measures
Layered Defense• Unified Threat Management
Threat Landscape – Crypto Hacking
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
8
Preventative Measures
Multifactor authentication system• AuthPoint Multifactor Authentication
• Employee PC and network log-in
• Remote access
• Privileged users’ access
• Cloud service access
Threat Landscape – Password Leaks
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
Defense Summary
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
WatchGuard Breaks the KillChain
Packet Filtering
Proxies
IPS APT Blocker
Gateway AntiVirus
Packet Filtering
IPS APT Blocker
Gateway AntiVirus
DLPApplication Control
Reputation Enabled Defense
Application Control
Packet Filtering
Web Blocker
IPS APT Blocker
Gateway AntiVirus
Reputation Enabled Defense
RECONNAISSANCE
COMPROMISE/ EXPLOIT
COMMAND AND CONTROL
OBJECTIVES/ EXFILTRATION
DELIVERY
INFECTION/ INSTALLATION
LATERAL MOVEMENT/PIVOTING
APT Blocker
Gateway AntiVirus
TDR
IPSWebBlocker
TDR Botnet Protection
Packet Filtering DLP Botnet
Protection
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
UTM Layered Defense• No single security service prevents all threats. UTM combines
many services to offer Kill Chain defenses.
APT Blocker• Ransomware is evasive and fast changing. You need
behavioral malware detection to catch the latest variants.
Threat Detection and Response• As a last defense, TDR’s Host Ransomware Prevention can
stop some ransomware from encrypting files on an end point.
AuthPoint MFA• No single factor of authentication is perfect. Passwords can
leak, tokens can be stolen, and biometrics can be copied.
Summary of Defenses
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
WatchGuard’s Internet Security Report
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
WatchGuard’s Quarterly Security Reports
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
• Dynamic date ranges
• Filter by:
• Region or country
• Malware/network attacks
• Coming Soon:
• Map with Attack Source
• Filter by City
• Top Malware Domains/URLs
• And More
https://www.secplicity.org/threat-landscape/
Dynamic ISR Threat Landscape
Copyright ©2018 WatchGuard Technologies, Inc. All Rights Reserved
Thank You
15