8. 2. Dynamic Web Apps: AJAX Rich site-to-browser interaction Browser is the new operating system Browser is active in the application, not simply a passive display tool
9.
10. 1 in 11 organizations had remote workers infected
11. 46% of remote infections come from infected Web sites3. Remote Employees
12. Smartphone and tablet computing blur the line between personal and business computing Companies must reconsider policies for devices that are not owned by the company 4. New Devices
13.
14. Need the right delivery model for each location and user
16. Remote users and branch offices often not covered because of difficulty or cost
17. Compromises in security because of the complexity or costInternet Headquarters Teleworkers Problem: Many Locations and Remote Users Roaming Users
18. Cloud-based Web Security Cloud-based content filtering and malware protection Centralized multi-site management and reporting Simple policy-based Web security Protects remote and mobile employees Massively scalable infrastructure eliminates latency Rapid response to new and emerging threats Internet Policy Management Security Protection Consolidated Reporting Workplace Users Mobile Users Roaming Users
25. With 100s of millions of users behind a single domain, we need to understand user level reputation Is this account good or bad? Is this account even real? Need for User Reputation
46. Rogue A/V + Trending Topics (Step 2 of 3) hxxp://securityland.cn/?uid=144&pid=3&ttl=31c48520c54 which acts as a traffic distribution system for a Rogue AV operation; the chain of redirections ends at one of the following Rogue AV distribution points: hxxp://my-systemscan.com/?p=WKmimHVlbG2HjsbIo22EhHV8ipnVbWiMnNah2qeNm 6nZwombm5h2lpd9fXCHodjSbmRelWZxmV6SZGbLU9bYxKWspXOL1dZ2Y2ZuZ2tnaWyVYYrJlG0%3D hxxp://my-newprotection.net/?p=WKmimHVlbG2HjsbIo22EhHV8ipnVbWiMnNah2qeNm 6nZwombm5h2lpd9fXCHodjSbmRelWZxmV6SZGbLU9bYxKWspXOL1dZ2Y2ZuZ2tnaWyVYYrJlG0%3D hxxp://trustsystem-protection.com/?p=WKmimHVlbG2HjsbIo22EhHV8ipnVbWiMnNah2 qeNm6nZwombm5h2lpd9fXCHodjSbmRelWZxmV6SZGbLU9bYxKWspXOL1dZ2Y2ZuZ2tnaWyVYYrJlG0%3D
53. True Twitter Users ≥10 Followers, Friends, & Tweets Compared to 21% in Jan 2010
54. Friends(Following): For every 100 Twitter users… 16 have 27 have 40 have 17 have 0 1-9 10-99 100+ friends friends friends friends
55. Friend-Follower Delta: For every 100 Twitter users… 43 have same (+/- 5) amount 23 have more friends 34 have more followers
56. Crime Rate twitter crime rate is the percentage of accounts created per month that are eventually suspended by Twitter
57.
58. Twitter growth rate went from 2.02% in Nov 08 to 21.17% in April 09.Twitter Account Creation Red Carpet Era (11/08-04/09) Barracuda Networks Confidential
62. This more than tripled over the following four months, escalating to 12% in October 2009.Twitter Crime Rate 2006-2009 Barracuda Networks Confidential
90. Summary Laptops and Mobile Devices Need The Same Level of Security As Computers Inside The Perimeter Attackers are Focused on Social Networking Sites To Reach Users Enterprises Need To Provide Web Security That Understands Social Threats @Barracuda @BarracudaLabs
Notas do Editor
Half the spam disappeared. Why? Because they found something better to do. Same people.Dos, spam, phishing, rogue av, Hard to make it thru spam fws, easier to catch people out surfing. Why is it easier to catch people on web?
a) rapid growthb) dynamic ajax: xls, outlookc) user generated content: facebook, conn, d) remote employeespick up laptop e) new devices: androids, ipads,...
1 millionipadsper month
2. Problem: mobile users/road warriors gateway solution does not solve problem for mobile users. (picture)smaller remote offices is a further problem, have lesser security becausedo not want to deploy all the boxes....(picture)
Attackers use the social/viral features to spread their attacks quicklyTag a picture and it shows up for the friend of everyone that you tagged. On average 1000 friends, 50 tags, 50K people saw that link
Malicious jar file and trojantbanking1600 clicked linkhow many accounts used?used fake accounts, popular hash tags and search terms
PAUL: 21% in Jan 2010, 29% in july 2010, 43% in 1/2011
16% following no one 15% decrease from 18.9% in July 201057% are following 10+26% increase from 45% in July 2010>100 17%>1000 1%> 10000 0.01%
PAUL:55% of twitter have same number fo followers as following (+/- 5)So must using it as a social network13% have more followers: celbrities32% have more following: consumers vs creators
PAUL:Over half of the NW tweets less then a once dayBut >100 is .2% but that is couple hundred thousand accounts can represent 38% percent of the traffic
The amount of malware found daily across the search engines increased 55 percent from 145.7 in June 2010 to 226.3 in December 2010.
Inputs:Malicious Javascript Detector (MJD)Exploit Kit Detector (EKD)Maltrace DetectorSocial Network DetectorSEO DetectorSpamUser SubmissionsWAF feedback*phion firewall logs*Results:Content filter databaseMalware databaseIntent-based spam filter databaseVirus fingerprintsUsed by: Web filter cloudWeb filter appliancesEmail appliancesEmail cloudPeople:Researchers (analysis and building software)Analyst team (review user submissions and review borderline analysis results)