O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Why Network and Endpoint Security Isn’t Enough

1.633 visualizações

Publicada em

The rise in high-profile breaches demonstrates that traditional security defenses are no longer enough. Endpoint and network security cannot defend against sophisticated attacks or compromised insiders.

View this presentation and learn:
- Why traditional security measures fail to stop web attacks and data breaches
- How modernized best practices safeguard against web application attacks
- What strategies enable scalable data protection and simplified audits

Publicada em: Tecnologia
  • Seja o primeiro a comentar

Why Network and Endpoint Security Isn’t Enough

  1. 1. © 2015 Imperva, Inc. All rights reserved. Why Network and Endpoint Security Isn’t Enough Cheryl O’Neill, Dir. Product Marketing, Data Security Narayan Makaram, Dir. Product Marketing, Application Security October 22, 2015
  2. 2. © 2015 Imperva, Inc. All rights reserved. Speakers 2 Cheryl O’Neill Director, Product Marketing, Database Security, Imperva Narayan Makaram Director, Product Marketing, Application Security, Imperva
  3. 3. © 2015 Imperva, Inc. All rights reserved. Agenda • Why traditional network/endpoint security measures are not enough • Best practices for Web Application Protection • Strategies for scalable and proactive Data Protection • Other tips for improving security posture 3
  4. 4. © 2015 Imperva, Inc. All rights reserved. Perimeter Is Not Enough Current Challenges 1 4
  5. 5. © 2015 Imperva, Inc. All rights reserved. Risks Are Moving Up The Stack 5 RISKS Physical Networks Endpoints Data Applications Users Single Geo-location Multiple Geo-locations Single Company Multiple Suppliers/Partners Desktops/Laptops Mobile BYOD Data Center Private/Hybrid Cloud Intranet Apps Internet Apps, SaaS Trusted Users Untrusted Users/Hackers
  6. 6. © 2015 Imperva, Inc. All rights reserved. www.xyz.com www.xyz.com dataapps Users, Applications, and Data Risks 6 Business Security: -Who can access data? -How are apps protected? -Are we compliant? NG FW, IPS, IDS Technical Attacks Logic Attacks Account Takeover Fraud Usage User Rights Unauthorized Access • E-Commerce • E-Banking • E-Health • Financial data • Creditcard data • PII Users Careless employees Malicious insiders Compromised users INTERNAL Customers Partners Employers Hackers EXTERNAL
  7. 7. © 2015 Imperva, Inc. All rights reserved. Web Application Security Best Practices 2 7
  8. 8. © 2015 Imperva, Inc. All rights reserved.8 Adobe 36,000,000 Target 70,000,000 EBAY 145,000,000 Anthem 80,000,000 Home Depot 56,000,000 JPMC 76,000,000 US OPM 21,000,000 201520142013 Evernote 50,000,000 Primera 11,000,000 Ashley Madison 39,000,000 Majority of Security Breaches Caused by Web App Attacks • 75% of cyber-attacks target web applications1 • 79 average number of serious vulnerabilities / website2 • 1 in 5 vulnerabilities allowed access to sensitive data3 $ 5.85M in 2014 average cost of a data breach in US alone, up from $5.4M in 20134 1. Gartner Research 2. WhiteHat Website Security Statistics Report, 12th Edition 3. 2015 Internet Security Threat Report 4. 2014 Ponemon Cost of Breach Report
  9. 9. © 2015 Imperva, Inc. All rights reserved. TR Preventing Web Application Attacks NG Firewall IPS/IDS 9 Web Servers web app attacks - Technical attacks OWASP Top 10 - bad IPs, bad bots, DDoS attacks account takeover fraudulent transactions network access control user/app access control non web app attacks intrusion prevention Imperva ThreatRadar • Reputation Service • Bot & DDoS Protection • Account Takeover Protection • Fraud Prevention Service Threat Intelligence Services Web App Firewall Imperva legitimate traffic
  10. 10. © 2015 Imperva, Inc. All rights reserved. Defenses Required to Protect Web Applications 10 CorrelatedAttackValidation VirtualPatching DDoSProtection Dynamic Profiling Attack Signatures Protocol Validation Cookie Protection Fraud Connectors IP Geolocation IP Reputation Anti-Scraping Policies Bot Mitigation Policies Account Takeover Protection Technical Vulnerabilities Business Logic Attacks and more
  11. 11. © 2015 Imperva, Inc. All rights reserved. Next Generation Firewalls & IPS – Easy to Evade 11 CorrelatedAttackValidation VirtualPatching DDoSProtection Dynamic Profiling Attack Signatures Protocol Validation Cookie Protection Fraud Connectors IP Geolocation IP Reputation Anti-Scraping Policies Bot Mitigation Policies Account Takeover Protection Technical Vulnerabilities Business Logic Attacks
  12. 12. © 2015 Imperva, Inc. All rights reserved. Correlation Improves Efficiency and Productivity 12 Removes Unwanted Traffic Reduces Threats Increases Accuracy Improves SOC Efficiency Improves User Protection SecureSphere WAF Correlation EngineProtocolValidation AttackSignatures ApplicationProfiling TRBotProtection* TRATOProtection* TRReputationService* * ThreatRadar (TR) threat intelligence feeds
  13. 13. © 2015 Imperva, Inc. All rights reserved. WAF Deployment Scenarios Confidential13 On-Premises WAF WAF Web Servers WAF for AWS WAF Web Servers Web Servers Cloud WAF
  14. 14. © 2015 Imperva, Inc. All rights reserved. Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Greg Young, Nicole Papadopoulos, 15 June 2015. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. THE ONLY LEADER TWO CONSECUTIVE YEARS Gartner Magic Quadrant for Web Application Firewalls
  15. 15. © 2015 Imperva, Inc. All rights reserved. Data Protection Strategies Data Protection Strategies 3 15
  16. 16. © 2015 Imperva, Inc. All rights reserved. Database auditing and protection is a complex subject 16
  17. 17. © 2015 Imperva, Inc. All rights reserved. Must Do vs. Should Do • The overlap amount of regulation and security varies org to org. • Driving Audit by regulation only leaves private non-regulated data free for the taking. Regulation SecurityPCI HIPAA NERC ISO EU MAS Data Addresses Names Passwords Int. Property Phone Numbers Salary 17
  18. 18. © 2015 Imperva, Inc. All rights reserved. Database Audit and Protection is a Cross-Departmental Function • Regulatory Compliance – IT Risk & Audit & DBAs • Corporate/Best Practice Policy Adherence – IT Risk & Audit, DBAs & Security • Forensic Data/Security Visibility - Security • Change Control Reconciliation – Security & DBAs • Measure DB Performance and Function - DBAs • Application Development Testing/Verification – DBAs & App Development • Etc… 18
  19. 19. © 2015 Imperva, Inc. All rights reserved. Overlapping Initiatives  Common Requirements 19 • Sensitive Data Auditing • Data Theft Prevention • Data Across Borders Risk and legal • Database Virtual Patching • Change management and reconciliationIT • Malware and Targeted Attacks Defense • VIP Data Privacy • Ethical Walls Line of Business Assessment and Risk Management User Rights Management Audit and Reporting Attack Protection
  20. 20. © 2015 Imperva, Inc. All rights reserved. Map Requirements to an Data Audit and Protection Lifecycle Discover Assess Set Controls Audit & Secure Measure & Report Review, certify and investigate Sensitive data Vulnerabilities and security gaps Access rights and policies Monitor, alert and block 20
  21. 21. © 2015 Imperva, Inc. All rights reserved. Prioritize and Classify Your Risk 21 Cardholder Card Intellectual Property Email Financial Personal Information Data Classification Unauthorized Alert Access • Locate all databases • Find and classify sensitive information by policy, BU, etc... • Auto create protection and compliance policies from the result Discover SecureSphere Rogue SSN Credit Cards PII
  22. 22. © 2015 Imperva, Inc. All rights reserved. Stop Data Theft Before It Happens 22 PCI Data PCI Reports ATM & PIN Access Logs • Dynamic behavior profiling • Alerts and blocking • Malware detection integration (2 way) • Web Application Firewall (WAF) activity correlation Protect Hacker Database Users PCI Policies Security Policies
  23. 23. © 2015 Imperva, Inc. All rights reserved. • Dynamic behavior profiling • Alerts and blocking • Malware detection integration (2 way) • Web Application Firewall (WAF) activity correlation Protect Stop Data Theft Before It Happens 23 PCI Data PCI Reports ATM & PIN Hacker Database Users PCI Policies Security Policies Access Logs UPDATE orders set client ‘first Unusual Activity X Allow Block Network User, DBAs, Sys Admin X
  24. 24. Automate and Simplify Compliance 24 • Establish an automated access rights review process • OOTB policies, workflows and policy specific reports • Consistent deployment and enforcement across all systems Comply PCI, HIPAA, SOX… Dashboard, Policy specific and custom reports Email Alert SIEM - SPLUNK
  25. 25. © 2015 Imperva, Inc. All rights reserved. SecureSphere Deployment Architecture 25 MX Management MX Management Users • Flexible deployment • Fully transparent • Rapid deployment • High availability • Clustering • Appliance or virtual • Multiple modes: agent, spanning, bridge • Broad coverage • Out of the box content AWS cloud enabled Gateway Gateway
  26. 26. © 2015 Imperva, Inc. All rights reserved. “Imperva blows them away in terms of response time, time to resolution, and uptime of the system. I would put them at Best in Class. We essentially maintained 100% uptime over a 3 year period.” Ross, Bobenmoyer, VP Information Security, Republic Bancorp, September 2015 26
  27. 27. © 2015 Imperva, Inc. All rights reserved. Other Tips For Improving Security Posture 4 27
  28. 28. © 2015 Imperva, Inc. All rights reserved. Tips For Improving Overall Security Posture Web Application Security • Deploy WAF in front of all external web apps • Get real-time threat intelligence feeds • Foster secure web development practices • Schedule regular vulnerability scans for apps • Integrate with vulnerability scanners and SIEM • Ensure WAF provides flexible deployment options 28 Data Security • Have a plan and know desired results needed • Know and classify your data • Implement a universal platform and policies • Audit what matters – don’t audit what doesn’t • Constantly think security – TEST IT • Look to the future – scale, cloud, Big Data
  29. 29. © 2015 Imperva, Inc. All rights reserved. Perimeter Is Not Enough Q&A 3 29
  30. 30. © 2015 Imperva, Inc. All rights reserved. Imperva Technical Deep Dive Demo Series Upcoming Demos: • October 27: Imperva Incapsula DDoS Protection • November 3: Imperva Skyfence • November 10: Imperva SecureSphere Web Application Firewall • November 17: Imperva SecureSphere Database Activity Monitor Register Now: imperva.com/go/techdemo 4 30
  31. 31. © 2015 Imperva, Inc. All rights reserved.32 WAF Web Servers WAF for AWS and Azure Web Servers Imperva Cloud WAF/CDN On-Premises WAF WAF Web Servers External Facing Applications Internal Facing Applications B2B/Trusted Users & Networks On-Premises WAF WAF Web Servers ERP SharePoint Training HR Intranet Portal Development Etc… SSO or VPN Partner A Partner B Partner C Multi-Faceted Application Landscape

×