• Home

  • Documents

  • cylanceinfographic-Final...per company per year.2 48% 130 of successful attacks leveraged unknown...
1
Other common attack surface tactics and how to defend against them breaches per company per year. 2 48 % 130 of successful attacks leveraged unknown and polymorphic malware or zero-day attacks. 3 of organizations believed they could keep up with the new or emerging threats. 4 76 % Try as they might, organizations will never be able to completely eliminate vulnerability. To manage the modern and dynamic attack surface, organizations need to ensure they have the right set of security controls in place that reduce the chance that an attacker can gain access. With Cylance, organizations and their security teams rest easier, knowing that even if vulnerabilities go unpatched or they miss an update or two, their local, AI-driven endpoint security is helping to actively reduce their attack surface and proactively prevent breaches. Learn more at cylance.com/why-cylance. The attack surface is constantly growing. The attack surface is complex. Surface Scope An organization’s attack surface includes all elements that can be used by an attacker to gain control of systems, networks, software, users, and assets. As much as 97% of all malware now uses a polymorphic technique to avoid detection by legacy AV. 1 The attack surface is constantly changing — new users, new systems or software, network changes, and security changes. In order to gain access, an attacker will look to exploit the weakest link in the attack surface. In an ideal world, security teams would simply reduce their attack surface to virtually zero. However, in today’s hyperscale enterprise environment, where new assets are added as demand dictates, it's unrealistic to assume that enough action can be taken by the IT team to achieve this. Attackers Seek the Weakest Link Organizations want to minimize their attack surface, but realize that the attack surface is constantly growing and changing. Legacy AV is no match for unknown threats. Organizations cannot wait for the latest update or a threat to first be discovered, identified, and added to AV. Signature- and behavioral-based solutions that use a defined list are reactive and suited only to block yesterday’s attacks. Today the most dangerous threats are unknown—i.e., custom, brand-new (zero-day), or polymorphic exploits and payloads. To stay ahead of attackers, organizations need dynamic, proactive security that can identify previously unknown threats and harmful payloads before they can execute. It’s time to focus on the bigger picture. An organization’s attack surface is the total sum of all vulnerabilities in a device or network that an attacker can exploit to gain access and compromise the system or environment. The aim is to keep the attack surface as small as possible and to actively manage all potential areas of vulnerability. But in today’s hyperscale enterprise environment, where new assets are added as business demand requires, the strategy for managing the attack surface has become ever more unwieldy. Here, we review some of the considerations and best practices for managing your attack surface. Potential file executions from possible unknown malware need to be analyzed in milliseconds before they have an opportunity to execute in the computing device’s memory. A malicious payload may begin with a benign operation to fool security measures. Analysis should be rapid and deep enough to see downstream malicious actions. Application control capabilities are a must as a next line of defense on purpose-designated servers and fixed-function devices. These need constant monitoring to prevent unauthorized apps from running or unauthorized use of a system. The cloud must not be a weak link in your attack surface. Cloud environments need to be protected from misconfiguration. The same security from on-prem resources needs to be extended to the cloud and provide consistent protection. Unauthorized Applications Cloud Assets and Infrastructure Memory Exploits Reduce Your Attack Surface with AI-Driven Security Solutions 1 Building an effective cyber defence against polymorphic malware https://www.information-age.com/building-an-effective-cyber-defence-against-polymorphic-malware-123474759/ 2 Zero-days, fileless attacks are now the most dangerous threats to the enterprise https://www.zdnet.com/article/zero-days-fileless-attacks-are-now-the-most-dangerous-threats-to-the-enterprise/ 3 The Cost of Cybercrime report, September 2017 https://newsroom.accenture.com/news/accenture-and-ponemon-institute-report-cyber-crime-drains-11-7-million-per-business-annually-up-62-perce nt-in-five-years.htm 4 The Need for a New IT Security Architecture: Global Study on the Risk of Outdated Technologies https://www.citrix.com/content/dam/citrix/en_us/documents/analyst-report/ponemon-institute-security-study-outdated-technology-risks.pdf A Dynamic Attack Surface Requires Dynamic, Extended Security Partners Users Security Infrastructure Network Infrastructure Cloud Resources Servers Internal Endpoints laptops, tablets, desktops, and handhelds inside the corporate network External Endpoints mobile devices and other computers outside the corporate network

cylanceinfographic-Final...per company per year.2 48% 130 of successful attacks leveraged unknown and polymorphic malware or zero-day attacks.3 of organizations believed they could

  • Upload
    others

  • View
    8

  • Download
    0

Embed Size (px)

Citation preview

Page 1: cylanceinfographic-Final...per company per year.2 48% 130 of successful attacks leveraged unknown and polymorphic malware or zero-day attacks.3 of organizations believed they could

Other common attack surface tactics and how to defend against them

breaches per company per year.2

48%

130

of successful attacksleveraged unknown and polymorphic malware or zero-day attacks.3

of organizationsbelieved they could keep up with the new or emerging threats.4

76%

Try as they might, organizations will never be able to completely eliminate vulnerability. To manage the modern and dynamic attack surface, organizations need to ensure they have the right set of security controls in place that reduce the chance that an attacker can gain access.

With Cylance, organizations and their security teams rest easier, knowing that even if vulnerabilities go unpatched or they miss an update or two, their local, AI-driven endpoint security is helping to actively reduce their attack surface and proactively prevent breaches.

Learn more at cylance.com/why-cylance.

The attack surface is constantly growing.

The attack surface is complex.

Surface ScopeAn organization’s attack surface includes all elements that can be used by an attacker to gain control of systems, networks, software, users, and assets.

As much as 97% of all malware now uses a polymorphic technique to avoid detection by legacy AV. 1

The attack surface is constantly changing — new users, new systems or software, network changes, and security changes.

In order to gain access, an attacker will look to exploit the weakest link in the attack surface. In an ideal world, security teams would simply reduce their attack surface to virtually zero.

However, in today’s hyperscale enterprise environment, where new assets are added as demand dictates, it's unrealistic to assume that enough action can be taken by the IT team to achieve this.

Attackers Seek the Weakest Link

Organizations want to minimize their attack surface, but realize that the attack surface is constantly growing and changing.

Legacy AV is no match for unknown threats. Organizations cannot wait for the latest update or a threat to first be discovered, identified, and added to AV. Signature- and behavioral-based solutions that use a defined list are reactive and suited only to block yesterday’s attacks.

Today the most dangerous threats are unknown—i.e., custom, brand-new (zero-day), or polymorphic exploits and payloads.

To stay ahead of attackers, organizations need dynamic, proactive security that can identify previously unknown threats and harmful payloads before they can execute.

It’s time to focus on the bigger picture. An organization’s attack surface is the total sum of all vulnerabilities in a device or network that an attacker can exploit to gain access and compromise the system or environment.

The aim is to keep the attack surface as small as possible and to actively manage all potential areas of vulnerability. But in today’s hyperscale enterprise environment, where new assets are added as business demand requires, the strategy for managing the attack surface has become ever more unwieldy. Here, we review some of the considerations and best practices for managing your attack surface.

Potential file executions from possible unknown malware need to be analyzed in milliseconds before they have an opportunity to execute in the computing device’s memory. A malicious payload may begin with a benign operation to fool security measures. Analysis should be rapid and deep enough to see downstream malicious actions.

Application control capabilities are a must as a next line of defense on purpose-designated servers and fixed-function devices. These need constant monitoring to prevent unauthorized apps from running or unauthorized use of a system.

The cloud must not be a weak link in your attack surface. Cloud environments need to be protected from misconfiguration. The same security from on-prem resources needs to be extended to the cloud and provide consistent protection.

Unauthorized Applications

Cloud Assets and Infrastructure

Memory Exploits

Reduce Your Attack Surface with AI-Driven Security Solutions

1 Building an e�ective cyber defence against polymorphic malware https://www.information-age.com/building-an-e�ective-cyber-defence-against-polymorphic-malware-123474759/

2 Zero-days, fileless attacks are now the most dangerous threats to the enterprise https://www.zdnet.com/article/zero-days-fileless-attacks-are-now-the-most-dangerous-threats-to-the-enterprise/

3 The Cost of Cybercrime report, September 2017 https://newsroom.accenture.com/news/accenture-and-ponemon-institute-report-cyber-crime-drains-11-7-million-per-business-annually-up-62-percent-in-five-years.htm

4 The Need for a New IT Security Architecture: Global Study on the Risk of Outdated Technologies https://www.citrix.com/content/dam/citrix/en_us/documents/analyst-report/ponemon-institute-security-study-outdated-technology-risks.pdf

A Dynamic Attack Surface Requires Dynamic, Extended Security

Partners Users

SecurityInfrastructure

Network Infrastructure

Cloud Resources Servers

Internal Endpoints laptops, tablets, desktops, and handhelds inside the corporate network

External Endpoints mobile devices and other computers outside the corporate network

20 million cyber attacks per day

20 million cyber attacks per day

Technology
Polymorphic Malware Detection

Polymorphic Malware Detection

Documents
Polymorphic Nanocrystalline Metal Oxides

Polymorphic Nanocrystalline Metal Oxides

Documents
Towards Classification of Polymorphic Malware

Towards Classification of Polymorphic Malware

Documents
Structure Determination of Bicalutamide Polymorphic Forms

Structure Determination of Bicalutamide Polymorphic Forms

Documents
the Association Between Polymorphic Markers and

the Association Between Polymorphic Markers and

Documents
PolymoRF: Polymorphic Wireless Receivers Through Physical

PolymoRF: Polymorphic Wireless Receivers Through Physical

Documents
Polymorphic mapping (Brutos mvc)

Polymorphic mapping (Brutos mvc)

Technology
Polymorphic Light Eruption

Polymorphic Light Eruption

Documents
An Empirical Study of Real-world Polymorphic Code Injection Attacks

An Empirical Study of Real-world Polymorphic Code Injection Attacks

Documents
Purkinje-related Arrhythmias Part II: Polymorphic

Purkinje-related Arrhythmias Part II: Polymorphic

Documents
Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey

Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey

Documents
Protecting your Organization from Ransomware Attacks · ransomware attacks cause is overwhelming Total costs of $75 Billion per year Average cost per business attack is $133,000 Over

Protecting your Organization from Ransomware Attacks · ransomware attacks cause is overwhelming Total costs of $75 Billion per year Average cost per business attack is $133,000 Over

Documents
Polymorphic Homework and Laboratory System: An

Polymorphic Homework and Laboratory System: An

Documents
1 Polymorphic Blending Attacks By Prahlad Fogla, Monirul Sharif, Roberto Perdisci, Oleg Kolesnikov and Wenke Lee Presented by Jelena Mirkovic Topic 1

1 Polymorphic Blending Attacks By Prahlad Fogla, Monirul Sharif, Roberto Perdisci, Oleg Kolesnikov and Wenke Lee Presented by Jelena Mirkovic Topic 1

Documents
Polymorphic blending attacks Prahlad Fogla et al USENIX 2006

Polymorphic blending attacks Prahlad Fogla et al USENIX 2006

Documents
Polymorphic Shellcode at a Glance

Polymorphic Shellcode at a Glance

Documents
Polymorphic Typed Defunctionalization and Concretizationgallium.inria.fr/~fpottier/publis/fpottier-gauthier-hosc.pdf · Polymorphic Typed Defunctionalization and Concretization Franc¸ois

Polymorphic Typed Defunctionalization and Concretizationgallium.inria.fr/~fpottier/publis/fpottier-gauthier-hosc.pdf · Polymorphic Typed Defunctionalization and Concretization Franc¸ois

Documents
Healthspan Intranet - Polymorphic Products

Healthspan Intranet - Polymorphic Products

Technology
World’s First Polymorphic Computer – MONARCH

World’s First Polymorphic Computer – MONARCH

Documents
Keywords: software encryption,polymorphic decryption

Keywords: software encryption,polymorphic decryption

Documents
Polymorphic Attacks on Data-in-Motion Require a New Security Approach From Both the Service Provider and End User

Polymorphic Attacks on Data-in-Motion Require a New Security Approach From Both the Service Provider and End User

Technology
The Evolving Security Landscape...Hacking for Fun and Fame Organized Cybercrime Cyber Warfare DOS RISE OF THE BOTNETS/ DDOS Silent BOTNETS Viruses Worms/Trojans Polymorphic Attacks

The Evolving Security Landscape...Hacking for Fun and Fame Organized Cybercrime Cyber Warfare DOS RISE OF THE BOTNETS/ DDOS Silent BOTNETS Viruses Worms/Trojans Polymorphic Attacks

Documents
Introduction to Programming in ATSats-lang.sourceforge.net/DOCUMENT/INT2PROGINATS/... · Parametric Polymorphism Function Templates Polymorphic Functions Polymorphic Datatypes

Introduction to Programming in ATSats-lang.sourceforge.net/DOCUMENT/INT2PROGINATS/... · Parametric Polymorphism Function Templates Polymorphic Functions Polymorphic Datatypes

Documents
Advanced polymorphic techniques

Advanced polymorphic techniques

Documents
Catecholaminergic Polymorphic Ventricular Tachycardia & RYR2

Catecholaminergic Polymorphic Ventricular Tachycardia & RYR2

Documents
Polymorphic Data Modeling - Georgia Southern University

Polymorphic Data Modeling - Georgia Southern University

Documents
Polymorphic Blending Attacks

Polymorphic Blending Attacks

Documents
CSTalks-Polymorphic heterogeneous multicore systems-17Aug

CSTalks-Polymorphic heterogeneous multicore systems-17Aug

Technology
PTC: Polymorphic Tracking Code (Etienne Forest)

PTC: Polymorphic Tracking Code (Etienne Forest)

Documents