SlideShare a Scribd company logo

Securing data flow to and from organizations

Download as PPTX, PDF
OPSWAT
OPSWAT

Presented by Benny Czarny, OPSWAT CEO, at INSS Workshop 2013

Technology
1 of 25
Securing data workflow to and from organizations Benny Czarny CEO OPSWAT,Inc.
Introduction to OPSWAT  Founded 2002  Based in San Francisco  Employees, contractors and interns: 115  Over 50 OEM customers  Over 500 direct customers  100+ certified technical partners  1000+ certified applications
OPSWAT Technologies Secure Manage Control Company Development tools  OESIS®, AppRemover and Secure Virtual Desktop  Secure Data workflow  Metascan and Metadefender  Automated Testing platform and Cloud Sandboxing  Nexperior  Device manageability and security  GEARS Cloud
SSL VPN and NAC Some Customers by Vertical Network Compliance and Vulnerability Assessment Support Tools Government Managed Services Antivirus Vendors
How to secure the data workflow ? What type of threats are we up against ? How many threats are we up against ? What are the capabilities of the security solutions ? Questionsto ask ourselves
What type of threats are we up against?  Computer Viruses are an NP-complete problem  NP complete problems cannot be solved in an easy to measure time in any known way http://www.dmst.aueb.gr/dds/pubs/jrnl/2002-ieeetit- npvirus/html/npvirus.pdf
What type of threats are we up against?  Ways to solve NP complete problems include  Approximation: -an "almost" optimal solution.  Randomization: allow the algorithm to fail with some small probability.  Heuristic: An algorithm that works "reasonably well".
What type of threats are we up against?  Known threats  Unknown threats
How many threats are we up against ?
How many threats are we up against? Source: McAfee Source: Av-Test.org Differencesin reporting the total amount of threats
How many threats are we up against? Source: McAfee Source: Av-Test.org Differencesin detection rates for new malware
What are the capabilities of the security solutions? Measuring the quality of antimalware engines How can we measure the quality of antivirus engines  Detection coverage  Response time  Operating system compatibility  Amount of False positives  Certification by
What are the capabilities of the security solutions? November 2010 February 2011 August 2011 AV Comparatives 97.6 % 95.8 % 92.1 % AV Test 97 % 99 % 96 % Measuring the quality of antimalware engines AMTSO’s mission is to develop and publish standards and best practices for testing of antimalware products
What are the capabilities of the security solutions? Antivirus productvulnerabilitiesfrom the National VulnerabilityDatabase 0 10 20 30 40 50 60 70 2005 2006 2007 2008 2009 2010 2011 2012 NumberofVulnerabilitiesinAntivirusproducts[CVEs] Year
What are the capabilities of the security solutions ? Antivirus  Tested 30 known malware files (Disguised as documents or embedded within documents)  Fewest number of engines detecting the threat was 10 (out of 43)  Highest number of engines detecting the threat was 30 (out of 43)
What are the capabilities of the security solutions ? Sandbox?  Tested 30 known malware files (Disguised as documents or embedded within documents)  Lowest number of threats detected was 3  Highest number of threats detected was 23
What are the capabilities of the security solutions Sandboxing X1% Protection level : 100% Multiscannin g X2% Protection level: Measuring detection coverage
Conclusion  Viruses and vulnerabilities are very hard to detect  No current answer about the amount of threats  No clear answer about the quality of the security solutions
Conclusion What can we do  Use many antivirus engines to protect against known and unknown threats using heuristics and sandboxes  Sanitize the data to protect against unknown threats  Protect the security system
Use many antimalware engines This graph shows the time between malware outbreakandAntivirus detection by sixAntivirus engines for 75 outbreaks over three months. No Vendor detects every outbreak. Only by combining six engines in a multiscanningsolution are outbreaks detected quickly. By adding additional engines,zero hour detection rates increase further. Zero hour detection 5 min to 5 days No detection at 5 days
What are the capabilities of the security solutions Sandboxing X1% Protection level : 100% Multiscannin g X2% Protection level: Measuring detection coverage
Sanitize the data to protect against unknown threats Sanitize the data in a well defined process 1. User Authentication 2. Input Policy Based on User Privileges 3. File Type Policy 4. Scan by Many Antivirus engines 5. Embedded Object and Macro Removal via File Type Conversion 6. File and Media Signature Verification 7. Notification to the user data is ready 8. File and Media Deletion Keep a healthy tradeoff between security and usability
Protect the security system  Execute sensitive tasks in an isolated virtualized environments  Revert your system on an ongoing basis  Check the memory integrity and the disk integrity of your system  Patch the system and its components  Constantly review the security architecture
Questions
References Av-test.com Av-comparatives.com www.metascan-online.com Amtso Software system defect content prediction from development process and product characteristics - Harris institute McAfee

Recommended

Cyber security
Cyber securityCyber security
Cyber securitySakib Sami
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesHakan Yüksel
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
A new way to prevent Botnet Attack
A new way to prevent Botnet AttackA new way to prevent Botnet Attack
A new way to prevent Botnet Attackyennhi2812
 
Cyber security
Cyber securityCyber security
Cyber securityShaibal Ahmed
 
Cyber security
Cyber securityCyber security
Cyber securitycolebassett
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
SYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionSYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionAfna Crcs
 

Recommended

Cyber security
Cyber securityCyber security
Cyber securitySakib Sami
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesHakan Yüksel
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
A new way to prevent Botnet Attack
A new way to prevent Botnet AttackA new way to prevent Botnet Attack
A new way to prevent Botnet Attackyennhi2812
 
Cyber security
Cyber securityCyber security
Cyber securityShaibal Ahmed
 
Cyber security
Cyber securityCyber security
Cyber securitycolebassett
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
SYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionSYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionAfna Crcs
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber securitySandip Juthani
 
Cyber security
Cyber securityCyber security
Cyber securityabithajayavel
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Morakinyo Animasaun
 
Cyber Threat Simulation
Cyber Threat SimulationCyber Threat Simulation
Cyber Threat SimulationTonex
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
cyber security
cyber securitycyber security
cyber securityabithajayavel
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04Kyle Lai
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securityVansh Bathla
 
Masters in cyber security
Masters in cyber securityMasters in cyber security
Masters in cyber securityVihaanBajaj
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber security
Cyber securityCyber security
Cyber securityvishakha bhagwat
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityAvantika University
 
Tel It to the People: Technology Enhanced Learning and the Making and Hacking...
Tel It to the People: Technology Enhanced Learning and the Making and Hacking...Tel It to the People: Technology Enhanced Learning and the Making and Hacking...
Tel It to the People: Technology Enhanced Learning and the Making and Hacking...Brock Craft
 
The Value of Multi-scanning
The Value of Multi-scanningThe Value of Multi-scanning
The Value of Multi-scanningOPSWAT
 

More Related Content

What's hot

Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber securitySandip Juthani
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Morakinyo Animasaun
 
Cyber Threat Simulation
Cyber Threat SimulationCyber Threat Simulation
Cyber Threat SimulationTonex
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04Kyle Lai
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securityVansh Bathla
 
Masters in cyber security
Masters in cyber securityMasters in cyber security
Masters in cyber securityVihaanBajaj
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityAvantika University
 

What's hot (20)

Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
 
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
Be Prepared: Emerging Cyber Security Threats, Vulnerabilities and Risks on Ca...
 
Cyber Threat Simulation
Cyber Threat SimulationCyber Threat Simulation
Cyber Threat Simulation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
cyber security
cyber securitycyber security
cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber security
 
Masters in cyber security
Masters in cyber securityMasters in cyber security
Masters in cyber security
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber security
Cyber securityCyber security
Cyber security
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika University
 

Viewers also liked

Tel It to the People: Technology Enhanced Learning and the Making and Hacking...
Tel It to the People: Technology Enhanced Learning and the Making and Hacking...Tel It to the People: Technology Enhanced Learning and the Making and Hacking...
Tel It to the People: Technology Enhanced Learning and the Making and Hacking...Brock Craft
 
The Value of Multi-scanning
The Value of Multi-scanningThe Value of Multi-scanning
The Value of Multi-scanningOPSWAT
 
Protecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email ThreatsProtecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email ThreatsOPSWAT
 
Sketch ins- a tel design technique
Sketch ins- a tel design techniqueSketch ins- a tel design technique
Sketch ins- a tel design techniqueBrock Craft
 
TEL it to the People
TEL it to the PeopleTEL it to the People
TEL it to the PeopleBrock Craft
 
Securing Nuclear Facilities
Securing Nuclear FacilitiesSecuring Nuclear Facilities
Securing Nuclear FacilitiesOPSWAT
 
Notes on visual representation
Notes on visual representationNotes on visual representation
Notes on visual representationBrock Craft
 

Viewers also liked (8)

Tel It to the People: Technology Enhanced Learning and the Making and Hacking...
Tel It to the People: Technology Enhanced Learning and the Making and Hacking...Tel It to the People: Technology Enhanced Learning and the Making and Hacking...
Tel It to the People: Technology Enhanced Learning and the Making and Hacking...
 
The Value of Multi-scanning
The Value of Multi-scanningThe Value of Multi-scanning
The Value of Multi-scanning
 
Protecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email ThreatsProtecting the Oil and Gas Industry from Email Threats
Protecting the Oil and Gas Industry from Email Threats
 
Sketch ins- a tel design technique
Sketch ins- a tel design techniqueSketch ins- a tel design technique
Sketch ins- a tel design technique
 
TEL it to the People
TEL it to the PeopleTEL it to the People
TEL it to the People
 
Of Bikes & Bits
Of Bikes & BitsOf Bikes & Bits
Of Bikes & Bits
 
Securing Nuclear Facilities
Securing Nuclear FacilitiesSecuring Nuclear Facilities
Securing Nuclear Facilities
 
Notes on visual representation
Notes on visual representationNotes on visual representation
Notes on visual representation
 

Similar to Securing data flow to and from organizations

Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureUsing Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureOPSWAT
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008tswong
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperMohd Anwar Jamal Faiz
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXNGINX, Inc.
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environmentsamiable_indian
 
Software Security Initiatives
Software Security InitiativesSoftware Security Initiatives
Software Security InitiativesMarco Morana
 
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersMeasuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersAnthony Arrott
 
六合彩香港-六合彩
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩baoyin
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
Security testing
Security testingSecurity testing
Security testing99tests
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chanceDr. Anish Cheriyan (PhD)
 
Capability presentation app security Entersoft
Capability presentation app security EntersoftCapability presentation app security Entersoft
Capability presentation app security Entersoftmohangandhi_entersoft
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutionsguest609a5ed
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And SolutionsHannan Ahmed
 
Vulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq HanayshaVulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq HanayshaHanaysha
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Osama Salah
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 

Similar to Securing data flow to and from organizations (20)

Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureUsing Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environments
 
Software Security Initiatives
Software Security InitiativesSoftware Security Initiatives
Software Security Initiatives
 
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersMeasuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to Customers
 
六合彩香港-六合彩
六合彩香港-六合彩六合彩香港-六合彩
六合彩香港-六合彩
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
Security testing
Security testingSecurity testing
Security testing
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
 
IKare Vulnerability Scanner - Datasheet EN
IKare Vulnerability Scanner - Datasheet ENIKare Vulnerability Scanner - Datasheet EN
IKare Vulnerability Scanner - Datasheet EN
 
Capability presentation app security Entersoft
Capability presentation app security EntersoftCapability presentation app security Entersoft
Capability presentation app security Entersoft
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutions
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutions
 
Vulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq HanayshaVulnerability scanning report by Tareq Hanaysha
Vulnerability scanning report by Tareq Hanaysha
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And Risk
 

More from OPSWAT

Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown ThreatsOPSWAT
 
How to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted ApplicationsHow to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted ApplicationsOPSWAT
 
3 Cases for Quarantine Confirgurations
3 Cases for Quarantine Confirgurations3 Cases for Quarantine Confirgurations
3 Cases for Quarantine ConfirgurationsOPSWAT
 
Reasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftReasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftOPSWAT
 
Defense Innovation Summit
Defense Innovation SummitDefense Innovation Summit
Defense Innovation SummitOPSWAT
 
Top 10 Facts About Data Breaches
Top 10 Facts About Data BreachesTop 10 Facts About Data Breaches
Top 10 Facts About Data BreachesOPSWAT
 
Metascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for LinuxMetascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for LinuxOPSWAT
 
Secure Data Workflow
Secure Data WorkflowSecure Data Workflow
Secure Data WorkflowOPSWAT
 
Network Security for Employees
Network Security for Employees Network Security for Employees
Network Security for Employees OPSWAT
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
Introduction to OESIS Framework
Introduction to OESIS FrameworkIntroduction to OESIS Framework
Introduction to OESIS FrameworkOPSWAT
 
Introduction to Metascan Client
Introduction to Metascan ClientIntroduction to Metascan Client
Introduction to Metascan ClientOPSWAT
 
Metascan Multi-scanning Technology
Metascan Multi-scanning TechnologyMetascan Multi-scanning Technology
Metascan Multi-scanning TechnologyOPSWAT
 

More from OPSWAT (13)

Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown Threats
 
How to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted ApplicationsHow to Identify Potentially Unwanted Applications
How to Identify Potentially Unwanted Applications
 
3 Cases for Quarantine Confirgurations
3 Cases for Quarantine Confirgurations3 Cases for Quarantine Confirgurations
3 Cases for Quarantine Confirgurations
 
Reasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record TheftReasons for the Popularity of Medical Record Theft
Reasons for the Popularity of Medical Record Theft
 
Defense Innovation Summit
Defense Innovation SummitDefense Innovation Summit
Defense Innovation Summit
 
Top 10 Facts About Data Breaches
Top 10 Facts About Data BreachesTop 10 Facts About Data Breaches
Top 10 Facts About Data Breaches
 
Metascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for LinuxMetascan Multi-Scanning Technology for Linux
Metascan Multi-Scanning Technology for Linux
 
Secure Data Workflow
Secure Data WorkflowSecure Data Workflow
Secure Data Workflow
 
Network Security for Employees
Network Security for Employees Network Security for Employees
Network Security for Employees
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
Introduction to OESIS Framework
Introduction to OESIS FrameworkIntroduction to OESIS Framework
Introduction to OESIS Framework
 
Introduction to Metascan Client
Introduction to Metascan ClientIntroduction to Metascan Client
Introduction to Metascan Client
 
Metascan Multi-scanning Technology
Metascan Multi-scanning TechnologyMetascan Multi-scanning Technology
Metascan Multi-scanning Technology
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

Securing data flow to and from organizations

  • 1. Securing data workflow to and from organizations Benny Czarny CEO OPSWAT,Inc.
  • 2. Introduction to OPSWAT  Founded 2002  Based in San Francisco  Employees, contractors and interns: 115  Over 50 OEM customers  Over 500 direct customers  100+ certified technical partners  1000+ certified applications
  • 3. OPSWAT Technologies Secure Manage Control Company Development tools  OESIS®, AppRemover and Secure Virtual Desktop  Secure Data workflow  Metascan and Metadefender  Automated Testing platform and Cloud Sandboxing  Nexperior  Device manageability and security  GEARS Cloud
  • 4. SSL VPN and NAC Some Customers by Vertical Network Compliance and Vulnerability Assessment Support Tools Government Managed Services Antivirus Vendors
  • 5. How to secure the data workflow ? What type of threats are we up against ? How many threats are we up against ? What are the capabilities of the security solutions ? Questionsto ask ourselves
  • 6. What type of threats are we up against?  Computer Viruses are an NP-complete problem  NP complete problems cannot be solved in an easy to measure time in any known way http://www.dmst.aueb.gr/dds/pubs/jrnl/2002-ieeetit- npvirus/html/npvirus.pdf
  • 7. What type of threats are we up against?  Ways to solve NP complete problems include  Approximation: -an "almost" optimal solution.  Randomization: allow the algorithm to fail with some small probability.  Heuristic: An algorithm that works "reasonably well".
  • 8. What type of threats are we up against?  Known threats  Unknown threats
  • 9. How many threats are we up against ?
  • 10. How many threats are we up against? Source: McAfee Source: Av-Test.org Differencesin reporting the total amount of threats
  • 11. How many threats are we up against? Source: McAfee Source: Av-Test.org Differencesin detection rates for new malware
  • 12. What are the capabilities of the security solutions? Measuring the quality of antimalware engines How can we measure the quality of antivirus engines  Detection coverage  Response time  Operating system compatibility  Amount of False positives  Certification by
  • 13. What are the capabilities of the security solutions? November 2010 February 2011 August 2011 AV Comparatives 97.6 % 95.8 % 92.1 % AV Test 97 % 99 % 96 % Measuring the quality of antimalware engines AMTSO’s mission is to develop and publish standards and best practices for testing of antimalware products
  • 14. What are the capabilities of the security solutions? Antivirus productvulnerabilitiesfrom the National VulnerabilityDatabase 0 10 20 30 40 50 60 70 2005 2006 2007 2008 2009 2010 2011 2012 NumberofVulnerabilitiesinAntivirusproducts[CVEs] Year
  • 15. What are the capabilities of the security solutions ? Antivirus  Tested 30 known malware files (Disguised as documents or embedded within documents)  Fewest number of engines detecting the threat was 10 (out of 43)  Highest number of engines detecting the threat was 30 (out of 43)
  • 16. What are the capabilities of the security solutions ? Sandbox?  Tested 30 known malware files (Disguised as documents or embedded within documents)  Lowest number of threats detected was 3  Highest number of threats detected was 23
  • 17. What are the capabilities of the security solutions Sandboxing X1% Protection level : 100% Multiscannin g X2% Protection level: Measuring detection coverage
  • 18. Conclusion  Viruses and vulnerabilities are very hard to detect  No current answer about the amount of threats  No clear answer about the quality of the security solutions
  • 19. Conclusion What can we do  Use many antivirus engines to protect against known and unknown threats using heuristics and sandboxes  Sanitize the data to protect against unknown threats  Protect the security system
  • 20. Use many antimalware engines This graph shows the time between malware outbreakandAntivirus detection by sixAntivirus engines for 75 outbreaks over three months. No Vendor detects every outbreak. Only by combining six engines in a multiscanningsolution are outbreaks detected quickly. By adding additional engines,zero hour detection rates increase further. Zero hour detection 5 min to 5 days No detection at 5 days
  • 21. What are the capabilities of the security solutions Sandboxing X1% Protection level : 100% Multiscannin g X2% Protection level: Measuring detection coverage
  • 22. Sanitize the data to protect against unknown threats Sanitize the data in a well defined process 1. User Authentication 2. Input Policy Based on User Privileges 3. File Type Policy 4. Scan by Many Antivirus engines 5. Embedded Object and Macro Removal via File Type Conversion 6. File and Media Signature Verification 7. Notification to the user data is ready 8. File and Media Deletion Keep a healthy tradeoff between security and usability
  • 23. Protect the security system  Execute sensitive tasks in an isolated virtualized environments  Revert your system on an ongoing basis  Check the memory integrity and the disk integrity of your system  Patch the system and its components  Constantly review the security architecture
  • 25. References Av-test.com Av-comparatives.com www.metascan-online.com Amtso Software system defect content prediction from development process and product characteristics - Harris institute McAfee

Editor's Notes

  1. Hello Everybody my name is Benny Czarny CEO of OPSWAT the Manufacture of Thank west coast labs you for the opportunity to sponser West coast  OESIS – Managability technology Metascan - Multiscanning technologies On demand desktop isolation technology AppRemover – technology to Uninstall Security applications I am sure that many if not all What I am going to talk about is trying to quantify multiscanning measurements
  2. Before we begin lets quickly discuss Why Mutliscanning What is the trade off Lets try to simplify whyWhen you are trying to protect yourselves against any threat It does not have to be a virus What type of threat you are trying what is the capability of our solution For example you protect against Data loss – by implementing back up If you are trying to protect against an army –How many soldiers are planning to attack How many soldiers do we have , how they are equipped , How many threats we are against ?What is the capability of an antivirus to detect a threat
  3. http://www.cknow.com/cms/vtutor/number-of-viruses.html
  4. So what is the total number of threats ?Here are numbers I pulled from you from 2 different resources Mcafee and av-test.org There are many more resources such as Virus encyclopedias of multiple vendors This was simple to findSimple google image amount of malware IT is very clear to see that over a course of a year and a halfMfafee and AV-test did not reprt the same numberSYes I know that some would argue
  5. Even more Total numbers of new threats is also inconclusiveHow can you check who detects 100% when you do not know what is 100%
  6. Now lets see what is the capability of our antimalware engines We have antimalware engines How can you measure the quality of antimalware engines ?Detection coverageResponse time Operating system compatibility Amount of False positiveCompanies such as ICSA Labs AV comparatives west coast Labs AV test Virus Builtin came with their own metrics , and keep publish their research and testing results
  7. In this example I outlined here for you how 2 different companies publish reports of quality of antimalware reports different numbers Each company has a different criteria's to measure the quality of the engines and different rating system I’d like to mention that the organization AMTSO ( founded at 2008 by Richard develop testing standards for antimalware ) We still see inconsistent numbers
  8. Taken from the National Vulnerability DatabaseNumber of CVS found with a search of ‘antivirus’ – results were from various Antivirus products
  9. The assumption that antiviurs engines are events that are not mutually exclusive So if we have the global amount of threats an antivirus can detect we should expect :Threats detected only by Antiviurs A Threats Detected only by Antivirus B Threats detected by Antivirus A and Antivirus B
  10. The conclusion is obvious When you do not know what you are up against , When you can’t really measure the quality of the tools you are working with Multiscanining is a trivial choice
  11. The conclusion is obvious When you do not know what you are up against , When you can’t really measure the quality of the tools you are working with Multiscanining is a trivial choice
  12. Green is zero hour detectionYellow is 2 min to 5 daysRed is more than 5 days
  13. The assumption that antiviurs engines are events that are not mutually exclusive So if we have the global amount of threats an antivirus can detect we should expect :Threats detected only by Antiviurs A Threats Detected only by Antivirus B Threats detected by Antivirus A and Antivirus B