Download - Targeted Attacks: Have you found yours?
![Page 1: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/1.jpg)
Targeted Attacks| Have you found yours?Andy DancerCTO EMEA
![Page 2: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/2.jpg)
Advanced Persistent Threats
EmpoweredEmployees
Elastic Perimeter
Copyright 2012 Trend Micro Inc.
Trend Micro evaluations find over 90% of enterprise networks contain active
malicious malware!
Traditional Security is Insufficient
![Page 3: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/3.jpg)
3Copyright 2012 Trend Micro Inc.
![Page 4: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/4.jpg)
4Copyright 2012 Trend Micro Inc.
Switch of mental approach
• Terrorist Paradox– We have to win all the
time to defend– They only have to get it
right once to win
• Advanced Threats– Many steps have to
execute in turn to steal my data
– I only need to spot one step to thwart them
![Page 5: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/5.jpg)
Custom Attacks
• Today’s most dangerous attacks are those targeted directly and specifically at an organization — its people, its systems, its vulnerabilities, its data.
04/13/2023 5Confidential | Copyright 2012 Trend Micro Inc.
0101001010010100110001100001011101010101
![Page 6: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/6.jpg)
Deep Discovery & The Custom Defense
04/13/2023 6Confidential | Copyright 2012 Trend Micro Inc.
Deep Discovery
Network Threat Detection
DETECT
Advanced Threat
Protection
![Page 7: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/7.jpg)
APT Activity
Specialized Threat DetectionAcross the Attack Sequence
Malicious Content• Emails containing embedded
document exploits• Drive-by Downloads• Zero-day and known malware
Suspect Communication• C&C communication for any
type of malware & bots• Backdoor activity by attacker
Attack Behavior• Malware activity: propagation,
downloading, spamming . . .• Attacker activity: scan, brute
force, tool downloads.• Data exfiltration communication
![Page 8: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/8.jpg)
Deep Discovery & The Custom Defense
04/13/2023 9Confidential | Copyright 2012 Trend Micro Inc.
Deep Discovery
Attack Analysis & Intelligence
ANALYZE
Network Threat Detection
DETECT
Advanced Threat
Protection
![Page 9: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/9.jpg)
10Copyright 2012 Trend Micro Inc.
Automated AnalysisBandwidth
Live Cloud Lookup
Advanced Heuristics
Sandbox Analysis
Output to SIEM
ThreatIntelligence
Focused Manual Investigation
![Page 10: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/10.jpg)
Deep Discovery AdvisorThreat Intelligence Center
• In-Depth Contextual Analysis including simulation results, asset profiles and additional security events
• Integrated Threat Connect Intelligence included in analysis results
• Enhanced Threat Investigation and Visualization capabilities
• Highly Customizable Dashboard, Reports & Alerts• Centralized Visibility and Reporting across Deep
Discovery Inspector units
Threat ConnectIntelligence
![Page 11: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/11.jpg)
Deep Discovery & The Custom Defense
04/13/2023 12Confidential | Copyright 2012 Trend Micro Inc.
Deep Discovery
Attack Analysis & Intelligence
ANALYZE
Containment& Remediation
RESPOND
Adaptive SecurityUpdates
ADAPT
Network Threat Detection
DETECT
Advanced Threat
Protection
![Page 12: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/12.jpg)
The Custom Defense
04/13/2023 13Confidential | Copyright 2012 Trend Micro Inc.
D E T E C T A N A L Y Z E R E S P O N DA D A P T
Context-relevant views & intel guide rapid remediation response
Custom security blacklists & signatures block further attack
Deep analysis based on custom sandboxing and relevant global intel
Specialized Threat Detection at network and protection points
![Page 13: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/13.jpg)
The Custom Defense In Action Advanced Email Protection
• Blocking of targeted spear phishing emails and document exploits via custom sandboxing
• Central analysis of detections
• Automated updates of malicious IP/Domains
• Search & Destroy function
InterScan Messaging Securityor ScanMail
Anti-spam
Web Reputation
Anti-phishing
Advanced Threat Detection
Anti-malware
“Suspicious”
quarantine
feedback
04/13/2023 14Confidential | Copyright 2012 Trend Micro Inc.
Deep Discovery Advisor
ThreatAnalyzer
Threat Intelligence
Center
Security Update Server
![Page 14: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/14.jpg)
So what does that look like in context?
Outer Perimeter
Inn
er P
erim
eter
s
Valuable Server
Valuable Server
Endpoint
Endpoint
Valuable Server
![Page 15: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/15.jpg)
Deep Discovery
Identify Attack Behaviour & Reduce False Positives
Detect Malicious Content and Communication
Analyze
Simulate
Real-Time
Inspection
Deep
Analysis
Correlate
Actionable
Intelligence
Visibility – Real-time DashboardsInsight – Risk-based Analysis
Action – Remediation Intelligence
Out of band network data
feed of all network traffic
![Page 16: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/16.jpg)
DeepSecurityInner Perimeter for valuable assets
VM VM VM VMVMSecurity
VM
Hypervisor
Deep Packet Inspection
Firewall
Anti-Virus
Log Inspection
Integrity Monitoring
Also works
for VDI
![Page 17: Targeted Attacks: Have you found yours?](https://reader037.vdocument.in/reader037/viewer/2022110120/557577f6d8b42adb7e8b4979/html5/thumbnails/17.jpg)
Thanks for listening......any questions?
Confidential | Copyright 2012 Trend Micro Inc.