ia15 network situation awareness lumeta europe
TRANSCRIPT
Network
Situational
Awareness
© 2015 Lumeta Corporation
In Cybersecurity, The Network Doesn’t Lie
Networks are increasingly dynamic
and changing causing a 20% gap in
network situational awareness
• Constant upgrades, moves and changes
• Spin-offs, mergers and acquisitions
• Call back to TOR exit nodes
• Invisible assets turned into malware
infrastructure
• Unmanaged & Unsecured Devices
• Digital economy causing infrastructure
transitions to:
• Mobile from fixed
• Virtual from physical
• DevOps in the cloud
• Software defined networks &
datacenter
IP Addresses
Aw
aren
ess
100%
1,000K 100K 10K
Lumeta Network Situational
Awareness
Cybersecurity Analytics
Operationalizing Threat Intelligence
Validate No Access to Known Malware C2
Servers • Determine whether or not
active security controls prevent call back to known botnet/command and control networks and servers
Validate No Access to Known TOR Exit
Nodes • Determine whether or not
active security controls prevent call back to TOR exit nodes (TOR – The Onion Router/Dark Web Infrastructure)
Zombie Hunting
• Determine whether or not any trusted/enterprise assets are malware infrastructure or part of blacklists/dropnets/ Shadowserver/attacker lists
Internal TOR Relays/Bridges
• Determine whether or not any trusted/enterprise assets are/ were acting as TOR relays/ bridges
Use/Accessibility of Trojan/Malware
Ports • Determine whether or not
any trusted/enterprise assets are utilizing ports associated with Trojans, Malware, and attack lateralization
Network Attack Emulation Solution
• Intelligence-led test environment mimics the actions of cyber attackers with full traceability and reporting
• Use of Lumeta innocuous malware protects the end user during testing
• We are partnering with European PENTEST partners - Please contact us for more information