SlideShare uma empresa Scribd logo

Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion

Transferir como PPTX, PDF
Lumension
Lumension

As IT professionals know, endpoint security needs are evolving: new vulnerabilities are disclosed every day, new malware creation is exploding, and traditional AV signatures cannot keep up. You know that patch management and AV are necessary – but not sufficient – layers of endpoint defense. Intelligent application whitelisting is an important addition to your risk mitigation strategy, and taking prudent measures to establish a best practices approach can help reduce costs and risks in the long term. View these slides to learn the recommended steps to check unknown executables on your endpoints as we dive into a technical discussion of what the critical items to address: * Prepare – properly laying the groundwork for implementing application whitelisting is crucial to ultimate success. * Lockdown – preventing unwanted or dangerous changes while providing necessary flexibility to support business needs. * Manage – maintaining the environment as application, end user and business needs develop.

Tecnologia
1 de 26
Developing Best Practices for Application Whitelisting An In-Depth Technical Webcast
Today’s Agenda Introduction Augment Your Defenses to Mitigate Zero-Days, with Lessons Learned from the Field • Laying the Groundwork • Creating Policies • Protecting Endpoints • Managing the Environment Q&A
Today’s Panelists Douglas Walls David Murray Chief Information Officer Sr. Product Manager EMSolutions, Inc. Lumension 3
Why Application Whitelisting Is Important AVERAGE detection rate after 30 days = 62% Today’s Endpoint Security Stack Sources of Endpoint Risk AV 5% Zero-Days Device Control 30% Application Missing Patches Control 65% Patch & Configuration Management Misconfigurations 4
Benefits of a Solid Whitelisting Process Malware Costs Money Controlled Change is Good © Creative Commons / Kevin Dooley 5
Application Whitelisting Best Practices Laying the Groundwork Application Managing the Creating Whitelisting Environment Policies Process Protecting Endpoints 6
Laying the Groundwork
Groundwork | Policies | Lockdown | Management Clean Avoid End User Disruption • No need to reimage • Off-hours, thorough scan to remove known malware 8
Groundwork | Policies | Lockdown | Management Scan 9
Groundwork | Policies | Lockdown | Management Organize 10
Groundwork | Policies | Lockdown | Management Denied Apps Eliminate unknown or unwanted applications on your endpoints User Endpoint View Admin Console View Prevent applications from executing even while endpoints are in monitor mode only 11
Creating Policies
Groundwork | Policies | Lockdown | Management Trusted Updater Automated whitelist maintenance reduces workload 13
Groundwork | Policies | Lockdown | Management Trusted Publisher Automated whitelist maintenance reduces workload 14
Groundwork | Policies | Lockdown | Management Trusted Path Automated whitelist maintenance reduces workload 15
Groundwork | Policies | Lockdown | Management Monitor Stabilize Whitelist Maintenance • Full visibility into unaccounted for changes (good and bad) • Accommodate variations • Reduce maintenance workload 16
Groundwork | Policies | Lockdown | Management Local Authorization Effectively Balance Security and Productivity • End user flexibility • “Third Way” between Monitor and Lockdown Admin Console View User Endpoint View 17
Protecting Endpoints
Groundwork | Policies | Lockdown | Management Enforce Easy Transition • Minimize disruption • Provide flexibility • Minimize workload 19
Groundwork | Policies | Lockdown | Management Fine-Tune Think Globally, Act Locally • Harmonize where appropriate • Anticipate future needs 20
Managing the Environment
Groundwork | Policies | Lockdown | Management Control Is this a Known Bad? Should my Is this a users have this? Known Good? What is trying to install this? Is this Unwanted? Who wrote this? Where did this come from? 22
Groundwork | Policies | Lockdown | Management Adapt Develop processes • Changes in environment • Changes in end user needs • Changes in business needs Create flexibility to balance security with productivity across entire organization © Creative Commons / Bruce Tuten 23
Q&A
More Information • Free Security Scanner Tools • Get a Quote (and more) » Application Scanner – discover all the apps http://www.lumension.com/ being used in your network intelligent-whitelisting/buy-now.aspx#7 » Vulnerability Scanner – discover all OS and application vulnerabilities on your network » Device Scanner – discover all the devices being used in your network http://www.lumension.com/Resources/ Security-Tools.aspx • Lumension® Intelligent Whitelisting™ » Online Demo Video: http://www.lumension.com/Resources/ Demo-Center/Endpoint-Security.aspx » Free Trial (virtual or download): http://www.lumension.com/ intelligent-whitelisting/free-trial.aspx 25
Global Headquarters 8660 East Hartford Drive Suite 300 Scottsdale, AZ 85255 1.888.725.7828 info@lumension.com http://blog.lumension.com

Recomendados

Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Osama Salah
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against RansomwareSymantec
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection 13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection Worksighted
 
Branding a star
Branding a star Branding a star
Branding a star tobytrew
 
30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...
30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...
30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...Javier Duarte de Ochoa
 
3. pathways 1 introduction
3. pathways 1 introduction3. pathways 1 introduction
3. pathways 1 introductionNikki Mattson
 
Obiee beginner guide iv
Obiee beginner guide ivObiee beginner guide iv
Obiee beginner guide ivAmit Sharma
 
Expense report
Expense reportExpense report
Expense reportConfidential
 

Recomendados

Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Osama Salah
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against RansomwareSymantec
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection 13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection Worksighted
 
Branding a star
Branding a star Branding a star
Branding a star tobytrew
 
30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...
30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...
30 06 2014- El gobernador Javier Duarte brindó Conferencia de Prensa. Tema- ...Javier Duarte de Ochoa
 
3. pathways 1 introduction
3. pathways 1 introduction3. pathways 1 introduction
3. pathways 1 introductionNikki Mattson
 
Obiee beginner guide iv
Obiee beginner guide ivObiee beginner guide iv
Obiee beginner guide ivAmit Sharma
 
Expense report
Expense reportExpense report
Expense reportConfidential
 
хэрэглэгдэхүүн 5
хэрэглэгдэхүүн 5хэрэглэгдэхүүн 5
хэрэглэгдэхүүн 5Enhtuya Oidov
 
1 news item
1 news item1 news item
1 news itemNovi Yanti
 
Phys LO
Phys LOPhys LO
Phys LOmiriwagner
 
Happy Birthday
Happy BirthdayHappy Birthday
Happy BirthdayAmatllah Nour
 
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum DuurzaamDutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaamduurzame verhalen
 
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)Gareth Trotman
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsLumension
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary ResultsLumension
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Lumension
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftLumension
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskLumension
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateLumension
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Lumension
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Lumension
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskLumension
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security SolutionsLumension
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
 

Mais conteúdo relacionado

Destaque

хэрэглэгдэхүүн 5
хэрэглэгдэхүүн 5хэрэглэгдэхүүн 5
хэрэглэгдэхүүн 5Enhtuya Oidov
 
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum DuurzaamDutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaamduurzame verhalen
 
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)Gareth Trotman
 

Destaque (6)

хэрэглэгдэхүүн 5
хэрэглэгдэхүүн 5хэрэглэгдэхүүн 5
хэрэглэгдэхүүн 5
 
1 news item
1 news item1 news item
1 news item
 
Phys LO
Phys LOPhys LO
Phys LO
 
Happy Birthday
Happy BirthdayHappy Birthday
Happy Birthday
 
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum DuurzaamDutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam
Dutch Cuisine | Dag van de Duurzaamheid 2016 | Centrum Duurzaam
 
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)
Gareth Trotman P.P.A. July 2013 (Personality Profile Assessment)
 

Mais de Lumension

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsLumension
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary ResultsLumension
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Lumension
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftLumension
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskLumension
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateLumension
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Lumension
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Lumension
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskLumension
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security SolutionsLumension
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesLumension
 
BYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksBYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksLumension
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT RiskLumension
 
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...Lumension
 

Mais de Lumension (20)

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You?
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize Risk
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant Vulnerabilities
 
BYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksBYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security Risks
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
 
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
 

Último

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Último (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion

  • 2. Today’s Agenda Introduction Augment Your Defenses to Mitigate Zero-Days, with Lessons Learned from the Field • Laying the Groundwork • Creating Policies • Protecting Endpoints • Managing the Environment Q&A
  • 3. Today’s Panelists Douglas Walls David Murray Chief Information Officer Sr. Product Manager EMSolutions, Inc. Lumension 3
  • 4. Why Application Whitelisting Is Important AVERAGE detection rate after 30 days = 62% Today’s Endpoint Security Stack Sources of Endpoint Risk AV 5% Zero-Days Device Control 30% Application Missing Patches Control 65% Patch & Configuration Management Misconfigurations 4
  • 5. Benefits of a Solid Whitelisting Process Malware Costs Money Controlled Change is Good © Creative Commons / Kevin Dooley 5
  • 6. Application Whitelisting Best Practices Laying the Groundwork Application Managing the Creating Whitelisting Environment Policies Process Protecting Endpoints 6
  • 8. Groundwork | Policies | Lockdown | Management Clean Avoid End User Disruption • No need to reimage • Off-hours, thorough scan to remove known malware 8
  • 9. Groundwork | Policies | Lockdown | Management Scan 9
  • 10. Groundwork | Policies | Lockdown | Management Organize 10
  • 11. Groundwork | Policies | Lockdown | Management Denied Apps Eliminate unknown or unwanted applications on your endpoints User Endpoint View Admin Console View Prevent applications from executing even while endpoints are in monitor mode only 11
  • 13. Groundwork | Policies | Lockdown | Management Trusted Updater Automated whitelist maintenance reduces workload 13
  • 14. Groundwork | Policies | Lockdown | Management Trusted Publisher Automated whitelist maintenance reduces workload 14
  • 15. Groundwork | Policies | Lockdown | Management Trusted Path Automated whitelist maintenance reduces workload 15
  • 16. Groundwork | Policies | Lockdown | Management Monitor Stabilize Whitelist Maintenance • Full visibility into unaccounted for changes (good and bad) • Accommodate variations • Reduce maintenance workload 16
  • 17. Groundwork | Policies | Lockdown | Management Local Authorization Effectively Balance Security and Productivity • End user flexibility • “Third Way” between Monitor and Lockdown Admin Console View User Endpoint View 17
  • 19. Groundwork | Policies | Lockdown | Management Enforce Easy Transition • Minimize disruption • Provide flexibility • Minimize workload 19
  • 20. Groundwork | Policies | Lockdown | Management Fine-Tune Think Globally, Act Locally • Harmonize where appropriate • Anticipate future needs 20
  • 22. Groundwork | Policies | Lockdown | Management Control Is this a Known Bad? Should my Is this a users have this? Known Good? What is trying to install this? Is this Unwanted? Who wrote this? Where did this come from? 22
  • 23. Groundwork | Policies | Lockdown | Management Adapt Develop processes • Changes in environment • Changes in end user needs • Changes in business needs Create flexibility to balance security with productivity across entire organization © Creative Commons / Bruce Tuten 23
  • 24. Q&A
  • 25. More Information • Free Security Scanner Tools • Get a Quote (and more) » Application Scanner – discover all the apps http://www.lumension.com/ being used in your network intelligent-whitelisting/buy-now.aspx#7 » Vulnerability Scanner – discover all OS and application vulnerabilities on your network » Device Scanner – discover all the devices being used in your network http://www.lumension.com/Resources/ Security-Tools.aspx • Lumension® Intelligent Whitelisting™ » Online Demo Video: http://www.lumension.com/Resources/ Demo-Center/Endpoint-Security.aspx » Free Trial (virtual or download): http://www.lumension.com/ intelligent-whitelisting/free-trial.aspx 25
  • 26. Global Headquarters 8660 East Hartford Drive Suite 300 Scottsdale, AZ 85255 1.888.725.7828 info@lumension.com http://blog.lumension.com