270 likes | 291 Views
Download the original PowerPoint version here: http://gdusil.wordpress.com/2012/06/30/cose-corporate-introduction/ <br>Check out my blog "Multiscreen & OTT for the Digital Generation" @ gdusil.wordpress.com. <br><br>Corporate leaders face complex challenges in balancing security spending against the evolving risks that internet commerce presents. This has resulted in new and advanced levels of protection needed to facilitate these strategic objectives. Expert Security addresses the need to implement more robust and cost effective levels of expertise, and also helps to bridge the gap to higher, and more expensive - and often culturally adverse - outsourced solutions. As companies expand, their need for additional layers of protection it is paramount to ensure asset protection. Network Behavior Analysis are the building blocks of Expert Security, and offers a viable solution to modern sophisticated cyber-attacks. This presentation was prepared to outline our corporate overview and market positioning of Cognitive Security.
E N D
Gabriel Dusil VP, Global Sales & Marketing www.facebook.com/gdusil cz.linkedin.com/in/gabrieldusil gdusil.wordpress.com dusilg@gmail.com
Origins Research began in 2006 Company established in 2009 Funded by U.S. Army, Navy & Air Force Experts in Network Behavior Analysis Mission Providing detailed intelligence to detect modern sophisticated network attacks Security Innovation Headquarters Prague, Czech Republic & Silicon Valley, CA Experts in Network Behavior Analysis Page 2, www.cognitive-security.com © 2012, gdusil.wordpress.com
Point of Entry Compromise Compromise Discovery 50% attacks take days to months of reconnaissance for a successful breach 70% of victims allow a breach to persist for weeks to months before detecting a compromise Experts in Network Behavior Analysis Page 3, www.cognitive-security.com © 2012, gdusil.wordpress.com Verizon –‘11 Data Breach Investigations Report
• Managed Security Services • Security Monitoring & Management • Network Behavior Analysis • Anomaly Detection • Web Security, Content Filtering • SIEM • Web-Application Firewalls • Vulnerability Management • IDS & IPS • IAM • Firewalls • Anti-Virus • Email Security • VPN (SSL & IPsec) SIEM = Security Information & Event Management) IDS & IPS = Intrusion Detection & Prevention System AAA = Authentication, Authorization, & Accounting IAM = Identity & Access Management VPN = Virtual Private Network, SSL = Secure Sockets Layer Experts in Network Behavior Analysis Page 4, www.cognitive-security.com © 2012, gdusil.wordpress.com
Security as a Service Security as a Service Network Network Behavior Behavior Analysis Analysis APT, APT, Zero & & P Polymorphic malware… olymorphic malware… Zero- -Day, Exploit Kits Day, Exploit Kits Attack Patterns Attack Patterns malware, etc. malware, etc. IDS & IPS IDS & IPS Web Security Web Security Filtering, XXS Filtering, XXS SQL Inj., SQL Inj., etc. e email Security mail Security etc. Firewall Firewall Virus, Virus, Trojans Trojans, , Span, etc. Span, etc. Network Behavior Analysis Cost effective Expert Security for enterprises, telcos & governments Important security layer & a higher wall for modern-day protection Footprint Footprint reduction, reduction, scripts, etc. scripts, etc. Experts in Network Behavior Analysis Page 5, www.cognitive-security.com © 2012, gdusil.wordpress.com
Experts in Network Behavior Analysis Page 6, www.cognitive-security.com © 2012, gdusil.wordpress.com
Cost Effective & Robust Network Behavior Analysis for Enterprise Cognitive Analyst High Throughput Traffic Volumes - Telco, Mobile, ISP & NSP High Resolution & Attack sensitivity - custom for Governments Experts in Network Behavior Analysis Page 7, www.cognitive-security.com © 2012, gdusil.wordpress.com
Monitoring Employees, Monitoring Employees, 4% 4% Awareness, Awareness, 7% 7% Corporate Governance Device or Network Misconfig Restricted Apps, Policy Violations Irregular Behavior & Misuse Patching, Patching, 21% 21% IAM, 11% IAM, 11% Log Anal., 8% Vulnerability Analysis, 10% Log Anal., 8% Audits, 8% Audits, 8% Vulnerability Analysis, 10% Malware Analysis, 14% Analysis, 14% Malware Diagnostics Support Vulnerability & Pen-testing Forensics Analysis Incident & Response Incident Response, Incident Response, 12% 12% Threat Research, Threat Research, 8% 8% Responsibilities of a Security Administrator Advanced Cyber-Attacks Trojans, Botnets, C2 & Exploit Kits Spyware & Info leaks Brute Force & Insider Attacks Denial of Service (DoS) Polymorphic Malware Modern Sophisticated Attacks Advanced Persistent Threats Reconnaissance & Sabotage Zero-Day Attacks Experts in Network Behavior Analysis Page 8, www.cognitive-security.com © 2012, gdusil.wordpress.com Information Week - Strategic Security Survey '11
Experts in Network Behavior Analysis Page 9, www.cognitive-security.com © 2012, gdusil.wordpress.com
Experts in Network Behavior Analysis Page 10, www.cognitive-security.com © 2012, gdusil.wordpress.com
Experts in Network Behavior Analysis Page 11, www.cognitive-security.com © 2012, gdusil.wordpress.com
Heavy DNS Use & Sophisticated Scans Periodic Polling - Command & Control Unclassified Behavior - Unexpected Anomaly Unexpected new service or Outlier Client Peer 2 Peer Network Behavior Outbound Encrypted sessions (eg. SSH) Experts in Network Behavior Analysis Page 12, www.cognitive-security.com © 2012, gdusil.wordpress.com
No Signatures! No Signature limitations Attackers will exploit: • Delays in writing signatures • Delay to install new signatures • Clients ignoring updates due to resource constraints Artificial Intelligence Strength of 8 Detection Algorithms • Highly Accurate Attack detection Peer-Reviewed Algorithms • Tested by the scientific community Long-Duration Trust Modeling • Analyzing current behavior against past assessments Unique Self-configuration • Challenge Agents ensures system is operational Hacker Circumvention Resistance • Game Theory optimization ensures system behavior is not predicable State-of-the-art Auto-Tuning • Minimal deployment resources needed Cost Competitive Cost effective Expert Security Experts in Network Behavior Analysis Page 13, www.cognitive-security.com © 2012, gdusil.wordpress.com
0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 Experts in Network Behavior Analysis Page 14, www.cognitive-security.com © 2012, gdusil.wordpress.com
0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 Experts in Network Behavior Analysis Page 15, www.cognitive-security.com © 2012, gdusil.wordpress.com
Cognitive Analyst classifies trustfulness of then data, is separated from Then further separated into… assessed event into over categories, & into severity levels which can not be immediately classified Experts in Network Behavior Analysis Page 16, www.cognitive-security.com © 2012, gdusil.wordpress.com
Comparing Near real-time data to the past Historical threat data is incorporated to detect sophisticated attacks Severity 8 Unclassified Using the most sophisticated self-learning techniques in the Security Industry today Using 8 independent Anomaly Detection Algorithms Normal Aggregating multiple threat sources into clusters Experts in Network Behavior Analysis Page 17, www.cognitive-security.com © 2012, gdusil.wordpress.com
Al1→ 0.7 Al2→ 0.2 Al3→ 0.9 Al4→ 0.4 Al5→ 0.3 Al6→ 0.2 Al7→ 0.4 Al8→ 0.5 TM1→ 0.5 Network Traffic Network Traffic TM2→ 0.7 CTS→ 0.7 TM3→ 0.4 Cognitive Trust Score . . . TM4→ 0.6 Knowledge Fusion Detection Algorithms Trust Modeling Unclassified Behavior Trustfulness Trustfulness Assessment Assessment Layer Layer Event Event Generation Generation Layer Layer Severity Severity Assignment Assignment Layer Layer Experts in Network Behavior Analysis Page 18, www.cognitive-security.com © 2012, gdusil.wordpress.com CTS = Cognitive Trust Score
(hh:mm) Start System connected to network data source Self-Initialization 2 Algorithms 3 Algorithms all Algorithms Online Knowledge Fusion - active Self-Configuration Self-Optimization Artificial Intelligence • Continually tunes to the client’s environment • Highly accurate by combining several advanced algorithms Auto-Learning Engine • Self-Optimizing Scalable Architecture • Decentralized & Distributed • Parallel Processing for attack detection in high speed networks Experts in Network Behavior Analysis Page 19, www.cognitive-security.com © 2012, gdusil.wordpress.com
Experts in Network Behavior Analysis Page 20, www.cognitive-security.com © 2012, gdusil.wordpress.com
Pharma Pharma Defence Defence Energy, Oil&Gas Energy, Oil&Gas Finance Finance Manufacturing Manufacturing Chemical Chemical Mobile Mobile ISP & NSP ISP & NSP Hosting Hosting Defence Defence Intelligence Intelligence Utilities Utilities Downtime Downtime Sabotage Sabotage Tarnished Tarnished Image Image Lost Productivity Lost Productivity Terrorism Terrorism Theft of Corporate Secrets Theft of Corporate Secrets Government Sponsored Attacks Government Sponsored Attacks Fraud Fraud Detecting Modern Sophisticated Attacks Detecting Modern Sophisticated Attacks Attack Forensics Attack Forensics Advanced Threat Diagnostics Advanced Threat Diagnostics Security Monitoring Services Security Monitoring Services Behavior Monitoring Behavior Monitoring Expert Services Expert Services R&D R&D Bronze Bronze Consulting Consulting Software Development Software Development Silver SilverGold Training Training Gold Platinum Platinum Forensics Forensics Research Research Cognitive Cognitive1 1 Distribution Distribution Cognitive Cognitive10 Cognitive CognitiveExpert Software Software 10 Expert Appliance Appliance VM or ISO Image VM or ISO Image Experts in Network Behavior Analysis Page 21, www.cognitive-security.com © 2012, gdusil.wordpress.com
Experts in Network Behavior Analysis Page 22, www.cognitive-security.com © 2012, gdusil.wordpress.com
Security Innovation Delivering Forward-thinking Security Solutions Thought Leadership Product Reliability 5th Generation Network Behavior Analysis platform Privacy Concerns Data anonymity is maintained R&D Expertise Cost-effective Research & Development resources Quick development turn-around Flexible integration with OEMs, MSSPs, & device manufacturers Intuitive Management Interface Easy-to-Use Dashboard Granular attack detection analysis Experts in Network Behavior Analysis Page 23, www.cognitive-security.com © 2012, gdusil.wordpress.com
http://gdusil.wordpress.com/2013/03/08/cognitive-secu…ntroduction-12/http://gdusil.wordpress.com/2013/03/08/cognitive-secu…ntroduction-12/ Experts in Network Behavior Analysis Page 24, www.cognitive-security.com © 2012, gdusil.wordpress.com
Experts in Network Behavior Analysis Page 25, www.cognitive-security.com © 2012, gdusil.wordpress.com
• Corporate leaders face complex challenges in balancing security spending against the evolving risks that internet commerce presents. This has resulted in new and advanced levels of protection needed to facilitate these strategic objectives. Expert Security addresses the need to implement more robust and cost effective levels of expertise, and also helps to bridge the gap to higher, and more expensive - and often culturally adverse - outsourced solutions. As companies expand, their need for additional layers of protection it is paramount to ensure asset protection. Network Behavior Analysis are the building blocks of Expert Security, and offers a viable solution to modern sophisticated cyber-attacks. This presentation was prepared to outline our corporate overview and market positioning of Cognitive Security. Experts in Network Behavior Analysis Page 26, www.cognitive-security.com © 2012, gdusil.wordpress.com
Network Behavior Analysis, NBA, Cyber Attacks, Forensics Analysis, Normal vs. Abnormal Behavior, Anomaly Detection, NetFlow, Incident Response, Security as a Service, SaaS, Managed Security Services, MSS, Monitoring & Management, Advanced Persistent Threats, APT, Zero-Day attacks, Zero Day attacks, polymorphic malware, Modern Sophisticated Attacks, MSA, Non-Signature Detection, Artificial Intelligence, A.I., AI, Security Innovation, Mobile security, Cognitive Security, Cognitive Analyst, Forensics analysis Experts in Network Behavior Analysis Page 27, www.cognitive-security.com © 2012, gdusil.wordpress.com