yair grindlinger, ceo and co-founder do you know who your employees are sharing their credentials...
TRANSCRIPT
- Slide 1
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they? Slide 2 There are 1,358,671 data records stolen every day Slide 3 Just ask Slide 4 Corp Control No Control Corporate Network Devices - Servers Employee Device Network - App Slide 5 Breaches Weve Met Unmanaged internal/external sharing leading to misappropriated data used for insider trading Administrator account hijacked leaving key operations vulnerable; passwords, permissions and etc 3 rd -Party app steals confidential data and stores it on their servers PUBLIC WIFI Hackers leveraged public wifi to steal critical data and login credentials PCI/PHI, like SSN and credit card numbers, insecurely stored on the cloud Fake messages sent to capture login credentials for use in identifying fraud activities 3 rd PARTY APP STOLEN DATA ADMIN HIJACK COMPLIANCE PHISHING Slide 6 Analyze Protection Control Discovery Apps Context/risk based access, data and usage controls Mitigations All Corporate Sanctioned Cloud Apps Security Solution Overview Unified auditing, usage analysis, and alerts Cloud App Limitations Integrate security to cloud applications Un-managed application adoption Slide 7 Secure Sanctioned Apps 3 rd Party IT and Security Tools Risk-Based Authentication Threat Detection & Prevention Threat Detection Slide 8 Full Stack Security NETWORK IP Session Pinning, IP Reputation, SSL Enforce DEVICE Device Session Pinning, Device Fingerprinting OS Host State Verification (OS, Browser, End point Sec.) CONTENT CLIENT Anti Phishing, MiTB Protection APP Deep App Insight & Audit, Adaptive App Control IDENTITY Risk Based Authentication, Account Hijack Protection DLP, Exfiltration, Advanced Threat Protection APP AGNOSTIC APP SPECIFIC Slide 9 Risk-Based Authentication NETWORK DEVICE LOCATION ROLE BEHAVIOR THREAT PREVENTION THREAT DETECTION MITIGATION USER AUTH DEVICE AUTH REDUCE PRIVILEGES EVENT (RISK SCORE) ALLOW BLOCK RISK ENGINE pre- authentication post- authentication Slide 10 Cross Application Threat Detection Auditing DashboardAlerts Anomalies Slide 11 Prevention can confuse users and false positives can stop business Slide 12 Security tools should communicate with users and enable business Slide 13 Leverage APIs & 3rd party security solutions Threat Detection + Prevention Context Based, central, cross application platform Real time user centric mitigation Complete control of the entire cloud / web application security stack Heres whatcha need Slide 14 Thank You Yair Grindlinger, CEO & Co-Founder [email protected] [email protected] www.firelayers.com