Upload
tripwire
View
7.325
Download
1
Embed Size (px)
DESCRIPTION
The headlines are full of dazzling breaches that took long-term planning, persistence and hacking genius to execute. But the reality is that most breaches required only average knowledge and an under-protected target to pull off. It’s the cyber equivalent of a smash-and-grab burglary – a purse is left on a seat, a window is smashed, the burglar runs off with the purse – that exploits weak defenses and “targets of opportunity.” Learn how Tripwire’s easily-implemented Cybercrime Controls reduce attack surface, harden systems, and immediately detect many common cyber-attacks.
Citation preview
Combating
“Smash & Grab”
Hacking
• Global marketing
• Product training
• Analyst and press
• Customer programs
• Product / Mktg Liaison
• System integrations
• Custom solutions
• New technologies
• Proof of concepts
• Analyst demos
• Personally identifiable information
• Social Security #s
• Intellectual Property
• Credit Card #s
• IP addresses
• Server names & configurations
• Email address
• Medical history
• Employment records
• Criminal records
Maintain Long-term Access to
Compromised Systems:
“Staying In”
CauseDamage:“Acting”
Initial Compromise:“Getting In”
• Personally identifiable information
• Social Security #s
• Intellectual Property
• Credit Card #s
• IP addresses
• Server names & configurations
• Email address
• Medical history
• Employment records
• Criminal records
• Personally identifiable information
• Social Security #s
• Intellectual Property
• Credit Card #s
• IP addresses
• Server names & configurations
• Email address
• Medical history
• Employment records
• Criminal records
80% of organizations have been breachedPonemon Research June 2011
• Personally identifiable information
• Social Security #s
• Intellectual Property
• Credit Card #s
• IP addresses
• Server names & configurations
• Email address
• Medical history
• Employment records
• Criminal records
80% of organizations have been breachedPonemon Research June 2011
$171 Million
$4 Billion
$66 Million
1.3 Million
Customers
[National Security
Implications]
80% of organizations have been breachedPonemon Research June 2011
230% increase in cyber attacks against small companies Verizon Research June 2011
230% increase in cyber attacks against small companies Verizon Research June 2011
• These attacks leverage
automated tools
• They probe dozens of
vulnerabilities in seconds
• Unlike APTs they’re
interested in targets of
opportunity
• It’s a volume business
PROTECT CORRECTDETECT
• Prevent breaches through
proactive configuration
assessment
• Prevent weaknesses in
the systems that store
sensitive data
• Prevent audit failures by
aligning configs to
standards
PROTECT CORRECTDETECT
• Prevent breaches through
proactive configuration
assessment
• Prevent weaknesses in
the systems that store
sensitive data
• Prevent audit failures by
aligning configs to
standards
• Instantly detect deviations
from preferred states of
configurations
• Maintain constant
vigilance over key files
and data
• Gain immediate visibility
across infrastructure
PROTECT CORRECTDETECT
PROTECT CORRECTDETECT
•
•
•
•
• no
changes take place
100 CIS tests per covered platform
•
•
•
•
•
•
100 CIS tests per covered platform
•
•
•
•
•
•
Breach Detection
•
•
•
•
Easy to import, install, activate and tune
Provides a base level of both preventive & detective controls
Ongoing updates will leverage this content across products
Available to all Tripwire Enterprise users though TCC
Compliance Policy
Manager hardens
systems based
on proven standards
to prevent intrusion
File Integrity
Manager
immediately detects
changes to
known and trusted,
hardened and
secure states
Remediation
Manager
automatically
realigns and repairs
security settings using
permission-based
workflows
Tripwire is a leading global provider of
IT security and compliance automation
solutions that enable organizations to
protect, control and audit their entire IT
infrastructure
Change, Breaches, Audits
and Outages Happen. TAKE CONTROL.
THANKS FROM TRIPWIRE