next generation enduser protection · 2017-05-12 · next generation enduser protection janne...
TRANSCRIPT
![Page 1: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/1.jpg)
Next Generation EnduserProtection
Janne TimisjärviSystems Engineer
10.5.2017
![Page 2: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/2.jpg)
What is the the real threat?
Encrypted!Give me all
your Bitcoin$
Let‘s check if thereIs something of value
![Page 3: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/3.jpg)
3
Melissa Virus
1998
$1.2B
Love LetterWorm
$15B
1999
$2.3B
2007
$800M
2014
LockyRansomware
$1.1B
2016
FinFisherSpyware
2003
$780M
Exploit as aService
$500M
2015
TRADITIONAL MALWARE ADVANCED THREATS
The Evolution of Endpoint ThreatsFrom Malware to Exploits
![Page 4: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/4.jpg)
80% 10% 5%
Exposure Prevention
URL BlockingWeb Scripts
Download Rep
Pre-Exec Analytics
Generic MatchingHeuristicsCore Rules
Signatures
Known Malware
Malware Bits
3% 2%
Run-Time
SignaturelessBehavior Analytics
Exploit Detection
Technique Identification
Traditional Malware Advanced Threats
Where Malware gets stopped
![Page 5: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/5.jpg)
Sophos
RANSOMWAREZERO DAYEXPLOITS
MALWARECLEAUP
LIMITEDVISIBILITYAnti-Exploit
Stops unknown Malware• Signatureless Exploit
Prevention
• Blocks Memory-Resident Attacks
• Tiny Footprint & Low False Positives
Automated Analysis• IT Friendly Incident
Response
• Process Threat Chain Visualization
• Prescriptive Remediation Guidance
Root Cause Analysis
Stops Ransomware• Stops Malicious Encryption
• Behavior Based Conviction
• Automatically Reverts Affected Files
• Identifies source of Attack
Anti-Ransomware
Removes the threat• Signatureless detection and
remediation of unknown malware
Sophos Clean
![Page 6: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/6.jpg)
EXECUTABLEFILES
MALICIOUSURLS
UNAUTHORIZEDAPPS
REMOVABLEMEDIA
EXPLOITPREVENTION
MS FILES& PDF
!
ADVANCEDCLEAN
RANSOMWAREPREVENTION
INCIDENTRESPONSE
DETECT RESPONDPREVENTBEFORE IT REACHES DEVICE BEFORE IT RUNS ON DEVICE
90% OF DATA BREACHES ARE
FROM EXPLOITS KITS
90% OF EXPLOIT KITS ARE BUILT
FROM KNOWN VULNERABILITIES
AND YET…MORE THAN 60% OF IT STAFF
LACK INCIDENT RESPONSE SKILLS
![Page 7: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/7.jpg)
Complete Next-Gen Endpoint Protection
Script-based Malware
Malicious URLs
Phishing Attacks
RemovableMedia
.exe Malware
Non-.exe Malware
UnauthorizedApps
Exploits
Via Invincea, pre-execution malware prevention that is highly scalable, fast, and effective, especially against zero-day threats. Invincea’spioneering ML technology delivers high detection rates and very low FP rates, which is unique.
Effective for run-time prevention of exploit-based
malware such as ransomware. Sophos Intercept X delivers
highly-effective next-gen exploit prevention capabilities.
Heuristic detections based on the behaviors of execution to stop evasive malware before damage occurs.
Knowing the source/reputation of a file, URL, email, etc. can prevent an attack before it happens. Includes technologies such as MTD, download reputation, URL filtering, secure email gateway, etc.
For server or locked-down endpoint environments, app control prevents
unknown / unwanted apps from running.
The only effective defense against in-memory malware.
The only effective way to set policy to ensure removable
media cannot put an organization at risk.
Provides reliable detection of script, document, and macro malware, and an efficient first line of defense against known executable variants.
Synchronized Security
Sophos Central Mgmt..doc.xls.pdf
7
![Page 8: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/8.jpg)
8
Next-Gen Firewall
Wireless
Web
Next-Gen Endpoint
Mobile
Server
EncryptionSophos Central
Synchronized Security
Security Heartbeat™
![Page 9: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/9.jpg)
![Page 10: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/10.jpg)
Sophos Central Phish ThreatSophos Phish Threat is an advanced security testing and training platform designed to reduce your largest attack surface – your end-users – with effective security awareness
testing and training.
Pick a Phishing Attack
Campaign
#1
Pick a Security Training Module
#2
Manage End-User Response & Awareness
#3
![Page 11: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/11.jpg)
Don’t take my words – test it!
Central.Sophos.com Hitmanpro – test tool
![Page 12: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/12.jpg)
Summary
12
• Ransomware is not your enemy – Exploits are!
• Sophos Endpoint provides complete NG Endpoint protection, InterceptX can be run alongside with 3rd party AV
•We provide the platform; Sophos Central!
•Go and test
![Page 13: Next Generation Enduser Protection · 2017-05-12 · Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017. What is the the real threat? Encrypted! Give](https://reader033.vdocument.in/reader033/viewer/2022042914/5f4e96061238d5787c24f017/html5/thumbnails/13.jpg)