1 / 27

Cognitive Security - Corporate Introduction ('12)

Download the original PowerPoint version here: http://gdusil.wordpress.com/2012/06/30/cose-corporate-introduction/ <br>Check out my blog "Multiscreen & OTT for the Digital Generation" @ gdusil.wordpress.com. <br><br>Corporate leaders face complex challenges in balancing security spending against the evolving risks that internet commerce presents. This has resulted in new and advanced levels of protection needed to facilitate these strategic objectives. Expert Security addresses the need to implement more robust and cost effective levels of expertise, and also helps to bridge the gap to higher, and more expensive - and often culturally adverse - outsourced solutions. As companies expand, their need for additional layers of protection it is paramount to ensure asset protection. Network Behavior Analysis are the building blocks of Expert Security, and offers a viable solution to modern sophisticated cyber-attacks. This presentation was prepared to outline our corporate overview and market positioning of Cognitive Security.

dusil
Download Presentation

Cognitive Security - Corporate Introduction ('12)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Gabriel Dusil VP, Global Sales & Marketing www.facebook.com/gdusil cz.linkedin.com/in/gabrieldusil gdusil.wordpress.com dusilg@gmail.com

  2. Origins  Research began in 2006  Company established in 2009  Funded by U.S. Army, Navy & Air Force Experts in Network Behavior Analysis Mission  Providing detailed intelligence to detect modern sophisticated network attacks Security Innovation Headquarters  Prague, Czech Republic & Silicon Valley, CA Experts in Network Behavior Analysis Page 2, www.cognitive-security.com © 2012, gdusil.wordpress.com

  3. Point of Entry   Compromise Compromise   Discovery   50% attacks take days to months of reconnaissance for a successful breach   70% of victims allow a breach to persist for weeks to months before detecting a compromise Experts in Network Behavior Analysis Page 3, www.cognitive-security.com © 2012, gdusil.wordpress.com Verizon –‘11 Data Breach Investigations Report

  4. • Managed Security Services • Security Monitoring & Management • Network Behavior Analysis • Anomaly Detection • Web Security, Content Filtering • SIEM • Web-Application Firewalls • Vulnerability Management • IDS & IPS • IAM • Firewalls • Anti-Virus • Email Security • VPN (SSL & IPsec) SIEM = Security Information & Event Management) IDS & IPS = Intrusion Detection & Prevention System AAA = Authentication, Authorization, & Accounting IAM = Identity & Access Management VPN = Virtual Private Network, SSL = Secure Sockets Layer Experts in Network Behavior Analysis Page 4, www.cognitive-security.com © 2012, gdusil.wordpress.com

  5. Security as a Service Security as a Service Network Network Behavior Behavior Analysis Analysis APT, APT, Zero & & P Polymorphic malware… olymorphic malware… Zero- -Day, Exploit Kits Day, Exploit Kits Attack Patterns Attack Patterns malware, etc. malware, etc. IDS & IPS IDS & IPS Web Security Web Security Filtering, XXS Filtering, XXS SQL Inj., SQL Inj., etc. e email Security mail Security etc. Firewall Firewall Virus, Virus, Trojans Trojans, , Span, etc. Span, etc. Network Behavior Analysis  Cost effective Expert Security for enterprises, telcos & governments  Important security layer & a higher wall for modern-day protection Footprint Footprint reduction, reduction, scripts, etc. scripts, etc. Experts in Network Behavior Analysis Page 5, www.cognitive-security.com © 2012, gdusil.wordpress.com

  6. Experts in Network Behavior Analysis Page 6, www.cognitive-security.com © 2012, gdusil.wordpress.com

  7. Cost Effective & Robust Network Behavior Analysis for Enterprise Cognitive Analyst High Throughput Traffic Volumes - Telco, Mobile, ISP & NSP High Resolution & Attack sensitivity - custom for Governments Experts in Network Behavior Analysis Page 7, www.cognitive-security.com © 2012, gdusil.wordpress.com

  8. Monitoring Employees, Monitoring Employees, 4% 4% Awareness, Awareness, 7% 7% Corporate Governance  Device or Network Misconfig  Restricted Apps, Policy Violations  Irregular Behavior & Misuse Patching, Patching, 21% 21% IAM, 11% IAM, 11% Log Anal., 8% Vulnerability Analysis, 10% Log Anal., 8% Audits, 8% Audits, 8% Vulnerability Analysis, 10% Malware Analysis, 14% Analysis, 14% Malware Diagnostics Support  Vulnerability & Pen-testing  Forensics Analysis  Incident & Response Incident Response, Incident Response, 12% 12% Threat Research, Threat Research, 8% 8% Responsibilities of a Security Administrator Advanced Cyber-Attacks  Trojans, Botnets, C2 & Exploit Kits  Spyware & Info leaks  Brute Force & Insider Attacks  Denial of Service (DoS)  Polymorphic Malware Modern Sophisticated Attacks  Advanced Persistent Threats  Reconnaissance & Sabotage  Zero-Day Attacks Experts in Network Behavior Analysis Page 8, www.cognitive-security.com © 2012, gdusil.wordpress.com Information Week - Strategic Security Survey '11

  9. Experts in Network Behavior Analysis Page 9, www.cognitive-security.com © 2012, gdusil.wordpress.com

  10. Experts in Network Behavior Analysis Page 10, www.cognitive-security.com © 2012, gdusil.wordpress.com

  11. Experts in Network Behavior Analysis Page 11, www.cognitive-security.com © 2012, gdusil.wordpress.com

  12. Heavy DNS Use & Sophisticated Scans Periodic Polling - Command & Control Unclassified Behavior - Unexpected Anomaly Unexpected new service or Outlier Client Peer 2 Peer Network Behavior Outbound Encrypted sessions (eg. SSH) Experts in Network Behavior Analysis Page 12, www.cognitive-security.com © 2012, gdusil.wordpress.com

  13. No Signatures!  No Signature limitations  Attackers will exploit: • Delays in writing signatures • Delay to install new signatures • Clients ignoring updates due to resource constraints Artificial Intelligence  Strength of 8 Detection Algorithms • Highly Accurate Attack detection  Peer-Reviewed Algorithms • Tested by the scientific community  Long-Duration Trust Modeling • Analyzing current behavior against past assessments  Unique Self-configuration • Challenge Agents ensures system is operational  Hacker Circumvention Resistance • Game Theory optimization ensures system behavior is not predicable  State-of-the-art Auto-Tuning • Minimal deployment resources needed Cost Competitive  Cost effective Expert Security Experts in Network Behavior Analysis Page 13, www.cognitive-security.com © 2012, gdusil.wordpress.com

  14. 0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 Experts in Network Behavior Analysis Page 14, www.cognitive-security.com © 2012, gdusil.wordpress.com

  15. 0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 Experts in Network Behavior Analysis Page 15, www.cognitive-security.com © 2012, gdusil.wordpress.com

  16. Cognitive Analyst classifies trustfulness of then data, is separated from Then further separated into… assessed event into over categories, & into severity levels which can not be immediately classified Experts in Network Behavior Analysis Page 16, www.cognitive-security.com © 2012, gdusil.wordpress.com

  17. Comparing Near real-time data to the past  Historical threat data is incorporated to detect sophisticated attacks Severity 8 Unclassified Using the most sophisticated self-learning techniques in the Security Industry today  Using 8 independent Anomaly Detection Algorithms Normal Aggregating multiple threat sources into clusters Experts in Network Behavior Analysis Page 17, www.cognitive-security.com © 2012, gdusil.wordpress.com

  18. Al1→ 0.7 Al2→ 0.2 Al3→ 0.9 Al4→ 0.4 Al5→ 0.3 Al6→ 0.2 Al7→ 0.4 Al8→ 0.5 TM1→ 0.5 Network Traffic Network Traffic TM2→ 0.7 CTS→ 0.7 TM3→ 0.4 Cognitive Trust Score . . . TM4→ 0.6 Knowledge Fusion Detection Algorithms Trust Modeling Unclassified Behavior Trustfulness Trustfulness Assessment Assessment Layer Layer Event Event Generation Generation Layer Layer Severity Severity Assignment Assignment Layer Layer Experts in Network Behavior Analysis Page 18, www.cognitive-security.com © 2012, gdusil.wordpress.com CTS = Cognitive Trust Score

  19. (hh:mm) Start System connected to network data source Self-Initialization 2 Algorithms 3 Algorithms all Algorithms Online Knowledge Fusion - active Self-Configuration Self-Optimization  Artificial Intelligence • Continually tunes to the client’s environment • Highly accurate by combining several advanced algorithms  Auto-Learning Engine • Self-Optimizing  Scalable Architecture • Decentralized & Distributed • Parallel Processing for attack detection in high speed networks Experts in Network Behavior Analysis Page 19, www.cognitive-security.com © 2012, gdusil.wordpress.com

  20. Experts in Network Behavior Analysis Page 20, www.cognitive-security.com © 2012, gdusil.wordpress.com

  21. Pharma Pharma Defence Defence Energy, Oil&Gas Energy, Oil&Gas Finance Finance Manufacturing Manufacturing Chemical Chemical Mobile Mobile ISP & NSP ISP & NSP Hosting Hosting Defence Defence Intelligence Intelligence Utilities Utilities Downtime Downtime Sabotage Sabotage Tarnished Tarnished Image Image Lost Productivity Lost Productivity Terrorism Terrorism Theft of Corporate Secrets Theft of Corporate Secrets Government Sponsored Attacks Government Sponsored Attacks Fraud Fraud Detecting Modern Sophisticated Attacks Detecting Modern Sophisticated Attacks Attack Forensics Attack Forensics Advanced Threat Diagnostics Advanced Threat Diagnostics Security Monitoring Services Security Monitoring Services Behavior Monitoring Behavior Monitoring Expert Services Expert Services R&D R&D Bronze Bronze Consulting Consulting Software Development Software Development Silver SilverGold Training Training Gold Platinum Platinum Forensics Forensics Research Research Cognitive Cognitive1 1 Distribution Distribution Cognitive Cognitive10 Cognitive CognitiveExpert Software Software 10 Expert Appliance Appliance VM or ISO Image VM or ISO Image Experts in Network Behavior Analysis Page 21, www.cognitive-security.com © 2012, gdusil.wordpress.com

  22. Experts in Network Behavior Analysis Page 22, www.cognitive-security.com © 2012, gdusil.wordpress.com

  23. Security Innovation  Delivering Forward-thinking Security Solutions  Thought Leadership Product Reliability  5th Generation Network Behavior Analysis platform Privacy Concerns  Data anonymity is maintained R&D Expertise  Cost-effective Research & Development resources  Quick development turn-around  Flexible integration with OEMs, MSSPs, & device manufacturers Intuitive Management Interface  Easy-to-Use Dashboard  Granular attack detection analysis Experts in Network Behavior Analysis Page 23, www.cognitive-security.com © 2012, gdusil.wordpress.com

  24. http://gdusil.wordpress.com/2013/03/08/cognitive-secu…ntroduction-12/http://gdusil.wordpress.com/2013/03/08/cognitive-secu…ntroduction-12/ Experts in Network Behavior Analysis Page 24, www.cognitive-security.com © 2012, gdusil.wordpress.com

  25. Experts in Network Behavior Analysis Page 25, www.cognitive-security.com © 2012, gdusil.wordpress.com

  26. • Corporate leaders face complex challenges in balancing security spending against the evolving risks that internet commerce presents. This has resulted in new and advanced levels of protection needed to facilitate these strategic objectives. Expert Security addresses the need to implement more robust and cost effective levels of expertise, and also helps to bridge the gap to higher, and more expensive - and often culturally adverse - outsourced solutions. As companies expand, their need for additional layers of protection it is paramount to ensure asset protection. Network Behavior Analysis are the building blocks of Expert Security, and offers a viable solution to modern sophisticated cyber-attacks. This presentation was prepared to outline our corporate overview and market positioning of Cognitive Security. Experts in Network Behavior Analysis Page 26, www.cognitive-security.com © 2012, gdusil.wordpress.com

  27. Network Behavior Analysis, NBA, Cyber Attacks, Forensics Analysis, Normal vs. Abnormal Behavior, Anomaly Detection, NetFlow, Incident Response, Security as a Service, SaaS, Managed Security Services, MSS, Monitoring & Management, Advanced Persistent Threats, APT, Zero-Day attacks, Zero Day attacks, polymorphic malware, Modern Sophisticated Attacks, MSA, Non-Signature Detection, Artificial Intelligence, A.I., AI, Security Innovation, Mobile security, Cognitive Security, Cognitive Analyst, Forensics analysis Experts in Network Behavior Analysis Page 27, www.cognitive-security.com © 2012, gdusil.wordpress.com

More Related