Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Insert Title Here

WatchGuard in Action
Spotlight on Dimension and APT Blocker
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
WatchGuard in Action
Spotlight on Dimension and APT Blocker
2
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
You’ve Heard Corey’s talk …
An Advanced Persistent Threat (APT)
is a very high-tech, cutting edge attack
leveraged to gain prolonged, stealthy control
over a high value political or business target.
Three APT Attributes:
1. Advanced
2. Persistent
3. Targeted
3
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
APT Techniques Trickle Down
Today, normal criminal malware
exploits the same advanced tactics as
nation-state APTs. Every organization is
at risk of advanced threats!
Zeus copies Stuxnet 0day exploit
Criminals use evasive malware
(Cryptolocker)
Zeus uses stolen certificates
Criminal spear phishing
Criminal watering hole attacks
4
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
Hosts Compromised
Opportunistic
Attacks
Traditional antivirus software is best used to combat opportunistic (untargeted) attacks,
offering effective and efficient protection following the creation of a signature.
Signature
available
THRESHOLD OF DETECTION
Goal for the cyber miscreant
is to maximize slope.
Hosts Compromised
“Advanced”
Phishing
Time
THRESHOLD OF DETECTION
Signature
available?
Goal for the cyber miscreant
is to minimize slope.
Time
Source: Jeffrey J Guy; Director, Product Management; Bit9/Carbon Black
5
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
Lastline Labs AV Vendor Review
•
•
•
•
•
Average of 2 days for at least one AV scanner to detect what was not
detected on day 0
Detection rates increase to 61% after two weeks
After a year 10% of scanners still do not detect some malware
The 1-perecentile of malware least likely to be detected was undetected by
a majority of AV scanners for Months
In some cases the malware was never detected
http://labs.lastline.com/lastline-labs-av-isnt-dead-it-just-cant-keep-up
6
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
APT Blocker Fills that Security Gap!






7
Identifies and submits suspicious
files to cloud-based, nextgeneration, full system emulation
sandbox
Provides real-time threat visibility;
protection in minutes not hours
Analyzes comprehensive set of
files (Executables, Office
documents, PDFs & Android
APKs)
Detects Zero Day Malware
Scalable; inspects millions of
objects at any given time
Not fooled by evasion
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
Best of Breed
Technology
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
Companies Slow to Discover Breaches
Gap between data
collection & security
On average, malicious breaches take
80 days to discover (and 123 to clean
up)
66% of breaches remain
undiscovered for months or more
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
…Companies (STILL) Slow to Discover Breaches
One third discovered the breech in two
or more years.
Most companies can’t determine where
the breech occurred
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
SANS Logging Survey: Security Events Get Lost
24
%
77
%
Collect logs
Review logs regularly
10
%
Confident in finding
security trends
https://www.sans.org/reading-room/analysts-program/SortingThruNoise
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
WatchGuard Dimension
•
•
•
•
•
•
•
Standard with Firebox
Automated Reporting
Visual Dashboards
Network Intelligence
Pinpoint Weakness
Spot Trends
Stop Cyberloafing
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
What’s New in WatchGuard Dimension Version 2.0
 Direct Access to Firebox (Command) —
Integrated Fireware Web UI connections from
Dimension
 Health Status (Command) — Information for
all Managed Appliances
 Configuration History (Command) — Detail
on changes, revert to previous version
 Hub and Spoke VPN (Command) – Manage
secure connections to remote offices.
 Visibility and Usability Enhancements —
Integration with new dashboards and reports
 New Look and Feel — Improved layout and
design
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
August 25, 2015
15
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved
Related documents
to read full course details.
to read full course details.
Experienced - Edison Community College
Experienced - Edison Community College
Document
Document
Position title
Position title
Watchguard - Hackfest.ca
Watchguard - Hackfest.ca
COURSE OUTLINE: WATCHGUARD TRAIN THE TRAINER
COURSE OUTLINE: WATCHGUARD TRAIN THE TRAINER
Network Security Essentials for Your New Small Business
Network Security Essentials for Your New Small Business
Major Healthcare Organization Improves the Health of Its Network
Major Healthcare Organization Improves the Health of Its Network
What`s New in Fireware XTM v11.8.3
What`s New in Fireware XTM v11.8.3
Download