www.matrix42.com

AUTOMATED ENDPOINT SECURITY

THE FUTURE OF ENDPOINT SECURITY3 strategies to protect endpoints without compromising user productivity

1

www.matrix42.com

THE FUTURE OF ENDPOINT SECURITY- TODAY’S SPEAKER -

CEO CEO CEO

Oliver Bendig Sergej Schlotthauer Roy Katmor

www.matrix42.com

How do you currently protect and secure your endpoints?

CURRENT STATE OF ENDPOINT SECURITY

www.matrix42.com

THE CHALLENGE:DIGITAL TRANSFORMATION IS EVOLVING FASTER THAN SECURITY KNOW-HOW

www.matrix42.com

DIGITAL TRANSFORMATION IS EVOLVING FASTERTHAN SECURITY KNOW-HOW

Risk Gap

Technical Evolution Know How

2.631.684 GBP

The Great Train Robbery, 1963

$ 951.000.000

Bangladesh Bank/ Swift Heist 2016

DIGITAL TRANSFORMATION

• Every Business is now a digital business

• Automation

• Device complexity (PC‘s, Laptop, Mobile Devices, Cloud, IoT)

• AI / Machine Learning

• Agility

CYBER RISK 4.0

• Every Business is now under attack

• Automated Attacks

• AI & Machine Learning

• Attackers are agile

• Infrastructure complexity increases attack vector

• Vulnerability can’t almost be avoided

CYBER RISK = BUSINESS RISK

www.matrix42.com

THE WORLD IS CONSTANTLY CHANGING AND

MORE AND MORE DEVICES FLOOD ENTERPRISES

Chances

• Increased productivity and employee motivation

• New business opportunities

Risks

• Constant increase of new gateways for data to be exfiltrated or malware to be infiltrated

www.matrix42.com

SUMMARY OF RECENT CYBER SECURITY ATTACKSA FEW EXAMPLES…

TRENDnet Webcam Hack

• 1.5 million connected cameras hacked

Mirai botnet

• Botnet from ~ 500.000 IoT products

Toy-Hacking

• Hacker controls Furbiesand uses Barbie puppets for spying

Jeep SUV Hack

• Scientists have taken over controll of a Jeep SUV byhacking the CAN bus

WannaCry

• Crypto Worm infects > 300.000 Enterprises and public services organizations

IoTroop

• Evolution of Mirai• Botnet with > 2 Million

infected systems

• Amor Gummiwaren• Device remote access• Access to > 100.000 Customer data

Vibratissimo

www.matrix42.com

70% of all malware outbreak originate at endpoint- IDC

Source: IDC Infographic for Rapid7, Dec. 2015 https://www.rapid7.com/resources/rapid7-efficient-incident-detection-investigation-saves-money/

www.matrix42.com

ENDPOINT SECURITY IN DIGITAL TRANSFORMATIONBUSINESS ENABLER AND BUSINESS INNOVATOR

WHY DO WE NEED BREAKS? WHY DO WE NEED ABS, ESP, EBD?

BUSINESS ENABLER BUSINESS INNOVATOR

• Endpoint Security is not only costs and risks

• Endpoint Security is more than a must

• Endpoint Security increases efficiency and productivity

• Endpoint Security supports company goals

• Endpoint Security needs business oriented change

• Endpoint Security can be more than just Business Enabler

• Enables adoption of new technologies and devices

• Example: Flexible Workstyle

www.matrix42.com

THE FUTURE OF ENDPOINT SECURITYIS A MULTI-LAYERED APPROACH

AI/ MACHINE LEARNING

AUTOMATION & REMEDIATION

DEVICE MANAGEMENT

USER BEHAVIOURANALYTICS

www.matrix42.com

“Highly automated attacks need highly automated protection and prevention”

www.matrix42.com

www.matrix42.com

3 STRATEGIES TO PROTECT ENDPOINTS WITHOUT COMPROMISING USER PRODUCTIVITY

MALWARE PROTECTION

1

• NextGenAV• EDR• Post Infection Protection• Automated Incident Response

DATA LOSS PREVENTION

2

• Application Control• Device Control• Encryption

DATA PRIVACY/GDPR

3

• Audit, Monitor, Analytics• Encryption• User Access

AUTOMATION

www.matrix42.com

Where do you see the biggest risk on the endpoint?

CURRENT STATE OF ENDPOINT SECURITY

www.matrix42.com

1. MALWARE PROTECTIONAUTOMATED ENDPOINT PROTECTION & RESPONSE

www.matrix42.com

STOP THE BREACH

. REAL TIME AUTOMATED ENDPOINT SECURITY.

“2017 Data Breaches Up 23% Year Over Year to 975 Incidents”

Source: Gemalto 2017 Data Breach Report, Wall-Street Journal datto

COMPROMISE IS INEVITABLE – DATA CONSEQUENCES

THE STRATEGY:

STOP THE BREACH*HUNT ON YOUR SPARE TIME

enSilo.com

WannaCryETERNALBLUE

NotPetya

BadRabbit

ETER

NA

LRO

MA

NC

E

SPEC

TRE

MEL

TDO

WN

t(0)REAL-TIME

t(+99 Days) t(+6 Days)

Logging and Manual Threat Hunting

Manual

Time

CO

ST

Filtering Known Bad

CHALLENGES WITH ENDPOINT SECURITY

Incident Response

Post-Infection

Pre-Infection

v

STEP 1:The enSilo Collector filters threats using its built-in NGAV

STEP 2:The enSilo Collector on the computing device collects OS metadata

STEP 3:Upon connection establishment or file modification request, the Collector sends a snapshot of the request to enSilo Core, enriched with its respective OS metadata

STEP 4:Using enSilo’s technology, the Core analyses OS metadata along with the request and enforces using the relevant policies*

STEP 5:Only legitimate connections or file modifications are allowed*

On connection establishment

On file modificationenSilo Collector

PRE-INFECTION

PREVENTIONPOST-INFECTION PROTECTION & AUTOMATED INCIDENT RESPONSE

Pre-execution filtering Recording Triggers The enSilo Core

Collectors:< 1% CPU utilization40 MB memory20 MB disk space

* Can be performed by the Collector in offline mode

HOW ENSILO WORKS – REAL TIME PROTECTION

Pre-canned incident response recipesenabling customizedautomated Course OfAction

enSilo.com

AUTOMATED REAL-TIME PROTECTION AT FIXED COST

t(0)REAL-TIME

t(0) REAL-TIME

Real-Time protection even when

compromised

Customized and Automated with

Complete Forensics

Machine Learning Based, Certified

NGAV

t(0)REAL-TIME

Time

CO

ST

Incident Response

Post-Infection

Pre-Infection

COMPANY CONFIDENTIAL

Where else?

Search DEVICE-X activityHow?

Search HASH

5A49D729oEE..87

Malicious Activity prevented in RT

HASH 5A49D729oEE..87

DEVICE-X

Pre-canned customized IR

Pre-canned customized IR

REAL-TIME AUTOMATED ENDPOINT SECURITY

HOW ENSILO WORKS

COMPANY CONFIDENTIAL

Malicious Activity prevented in RT

DEVICE-X

Remediate device

Where?

Search DEVICE-XHow?

Search HASH

Automated Incident Response

Verdicts:

Notify users

Open ticket

Isolate device

Quarantine file

AIR Playbooks:

enSilo Cloud Services

BIG

DA

TA

Cross environment

Enterprise Scale

Multitenancy

REAL-TIME AUTOMATED ENDPOINT SECURITY

THE PLATFORM

COMPANY CONFIDENTIAL

EFFICACY – PUBLIC TESTING

COMPANY CONFIDENTIAL

FLEXIBLITY IN SCALE

MANAGEMENT

COST

Post and pre-infection protection stops the breach

Eliminate post breach operational expenses and breach damage to the organization

Single integrative console that inherently eliminates alert clutter

Protect a broad range of operating systems environment, even when offline in large scale

PCI, HIPPA, GDPR

COMPLIANCE

REAL-TIME PROTECTION

ENSILO – AUTOMATED ENDPOINT SECURITY REALIZED

www.matrix42.comcontact@enSilo.com www.enSilo.com company/enSilo @enSiloSec

REAL TIME AUTOMATED ENDPOINT SECURITY.

www.matrix42.com

2. DATA LOSS PREVENTIONDevice Control, Application Control, Encryption

www.matrix42.com

THE BIGGEST PROBLEM FOR DATA LOSS/ LEAKAGE

www.matrix42.com

THE BIGGEST PROBLEM FOR DATA LOSS/ LEAKAGE

www.matrix42.com

THE BIGGEST PROBLEM FOR DATA LOSS/ LEAKAGE

www.matrix42.com

WHAT THE CUSTOMER NEEDS…

A PRODUCT-NEUTRAL APPROACH TO EFFECTIVE DATA SECURITY!

The I.C.A.F.E.- Principle

CONTROL

AUDIT

FILTER

ENCRYPTION

INTELLACT

www.matrix42.com

I.C.A.F.E. ON ALL DATA PATHS

www.matrix42.com

EGOSECURE PROTECTS YOUR DATA

A COMPLETE SOLUTION BY ONE VENDOR

www.matrix42.com

3. DATA PRIVACY / GDPRAudit, Monitoring, Analytics

www.matrix42.com

Article 30 and 33 of GDPR Audit data and monitoring

GDPR REGULATIONS

Article 32 of GDPR Prevent attacks by data encryption

Article 32 and 25 GDPR Privileged user access control

Article 34 of GDPR Monitoring of data breach without encryption

www.matrix42.com

SEE – UNDERSTAND – PROTECT

FIRST UNDERSTAND THE PROBLEM, THEN ACT!

www.matrix42.com

FIRST UNDERSTAND

Example: Use of USB devices

Will devices be used forprivate purposes?

Do we know how much data leaves the company and

how much of that is sensitive data?

Do we know how much data is brought into the company and

what could pose a threat?

Do we know how many USB devices are being used and

what kind of devices they are?

Are those only corporate devices or private ones?

ASK THE RIGHT QUESTIONS FIRST!!

www.matrix42.com

INSIGHT PROVIDES THE ANSWERS CLEARLY!

www.matrix42.com

GOAL: ENDPOINT SECURITY WITHOUT COMPROMISING USER PRODUCTIVITY

www.matrix42.com

3 STRATEGIES TO PROTECT ENDPOINTS WITHOUT COMPROMISING USER PRODUCTIVITY

MALWARE PROTECTION

DATA LOSS PREVENTION

DATA PRIVACY/GDPR

1 2 3

• NextGenAV• EDR• Post Infection Protection• Automated Incident Response

• Application Control• Device Control• Encryption

• Audit, Monitor, Analytics• Encryption• User Access

AUTOMATION

www.matrix42.com

AUTOMATIONService Management, Unified Endpoint Management

www.matrix42.com

CYBERSECURITY AND IT OPERATIONS GO HAND-IN-HAND

AUTOMATED ENDPOINT SECURITY

Cybersecurity

Service Management and IT Operations

www.matrix42.com

„ONLY A MANAGED ENDPOINT IS A SECURE ENDPOINT“

Device Management (CLM, EMM)

Post-Infection Protection (EDR)

Identity & Access Management (SSO, User behaviour)

SERVICE & ASSETMANAGEMENT(ITSM, CMDB, Analytics, WF)

Pre-Infection Protection (AV, NextGenAV)

App & Data Management (MAM, DLP)

Patch Management (OS, Apps)

Dev

ices

Technology Process

PR

OTEC

TION

PR

EVEN

TION

Ap

ps/

Dat

aU

sers

Behaviour

www.matrix42.com

▪ Security Incident Management

▪ Security-Workflow-Automation

▪ Thread-Level-Dashboard

▪ Security-Trend-Analysis

▪ Rootcause and Problem

management

THE DIGITAL WORKSPACE SECURITY SUITE

www.matrix42.com

How do you currently protect and secure your endpoints?

Where do you see the biggest risk on the endpoint?

CURRENT STATE OF ENDPOINT SECURITY

www.matrix42.com

The Future of Endpoint Security isDIGITAL WORKSPACE SECURITY

Automation and Transparency

For IT

High security at your endpoints

for IT

Assured Productivity

for IT + Users

www.matrix42.com

www.matrix42.com

www.matrix42.com

Signup for a free trialNOW!

www.matrix42.com