dell security overview
play

Dell Security Overview Eddie Chan Security Solution Consultant - PowerPoint PPT Presentation

Jan 26, 2024 •101 likes •746 views

Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell | Hong Kong & Taiwan Agenda Session One 2016 Threat Report Update Session Two SonicWALL C APT URE Advanced Threat Protection Service

  1. Dell Security Overview Eddie Chan Security Solution Consultant Dell Security Solutions Dell | Hong Kong & Taiwan

  2. Agenda • Session One • 2016 Threat Report Update • Session Two • SonicWALL C APT URE Advanced Threat Protection Service • Session Three • Privileged Management - Safeguard • Access Management - Defender Security Products

  4. Global Response Intelligent Defense (GRID) Network • Threat research team • Proprietary malware analysis automation • World-wide monitoring • Shared cross-vector threat- related information (i.e. 1M Sensors, Honeypots, Sandboxing) • Real-time counter-threat intelligence • Active participant in leading research organizations • Industry leading responsiveness Internal Use Only – Dell Confidential

  5. Malware attacks 8.19 billion | blocked by Dell firewalls in 2015 Internal Use Only – Dell Confidential

  6. The top malware delivery methods Website Email/Phishing downloads Portable Text messages devices (USB) (SMS) 6 Dell - Internal Use - Confidential

  7. What did we find last year? Internal Use Only – Dell Confidential

  8. 1 • Use of anti-forensic mechanisms to evade security systems Exploit kits evolved with • Upgrades in evasion greater speed, techniques, such as URL pattern changes heightened stealth and novel shape-shifting • Changes to landing page abilities redirection techniques (i.e. Steganography) • Modifications in landing page entrapment techniques Dell - Restricted - Confidential

  10. Flow chart Spartan infection chain

  11. 黑客鎖電腦檔案 索金鑰費 中小企下載圖片中招 付款失敗資料救不回 11 Dell - Internal Use - Confidential

  12. Angler exploit kit pushed new variant of ransomeare

  13. Ransomware effect for differences business area

  14. 2 HTTPS hits as percentage of total hits SSL/TLS encrypted traffic rises sharply, leading to 61% more under-the-radar hacks 39% Dell - Restricted - Confidential

  15. You can’t protect what you can’t see — attacks unseen by most firewalls “…redirection code planted “…redirection code planted in the malicious in the malicious advertisements uses advertisements uses SSL/TLS (Secure Sockets SSL/TLS (Secure Sockets Layer/Transport Layer,…” Layer/Transport Layer,…” By Jeremy Kirk, IDG News Service, Jul 27, 2015

  16. 3 Notable trends in Android attacks Malware for the • New variant that added a randomly Android ecosystem generated PIN to the typical ransomware lock screen continued to rise and • Dropping malicious code as part of a evolve library file, rather than a classes file • Financial sector continued to be a prime target for Android malware Dell - Restricted - Confidential

  17. 4 Popular malware families continued to morph from season to season and differed across geographic regions Dell - Restricted - Confidential

  18. Most popular malware by country in November 2015

  19. Top 10 malware families 19 Dell - Internal Use - Confidential

  20. Predictions for 2016 • Battle between HTTPS encryption and threat scanning will continue to rage, as companies fear performance trade-offs • Flash zero-days will drop gradually because major browser vendors have stopped supporting Flash plugins • Malicious threats will target Android Pay through the vulnerabilities of Near Field Communication (NFC)

  21. Final Takeaways

  22. Recommendations App IAM VPN AV Control Defend Before Layered Security - most effective better together strategy Patch Encry 2FA Manag IPS ption ement Obey the 3 D’s D efend:: Before an attack fortify your position to DPI CFC SIEM PAM During Detect give yourself the best chance of preventing a breach. Educa Sand monit AV tion box or D etect:: During an attack ensure your tools see the threat and act quickly to prevent it Behavioral logs DLP Discover analysis After D iscover:: After penetration ensure visibility un- masks the threat quickly to minimize loss. Forensics Identity Network Endpoint Data Combine technologies from each tower that cross the time boundaries Internal Use Only – Dell Confidential

  23. Introducing Dell SonicWALL C APT URE Advanced Threat Protection Service February 2016

  24. Challenge: Explosion of evasive, zero-day threats* • Designed to evade 1 st generation sandbox analysis and detection • Target not just windows environments but also mobile and connected devices • Hide in encrypted and unencrypted traffic • Hide in more file types, of any file size * Source: Dell Security 2016 Threat Report

  25. Introducing Dell SonicWALL Capture Advanced Threat Protection Service Cloud service detects and blocks zero-day threats at the gateway Multi-engine sandbox detects more • threats than single sandbox technology Broad file type analysis and • operating system support and no file-size limitation Blocks until verdict at the gateway • • Rapid deployment of remediation signatures • Reporting and alerts NSA 2600 – 6600 TZ SOHO – TZ600 SuperMassive 9200-9600

  26. Increase security effectiveness against zero-day threats • Multi-engine advanced threat analysis detects more threats, can’t be evaded • Virtualized sandbox • Full system emulation • Hypervisor level analysis • Broad file type and OS environment analysis, no file size limitation • PE, MS Office, PDF, archives, JAR, APK • Windows, Android and Mac OS • Automated and manual file submission 26 Internal Use Only – Dell Confidential

  27. VMRAY with Dell SonicWALL Internal Use Only – Dell Confidential

  28. lastline with Dell SonicWALL Internal Use Only – Dell Confidential

  29. lastline in NSS LABs report in 2015 Internal Use Only – Dell Confidential

  30. Monitoring and reporting • At-a-glance dashboard • Scanned file history • Detailed file analysis report 30 Internal Use Only – Dell Confidential

  31. Internal Use Only – Dell Confidential

  32. Internal Use Only – Dell Confidential

  33. Internal Use Only – Dell Confidential

  34. Manually upload file for advance inspection Internal Use Only – Dell Confidential

  35. Internal Use Only – Dell Confidential

  37. C APT URE Screen Demo April 2016

  38. Introduce for Safeguard & Defender April 2016

  39. Privilege Management Challenges • Difficult to manage • Huge security and compliance risk Fact: 69% of confirmed security incidents were perpetuated by insiders, and increased more than 300% between 2011 and 2012 Fact: More than half were former employees who regained access via backdoors or corporate accounts that were never disabled Dell Software 39

  40. Why are they difficult to manage? Devices Mainframes Databases Applications Servers Vendors Applications Helpdesk Developers Admins Dell Software 40

  41. Huge security and compliance risk? Very Powerful • IT Admin - Deleted 15 virtualized machines that ran 88 servers • IT Admin – Stole patient records and test results • IT Director – Continued use for a month and altered CEO presentation • Systems Admin – Took down 2000 servers No individual accountability Dell Software 41

  42. Solve the challenges Secure & efficient Granular delegation & Monitoring & management command control logging Task 1 Task 2 Task 3 User A User B User C Dell Software 42

  43. Secure and efficient management Privilege Safe ? Issuance Request Authorization Change Servers Mainframes Applications Devices Databases Dell Software 43

  44. Privileged Password Manager Privileged • Secures accounts in a password safe password – AES 256 Encrypted safe • Request and approval workflow – Dual or more release controls • Removes embedded passwords in applications and scripts • Automated password changes –“Last use” – Time-based • Full audit trail Dell Software 44

  45. Session Management (IN THE ROADMAP) Allow only certain Pre-set time limits Full DVR-like recording commands Dell Software 45

  46. Who to talk to and what to listen for Administrator IT Manager Security officer Potential breach, audit Manual process, Manual process, application too much responsibility reports, compliance access, assigning accountability, access reporting Dell Software 46

  47. Dell Defender

  48. • Average user has over 40 Problem: static professional/personal accounts passwords are – Users use the same password for multiple inefficient, accounts – Complex passwords are written down unsecure and – Passwords are only changed when required expensive • Large organizations spend on average $850,000 per year resetting passwords • Increasing remote workforce makes it more important to prove identity of users accessing the network 48

  49. • Changes with every use Answer: • Can’t be written down two-factor • Nothing to forget authentication 2FA 49

  50. • Secure A two-factor • Flexible authentication • Scalable solution should be: • Easy to use • Affordable 50

Recommend

Catch me if you can! Angelo Dell'Aera Bologna 29/10/2016 A Little About Me Angelo Dell'Aera

Catch me if you can! Angelo Dell'Aera Bologna 29/10/2016 A Little About Me Angelo Dell'Aera

Catch me if you can! Angelo Dell'Aera Bologna 29/10/2016 A Little About Me Angelo Dell'Aera <angelo.dellaera@honeynet.org> Security Researcher @ Area 1 Security Full Member @ Honeynet Project Information Security Independent

680 views • 48 slides
... sclass1 sclass10 Net-linux Net-linux DHCP DHCP The lab has 10 dell systems. Each dell

... sclass1 sclass10 Net-linux Net-linux DHCP DHCP The lab has 10 dell systems. Each dell

Notes on Running Dsniff and the Lab Network Environment Cyber Security Lab 2/16/10 1 General Overview 1.1 Initial machine configuration Outside World DMZ Management 192.168.50.50 192.168.50.60 Dmz 192.168.50.0/24 FW1 Outside =

182 views • 4 slides
Computer disassembly Dell OptiPlex GX260 Overview Working with the Dell OptiPlex GX260

Computer disassembly Dell OptiPlex GX260 Overview Working with the Dell OptiPlex GX260

Computer disassembly Dell OptiPlex GX260 Overview Working with the Dell OptiPlex GX260 Disassemble Identify the parts Reassemble Precautionary measures NOTICE : To help avoid possible damage to the system board, wait 5 seconds

398 views • 26 slides
Dell TechDirect Customer Overview TechDirect Overview Available via Benefits Easy Single

Dell TechDirect Customer Overview TechDirect Overview Available via Benefits Easy Single

Dell TechDirect Customer Overview TechDirect Overview Available via Benefits Easy Single support source with an intuitive interface to streamline routine support management between you and Dell. Online Mobile Integrated Portal App APIs

398 views • 12 slides
Sales Presentation Case Dell EMC Introduction: As a member of the Dell Technologies unique

Sales Presentation Case Dell EMC Introduction: As a member of the Dell Technologies unique

Sales Presentation Case Dell EMC Introduction: As a member of the Dell Technologies unique family of businesses, Dell EMC serves a key role in providing the essential infrastructure for organizations to build their digital future, transform

258 views • 4 slides
and Transitive Trust Jeff Jarmoc Sr. Security Researcher Dell SecureWorks About this talk

and Transitive Trust Jeff Jarmoc Sr. Security Researcher Dell SecureWorks About this talk

SSL Interception Proxies and Transitive Trust Jeff Jarmoc Sr. Security Researcher Dell SecureWorks About this talk History & brief overview of SSL/TLS Interception proxies How and Why Risks introduced by interception

744 views • 36 slides
Dell to Acquire Wyse Technology Dave Johnson Jeff Clarke SVP, Corporate Strategy, Dell Inc. Vice

Dell to Acquire Wyse Technology Dave Johnson Jeff Clarke SVP, Corporate Strategy, Dell Inc. Vice

Dell to Acquire Wyse Technology Dave Johnson Jeff Clarke SVP, Corporate Strategy, Dell Inc. Vice Chairman, Global Operations and End User Computing Solutions, Dell Inc. Rob Williams Tarkan Maner Vice President, Investor Relations, Dell Inc.

137 views • 9 slides
Deep Learning/AI Lifecycle with Dell EMC and bitfusion Bhavesh Patel Dell EMC Server Advanced

Deep Learning/AI Lifecycle with Dell EMC and bitfusion Bhavesh Patel Dell EMC Server Advanced

Deep Learning/AI Lifecycle with Dell EMC and bitfusion Bhavesh Patel Dell EMC Server Advanced Engineering Mazhar Memon CTO Bitfusion Abstract This talk gives an overview of the end to end application life cycle of deep learning in the

443 views • 30 slides
DELL EMC VDI Complete Solutions: Accelerate your IT Transformation The ultimate secure,

DELL EMC VDI Complete Solutions: Accelerate your IT Transformation The ultimate secure,

DELL EMC VDI Complete Solutions: Accelerate your IT Transformation The ultimate secure, manageable and reliable end to end virtual desktop solutions. Isel Horada isel.horada@dell.com 17.10.2017 Dell Emc Forum - Athens Your World Today

376 views • 19 slides
How Dell is making marketing transformation real Laura Snyder, VP Marketing Technology, Dell

How Dell is making marketing transformation real Laura Snyder, VP Marketing Technology, Dell

How Dell is making marketing transformation real Laura Snyder, VP Marketing Technology, Dell Restricted - Confidential - Privileged Restricted - Confidential - Privileged 1 Dell Technologies Magic cant make digital transformation happen.

310 views • 17 slides
Science Brandon Bozek Senior Advisor, Data Scientist Dell Technologies Overview Snapshot of

Science Brandon Bozek Senior Advisor, Data Scientist Dell Technologies Overview Snapshot of

Dark Matter to Data Science Brandon Bozek Senior Advisor, Data Scientist Dell Technologies Overview Snapshot of Data Science at Dell My journey from Academia to Data Science Preparing to become a Data Scientist Preparing to Interview for a

382 views • 14 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
Matrix for Dell EMC PowerEdge Servers 12 September 2018 Dell EMC Linux Team Introduction

Matrix for Dell EMC PowerEdge Servers 12 September 2018 Dell EMC Linux Team Introduction

SUSE Linux Enterprise Server Certification Matrix for Dell EMC PowerEdge Servers 12 September 2018 Dell EMC Linux Team Introduction This set of matrices attempt to represent the certification status between different versions of the SUSE

435 views • 31 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CPSC 410/611 Operating Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies

419 views • 19 slides
Software In-Security Buffer overflows Overview Web Application security Malware OS

Software In-Security Buffer overflows Overview Web Application security Malware OS

Lecture overview Table of contents: Introduction to SW security Software In-Security Buffer overflows Overview Web Application security Malware OS security topics Code scanning Emmanuel Benoist Taught by Ulrich

479 views • 13 slides
Extensions to Self-Taught Hashing: Kernelisation and Supervision Dell Zhang, Jun Wang, Deng Cai,

Extensions to Self-Taught Hashing: Kernelisation and Supervision Dell Zhang, Jun Wang, Deng Cai,

Extensions to Self-Taught Hashing: Kernelisation and Supervision Dell Zhang, Jun Wang, Deng Cai, Jinsong Lu Birkbeck, University of London dell.z@ieee.org The SIGIR 2010 Workshop on Feature Generation and Selection for Information Retrieval

796 views • 46 slides
Thug: a low-interaction honeyclient Angelo Dell'Aera Speaker Chief Executive Officer @ Honeynet

Thug: a low-interaction honeyclient Angelo Dell'Aera Speaker Chief Executive Officer @ Honeynet

Thug: a low-interaction honeyclient Angelo Dell'Aera Speaker Chief Executive Officer @ Honeynet Project Information Security Independent Researcher @ Antifork Research (10+ years) Agenda Introduction Honeyclient technologies

465 views • 28 slides
AI is your Business - Translating Hype into Action Paul Brook Bernhard Otupal @paulbrookatDell

AI is your Business - Translating Hype into Action Paul Brook Bernhard Otupal @paulbrookatDell

AI is your Business - Translating Hype into Action Paul Brook Bernhard Otupal @paulbrookatDell @BernieAtDell bernhard.otupal@Dell.com paul.brook@dell.com + 33 621322968 + 44 (0) 7802 595 331 1 of Y Dell -Internal Use - Confidential 1 Dell

518 views • 30 slides
How Dell Simplified Email Template Design to Improve Engagement and Drive a Double-Digit

How Dell Simplified Email Template Design to Improve Engagement and Drive a Double-Digit

How Dell Simplified Email Template Design to Improve Engagement and Drive a Double-Digit Percentage Increase in Revenue Rate JESSICA VOGEL Global Marketing Consultant Dell, Inc. Jessica Vogel Global Marketing Consultant Dell, Inc. Reference

294 views • 18 slides
Eko International e-Waste Summit 2011 Lagos, Nigeria Dell - Recycling Presented by: Jonathan

Eko International e-Waste Summit 2011 Lagos, Nigeria Dell - Recycling Presented by: Jonathan

Eko International e-Waste Summit 2011 Lagos, Nigeria Dell - Recycling Presented by: Jonathan Perry Agenda 1. Introduction to Dell programmes 2. Opportunities 3. Challenges 2 Dells Takeback Program Portfolio 1 999 2011 Free

328 views • 10 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday & Friday, 9:00 10:30 William Stallings

670 views • 19 slides
LAL Ph+ dell adulto Sabina Chiare+, MD, PhD

LAL Ph+ dell adulto Sabina Chiare+, MD, PhD

LAL Ph+ dell adulto Sabina Chiare+, MD, PhD Divisione di Ematologia Sapienza Universit di Roma Pre-imatinib era 3-yrs DFS with

826 views • 29 slides
development upgrades Michael Brown NGM Firmware Lead Technologist Dell EMC Embedded Linux

development upgrades Michael Brown NGM Firmware Lead Technologist Dell EMC Embedded Linux

Reducing the pain of Yocto development upgrades Michael Brown NGM Firmware Lead Technologist Dell EMC Embedded Linux Conference 2017 Outline Easier Yocto upgrades in development - Introduction - Problem Statement - Dell EMC

167 views • 15 slides
2012 Dell Analyst Meeting June 13, 2012 Join the conversation #DellAM12 Follow @DellShares

2012 Dell Analyst Meeting June 13, 2012 Join the conversation #DellAM12 Follow @DellShares

2012 Dell Analyst Meeting June 13, 2012 Join the conversation #DellAM12 Follow @DellShares Welcome Rob Williams Vice President, Investor Relations Agenda Part I Strategy & Financial Overview 7:30 - 7:35 am Welcome Rob Williams

955 views • 74 slides

More recommend