SlideShare a Scribd company logo

Volume of Threat: The AV update deployment bottleneck

Anthony Arrott
Anthony Arrott

The document discusses the increasing volume of malware and how it is overwhelming traditional antivirus update systems. It presents data showing exponential growth in new malware samples identified each year. This increase in malware is leading to more antivirus pattern files and updates that are straining current deployment methods. The document proposes moving to a cloud-based architecture for antivirus pattern and software updates as a powerful new layer of defense that can help address these challenges.

1 of 17
Download to read offline
Volume of Threat: The AV Update Deployment Bottleneck Wei Yan • Anthony Arrott • Robert McArdle 10/2/2009 Copyright 2009 Trend Micro Inc. 1
Malware Volume Increase Number of New Unique Malware Samples Source: www.AV-Test.org 16000000 15 Million 14000000 12000000 10000000 8 Million 8000000 6000000 4.5 Million 4000000 2000000 1 Million 333 K 0 2005 2006 2007 2008 2009* Classification 10/2/2009 Copyright 2009 Trend Micro Inc. 2
More Samples -> More Patterns Increase in Malware Samples 10/2/2009 Copyright 2009 Trend Micro Inc. 3
More Samples -> More Patterns Increase in Malware Samples Increase in Patterns 10/2/2009 Copyright 2009 Trend Micro Inc. 4
More Samples -> More Patterns Increase in Malware Samples Increase in Patterns 10/2/2009 Copyright 2009 Trend Micro Inc. 5
AV Updates (Now) S H Signatures Static Signatures Heuristics Heuristics Copyright 2009 Trend Micro Inc. 6
AV Updates (Future) S Fingerprint Fi i t H Result Sig Index Static Signatures Heuristics Signatures Heuristics Copyright 2009 Trend Micro Inc. 7
Cloud Architecture Private Cloud Private Cloud Public Cloud Public Cloud • Complete Control • Limited API Access • Cl Clear control of QoS t l fQ S • Li it d Q S b d Limited QoS based on SLA SLA • Control Security Settings • Unclear Security Standards • Excellent Load Balancing & Excellent Load Balancing &  Location Awareness • Time Critical Systems • Non‐Time Critical Systems • Continuous Communications • Unpredictable  Communications Copyright 2009 Trend Micro Inc. 8
Putting it all together Private Cloud Private Cloud Public Cloud Public Cloud Web Threat Services Pattern Updates Malware Scanning Software Updates Correlation Load Balancing Pattern Updates Time Critical Location Aware Software Updates Software Updates Time Critical Service Oriented Management Adaptor Load Balancing Oriented Management Adaptor d Service l Location Aware Copyright 2009 Trend Micro Inc. 9
Does all this work? Source: NSS Labs – based on 231,351 tests on 3,243 unique malicious URLS - http://nsslabs.com/ Copyright 2009 Trend Micro Inc. 10
Conclusions Increase in Malware -> AV Update Bottleneck 10/2/2009 Copyright 2009 Trend Micro Inc. 11
Conclusions Increase in Malware -> AV Update Bottleneck Current Pattern Deployment on it’s last legs 10/2/2009 Copyright 2009 Trend Micro Inc. 12
Conclusions Increase in Malware -> AV Update Bottleneck Current Pattern Deployment on it’s last legs Cloud system is a powerful new layer of defense Classification 10/2/2009 Copyright 2009 Trend Micro Inc. 13
Classification 10/2/2009 Copyright 2009 Trend Micro Inc. 14
Backup Slides Copyright 2009 Trend Micro Inc.
NSS Labs Report Source: NSS Labs – based on 231,351 tests on 3,243 unique malicious URLS - http://nsslabs.com/ Copyright 2009 Trend Micro Inc. 16
NSS Labs Report Source: NSS Labs – based on 231,351 tests on 3,243 unique malicious URLS - http://nsslabs.com/ Copyright 2009 Trend Micro Inc. 17

Recommended

BreakingPoint Storm CTM Cost-Effective Testing Solution
BreakingPoint Storm CTM Cost-Effective Testing SolutionBreakingPoint Storm CTM Cost-Effective Testing Solution
BreakingPoint Storm CTM Cost-Effective Testing SolutionIxia
 
BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...
BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...
BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...Ixia
 
BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...
BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...
BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...Ixia
 
How to Test High-Performance Next-Generation Firewalls
How to Test High-Performance Next-Generation FirewallsHow to Test High-Performance Next-Generation Firewalls
How to Test High-Performance Next-Generation FirewallsIxia
 
LTE Testing
LTE TestingLTE Testing
LTE TestingIxia
 
Stormy Weather
Stormy Weather Stormy Weather
Stormy Weather Anthony Arrott
 
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersMeasuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersAnthony Arrott
 
Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020Anthony Arrott
 

Recommended

BreakingPoint Storm CTM Cost-Effective Testing Solution
BreakingPoint Storm CTM Cost-Effective Testing SolutionBreakingPoint Storm CTM Cost-Effective Testing Solution
BreakingPoint Storm CTM Cost-Effective Testing SolutionIxia
 
BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...
BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...
BreakingPoint & Juniper RSA Conference 2011 Presentation: Securing the High P...Ixia
 
BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...
BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...
BreakingPoint & Crossbeam RSA Conference 2011 Presentation: Evaluating High P...Ixia
 
How to Test High-Performance Next-Generation Firewalls
How to Test High-Performance Next-Generation FirewallsHow to Test High-Performance Next-Generation Firewalls
How to Test High-Performance Next-Generation FirewallsIxia
 
LTE Testing
LTE TestingLTE Testing
LTE TestingIxia
 
Stormy Weather
Stormy Weather Stormy Weather
Stormy Weather Anthony Arrott
 
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersMeasuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersAnthony Arrott
 
Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020Anthony Arrott
 
Stormy Weather
Stormy WeatherStormy Weather
Stormy WeatherAnthony Arrott
 
Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseCorso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseAntongiulio Bua
 
Corso oa lezione 11 - modificate
Corso oa lezione 11 - modificateCorso oa lezione 11 - modificate
Corso oa lezione 11 - modificateAntongiulio Bua
 
Vivifacile
VivifacileVivifacile
VivifacileAntongiulio Bua
 
Corso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneCorso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneAntongiulio Bua
 
Corso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiCorso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiAntongiulio Bua
 
Layer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public SectorLayer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public SectorCA API Management
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementjustinkallhoff
 
Antivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosAntivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosNextel S.A.
 
Journey to Cloud-Native: Making Sense of Your Service Interactions
Journey to Cloud-Native: Making Sense of Your Service InteractionsJourney to Cloud-Native: Making Sense of Your Service Interactions
Journey to Cloud-Native: Making Sense of Your Service InteractionsVMware Tanzu
 
Application security vision - John b
Application security vision - John bApplication security vision - John b
Application security vision - John bRoopa Nadkarni
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudRochester Security Summit
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With EaseThe New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With EaseInductive Automation
 
Oscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystemOscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystemhtdvul
 
From Zero to still Zero: The most beautiful mistakes going into the cloud.
From Zero to still Zero: The most beautiful mistakes going into the cloud. From Zero to still Zero: The most beautiful mistakes going into the cloud.
From Zero to still Zero: The most beautiful mistakes going into the cloud. OPEN KNOWLEDGE GmbH
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudAlert Logic
 
Security TechTalk | AWS Public Sector Summit 2016
Security TechTalk | AWS Public Sector Summit 2016Security TechTalk | AWS Public Sector Summit 2016
Security TechTalk | AWS Public Sector Summit 2016Amazon Web Services
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease Inductive Automation
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alAlert Logic
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 

More Related Content

Viewers also liked

Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseCorso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseAntongiulio Bua
 
Corso oa lezione 11 - modificate
Corso oa lezione 11 - modificateCorso oa lezione 11 - modificate
Corso oa lezione 11 - modificateAntongiulio Bua
 
Corso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneCorso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneAntongiulio Bua
 
Corso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiCorso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiAntongiulio Bua
 

Viewers also liked (6)

Stormy Weather
Stormy WeatherStormy Weather
Stormy Weather
 
Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseCorso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di base
 
Corso oa lezione 11 - modificate
Corso oa lezione 11 - modificateCorso oa lezione 11 - modificate
Corso oa lezione 11 - modificate
 
Vivifacile
VivifacileVivifacile
Vivifacile
 
Corso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneCorso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazione
 
Corso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiCorso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. sociali
 

Similar to Volume of Threat: The AV update deployment bottleneck

Layer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public SectorLayer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public SectorCA API Management
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementjustinkallhoff
 
Antivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosAntivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosNextel S.A.
 
Journey to Cloud-Native: Making Sense of Your Service Interactions
Journey to Cloud-Native: Making Sense of Your Service InteractionsJourney to Cloud-Native: Making Sense of Your Service Interactions
Journey to Cloud-Native: Making Sense of Your Service InteractionsVMware Tanzu
 
Application security vision - John b
Application security vision - John bApplication security vision - John b
Application security vision - John bRoopa Nadkarni
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudRochester Security Summit
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With EaseThe New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With EaseInductive Automation
 
Oscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystemOscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystemhtdvul
 
From Zero to still Zero: The most beautiful mistakes going into the cloud.
From Zero to still Zero: The most beautiful mistakes going into the cloud. From Zero to still Zero: The most beautiful mistakes going into the cloud.
From Zero to still Zero: The most beautiful mistakes going into the cloud. OPEN KNOWLEDGE GmbH
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudAlert Logic
 
Security TechTalk | AWS Public Sector Summit 2016
Security TechTalk | AWS Public Sector Summit 2016Security TechTalk | AWS Public Sector Summit 2016
Security TechTalk | AWS Public Sector Summit 2016Amazon Web Services
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease Inductive Automation
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alAlert Logic
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
Cloud-Native Applications with Microservices and Containers
Cloud-Native Applications with Microservices and ContainersCloud-Native Applications with Microservices and Containers
Cloud-Native Applications with Microservices and ContainersDaniel Berg
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAmazon Web Services
 

Similar to Volume of Threat: The AV update deployment bottleneck (20)

Layer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public SectorLayer 7: Cloud Security For The Public Sector
Layer 7: Cloud Security For The Public Sector
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Antivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosAntivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizados
 
Journey to Cloud-Native: Making Sense of Your Service Interactions
Journey to Cloud-Native: Making Sense of Your Service InteractionsJourney to Cloud-Native: Making Sense of Your Service Interactions
Journey to Cloud-Native: Making Sense of Your Service Interactions
 
Application security vision - John b
Application security vision - John bApplication security vision - John b
Application security vision - John b
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public Cloud
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With EaseThe New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
 
Oscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystemOscon anatomy of_os_cloud_ecosystem
Oscon anatomy of_os_cloud_ecosystem
 
From Zero to still Zero: The most beautiful mistakes going into the cloud.
From Zero to still Zero: The most beautiful mistakes going into the cloud. From Zero to still Zero: The most beautiful mistakes going into the cloud.
From Zero to still Zero: The most beautiful mistakes going into the cloud.
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
 
Security TechTalk | AWS Public Sector Summit 2016
Security TechTalk | AWS Public Sector Summit 2016Security TechTalk | AWS Public Sector Summit 2016
Security TechTalk | AWS Public Sector Summit 2016
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
 
Cloud-Native Applications with Microservices and Containers
Cloud-Native Applications with Microservices and ContainersCloud-Native Applications with Microservices and Containers
Cloud-Native Applications with Microservices and Containers
 
Presd1 10
Presd1 10Presd1 10
Presd1 10
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
 
Securing a Cloud Migration
Securing a Cloud MigrationSecuring a Cloud Migration
Securing a Cloud Migration
 

Volume of Threat: The AV update deployment bottleneck

  • 1. Volume of Threat: The AV Update Deployment Bottleneck Wei Yan • Anthony Arrott • Robert McArdle 10/2/2009 Copyright 2009 Trend Micro Inc. 1
  • 2. Malware Volume Increase Number of New Unique Malware Samples Source: www.AV-Test.org 16000000 15 Million 14000000 12000000 10000000 8 Million 8000000 6000000 4.5 Million 4000000 2000000 1 Million 333 K 0 2005 2006 2007 2008 2009* Classification 10/2/2009 Copyright 2009 Trend Micro Inc. 2
  • 3. More Samples -> More Patterns Increase in Malware Samples 10/2/2009 Copyright 2009 Trend Micro Inc. 3
  • 4. More Samples -> More Patterns Increase in Malware Samples Increase in Patterns 10/2/2009 Copyright 2009 Trend Micro Inc. 4
  • 5. More Samples -> More Patterns Increase in Malware Samples Increase in Patterns 10/2/2009 Copyright 2009 Trend Micro Inc. 5
  • 6. AV Updates (Now) S H Signatures Static Signatures Heuristics Heuristics Copyright 2009 Trend Micro Inc. 6
  • 7. AV Updates (Future) S Fingerprint Fi i t H Result Sig Index Static Signatures Heuristics Signatures Heuristics Copyright 2009 Trend Micro Inc. 7
  • 8. Cloud Architecture Private Cloud Private Cloud Public Cloud Public Cloud • Complete Control • Limited API Access • Cl Clear control of QoS t l fQ S • Li it d Q S b d Limited QoS based on SLA SLA • Control Security Settings • Unclear Security Standards • Excellent Load Balancing & Excellent Load Balancing &  Location Awareness • Time Critical Systems • Non‐Time Critical Systems • Continuous Communications • Unpredictable  Communications Copyright 2009 Trend Micro Inc. 8
  • 9. Putting it all together Private Cloud Private Cloud Public Cloud Public Cloud Web Threat Services Pattern Updates Malware Scanning Software Updates Correlation Load Balancing Pattern Updates Time Critical Location Aware Software Updates Software Updates Time Critical Service Oriented Management Adaptor Load Balancing Oriented Management Adaptor d Service l Location Aware Copyright 2009 Trend Micro Inc. 9
  • 10. Does all this work? Source: NSS Labs – based on 231,351 tests on 3,243 unique malicious URLS - http://nsslabs.com/ Copyright 2009 Trend Micro Inc. 10
  • 11. Conclusions Increase in Malware -> AV Update Bottleneck 10/2/2009 Copyright 2009 Trend Micro Inc. 11
  • 12. Conclusions Increase in Malware -> AV Update Bottleneck Current Pattern Deployment on it’s last legs 10/2/2009 Copyright 2009 Trend Micro Inc. 12
  • 13. Conclusions Increase in Malware -> AV Update Bottleneck Current Pattern Deployment on it’s last legs Cloud system is a powerful new layer of defense Classification 10/2/2009 Copyright 2009 Trend Micro Inc. 13
  • 14. Classification 10/2/2009 Copyright 2009 Trend Micro Inc. 14
  • 15. Backup Slides Copyright 2009 Trend Micro Inc.
  • 16. NSS Labs Report Source: NSS Labs – based on 231,351 tests on 3,243 unique malicious URLS - http://nsslabs.com/ Copyright 2009 Trend Micro Inc. 16
  • 17. NSS Labs Report Source: NSS Labs – based on 231,351 tests on 3,243 unique malicious URLS - http://nsslabs.com/ Copyright 2009 Trend Micro Inc. 17