O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
2© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
3© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
§  Explain AMP ThreatGRID as an architecture...
4© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Malware Analysis and Threat Intelligence Solu...
5© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ThreatGRID Advantage
Unified Malware Analysis...
6© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ThreatGRID Connectivity: Cloud SaaS Model
Can...
7© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ThreatGRID Connectivity: Appliance Model
Can ...
8© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Advanced Malware Protection Everywhere
AMP Th...
9© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Demo
10© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
11© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Thank you.
Cisco ThreatGrid:  Malware Analysis and Threat Intelligence
Próximos SlideShares
Carregando em…5
×

Cisco ThreatGrid: Malware Analysis and Threat Intelligence

1.683 visualizações

Publicada em

Usman Din, CSE, focused on Cisco ThreatGrid at Cisco Connect Toronto.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

Cisco ThreatGrid: Malware Analysis and Threat Intelligence

  1. 1. 2© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  2. 2. 3© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential §  Explain AMP ThreatGRID as an architecture §  Demo AMP ThreatGRID Agenda
  3. 3. 4© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Malware Analysis and Threat Intelligence Solution
  4. 4. 5© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential ThreatGRID Advantage Unified Malware Analysis and Threat Intelligence – Key Features •  Proprietary analysis delivers unparalleled insight into malicious activity •  High-speed, automated analysis and adjustable runtimes •  Does not expose any tags or indicators that malware can use to detect that it is being observed •  100,000s of samples analyzed daily (6-10 million per month) •  SaaS delivery (no hardware) or Appliance (as needed) •  Search and correlate all data elements of a single sample against billons of sample artifacts collected and analyzed over years (global and historic context) •  Enable the analyst to better understand the relevancy of sample in question to one’s environment •  Clearly presented information for all levels of the IT Security team: Tier 1-3 SOC Analysts, Incident Responders & Forensic Investigators, and Threat Intel Analysts •  Web portal, Glovebox (User Interaction), Video Replay, Threat Score, Behavioral Indicators and more •  Architected from the ground up with an API to integrate with existing IT security solutions (Automatically receive submissions from other solutions and pull the results into your environment) •  Create custom threat intelligence feeds with context or leverage automated batch feeds Data Fidelity & Performance Scalability & Flexibility Context & Data Enrichment Usability Integration & Architecture
  5. 5. 6© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential ThreatGRID Connectivity: Cloud SaaS Model Can Be Access via a Web Browser Security tools can access and integrate using the ThreatGRID API Files can be submitted for analysis All of the results can be easily retrieved Samples can be compared and searched for The analyst can also interact with the sample and change the runtime from 5 to 30 minutes Malware analysis, threat intelligence correlation and feeds retrieval can be automated and integrated with existing security solutions Threat intelligence can be enriched
  6. 6. 7© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential ThreatGRID Connectivity: Appliance Model Can Be Access via a Web Browser Security tools can access and integrate using the ThreatGRID API Files can be submitted for analysis All of the results can be easily retrieved Samples can be compared and searched for The analyst can also interact with the sample and change the runtime from 5 to 30 minutes Malware analysis, threat intelligence correlation and feeds retrieval can be automated and integrated with existing security solutions Threat intelligence can be enriched But no data is sent to cloud from appliance
  7. 7. 8© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Advanced Malware Protection Everywhere AMP Threat Grid Malware Analysis and Intelligence Dedicated FirePOWER Appliance Web & Email Security Appliances Private Cloud Cloud Based Web Security & Hosted Email Mac OS X VirtualMobile PC FirePOWER Services on ASA Enterprise Capabilities Continuous & Zero-Day Detection Advanced Analytics And Correlation
  8. 8. 9© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Demo
  9. 9. 10© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  10. 10. 11© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  11. 11. Thank you.

×