Upload
iispeastmids
View
527
Download
1
Embed Size (px)
Citation preview
1 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
Self-defending IoT devices & gateways
East Midlands Cyber Security Forum
Matt Aldridge, Solutions Architect
2 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
» BrightCloud Threat Intelligence:
– IP Reputation
– Web Reputation
– Web Classification
– File Reputation
– Collective -> Predictive
» SecureAnywhere™ Web Security Service
» SecureAnywhere™ Agent
» Gateway Solutions
» Device/Thing Solutions
Applying Collective Threat Intelligence to the IoT and IIoT
3 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
IoT Gateway with Secure Proxy
NetworkPerimeter
BCTI
WSS
IoT Gateway
Internet
Features:- SSL Decryption
- URL Policy Management
- BotNet & CC Blocking
- Malicious File Scanning
- White / Black List
- Rapid Deployment
Limitations:- No Inbound IP Blocking- Low Volume Use Case
4 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
IoT Gateway with BCTI SDK – URL & IP
NetworkPerimeter
BCTI
IoT Gateway
Internet
Features:- Most Secure Solution
- Massive Volume
- Lower Cost
- Full Inbound IP Blocking
Limitations:- More Complex Implementation- “On Appliance” Management
5 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
IoT Gateway with IP Blocking and Secure Gateway
NetworkPerimeter
BCTI
IoT Gateway
Internet
Limitations:- Low Volume Use Case Outbound
WSS
IP Rep
Features:- More Secure Solution
- Full Inbound IP Blocking
- Outbound
- SSL Decryption
- URL Policy Management
- BotNet & CC Blocking
- Malicious File Scanning
- White / Black List
6 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
» Devices very long-lived
» Interoperability testing costs millions: change averse
» Evolution limited by hardware capacity & legacy software
Existing IIoT Devices: The Problem
7 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
Hardware Separation – On Device IP/URL Verification
Hardware
OS
Separation Kernel
IP/URL
Check
Internet
BCTIIP
RepURL Cat
Bad IP
Bad URL
8 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
Hardware Separation – Firmware Update Verification
OS
Separation Kernel
Secure
Memory –
File
Hashing
Internet
Webroot Global File Database
Physical Hardware
Device
1
2
34
9 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
Webroot SecureAnywhere™ Agent
Implemented- Windows XP, Vista, 7, 8, 10- OS X- Windows Embedded 7 & 8 (Full Run-time)- Android
In Progress- Windows 10 IoT Core- Windows POSReady 7- Windows Embedded 7 & 8 (Headless)
Roadmap- Linux Variants
10 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
Webroot SecureAnywhere™ Web Security Service
Implemented- Windows XP, Vista, 7, 8, 10- OS X
In Progress- Intel Edison (Yocto)- Intel Edison (Windows 10 IoT Core)- Raspberry PI (Raspbian)- Linux (Generic) - Router/Gateway (Generic)
11 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
» Dynamic executable classifier
– On-device machine learning deployment
– Analyses files in network data streams
– Supplied in SDK form
– First version will cover Windows PE files
– No reliance on signatures
Other Forthcoming Solutions
12 | Monday, February 01, 2016 | Webroot Inc. | Proprietary and Confidential Information
Thank you! Any questions?
Matt Aldridge, Solutions [email protected]