SlideShare uma empresa Scribd logo

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yaklaşımı

BGA Cyber Security
BGA Cyber Security

Cisco offers next generation security solutions to protect networks from advanced threats. Their offerings include the FireSIGHT management platform for continuous monitoring and visibility across the network. Key products discussed are the Sourcefire Next Generation IPS which provides context awareness, application control and advanced malware protection. Cisco has also made several security acquisitions to enhance their capabilities in areas like email/web security, behavioral analytics, and threat intelligence.

Tecnologia
1 de 48
Baixar para ler offline
Next Generation Security Fuat KILIÇ Consulting Systems Engineer - Security
Cisco and/or its affiliates. All rights reserved. Cisco Public What would you do if you knew you would be compromised?! BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Network Endpoint Mobile Virtual Email & Web ContinuousPoint-in-time Attack Continuum Cloud
7 Pillars of Cisco Security Offerings Security Products Threat Research Trainings and Certification Security Services Security Solutions 3rd Party Partnerships CVDs
Latest Security Acquisitions Ironport – Email And Web Security Lancope * – Behavioral Anomaly Detection (*): Not a full acquisition Cognitive – Big Data Analytics Meraki – Cloud Managed UTM Sourcefire – Next Generation IPS and APT Threatgrid – Advance Malware Solutions Neophasis – Security Consultancy +5B USD
6Sourcefire NGIPS & AMP Presentation You should also know the Estate of Your Network Network Servers Operating Systems Routers and Switches Mobile Devices Printers VoIP Phones Virtual Machines Client Applications Files Users Web Applications Application Protocols Services Malware Command and Control Servers Vulnerabilities NetFlow Network Behavior You can not protect what you can not see Processes
Cisco Next Generation Security
Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Defines Next-Generation IPS 8 NGIPS Definition •  Standard First-Gen IPS •  Context Awareness •  Application Awareness and full-stack visibility •  Content Awareness •  Adaptive Engine Download at Sourcefire.com *Source: “Defining Next-Generation Network Intrusion Prevention” Gartner, October 7, 2011
Cisco and/or its affiliates. All rights reserved. Cisco Public Context Awareness in Intrusion Events 99 Event: Attempted Privilege Gain Target: 96.16.242.135 Event: Attempted Privilege Gain Target: 96.16.242.135 (vulnerable) Host OS: Blackberry Apps: Mail, Browser, Twitter Location: Whitehouse, US Event: Attempted Privilege Gain Target: 96.16.242.135 (vulnerable) Host OS: Blackberry Apps: Mail, Browswer, Twitter Location: Whitehouse, US User ID: bobama Full Name: Barack Obama Department: Executive Office
Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public FirePOWER Platform http:// http://WWW WWW WWW WWW FireSIGHT Management Center FireSIGHT Management Center •  Context Awareness •  Operating System Identification •  Fingerprint Applications (Web, Protocol & Client Versions) •  Service Enumeration (HTTP, SMPT, RDP…etc) •  Users Awareness •  24x7 Monitoring (Passive & Inline) •  Identify Assets Potential Vulnerabilities (Weakness) •  Leveraging Visibility/vulnerabilities to “Adapt” •  Access Control Rules Enforcement •  Alerting, Correlation & Packets Capture FirePOWER Platform/Services •  Inspect, Detect, Drop, Allow…etc •  IPS, Application Control, Malware Inspection & URL Rating •  Inline, Passive & Hybrid Context Awareness in Intrusion Events
Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT Brings Unprecedented Network Visibility
Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT – Unique Visibility Typical NGFW Cisco FireSIGHT System Typical IPS
Cisco and/or its affiliates. All rights reserved. Cisco Public Building Host Profile OS & version Identified Server applications and version Client Applications Who is at the host Client Version Application What other systems / IPs did user have, when? §  Converting Data into Information
Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public Retrospective Security Shrink Time between Detection and Cure PDFMail Admin Request PDF Mail Admin Request Multi-vector Correlation Early Warning for Advanced Threats Host A Host B Host C 2 IoCs 5 IoCs 3 IoCs Adapt Policy to Risks WWWWWW WWW Dynamic Security Control http:// http://WWWWEB Automated, Integrated, Adaptive Threat Defense Superior Protection for Entire Attack Continuum Context and Threat Correlation Priority 1 Priority 2 Priority 3 Impact Assessment
Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT Impact Assessment Correlates all intrusion events to an impact of the attack against the target Impact Flag Administrator Action Why 1 Act immediately, vulnerable Event corresponds to vulnerability mapped to host 2 Investigate, potentially vulnerable Relevant port open or protocol in use, but no vuln mapped 3 Good to know, currently not vulnerable Relevant port not open or protocol not in use 4 Good to know, unknown target Monitored network, but unknown host 0 Good to know, unknown network Unmonitored network
Cisco and/or its affiliates. All rights reserved. Cisco Public Indications of Compromise (IoCs) IPS Events Malware Backdoors Exploit Kits Web App Attacks CnC Connections Admin Privilege Escalations SI Events Connections to Known CnC IPs Malware Events Malware Detections Office/PDF/Java Compromises Malware Executions Dropper Infections
Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Leadership Sourcefire has been a leader in the Gartner Magic Quadrant for IPS since 2006. As of December 2013 Source: Gartner (December 2013) Radware StoneSoft (McAfee) IBM Cisco HP McAfee Sourcefire (Cisco) HuaweiEnterasys Networks (Extreme Networks) NSFOCUS Information Technology challengers abilityto execute leaders visionariesniche players vision
Cisco and/or its affiliates. All rights reserved. Cisco Public 2012 NSS Labs SVM for IPS
Cisco and/or its affiliates. All rights reserved. Cisco Public 2013 NSS Labs SVM for IPS
Cisco and/or its affiliates. All rights reserved. Cisco Public 2015 NSS Labs SVM for IPS
Cisco and/or its affiliates. All rights reserved. Cisco Public ASA with FirePOWER Services Available Now!! Industry’s First Threat-Focused NGFW #1 Cisco Security announcement of the year! •  Integrating defense layers helps organizations get the best visibility •  Enable dynamic controls to automatically adapt •  Protect against advanced threats across the entire attack continuum Proven Cisco ASA firewalling Industry leading NGIPS and AMP Cisco ASA with FirePOWER Services
Cisco Confidential 22© 2013-2014 Cisco and/or its affiliates. All rights reserved. NSS Labs – Next-Generation Firewall Security Value Map Source: NSS Labs 2014 The NGFW Security Value Map shows the placement of Cisco ASA with FirePOWER Services and the FirePOWER 8350 as compared to other vendors. All three products achieved 99.2 percent in security effectiveness and now all can be confident that they will receive the best protections possible regardless of deployment.
Cisco Advanced Malware Protection
Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved. •  Plan B: Retrospection •  Track system behaviors without regard to disposition •  Extend analysis beyond the event horizon •  Contain & correct damage, expel embedded intruders •  Reveals malicious activity and reduces response time •  Mode: Incident Response •  Plan A: Prevention •  Speed: Real-time, dynamic decisions trained on data •  Static and Dynamic Analysis for Threat Intelligence •  High accuracy, low false positives / negatives •  Bolster the walls, reduce attack surface •  Mode: Security control Do Security Different!
Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan A: The Prevention Framework 1-to-1 Signatures Fuzzy Fingerprinting Machine Learning IOCs Dynamic Analysis Advanced Analytics Device Flow Correlation
Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved. Advanced Analytics - Prevalence
Cisco Confidential 27© 2013-2014 Cisco and/or its affiliates. All rights reserved. Advanced Analytics - Prevalence
Cisco Confidential 28© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan A: The Prevention Framework 1-to-1 Signatures Fuzzy Fingerprinting Machine Learning IOCs Dynamic Analysis Advanced Analytics Device Flow Correlation All Detection < 100%
Cisco Confidential 29© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan B: The Retrospection Framework Retrospective Security Continuous Protection
Cisco Confidential 30© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan B: Retrospection Framework Continuous Analysis time Initial Disposition = CLEAN file •  When you can’t detect 100%, Retrospective Visibility is critical x Retrospective Alert sent later when Disposition = BAD Analysis Continues time 1-to-1, Fuzzy Fingerprints, Machine Learning, Sandboxing, etc; Disposition = CLEAN file •  Sleep techniques •  Unknown protocols •  Encryption •  Performance x Actually… Disposition = BAD … too late! Typical Analysis Analysis Stops After Initial Disposition
31Sourcefire NGIPS & AMP Presentation Comprehensive Environment Protection with AMP Everywhere AMP Protection Method Ideal for Content License with ESA or WSA New or existing Cisco Email or Web Security customers Network Stand Alone Solution -or- Enable AMP on FirePOWER Appliance NGIPS/NGFW customers Endpoint Install on endpoints Windows, Mac, Android, VMs Cisco Advanced Malware Protection Threat Vector Email and Web Networks Devices
32Sourcefire NGIPS & AMP Presentation How CiscoAMP Works: Network File Trajectory Use Case
33Sourcefire NGIPS & AMP Presentation
34Sourcefire NGIPS & AMP Presentation An unknown file is present on IP: 10.4.10.183, having been downloaded from Firefox
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35 At 10:57, the unknown file is from IP 10.4.10.183 to IP: 10.5.11.8
36Sourcefire NGIPS & AMP Presentation Seven hours later the file is then transferred to a third device (10.3.4.51) using an SMB application
37Sourcefire NGIPS & AMP Presentation The file is copied yet again onto a fourth device (10.5.60.66) through the same SMB application a half hour later
38Sourcefire NGIPS & AMP Presentation The Cisco Collective Security Intelligence Cloud has learned this file is malicious and a retrospective event is raised for all four devices immediately.
39Sourcefire NGIPS & AMP Presentation At the same time, a device with the FireAMP endpoint connector reacts to the retrospective event and immediately stops and quarantines the newly detected malware
40Sourcefire NGIPS & AMP Presentation 8 hours after the first attack, the Malware tries to re-enter the system through the original point of entry but is recognized and blocked.
© 2014 Cisco and/or its affiliates. All rights reserved. 41 Visual Point of Reference: What isAMPexactly? What does it look like?
Cisco and/or its affiliates. All rights reserved. Cisco Public SecurityEffectiveness TCO per Protected-Mbps The Results CiscoAMP is a Leader in Security Effectiveness and TCO and offers Best Protection Value Cisco Advanced Malware Protection Best Protection Value 99.0% Breach Detection Rating Lowest TCO per Protected-Mbps NSS Labs Security Value Map (SVM) for Breach Detection Systems
FirePOWER Platforms
Cisco and/or its affiliates. All rights reserved. Cisco Public Sourcefire AMP Detection Systems IPSPerformanceandScalability Data CenterCampusBranch OfficeSOHO Internet Edge FirePOWER 7100 Series 500 Mbps – 1 Gbps FirePOWER 7120/7125/8120 1 Gbps - 2 Gbps FirePOWER 8100/8200 2 Gbps - 10 Gbps FirePOWER 8200 Series 10 Gbps – 40 Gbps FirePOWER 7000 Series 50 Mbps – 250 Mbps From 50Mbps to 60Gbps Modularity in 8000 Series Fixed Connectivity in 7000 Series Mixed SFPs in 7100 Series Configuration Fail-Open & Fail-Close across all Scalable 8000 Series Runs NGIPS, AMP and App Control in the same chassis
45Sourcefire NGIPS & AMP Presentation Choose external SSL for high-bandwidth and ability to inspect with other solutions, e.g. DLP SSL Decryption Server   Client   Encrypted   Encrypted   FirePOWER   Decrypted   SSL  Appliance   SSLAppliance vs Integrated SSL Use new built-in SSL inspection for simplicity and cost-effectiveness V5.4 onwards only
Fire and ISE
Cisco Confidential 47© 2013-2014 Cisco and/or its affiliates. All rights reserved. EPS REST API Threat Detection •  IDS Sig •  Malware •  Traffic •  Application •  And Many More.. Automagical, Dynamic, Squirrely Threat/Malware/Attack Response/Defense Quarantine Action •  VLAN Assignment •  dACLs •  SGT •  QoS TAG ISE
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yaklaşımı

Recomendados

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response TeamBGA Cyber Security
 
Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Sylvain Martinez
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolSylvain Martinez
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco Canada
 

Recomendados

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response TeamBGA Cyber Security
 
Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Sylvain Martinez
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolSylvain Martinez
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco Canada
 
IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best PracticesHeather Axworthy
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS OverviewGuardEra Access Solutions, Inc.
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsAdeo Security
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
Check Point mission statement
Check Point mission statementCheck Point mission statement
Check Point mission statementMoti Sagey מוטי שגיא
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveCheck point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveMoti Sagey מוטי שגיא
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITYSylvain Martinez
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategyxKinAnx
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeMoti Sagey מוטי שגיא
 
DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0Shah Sheikh
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireGlobal Knowledge Training
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 
İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why BGA Cyber Security
 
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisIstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisBGA Cyber Security
 

Mais conteúdo relacionado

Mais procurados

Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsAdeo Security
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategyxKinAnx
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0Shah Sheikh
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireGlobal Knowledge Training
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 

Mais procurados (20)

IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best Practices
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security Architecture
 
Check Point mission statement
Check Point mission statementCheck Point mission statement
Check Point mission statement
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveCheck point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitive
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategy
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
 
DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
 
PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
 

Destaque

İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why BGA Cyber Security
 
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisIstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisBGA Cyber Security
 
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...BGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web ApplicationBGA Cyber Security
 
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)BGA Cyber Security
 
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...BGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some KurulumuBGA Cyber Security
 
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber RisklerİstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber RisklerBGA Cyber Security
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBGA Cyber Security
 
BGA Bilgi Güvenliği A.Ş. Tanıtım Sunumu
BGA Bilgi Güvenliği A.Ş. Tanıtım SunumuBGA Bilgi Güvenliği A.Ş. Tanıtım Sunumu
BGA Bilgi Güvenliği A.Ş. Tanıtım SunumuBGA Cyber Security
 
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...BGA Cyber Security
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19BGA Cyber Security
 
Ibrahim balic cyber-weapons
Ibrahim balic cyber-weaponsIbrahim balic cyber-weapons
Ibrahim balic cyber-weaponsIbrahim Baliç
 
Never Settle: Reloaded
Never Settle: ReloadedNever Settle: Reloaded
Never Settle: ReloadedErol Dizdar
 
Türkiye Sosyal Medya Pazarlama Trendleri
Türkiye Sosyal Medya Pazarlama TrendleriTürkiye Sosyal Medya Pazarlama Trendleri
Türkiye Sosyal Medya Pazarlama TrendleriErol Dizdar
 
Normshield - Cloud Based Vulnerability Scan Service
Normshield - Cloud Based Vulnerability Scan Service Normshield - Cloud Based Vulnerability Scan Service
Normshield - Cloud Based Vulnerability Scan Service BGA Cyber Security
 
State of the Global Mobile Consumer: Connectivity is core
State of the Global Mobile Consumer: Connectivity is coreState of the Global Mobile Consumer: Connectivity is core
State of the Global Mobile Consumer: Connectivity is coreErol Dizdar
 
Vim Cheatsheet penguen-efendi.com
Vim Cheatsheet penguen-efendi.comVim Cheatsheet penguen-efendi.com
Vim Cheatsheet penguen-efendi.comMert Hakki Bingol
 
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013Erol Dizdar
 
Model relational
Model relationalModel relational
Model relationallikut101010
 

Destaque (20)

İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why
 
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisIstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
 
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
 
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
 
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
 
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
 
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
 
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber RisklerİstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma Testleri
 
BGA Bilgi Güvenliği A.Ş. Tanıtım Sunumu
BGA Bilgi Güvenliği A.Ş. Tanıtım SunumuBGA Bilgi Güvenliği A.Ş. Tanıtım Sunumu
BGA Bilgi Güvenliği A.Ş. Tanıtım Sunumu
 
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 19
 
Ibrahim balic cyber-weapons
Ibrahim balic cyber-weaponsIbrahim balic cyber-weapons
Ibrahim balic cyber-weapons
 
Never Settle: Reloaded
Never Settle: ReloadedNever Settle: Reloaded
Never Settle: Reloaded
 
Türkiye Sosyal Medya Pazarlama Trendleri
Türkiye Sosyal Medya Pazarlama TrendleriTürkiye Sosyal Medya Pazarlama Trendleri
Türkiye Sosyal Medya Pazarlama Trendleri
 
Normshield - Cloud Based Vulnerability Scan Service
Normshield - Cloud Based Vulnerability Scan Service Normshield - Cloud Based Vulnerability Scan Service
Normshield - Cloud Based Vulnerability Scan Service
 
State of the Global Mobile Consumer: Connectivity is core
State of the Global Mobile Consumer: Connectivity is coreState of the Global Mobile Consumer: Connectivity is core
State of the Global Mobile Consumer: Connectivity is core
 
Vim Cheatsheet penguen-efendi.com
Vim Cheatsheet penguen-efendi.comVim Cheatsheet penguen-efendi.com
Vim Cheatsheet penguen-efendi.com
 
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013
Türkiye'de Mobil Tüketiciyi Anlama Mayıs 2013
 
Model relational
Model relationalModel relational
Model relational
 

Semelhante a BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yaklaşımı

Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaCisco do Brasil
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...Chrysostomos Christofi
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services Felipe Lamus
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherLancope, Inc.
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Russia
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR SessionFelipe Lamus
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIARobb Boyd
 
DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsDEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsCisco DevNet
 
Cisco Content Security
Cisco Content SecurityCisco Content Security
Cisco Content SecurityCisco Canada
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk
 

Semelhante a BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yaklaşımı (20)

Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
 
Cisco SecureX.pdf
Cisco SecureX.pdfCisco SecureX.pdf
Cisco SecureX.pdf
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPs
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data Center
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR Session
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIA
 
DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted ApplicationsDEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications
 
Cisco Content Security
Cisco Content SecurityCisco Content Security
Cisco Content Security
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
 

Mais de BGA Cyber Security

WEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesiWEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesiBGA Cyber Security
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfBGA Cyber Security
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiBGA Cyber Security
 
3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?BGA Cyber Security
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBGA Cyber Security
 
Webinar: Popüler black marketler
Webinar: Popüler black marketlerWebinar: Popüler black marketler
Webinar: Popüler black marketlerBGA Cyber Security
 
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım SenaryolarıWebinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım SenaryolarıBGA Cyber Security
 
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020BGA Cyber Security
 
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm ÖnerileriDNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm ÖnerileriBGA Cyber Security
 
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini ArttırmakWebinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini ArttırmakBGA Cyber Security
 
Open Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-IIOpen Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-IIBGA Cyber Security
 
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner GüvenliğiWebinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner GüvenliğiBGA Cyber Security
 
Hacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem AnaliziHacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem AnaliziBGA Cyber Security
 
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİRAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİBGA Cyber Security
 
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing RaporuBGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing RaporuBGA Cyber Security
 
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu ÇözümlerSOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu ÇözümlerBGA Cyber Security
 
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of SecretsVeri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of SecretsBGA Cyber Security
 
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi ToplamaAktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi ToplamaBGA Cyber Security
 

Mais de BGA Cyber Security (20)

WEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesiWEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesi
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
 
3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
 
Webinar: Popüler black marketler
Webinar: Popüler black marketlerWebinar: Popüler black marketler
Webinar: Popüler black marketler
 
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım SenaryolarıWebinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
 
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
 
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm ÖnerileriDNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
 
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini ArttırmakWebinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
 
Open Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-IIOpen Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-II
 
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner GüvenliğiWebinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
 
Hacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem AnaliziHacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem Analizi
 
Open Source SOC Kurulumu
Open Source SOC KurulumuOpen Source SOC Kurulumu
Open Source SOC Kurulumu
 
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİRAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
 
Siber Fidye 2020 Raporu
Siber Fidye 2020 RaporuSiber Fidye 2020 Raporu
Siber Fidye 2020 Raporu
 
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing RaporuBGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
 
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu ÇözümlerSOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
 
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of SecretsVeri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
 
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi ToplamaAktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
 

Último

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Último (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yaklaşımı

  • 1.
  • 2. Next Generation Security Fuat KILIÇ Consulting Systems Engineer - Security
  • 3. Cisco and/or its affiliates. All rights reserved. Cisco Public What would you do if you knew you would be compromised?! BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Network Endpoint Mobile Virtual Email & Web ContinuousPoint-in-time Attack Continuum Cloud
  • 4. 7 Pillars of Cisco Security Offerings Security Products Threat Research Trainings and Certification Security Services Security Solutions 3rd Party Partnerships CVDs
  • 5. Latest Security Acquisitions Ironport – Email And Web Security Lancope * – Behavioral Anomaly Detection (*): Not a full acquisition Cognitive – Big Data Analytics Meraki – Cloud Managed UTM Sourcefire – Next Generation IPS and APT Threatgrid – Advance Malware Solutions Neophasis – Security Consultancy +5B USD
  • 6. 6Sourcefire NGIPS & AMP Presentation You should also know the Estate of Your Network Network Servers Operating Systems Routers and Switches Mobile Devices Printers VoIP Phones Virtual Machines Client Applications Files Users Web Applications Application Protocols Services Malware Command and Control Servers Vulnerabilities NetFlow Network Behavior You can not protect what you can not see Processes
  • 8. Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Defines Next-Generation IPS 8 NGIPS Definition •  Standard First-Gen IPS •  Context Awareness •  Application Awareness and full-stack visibility •  Content Awareness •  Adaptive Engine Download at Sourcefire.com *Source: “Defining Next-Generation Network Intrusion Prevention” Gartner, October 7, 2011
  • 9. Cisco and/or its affiliates. All rights reserved. Cisco Public Context Awareness in Intrusion Events 99 Event: Attempted Privilege Gain Target: 96.16.242.135 Event: Attempted Privilege Gain Target: 96.16.242.135 (vulnerable) Host OS: Blackberry Apps: Mail, Browser, Twitter Location: Whitehouse, US Event: Attempted Privilege Gain Target: 96.16.242.135 (vulnerable) Host OS: Blackberry Apps: Mail, Browswer, Twitter Location: Whitehouse, US User ID: bobama Full Name: Barack Obama Department: Executive Office
  • 10. Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public FirePOWER Platform http:// http://WWW WWW WWW WWW FireSIGHT Management Center FireSIGHT Management Center •  Context Awareness •  Operating System Identification •  Fingerprint Applications (Web, Protocol & Client Versions) •  Service Enumeration (HTTP, SMPT, RDP…etc) •  Users Awareness •  24x7 Monitoring (Passive & Inline) •  Identify Assets Potential Vulnerabilities (Weakness) •  Leveraging Visibility/vulnerabilities to “Adapt” •  Access Control Rules Enforcement •  Alerting, Correlation & Packets Capture FirePOWER Platform/Services •  Inspect, Detect, Drop, Allow…etc •  IPS, Application Control, Malware Inspection & URL Rating •  Inline, Passive & Hybrid Context Awareness in Intrusion Events
  • 11. Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT Brings Unprecedented Network Visibility
  • 12. Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT – Unique Visibility Typical NGFW Cisco FireSIGHT System Typical IPS
  • 13. Cisco and/or its affiliates. All rights reserved. Cisco Public Building Host Profile OS & version Identified Server applications and version Client Applications Who is at the host Client Version Application What other systems / IPs did user have, when? §  Converting Data into Information
  • 14. Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public Retrospective Security Shrink Time between Detection and Cure PDFMail Admin Request PDF Mail Admin Request Multi-vector Correlation Early Warning for Advanced Threats Host A Host B Host C 2 IoCs 5 IoCs 3 IoCs Adapt Policy to Risks WWWWWW WWW Dynamic Security Control http:// http://WWWWEB Automated, Integrated, Adaptive Threat Defense Superior Protection for Entire Attack Continuum Context and Threat Correlation Priority 1 Priority 2 Priority 3 Impact Assessment
  • 15. Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT Impact Assessment Correlates all intrusion events to an impact of the attack against the target Impact Flag Administrator Action Why 1 Act immediately, vulnerable Event corresponds to vulnerability mapped to host 2 Investigate, potentially vulnerable Relevant port open or protocol in use, but no vuln mapped 3 Good to know, currently not vulnerable Relevant port not open or protocol not in use 4 Good to know, unknown target Monitored network, but unknown host 0 Good to know, unknown network Unmonitored network
  • 16. Cisco and/or its affiliates. All rights reserved. Cisco Public Indications of Compromise (IoCs) IPS Events Malware Backdoors Exploit Kits Web App Attacks CnC Connections Admin Privilege Escalations SI Events Connections to Known CnC IPs Malware Events Malware Detections Office/PDF/Java Compromises Malware Executions Dropper Infections
  • 17. Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Leadership Sourcefire has been a leader in the Gartner Magic Quadrant for IPS since 2006. As of December 2013 Source: Gartner (December 2013) Radware StoneSoft (McAfee) IBM Cisco HP McAfee Sourcefire (Cisco) HuaweiEnterasys Networks (Extreme Networks) NSFOCUS Information Technology challengers abilityto execute leaders visionariesniche players vision
  • 18. Cisco and/or its affiliates. All rights reserved. Cisco Public 2012 NSS Labs SVM for IPS
  • 19. Cisco and/or its affiliates. All rights reserved. Cisco Public 2013 NSS Labs SVM for IPS
  • 20. Cisco and/or its affiliates. All rights reserved. Cisco Public 2015 NSS Labs SVM for IPS
  • 21. Cisco and/or its affiliates. All rights reserved. Cisco Public ASA with FirePOWER Services Available Now!! Industry’s First Threat-Focused NGFW #1 Cisco Security announcement of the year! •  Integrating defense layers helps organizations get the best visibility •  Enable dynamic controls to automatically adapt •  Protect against advanced threats across the entire attack continuum Proven Cisco ASA firewalling Industry leading NGIPS and AMP Cisco ASA with FirePOWER Services
  • 22. Cisco Confidential 22© 2013-2014 Cisco and/or its affiliates. All rights reserved. NSS Labs – Next-Generation Firewall Security Value Map Source: NSS Labs 2014 The NGFW Security Value Map shows the placement of Cisco ASA with FirePOWER Services and the FirePOWER 8350 as compared to other vendors. All three products achieved 99.2 percent in security effectiveness and now all can be confident that they will receive the best protections possible regardless of deployment.
  • 24. Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved. •  Plan B: Retrospection •  Track system behaviors without regard to disposition •  Extend analysis beyond the event horizon •  Contain & correct damage, expel embedded intruders •  Reveals malicious activity and reduces response time •  Mode: Incident Response •  Plan A: Prevention •  Speed: Real-time, dynamic decisions trained on data •  Static and Dynamic Analysis for Threat Intelligence •  High accuracy, low false positives / negatives •  Bolster the walls, reduce attack surface •  Mode: Security control Do Security Different!
  • 25. Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan A: The Prevention Framework 1-to-1 Signatures Fuzzy Fingerprinting Machine Learning IOCs Dynamic Analysis Advanced Analytics Device Flow Correlation
  • 26. Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved. Advanced Analytics - Prevalence
  • 27. Cisco Confidential 27© 2013-2014 Cisco and/or its affiliates. All rights reserved. Advanced Analytics - Prevalence
  • 28. Cisco Confidential 28© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan A: The Prevention Framework 1-to-1 Signatures Fuzzy Fingerprinting Machine Learning IOCs Dynamic Analysis Advanced Analytics Device Flow Correlation All Detection < 100%
  • 29. Cisco Confidential 29© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan B: The Retrospection Framework Retrospective Security Continuous Protection
  • 30. Cisco Confidential 30© 2013-2014 Cisco and/or its affiliates. All rights reserved. Plan B: Retrospection Framework Continuous Analysis time Initial Disposition = CLEAN file •  When you can’t detect 100%, Retrospective Visibility is critical x Retrospective Alert sent later when Disposition = BAD Analysis Continues time 1-to-1, Fuzzy Fingerprints, Machine Learning, Sandboxing, etc; Disposition = CLEAN file •  Sleep techniques •  Unknown protocols •  Encryption •  Performance x Actually… Disposition = BAD … too late! Typical Analysis Analysis Stops After Initial Disposition
  • 31. 31Sourcefire NGIPS & AMP Presentation Comprehensive Environment Protection with AMP Everywhere AMP Protection Method Ideal for Content License with ESA or WSA New or existing Cisco Email or Web Security customers Network Stand Alone Solution -or- Enable AMP on FirePOWER Appliance NGIPS/NGFW customers Endpoint Install on endpoints Windows, Mac, Android, VMs Cisco Advanced Malware Protection Threat Vector Email and Web Networks Devices
  • 32. 32Sourcefire NGIPS & AMP Presentation How CiscoAMP Works: Network File Trajectory Use Case
  • 33. 33Sourcefire NGIPS & AMP Presentation
  • 34. 34Sourcefire NGIPS & AMP Presentation An unknown file is present on IP: 10.4.10.183, having been downloaded from Firefox
  • 35. © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35 At 10:57, the unknown file is from IP 10.4.10.183 to IP: 10.5.11.8
  • 36. 36Sourcefire NGIPS & AMP Presentation Seven hours later the file is then transferred to a third device (10.3.4.51) using an SMB application
  • 37. 37Sourcefire NGIPS & AMP Presentation The file is copied yet again onto a fourth device (10.5.60.66) through the same SMB application a half hour later
  • 38. 38Sourcefire NGIPS & AMP Presentation The Cisco Collective Security Intelligence Cloud has learned this file is malicious and a retrospective event is raised for all four devices immediately.
  • 39. 39Sourcefire NGIPS & AMP Presentation At the same time, a device with the FireAMP endpoint connector reacts to the retrospective event and immediately stops and quarantines the newly detected malware
  • 40. 40Sourcefire NGIPS & AMP Presentation 8 hours after the first attack, the Malware tries to re-enter the system through the original point of entry but is recognized and blocked.
  • 41. © 2014 Cisco and/or its affiliates. All rights reserved. 41 Visual Point of Reference: What isAMPexactly? What does it look like?
  • 42. Cisco and/or its affiliates. All rights reserved. Cisco Public SecurityEffectiveness TCO per Protected-Mbps The Results CiscoAMP is a Leader in Security Effectiveness and TCO and offers Best Protection Value Cisco Advanced Malware Protection Best Protection Value 99.0% Breach Detection Rating Lowest TCO per Protected-Mbps NSS Labs Security Value Map (SVM) for Breach Detection Systems
  • 44. Cisco and/or its affiliates. All rights reserved. Cisco Public Sourcefire AMP Detection Systems IPSPerformanceandScalability Data CenterCampusBranch OfficeSOHO Internet Edge FirePOWER 7100 Series 500 Mbps – 1 Gbps FirePOWER 7120/7125/8120 1 Gbps - 2 Gbps FirePOWER 8100/8200 2 Gbps - 10 Gbps FirePOWER 8200 Series 10 Gbps – 40 Gbps FirePOWER 7000 Series 50 Mbps – 250 Mbps From 50Mbps to 60Gbps Modularity in 8000 Series Fixed Connectivity in 7000 Series Mixed SFPs in 7100 Series Configuration Fail-Open & Fail-Close across all Scalable 8000 Series Runs NGIPS, AMP and App Control in the same chassis
  • 45. 45Sourcefire NGIPS & AMP Presentation Choose external SSL for high-bandwidth and ability to inspect with other solutions, e.g. DLP SSL Decryption Server   Client   Encrypted   Encrypted   FirePOWER   Decrypted   SSL  Appliance   SSLAppliance vs Integrated SSL Use new built-in SSL inspection for simplicity and cost-effectiveness V5.4 onwards only
  • 47. Cisco Confidential 47© 2013-2014 Cisco and/or its affiliates. All rights reserved. EPS REST API Threat Detection •  IDS Sig •  Malware •  Traffic •  Application •  And Many More.. Automagical, Dynamic, Squirrely Threat/Malware/Attack Response/Defense Quarantine Action •  VLAN Assignment •  dACLs •  SGT •  QoS TAG ISE