Upload
atlnacional02
View
217
Download
0
Embed Size (px)
Citation preview
7/30/2019 Threat Prevention
1/14
2012 Check Point Software Technologies Ltd. | [Protected] All rights reserved
Want to Prevent Attacks?Think Multi-layered ThreatPrevention
[Protected] For public distribution
7/30/2019 Threat Prevention
2/14
Threat Landscape - 2012 & 2013
[Protected] For public distribution
Exposed, Stolen Credentials and Personal Info
Utah Dept. of Health, 228,000 Social Security numbers exposed
Facebook, 45,000 user credentials found on botnet C&C server
Global Payments, 1.5M card numbers stolen
University of Nebraska, 654,000 student, employee, parent and alumni personalinformation files exposed
Yahoo, 450,000 Contributor Network user credentials stolen
LinkedIn, 5.8M user passwords stolen
eHarmony, 1.5M passwords stolen
News!: Faceboo k, Mi icroso ft , and App le attacked, February 2013
7/30/2019 Threat Prevention
3/14
32013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Threat Landscape - 2012 & 2013
[Protected] For public distribution
News!: Faceboo k, Mi icroso ft , and App le attacked, February 2013
7/30/2019 Threat Prevention
4/14
42013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Could This Type of Attack Affect You?
[Protected] For public distribution
This type of attack:
Launches from attachment that exploits
vulnerability in a PDF or office file
Installs a custom built malware
Communicates with a C&C server
Sends files to attacker
7/30/2019 Threat Prevention
5/14
52013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Stop zero-day malware
in files
Block download of
malware infested files
Detect and prevent
bot damage
Stops exploits ofknown vulnerabilities
[Protected] For public distribution
Check Point Multi-Layered Threat Prevention
IPS
Anti-Bot
Antivirus
Threat Emulation
7/30/2019 Threat Prevention
6/14
62013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Stops exploits of
known vulnerabilities
[Protected] For public distribution
Check Point Multi-Layered Threat Prevention
IPS
Protect Against: Attacks on vulnerabilities
Evasion Attacks
Buffer Overflow Attacks
Sniffers
7/30/2019 Threat Prevention
7/1472013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Block download ofmalware infested files
[Protected] For public distribution
Check Point Multi-Layered Threat Prevention
Antivirus
Prevent
Access toMalicious Sites
Stop IncomingMalware Attacks
Over 1 MillionMalicious Sites
Protect with 300xMore Signatureswith ThreatCloud
7/30/2019 Threat Prevention
8/1482013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Detect and preventbot damage
[Protected] For public distribution
Check Point Multi-Layered Threat Prevention
Anti-Bot
Criminals
CommunicationCriminals Hideout Criminals Behavior
Detect Command
and Control
IP/URL/DNS
Detect unique
communication
patterns
Detect attack
signs and types
(spam, click fraud)
7/30/2019 Threat Prevention
9/1492013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Prevent Bot Damage
Infected Machine
Detected
Block Bot
Communication
Anti-Bot
Software Blade
[Protected] For public distribution
Only stop traffic between
infected hosts and remote operator
7/30/2019 Threat Prevention
10/14102013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Block download of
malware infested files
Detect and prevent
bot damage
Stops exploits of
known vulnerabilities
[Protected] For public distribution
Check Point Multi-Layered Threat Prevention
What about new types of Attacks?
IPS
Anti-Bot
Antivirus
7/30/2019 Threat Prevention
11/14112013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |[Protected] For public distribution
INSPECT EMULATE
PREVENTSHARE
Stop new attacks with
Check Point Threat Emulation
7/30/2019 Threat Prevention
12/14122013 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. |
Back to our Attack Example
[Protected] For public distribution
Attack actions are stopped
Exploits vulnerability
Downloads more malware
Communicates with a C&C server
Sends files to attacker
Check Point
Anti-Bot
Software Blade
Check Point
Antivirus
Software Blade
Check Point
IPS
Software Blade
Check Threat Emulation Software Blade
New Threats ?
7/30/2019 Threat Prevention
13/1413132012 Check Point Software Technologies Ltd. | [Protected] All rights reserved |
Multi-Layer Threat PreventionEnhanced by ThreatCloud
[Protected] For public distribution
Real-time collaboration onnew attack information
7/30/2019 Threat Prevention
14/142012 Check Point Software Technologies Ltd. | [Protected] All rights reserved
Thank You
Come to the Boothfor a Live Demo