SlideShare uma empresa Scribd logo

Top 5 wi fi security threats

Transferir como PPTX, PDF
gruzabb
gruzabb
Tecnologia
1 de 15
Top 5 Wi-Fi Security Threats Dr. Pravin Bhagwat CTO, AirTight Networks © 2013 AirTight Networks, Inc. All rights reserved.
Wave of Wireless Consumerization  Uncontrolled increase in Wi-Fi devices  Most client Wi-Fi devices can operate in multiple modes  Do you know what’s happening on your network and premises? © 2013 AirTight Networks, Inc. All rights reserved. 2
TJX Breach – The Tip of the Iceberg Additional breaches © 2013 AirTight Networks, Inc. All rights reserved. 3
Rogue APs • APs attached to the enterprise LAN without permission • Backdoor to the enterprise LAN © 2013 AirTight Networks, Inc. All rights reserved. 4
Soft Rogue APs     Network interface bridging Internet connection sharing (ICS) Add-on devices (e.g., Windy31) Windows 7 Virtual Wi-Fi © 2013 AirTight Networks, Inc. All rights reserved. 5
Client Misbehavior and Man-in-the-middle Attacks • • • • Ad-hoc connections Connections to external APs Probing for vulnerable SSIDs Honeypot/Evil Twin target © 2013 AirTight Networks, Inc. All rights reserved. 6
Bring Your Own Device (BYOD) WPA2/802.1x alone cannot prevent unauthorized devices from accessing the enterprise network © 2013 AirTight Networks, Inc. All rights reserved. 7
Recap of Common Intrusion and Extrusion Threats © 2013 AirTight Networks, Inc. All rights reserved. 8
Wireless Security Strategies That Don’t Work! A “No Wi-Fi” policy without enforcement We don’t have “that” problem because… © 2013 AirTight Networks, Inc. All rights reserved. 9
MDM ≠ Network Security No visibility into Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Scope limited to “managed” devices that run MDM agent What is the incentive to install MDM agents on personal devices? © 2013 AirTight Networks, Inc. All rights reserved. 10
NAC ≠ Wireless Security Scope limited to BYOD on “managed” WLAN Cannot block Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Suffers from “blind spots” – unauthorized Wi-Fi devices connecting via authorized devices © 2013 AirTight Networks, Inc. All rights reserved. 11
Wireless Intrusion Prevention System (WIPS) Automatic Device Classification Comprehensive Threat Coverage Accurate Location Tracking Reliable Threat Prevention BYOD Policy Enforcement © 2013 AirTight Networks, Inc. All rights reserved. 12
Wireless Security Enforcement using WIPS AP Classification Authorized APs Mis-config Policy GO DoS Client Classification Authorized Clients STOP Rogue APs (On Network) STOP Rogue Clients External Clients External APs IGNORE AUTOMATICALLY DETECT AND BLOCK RED PATHS! With this in place, your network is protected from all types of wireless threats, vulnerabilities and attack tools! © 2013 AirTight Networks, Inc. All rights reserved. 13
Identifying a True WIPS: WIDS vs. WIPS Prevalent WIDS Approach Cat and mouse chase of exploits, tools and signatures True WIPS Approach Protects against the fundamental wireless threat building blocks © 2013 AirTight Networks, Inc. All rights reserved. 14
Thank You! Cloud Managed Secure Wi-Fi Solutions www.airtightnetworks.com info@airtightnetworks.com @AirTight +1 877 424 7844 US DoD Approved © 2013 AirTight Networks, Inc. All rights reserved. 15

Recomendados

Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Ryan Orsi
 
Implementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraImplementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraKappa Data
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Cyber Security in the Financial Industry
Cyber Security in the Financial IndustryCyber Security in the Financial Industry
Cyber Security in the Financial IndustryJames Bergren
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow DevicesForescout Technologies Inc
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneJose L. Quiñones-Borrero
 
ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForescout Technologies Inc
 

Recomendados

Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Trusted Wireless Environment (TWE)
Trusted Wireless Environment (TWE)Ryan Orsi
 
Implementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraImplementing Enterprise Wireless Security Policy in the BYOD Era
Implementing Enterprise Wireless Security Policy in the BYOD EraKappa Data
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Cyber Security in the Financial Industry
Cyber Security in the Financial IndustryCyber Security in the Financial Industry
Cyber Security in the Financial IndustryJames Bergren
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow DevicesForescout Technologies Inc
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneJose L. Quiñones-Borrero
 
ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForescout Technologies Inc
 
SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsForeScout Technologies
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8Phillip LiPari
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas companyLiora R. Herman
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security TipsCentextech
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?Bangladesh Network Operators Group
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against themNick Allott
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai RevisitedClare Nelson, CISSP, CIPP-E
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...PROFIBUS and PROFINET InternationaI - PI UK
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - SlidesezSec
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseItai Bass
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalMary McEvoy Carroll
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 

Mais conteúdo relacionado

Mais procurados

SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsForeScout Technologies
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas companyLiora R. Herman
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security TipsCentextech
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalFrank Siepmann
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against themNick Allott
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security PatternsMark Benson
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...PROFIBUS and PROFINET InternationaI - PI UK
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - SlidesezSec
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseItai Bass
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalMary McEvoy Carroll
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)mike parks
 

Mais procurados (20)

SC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey ResultsSC Magazine & ForeScout Survey Results
SC Magazine & ForeScout Survey Results
 
LiPari_Assignment8
LiPari_Assignment8LiPari_Assignment8
LiPari_Assignment8
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas company
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the Enterprise
 
IoT Device Security Tips
IoT Device Security TipsIoT Device Security Tips
IoT Device Security Tips
 
The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?The Post Covid-19 Cybersecurity World - Where Is It Headed?
The Post Covid-19 Cybersecurity World - Where Is It Headed?
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
 
IoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 finalIoT Security Briefing FBI 07 23-2017 final
IoT Security Briefing FBI 07 23-2017 final
 
IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
 
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
Safety & Security in OT Environments - Cliff Martin, Principal Engineer, BAE ...
 
R1 - Slides
R1 - SlidesR1 - Slides
R1 - Slides
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
IntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile EnterpriseIntactPhone: Securing the Mobile Enterprise
IntactPhone: Securing the Mobile Enterprise
 
Top5 protectiondomains infographic_final
Top5 protectiondomains infographic_finalTop5 protectiondomains infographic_final
Top5 protectiondomains infographic_final
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
 

Semelhante a Top 5 wi fi security threats

Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013AirTight Networks, Inc.
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...ProductNation/iSPIRT
 
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdfonline Marketing
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingShivamSharma909
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...IJCSIS Research Publications
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)Andris Soroka
 
LIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveLIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveRobert Herjavec
 
A Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxA Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxTurboAnchor
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardeninganupriti
 
Protect your guest wifi - NOW
Protect your guest wifi - NOWProtect your guest wifi - NOW
Protect your guest wifi - NOWJoshua Sibaja
 

Semelhante a Top 5 wi fi security threats (20)

Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
 
AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013AirTight Corporate Presentation _ July2013
AirTight Corporate Presentation _ July2013
 
AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
 
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
12 IoT Cyber Security Threats to Avoid - CyberHive.pdf
 
CEH Domain 6.pdf
CEH Domain 6.pdfCEH Domain 6.pdf
CEH Domain 6.pdf
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
itmsday2.pptx
itmsday2.pptxitmsday2.pptx
itmsday2.pptx
 
Wireless security
Wireless securityWireless security
Wireless security
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
 
LIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep DiveLIFT OFF 2017: IoT and MSS Deep Dive
LIFT OFF 2017: IoT and MSS Deep Dive
 
A Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptxA Quick Guide On What Is IoT Security_.pptx
A Quick Guide On What Is IoT Security_.pptx
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardening
 
Protect your guest wifi - NOW
Protect your guest wifi - NOWProtect your guest wifi - NOW
Protect your guest wifi - NOW
 

Último

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Top 5 wi fi security threats

  • 1. Top 5 Wi-Fi Security Threats Dr. Pravin Bhagwat CTO, AirTight Networks © 2013 AirTight Networks, Inc. All rights reserved.
  • 2. Wave of Wireless Consumerization  Uncontrolled increase in Wi-Fi devices  Most client Wi-Fi devices can operate in multiple modes  Do you know what’s happening on your network and premises? © 2013 AirTight Networks, Inc. All rights reserved. 2
  • 3. TJX Breach – The Tip of the Iceberg Additional breaches © 2013 AirTight Networks, Inc. All rights reserved. 3
  • 4. Rogue APs • APs attached to the enterprise LAN without permission • Backdoor to the enterprise LAN © 2013 AirTight Networks, Inc. All rights reserved. 4
  • 5. Soft Rogue APs     Network interface bridging Internet connection sharing (ICS) Add-on devices (e.g., Windy31) Windows 7 Virtual Wi-Fi © 2013 AirTight Networks, Inc. All rights reserved. 5
  • 6. Client Misbehavior and Man-in-the-middle Attacks • • • • Ad-hoc connections Connections to external APs Probing for vulnerable SSIDs Honeypot/Evil Twin target © 2013 AirTight Networks, Inc. All rights reserved. 6
  • 7. Bring Your Own Device (BYOD) WPA2/802.1x alone cannot prevent unauthorized devices from accessing the enterprise network © 2013 AirTight Networks, Inc. All rights reserved. 7
  • 8. Recap of Common Intrusion and Extrusion Threats © 2013 AirTight Networks, Inc. All rights reserved. 8
  • 9. Wireless Security Strategies That Don’t Work! A “No Wi-Fi” policy without enforcement We don’t have “that” problem because… © 2013 AirTight Networks, Inc. All rights reserved. 9
  • 10. MDM ≠ Network Security No visibility into Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Scope limited to “managed” devices that run MDM agent What is the incentive to install MDM agents on personal devices? © 2013 AirTight Networks, Inc. All rights reserved. 10
  • 11. NAC ≠ Wireless Security Scope limited to BYOD on “managed” WLAN Cannot block Rogue APs, Soft Rogues, Mobile Wi-Fi Hotspots Suffers from “blind spots” – unauthorized Wi-Fi devices connecting via authorized devices © 2013 AirTight Networks, Inc. All rights reserved. 11
  • 12. Wireless Intrusion Prevention System (WIPS) Automatic Device Classification Comprehensive Threat Coverage Accurate Location Tracking Reliable Threat Prevention BYOD Policy Enforcement © 2013 AirTight Networks, Inc. All rights reserved. 12
  • 13. Wireless Security Enforcement using WIPS AP Classification Authorized APs Mis-config Policy GO DoS Client Classification Authorized Clients STOP Rogue APs (On Network) STOP Rogue Clients External Clients External APs IGNORE AUTOMATICALLY DETECT AND BLOCK RED PATHS! With this in place, your network is protected from all types of wireless threats, vulnerabilities and attack tools! © 2013 AirTight Networks, Inc. All rights reserved. 13
  • 14. Identifying a True WIPS: WIDS vs. WIPS Prevalent WIDS Approach Cat and mouse chase of exploits, tools and signatures True WIPS Approach Protects against the fundamental wireless threat building blocks © 2013 AirTight Networks, Inc. All rights reserved. 14
  • 15. Thank You! Cloud Managed Secure Wi-Fi Solutions www.airtightnetworks.com info@airtightnetworks.com @AirTight +1 877 424 7844 US DoD Approved © 2013 AirTight Networks, Inc. All rights reserved. 15