SlideShare uma empresa Scribd logo

NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0

J
James Perry, Jr.
1 de 10
Baixar para ler offline
P R O D U C T O V E R V I E W Platform that Provides a 361º Threat Visibility of Your Enterprise NetSecurity Corporation is a cyber security, computer forensics, and training company. Our mission is to protect, defend, and recover valuable assets from the most advanced cyber attack. Since 2004, we continue to provide unparalleled innovation, world-class quality, customer-focused, and timely solutions to government agencies and corporations.
The Threat Landscape  Cyber attacks and data breaches continue to be on the rise, with attackers constantly crafting their techniques to fly below the radar of defensive measures  Sophisticated attackers are leveraging malware-less techniques to infiltrate their targets  Human susceptibility makes bypassing security measures trivial  Expert Threat Responders and Security Analysts are very expensive and difficult to retain  Due to the voluminous amount of alerts received by Security Analysts, they are unable to quickly validate or respond to actionable threat intelligence  Most solutions only address threats to Windows platform with no visibility into the threats hidden in Mac OS, Linux, Unix, logs, and network traffic 2  According to Verizon 2015 DBIR:  “75% of attacks spread from Victim 0 to Victim 1 within 24 hours. "  "In 60% of cases, attackers are able to compromise an organization within minutes."  "70–90% of malware samples are unique to an organization.“  According to Ponemon Institute:  “An average of 395 hours ($1.27 million each year) is wasted each week detecting and containing malware because of false positives and/or false negatives.”
Insider Threat Data Breach Rouge Employee Social Engineering Malware Advanced Persistent Threat (APT) Cyber Attacks Denial of Service Keylogger Ransomware Reconnaissance Remote Access Tool (RAT) Rootkit Spam Phishing Email Spyware SQL Injection Targeted Attack Zero-day Exploit PII Leakage Network Sniffing Hackers Headaches Breach Investigation Attack Prevention Threat Response Situational Awareness Risk Mitigation Peace of Mind Threat Hunting Breach Detection Actionable Threat Intelligence Data Loss Prevention Trojan
Platform that Provides a 361º Threat Visibility of Your Enterprise Data Source Threat Intelligence Feed Data Analytics Actionable Intelligence Threat Mitigation
+TR Capabilities / Differentiators  Sweeps hundreds of enterprise endpoints simultaneously for malware, malware behaviors, and attackers tools and tactics  Captures live network packets and collects netflow data for deep forensics analysis  Provides situational awareness, threat visibility, and contextual intelligence that helps you thwart attacks before intellectual property leaves your organization  Detects targeted attacks at the early stage of the attack life cycle  Detects dormant (hibernating) and memory-resident malware  Provides a 361º view of the threat faced by your organization  Combines capabilities of traditional computer, malware, memory, network, and log forensics tools into one platform  Provides threat intelligence capability that produces and consumes threat feeds  Deploys to run for few days or many years in a small or very large network  Used by Internal Security Teams, Professional Services Firms, or Consultants  Costs a fraction of other products that only provide partial solution to the advanced threat problem Capabilities Summary Key Differentiators 6
Data & Forensic Analytics  Behavior Rules  Behavior-based indicators of malware and threat actors  Attackers’ tools and tactics  Malware-less techniques  Signatures  Signature of known or unknown malware  Anti-Virus signatures, IPS rules, IoCs, YARA, etc.  Threat Intelligence (Internal/External)  File Hashes/Names/Paths  C&C IP Addresses, URLs, Domain Names, Email Addresses  User Agents, Mutexes, etc.  Analytics Engine  Combines Behavior Rules, Signatures, Threat Intelligence  Produces Actionable Threat Intelligence 8 Threat Data Behavior Rules Signatures Threat Intelligence Feed Actionable Threat Intelligence
Benefits of ThreatResponder®  Reduce the cost associated with hiring and retaining expert Threat Responders and Analysts by >75%  Gain situational awareness of threat campaigns, enabling you to make quick and better informed decisions  Prevent, detect, and respond to an attack or data breach quickly and reduce the risk of bad reputation or data loss  Investigate threat data from both online and offline systems, eliminating the need to invest in more technologies that may not work together to provide desired results  Acquire evidence in a forensically- sound manner to withstand legal scrutiny  Receive various procurement options that allow you to deploy the technology to run for a few days or many decades!   Analyze potentially sensitive files or targeted malware within the ThreatResponder® platform, ensuring your privacy  Enjoy a quality software that is proudly Developed in America, with Headquarters in Dulles, Virginia – outside Washington, DC 9
DEMO / PROOF OF CONCEPT (POC)  Corporate Information  Toll Free: 1-855-NETSECURITY  Telephone: +1-703-444-9009  Email: 911@netsecurity.com  Web: www.threatresponder.com  Government Data  SBA Certified 8(a) SDB  SAM Registration: Yes  DUNS: 122657005  CAGE Code: 3CJJ4  GSA Schedule Contract (# GS-35F-0288Y)  Seaport-e Contract (# N00178-07-D-5205)  Contacts  James Perry, Jr., Vice President of Sales  Chance Butler, EnCE, Director of Cyber Operations 10 SELECT CUSTOMERS SELECT CUSTOMERS

Recomendados

Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue TeamEC-Council
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation ApproachesPriyanka Aash
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseRahul Neel Mani
 
Threat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseThreat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseInfocyte
 
Sophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent SecuritySophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent SecurityPriyanka Aash
 

Recomendados

Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue TeamEC-Council
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation ApproachesPriyanka Aash
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseRahul Neel Mani
 
Threat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseThreat Hunting 101: Intro to Threat Detection and Incident Response
Threat Hunting 101: Intro to Threat Detection and Incident ResponseInfocyte
 
Sophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent SecuritySophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent SecurityPriyanka Aash
 
Telesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicTelesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicSarah Chandley
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingSoftware Guru
 
Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
Apt zero day malware
Apt zero day malwareApt zero day malware
Apt zero day malwareaspiretss
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingEC-Council
 
Phases of Incident Response
Phases of Incident ResponsePhases of Incident Response
Phases of Incident ResponseEC-Council
 
RSA Anatomy of an Attack
RSA Anatomy of an AttackRSA Anatomy of an Attack
RSA Anatomy of an Attackintegritysolutions
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)mmubashirkhan
 
How to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMHow to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMAlienVault
 
Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareQuick Heal Technologies Ltd.
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsSameer Thadani
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?EC-Council
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Hunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureHunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureA. S. M. Shamim Reza
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackShawn Tuma
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
NetWitness
NetWitnessNetWitness
NetWitnessTechBiz Forense Digital
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 

Mais conteúdo relacionado

Mais procurados

Telesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicTelesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicSarah Chandley
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingSoftware Guru
 
Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire
 
Apt zero day malware
Apt zero day malwareApt zero day malware
Apt zero day malwareaspiretss
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingEC-Council
 
Phases of Incident Response
Phases of Incident ResponsePhases of Incident Response
Phases of Incident ResponseEC-Council
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)mmubashirkhan
 
How to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMHow to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMAlienVault
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsSameer Thadani
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?EC-Council
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Hunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureHunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureA. S. M. Shamim Reza
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackShawn Tuma
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 

Mais procurados (20)

Telesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting InfographicTelesoft Cyber Threat Hunting Infographic
Telesoft Cyber Threat Hunting Infographic
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
 
Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat Protection
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guide
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Apt zero day malware
Apt zero day malwareApt zero day malware
Apt zero day malware
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration Testing
 
Phases of Incident Response
Phases of Incident ResponsePhases of Incident Response
Phases of Incident Response
 
RSA Anatomy of an Attack
RSA Anatomy of an AttackRSA Anatomy of an Attack
RSA Anatomy of an Attack
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)
 
How to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMHow to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USM
 
Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomware
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent Threats
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Hunting the Evil of your Infrastructure
Hunting the Evil of your InfrastructureHunting the Evil of your Infrastructure
Hunting the Evil of your Infrastructure
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber Attack
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
 

Semelhante a NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0

Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Threat Intelligen.pptx
Threat Intelligen.pptxThreat Intelligen.pptx
Threat Intelligen.pptxCompanySeceon
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityLumension
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptxmuskaangoel15
 
Cyberhunter Solutions Cyber Security Company Canada.pdf
Cyberhunter Solutions Cyber Security Company Canada.pdfCyberhunter Solutions Cyber Security Company Canada.pdf
Cyberhunter Solutions Cyber Security Company Canada.pdfCyberhunter Cyber Security
 
Threat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdfThreat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdfCiente
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptxlochanrajdahal
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?AariyaRathi
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxJanani S
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Securityxsy
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfforladies
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityNetworkCollaborators
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
A handbook of the threat intelligence tools your company needs
A handbook of the threat intelligence tools your company needsA handbook of the threat intelligence tools your company needs
A handbook of the threat intelligence tools your company needsSecuraa
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-EraJK Tech
 

Semelhante a NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0 (20)

NetWitness
NetWitnessNetWitness
NetWitness
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Threat Intelligen.pptx
Threat Intelligen.pptxThreat Intelligen.pptx
Threat Intelligen.pptx
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
 
Cyberhunter Solutions Cyber Security Company Canada.pdf
Cyberhunter Solutions Cyber Security Company Canada.pdfCyberhunter Solutions Cyber Security Company Canada.pdf
Cyberhunter Solutions Cyber Security Company Canada.pdf
 
Threat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdfThreat Intelligence in Cybersecurity.pdf
Threat Intelligence in Cybersecurity.pdf
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdf
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri Diogenes
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
A handbook of the threat intelligence tools your company needs
A handbook of the threat intelligence tools your company needsA handbook of the threat intelligence tools your company needs
A handbook of the threat intelligence tools your company needs
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
 

NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0

  • 1. P R O D U C T O V E R V I E W Platform that Provides a 361º Threat Visibility of Your Enterprise NetSecurity Corporation is a cyber security, computer forensics, and training company. Our mission is to protect, defend, and recover valuable assets from the most advanced cyber attack. Since 2004, we continue to provide unparalleled innovation, world-class quality, customer-focused, and timely solutions to government agencies and corporations.
  • 2. The Threat Landscape  Cyber attacks and data breaches continue to be on the rise, with attackers constantly crafting their techniques to fly below the radar of defensive measures  Sophisticated attackers are leveraging malware-less techniques to infiltrate their targets  Human susceptibility makes bypassing security measures trivial  Expert Threat Responders and Security Analysts are very expensive and difficult to retain  Due to the voluminous amount of alerts received by Security Analysts, they are unable to quickly validate or respond to actionable threat intelligence  Most solutions only address threats to Windows platform with no visibility into the threats hidden in Mac OS, Linux, Unix, logs, and network traffic 2  According to Verizon 2015 DBIR:  “75% of attacks spread from Victim 0 to Victim 1 within 24 hours. "  "In 60% of cases, attackers are able to compromise an organization within minutes."  "70–90% of malware samples are unique to an organization.“  According to Ponemon Institute:  “An average of 395 hours ($1.27 million each year) is wasted each week detecting and containing malware because of false positives and/or false negatives.”
  • 3. Insider Threat Data Breach Rouge Employee Social Engineering Malware Advanced Persistent Threat (APT) Cyber Attacks Denial of Service Keylogger Ransomware Reconnaissance Remote Access Tool (RAT) Rootkit Spam Phishing Email Spyware SQL Injection Targeted Attack Zero-day Exploit PII Leakage Network Sniffing Hackers Headaches Breach Investigation Attack Prevention Threat Response Situational Awareness Risk Mitigation Peace of Mind Threat Hunting Breach Detection Actionable Threat Intelligence Data Loss Prevention Trojan
  • 4. Platform that Provides a 361º Threat Visibility of Your Enterprise Data Source Threat Intelligence Feed Data Analytics Actionable Intelligence Threat Mitigation
  • 5.
  • 6. +TR Capabilities / Differentiators  Sweeps hundreds of enterprise endpoints simultaneously for malware, malware behaviors, and attackers tools and tactics  Captures live network packets and collects netflow data for deep forensics analysis  Provides situational awareness, threat visibility, and contextual intelligence that helps you thwart attacks before intellectual property leaves your organization  Detects targeted attacks at the early stage of the attack life cycle  Detects dormant (hibernating) and memory-resident malware  Provides a 361º view of the threat faced by your organization  Combines capabilities of traditional computer, malware, memory, network, and log forensics tools into one platform  Provides threat intelligence capability that produces and consumes threat feeds  Deploys to run for few days or many years in a small or very large network  Used by Internal Security Teams, Professional Services Firms, or Consultants  Costs a fraction of other products that only provide partial solution to the advanced threat problem Capabilities Summary Key Differentiators 6
  • 7.
  • 8. Data & Forensic Analytics  Behavior Rules  Behavior-based indicators of malware and threat actors  Attackers’ tools and tactics  Malware-less techniques  Signatures  Signature of known or unknown malware  Anti-Virus signatures, IPS rules, IoCs, YARA, etc.  Threat Intelligence (Internal/External)  File Hashes/Names/Paths  C&C IP Addresses, URLs, Domain Names, Email Addresses  User Agents, Mutexes, etc.  Analytics Engine  Combines Behavior Rules, Signatures, Threat Intelligence  Produces Actionable Threat Intelligence 8 Threat Data Behavior Rules Signatures Threat Intelligence Feed Actionable Threat Intelligence
  • 9. Benefits of ThreatResponder®  Reduce the cost associated with hiring and retaining expert Threat Responders and Analysts by >75%  Gain situational awareness of threat campaigns, enabling you to make quick and better informed decisions  Prevent, detect, and respond to an attack or data breach quickly and reduce the risk of bad reputation or data loss  Investigate threat data from both online and offline systems, eliminating the need to invest in more technologies that may not work together to provide desired results  Acquire evidence in a forensically- sound manner to withstand legal scrutiny  Receive various procurement options that allow you to deploy the technology to run for a few days or many decades!   Analyze potentially sensitive files or targeted malware within the ThreatResponder® platform, ensuring your privacy  Enjoy a quality software that is proudly Developed in America, with Headquarters in Dulles, Virginia – outside Washington, DC 9
  • 10. DEMO / PROOF OF CONCEPT (POC)  Corporate Information  Toll Free: 1-855-NETSECURITY  Telephone: +1-703-444-9009  Email: 911@netsecurity.com  Web: www.threatresponder.com  Government Data  SBA Certified 8(a) SDB  SAM Registration: Yes  DUNS: 122657005  CAGE Code: 3CJJ4  GSA Schedule Contract (# GS-35F-0288Y)  Seaport-e Contract (# N00178-07-D-5205)  Contacts  James Perry, Jr., Vice President of Sales  Chance Butler, EnCE, Director of Cyber Operations 10 SELECT CUSTOMERS SELECT CUSTOMERS