SlideShare a Scribd company logo

Zlatibor asseco-fire eye

Download as PPTX, PDF
Dejan Jeremic
Dejan Jeremic
EducationTechnology
1 of 17
Solutions for Demanding Business
solutions for demanding business FireEye – Advance Threat Protection Dane Hinić Senior Consultant dane.hinic@asseco-see.rs
solutions for demanding business 3 Traditional Security Solutions IPS Attack-signature based detection, shallow application analysis, high-false positives, no visibility into advanced attack lifecycle Secure Web Gateways Some analysis of script- based malware, AV, IP/URL filtering; ineffective vs. advanced targeted attacks Desktop AV Signature-based detection (some behavioral); ineffective vs. advanced targeted attacks Anti-Spam Gateways Relies largely on antivirus, signature- based detection (some behavioral); no true spear phishing protection Firewalls/NGFW Block IP/port connections, applicatio n-level control, no visibility Despite all this technology 95% of organizations are compromised
solutions for demanding business Multi-Staged Cyber Attack Exploit Detection is Critical All Subsequent Stages can be Hidden or Obfuscated 1 Callback Server IPSFile Share 2 File Share 1 Exploit Server 5 32 4 1. Exploitation of System 2. Malware Executable Download 3. Callbacks and Control Established 4. Lateral Spread 5. Data Exfiltration Firewall 4
solutions for demanding business What Is An Exploit? Compromised webpage with exploit object 1. Exploit object rendered by vulnerable software 2. Exploit injects code into running program memory 3. Control transfers to exploit code Exploit object can be in ANY web page An exploit is NOT the same as the malware executable file! 5
solutions for demanding business Structure of a Multi-Flow APT Attack Exploit Server Embedded Exploit Alters Endpoint 1 6
solutions for demanding business Structure of a Multi-Flow APT Attack Callback ServerExploit Server Embedded Exploit Alters Endpoint 1 Callback2 7
solutions for demanding business Structure of a Multi-Flow APT Attack Callback ServerExploit Server Encrypted Malware Embedded Exploit Alters Endpoint 1 Callback2 Encrypted malware downloads 3 8
solutions for demanding business Structure of a Multi-Flow APT Attack Callback ServerExploit Server Encrypted Malware Command and Control Server Embedded Exploit Alters Endpoint 1 Callback2 Encrypted malware downloads 3 Callback and data exfiltration 4 9
solutions for demanding business FireEye’s Technology: State of the Art Detection CORRELATEANALYZE ( 5 0 0 , 0 0 0 O B J E C T S / H O U R ) Within VMs Across VMs Cross-enterprise Network Email Mobile Files Exploit Callback Malware Download Lateral Transfer Exfiltration DETONATE 10
solutions for demanding business Who detected the attack first? (Detections by month) 0 5000 10000 15000 20000 25000 30000 07/13 08/13 09/13 10/13 11/13 12/13 FireEye found First Detected by vendor in VirusTotal 11
Industry: Government (Federal) Top APT Business Impact Backdoor.APT. Houdini(25%) Loss of sensitive information. Houdini is believed to be the developer’s name of VBS- based RAT known to target international energy industry and take part in spammed email campaign. Top Crimeware Business Impact Malware.Archive (68%) Malware is discovered inside archive file (ZIP, RAR) Malware.Binary (52%) Loss of sensitive financial information, e.g. credit card, banking login FireEye PoV Customers Compromised HadAPT 31 100% 39% 0.39 2.63 11058.1 11046.3 303.06 4939 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 164.75 13.95 350.44 352.55 MaxAverage(Per Week)
Industry: High-Tech Top APT Business Impact Backdoor.APT. Gh0stRAT (40%) Remote Access Tools (RAT) that lead to loss of intellectual property, trade secret, and sensitive internal communication.Backdoor.APT. DarkComet (40%) Top Crimeware Business Impact Malware.Binary (67%) Never-seen-before malware. Signature based protection defenseless. Exploit.Kit.Neutrino (67%) Infection with several types of malware that steal credentials or restrict access to computer and demands ransom. FireEye PoV Customers Compromised HadAPT 18 100% 28% 1.46 8.66 41486.9 43022.5 86.92 3011.14 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 198.9 12.9 2708.9 2629.8 MaxAverage(Per Week)
Industry: Financial Top APT Business Impact Backdoor.APT.Houdini (29%) Loss of sensitive information. Houdini is believed to be the developer’s name of VBS- based RAT known to target international energy industry and take part in spammed email campaign. Top Crimeware Business Impact Exploit.Browser (66%) An attempt to compromise endpoint by exploiting vulnerability in the Web browser. If successful, attacker can install and execute malicious software without end users consent. Exploit.Kit.Neutrino (54%) Infection with several types of malware that steal credentials or restrict access to computer and demand ransom. FireEye PoV Customers Compromised HadAPT 71 99% 10% 0.78 5.68 1602.83 1405.78 174.1 3183.1 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 90.48 6.26 24.21 34.85 MaxAverage(Per Week)
Industry: Services / Consulting / VAR Top APT Business Impact Backdoor.APT.XtremeRA T (50%) Being victim of common RATs capabilities including key logging, screen capturing, video capturing, file transfers, system administration, password theft, and traffic relaying. Top Crimeware Business Impact Exploit.Browser (53%) An attempt to compromise endpoint by exploiting vulnerability in the Web browser. If successful, attacker can install and execute malicious software without end users consent. Malware.Archive (53%) Malware is discovered inside archive file (ZIP, RAR) FireEye PoV Customers Compromised HadAPT 19 100% 11% 1.75 20.77 83.06 52.15 151.15 187.85 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 18.05 12.23 5.57 13.34 MaxAverage(Per Week)
solutions for demanding business FireEye Product Portfolio SEG IPS SWG IPS MDM Host Anti-virus Host Anti-virus MVX Threat Analytics Platform Mobile Threat PreventionEmail Threat Prevention DynamicThreat Intelligence NetworkThreat Prevention ContentThreat Prevention MobileThreat Prevention EndpointThreat Prevention EmailThreat Prevention
Dane Hinić dane.hinic@asseco-see.rs

Recommended

Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...FireEye, Inc.
 
FireEye
FireEyeFireEye
FireEyegigamon
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 

Recommended

Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...FireEye, Inc.
 
FireEye
FireEyeFireEye
FireEyegigamon
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not MarketingArrowECS_CZ
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye SolutionsPrime Infoserv
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Quick Heal Technologies Ltd.
 
Advanced Threat Protection
Advanced Threat ProtectionAdvanced Threat Protection
Advanced Threat ProtectionLan & Wan Solutions
 
From Business Architecture to Security Architecture
From Business Architecture to Security ArchitectureFrom Business Architecture to Security Architecture
From Business Architecture to Security ArchitecturePriyanka Aash
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Kevin M. Moker, CFE, CISSP, ISSMP, CISM
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthIceQUICK
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering Lauren Traurig
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security TestingMarco Morana
 
Livro "CCM Iamspe: muito mais que 2%"
Livro "CCM Iamspe: muito mais que 2%"Livro "CCM Iamspe: muito mais que 2%"
Livro "CCM Iamspe: muito mais que 2%"Sylvio Micelli
 
Mohamed salem C.V. - Copy
Mohamed salem C.V. - CopyMohamed salem C.V. - Copy
Mohamed salem C.V. - Copymohamed salem
 

More Related Content

What's hot

Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not MarketingArrowECS_CZ
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
From Business Architecture to Security Architecture
From Business Architecture to Security ArchitectureFrom Business Architecture to Security Architecture
From Business Architecture to Security ArchitecturePriyanka Aash
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthIceQUICK
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security TestingMarco Morana
 

What's hot (20)

Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testing
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEye
 
FireEye Solutions
FireEye SolutionsFireEye Solutions
FireEye Solutions
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action
 
Advanced Threat Protection
Advanced Threat ProtectionAdvanced Threat Protection
Advanced Threat Protection
 
From Business Architecture to Security Architecture
From Business Architecture to Security ArchitectureFrom Business Architecture to Security Architecture
From Business Architecture to Security Architecture
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30
 
DC970 Presents: Defense in Depth
DC970 Presents: Defense in DepthDC970 Presents: Defense in Depth
DC970 Presents: Defense in Depth
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security Testing
 

Viewers also liked

Livro "CCM Iamspe: muito mais que 2%"
Livro "CCM Iamspe: muito mais que 2%"Livro "CCM Iamspe: muito mais que 2%"
Livro "CCM Iamspe: muito mais que 2%"Sylvio Micelli
 
Mohamed salem C.V. - Copy
Mohamed salem C.V. - CopyMohamed salem C.V. - Copy
Mohamed salem C.V. - Copymohamed salem
 
La administración pública como ciencia, por José Juan Sánchez González
La administración pública como ciencia, por José Juan Sánchez GonzálezLa administración pública como ciencia, por José Juan Sánchez González
La administración pública como ciencia, por José Juan Sánchez GonzálezEdgar Vásquez Cruz
 
Todosobrelaspdi 120215101521-phpapp02
Todosobrelaspdi 120215101521-phpapp02Todosobrelaspdi 120215101521-phpapp02
Todosobrelaspdi 120215101521-phpapp02yosoybobesponja
 
Présentation - Landing App
Présentation - Landing App Présentation - Landing App
Présentation - Landing App Florent Hernandez
 
Digital entrepreneur 140207_bm
Digital entrepreneur 140207_bmDigital entrepreneur 140207_bm
Digital entrepreneur 140207_bmKenneth OE Sundin
 
Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3
Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3
Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3vpereira40
 
Digital.Creativity
Digital.CreativityDigital.Creativity
Digital.CreativityAna Andjelic
 
Mobile Order Management and real-time analytics on SAP HANA
Mobile Order Management and real-time analytics on SAP HANAMobile Order Management and real-time analytics on SAP HANA
Mobile Order Management and real-time analytics on SAP HANAJens Frenzel
 
Apresentação kasa conceito 02
Apresentação kasa conceito 02Apresentação kasa conceito 02
Apresentação kasa conceito 02schaelly campos
 
Spryker Hackathon Q1 2016
Spryker Hackathon Q1 2016Spryker Hackathon Q1 2016
Spryker Hackathon Q1 2016Fabian Wesner
 
Planejamento e matrizes Marketing
Planejamento e matrizes MarketingPlanejamento e matrizes Marketing
Planejamento e matrizes MarketingClarissa Lima
 

Viewers also liked (20)

Livro "CCM Iamspe: muito mais que 2%"
Livro "CCM Iamspe: muito mais que 2%"Livro "CCM Iamspe: muito mais que 2%"
Livro "CCM Iamspe: muito mais que 2%"
 
Mohamed salem C.V. - Copy
Mohamed salem C.V. - CopyMohamed salem C.V. - Copy
Mohamed salem C.V. - Copy
 
Ielectricas
IelectricasIelectricas
Ielectricas
 
S+T Sum08
S+T Sum08S+T Sum08
S+T Sum08
 
Fira de Nadal
Fira de NadalFira de Nadal
Fira de Nadal
 
La administración pública como ciencia, por José Juan Sánchez González
La administración pública como ciencia, por José Juan Sánchez GonzálezLa administración pública como ciencia, por José Juan Sánchez González
La administración pública como ciencia, por José Juan Sánchez González
 
Todosobrelaspdi 120215101521-phpapp02
Todosobrelaspdi 120215101521-phpapp02Todosobrelaspdi 120215101521-phpapp02
Todosobrelaspdi 120215101521-phpapp02
 
2009 Guía de Turismo Activo en Euskadi
2009 Guía de Turismo Activo en Euskadi2009 Guía de Turismo Activo en Euskadi
2009 Guía de Turismo Activo en Euskadi
 
Présentation - Landing App
Présentation - Landing App Présentation - Landing App
Présentation - Landing App
 
Digital entrepreneur 140207_bm
Digital entrepreneur 140207_bmDigital entrepreneur 140207_bm
Digital entrepreneur 140207_bm
 
Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3
Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3
Revista Academia Colombiana de Ciencias Veterinarias Val 4 No 3
 
Digital.Creativity
Digital.CreativityDigital.Creativity
Digital.Creativity
 
Mobile Order Management and real-time analytics on SAP HANA
Mobile Order Management and real-time analytics on SAP HANAMobile Order Management and real-time analytics on SAP HANA
Mobile Order Management and real-time analytics on SAP HANA
 
Ex-jobb
Ex-jobbEx-jobb
Ex-jobb
 
Apresentação kasa conceito 02
Apresentação kasa conceito 02Apresentação kasa conceito 02
Apresentação kasa conceito 02
 
Spryker Hackathon Q1 2016
Spryker Hackathon Q1 2016Spryker Hackathon Q1 2016
Spryker Hackathon Q1 2016
 
Linking words
Linking wordsLinking words
Linking words
 
Planejamento e matrizes Marketing
Planejamento e matrizes MarketingPlanejamento e matrizes Marketing
Planejamento e matrizes Marketing
 
Indusmedia
IndusmediaIndusmedia
Indusmedia
 
Estadisticas 2012 Asociacion Mexicana de Franquicias
Estadisticas 2012 Asociacion Mexicana de FranquiciasEstadisticas 2012 Asociacion Mexicana de Franquicias
Estadisticas 2012 Asociacion Mexicana de Franquicias
 

Similar to Zlatibor asseco-fire eye

FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceValery Yelanin
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingSoftware Guru
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityLumension
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015SLBdiensten
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack MethodologiesGeeks Anonymes
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)Shivam Sahu
 
SonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxSonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxssuser813dcd
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security IntelligenceSplunk
 
Remote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaRemote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaPrime Infoserv
 
Choosing The Right Enterprise Antispyware Solution
Choosing The Right Enterprise Antispyware SolutionChoosing The Right Enterprise Antispyware Solution
Choosing The Right Enterprise Antispyware SolutionMark J. Feldman
 

Similar to Zlatibor asseco-fire eye (20)

FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment Experience
 
Information Security
Information SecurityInformation Security
Information Security
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015Presentatie McAfee: Optimale Endpoint Protection 26062015
Presentatie McAfee: Optimale Endpoint Protection 26062015
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack Methodologies
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
 
SonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptxSonicWALL - Skytek - VnPro.pptx
SonicWALL - Skytek - VnPro.pptx
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentation
 
185
185185
185
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
Remote Workforces Secure by Barracuda
Remote Workforces Secure by BarracudaRemote Workforces Secure by Barracuda
Remote Workforces Secure by Barracuda
 
Choosing The Right Enterprise Antispyware Solution
Choosing The Right Enterprise Antispyware SolutionChoosing The Right Enterprise Antispyware Solution
Choosing The Right Enterprise Antispyware Solution
 

More from Dejan Jeremic

Konferencija 09.12. ​Maja Ilic
Konferencija 09.12. ​Maja IlicKonferencija 09.12. ​Maja Ilic
Konferencija 09.12. ​Maja IlicDejan Jeremic
 
Konferencija 09.12. ph d Dragan Djurdjevic
Konferencija 09.12. ph d Dragan DjurdjevicKonferencija 09.12. ph d Dragan Djurdjevic
Konferencija 09.12. ph d Dragan DjurdjevicDejan Jeremic
 
Konferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicKonferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicDejan Jeremic
 
Konferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicKonferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicDejan Jeremic
 
Konferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicKonferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicDejan Jeremic
 
Konferencija 09.12. Hilda Milenković
Konferencija 09.12. Hilda MilenkovićKonferencija 09.12. Hilda Milenković
Konferencija 09.12. Hilda MilenkovićDejan Jeremic
 
Konferencija 9 12 - Biljana Simic
Konferencija 9 12 - Biljana SimicKonferencija 9 12 - Biljana Simic
Konferencija 9 12 - Biljana SimicDejan Jeremic
 
Asistivna tehnologija
Asistivna tehnologija Asistivna tehnologija
Asistivna tehnologija Dejan Jeremic
 
Podrska razvoja siblinskih odnosa
Podrska razvoja siblinskih odnosaPodrska razvoja siblinskih odnosa
Podrska razvoja siblinskih odnosaDejan Jeremic
 
Beskucnistvo i usluga socijalnog rada
Beskucnistvo i usluga socijalnog radaBeskucnistvo i usluga socijalnog rada
Beskucnistvo i usluga socijalnog radaDejan Jeremic
 
Lokalne usluge GCSR Beograd
Lokalne usluge GCSR BeogradLokalne usluge GCSR Beograd
Lokalne usluge GCSR BeogradDejan Jeremic
 
Postupanje GCSR u obezbedjivanju podrske maloletne dece migranata
Postupanje GCSR u obezbedjivanju podrske maloletne dece migranataPostupanje GCSR u obezbedjivanju podrske maloletne dece migranata
Postupanje GCSR u obezbedjivanju podrske maloletne dece migranataDejan Jeremic
 
Deinstitucionalizacija
DeinstitucionalizacijaDeinstitucionalizacija
DeinstitucionalizacijaDejan Jeremic
 
Centar za porodicni smestaj i usvojenje Novi Sad
Centar za porodicni smestaj i usvojenje Novi SadCentar za porodicni smestaj i usvojenje Novi Sad
Centar za porodicni smestaj i usvojenje Novi SadDejan Jeremic
 
Podrsak EU inkluzionom drustvu
Podrsak EU inkluzionom drustvuPodrsak EU inkluzionom drustvu
Podrsak EU inkluzionom drustvuDejan Jeremic
 
Povremeni porodicni smeštaj - sajam socijalnih usluga 2016
Povremeni porodicni smeštaj - sajam socijalnih usluga 2016Povremeni porodicni smeštaj - sajam socijalnih usluga 2016
Povremeni porodicni smeštaj - sajam socijalnih usluga 2016Dejan Jeremic
 
Forenzička revizija
Forenzička revizijaForenzička revizija
Forenzička revizijaDejan Jeremic
 
Analiza ljudskih potencijala
Analiza ljudskih potencijalaAnaliza ljudskih potencijala
Analiza ljudskih potencijalaDejan Jeremic
 
Selekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbrane
Selekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbraneSelekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbrane
Selekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbraneDejan Jeremic
 
Razvoj lokalnih usluga socijalne zastite grada Pancevo
Razvoj lokalnih usluga socijalne zastite grada PancevoRazvoj lokalnih usluga socijalne zastite grada Pancevo
Razvoj lokalnih usluga socijalne zastite grada PancevoDejan Jeremic
 

More from Dejan Jeremic (20)

Konferencija 09.12. ​Maja Ilic
Konferencija 09.12. ​Maja IlicKonferencija 09.12. ​Maja Ilic
Konferencija 09.12. ​Maja Ilic
 
Konferencija 09.12. ph d Dragan Djurdjevic
Konferencija 09.12. ph d Dragan DjurdjevicKonferencija 09.12. ph d Dragan Djurdjevic
Konferencija 09.12. ph d Dragan Djurdjevic
 
Konferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicKonferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad Kaludjerovic
 
Konferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicKonferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad Kaludjerovic
 
Konferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad KaludjerovicKonferencija 09.12. ph d Nenad Kaludjerovic
Konferencija 09.12. ph d Nenad Kaludjerovic
 
Konferencija 09.12. Hilda Milenković
Konferencija 09.12. Hilda MilenkovićKonferencija 09.12. Hilda Milenković
Konferencija 09.12. Hilda Milenković
 
Konferencija 9 12 - Biljana Simic
Konferencija 9 12 - Biljana SimicKonferencija 9 12 - Biljana Simic
Konferencija 9 12 - Biljana Simic
 
Asistivna tehnologija
Asistivna tehnologija Asistivna tehnologija
Asistivna tehnologija
 
Podrska razvoja siblinskih odnosa
Podrska razvoja siblinskih odnosaPodrska razvoja siblinskih odnosa
Podrska razvoja siblinskih odnosa
 
Beskucnistvo i usluga socijalnog rada
Beskucnistvo i usluga socijalnog radaBeskucnistvo i usluga socijalnog rada
Beskucnistvo i usluga socijalnog rada
 
Lokalne usluge GCSR Beograd
Lokalne usluge GCSR BeogradLokalne usluge GCSR Beograd
Lokalne usluge GCSR Beograd
 
Postupanje GCSR u obezbedjivanju podrske maloletne dece migranata
Postupanje GCSR u obezbedjivanju podrske maloletne dece migranataPostupanje GCSR u obezbedjivanju podrske maloletne dece migranata
Postupanje GCSR u obezbedjivanju podrske maloletne dece migranata
 
Deinstitucionalizacija
DeinstitucionalizacijaDeinstitucionalizacija
Deinstitucionalizacija
 
Centar za porodicni smestaj i usvojenje Novi Sad
Centar za porodicni smestaj i usvojenje Novi SadCentar za porodicni smestaj i usvojenje Novi Sad
Centar za porodicni smestaj i usvojenje Novi Sad
 
Podrsak EU inkluzionom drustvu
Podrsak EU inkluzionom drustvuPodrsak EU inkluzionom drustvu
Podrsak EU inkluzionom drustvu
 
Povremeni porodicni smeštaj - sajam socijalnih usluga 2016
Povremeni porodicni smeštaj - sajam socijalnih usluga 2016Povremeni porodicni smeštaj - sajam socijalnih usluga 2016
Povremeni porodicni smeštaj - sajam socijalnih usluga 2016
 
Forenzička revizija
Forenzička revizijaForenzička revizija
Forenzička revizija
 
Analiza ljudskih potencijala
Analiza ljudskih potencijalaAnaliza ljudskih potencijala
Analiza ljudskih potencijala
 
Selekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbrane
Selekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbraneSelekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbrane
Selekcija kadrova i njihova uloga u inzinjeringu protivteroristicke odbrane
 
Razvoj lokalnih usluga socijalne zastite grada Pancevo
Razvoj lokalnih usluga socijalne zastite grada PancevoRazvoj lokalnih usluga socijalne zastite grada Pancevo
Razvoj lokalnih usluga socijalne zastite grada Pancevo
 

Recently uploaded

Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxRosabel UA
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSMae Pangan
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 

Recently uploaded (20)

Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptx
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHS
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 

Zlatibor asseco-fire eye

  • 2. solutions for demanding business FireEye – Advance Threat Protection Dane Hinić Senior Consultant dane.hinic@asseco-see.rs
  • 3. solutions for demanding business 3 Traditional Security Solutions IPS Attack-signature based detection, shallow application analysis, high-false positives, no visibility into advanced attack lifecycle Secure Web Gateways Some analysis of script- based malware, AV, IP/URL filtering; ineffective vs. advanced targeted attacks Desktop AV Signature-based detection (some behavioral); ineffective vs. advanced targeted attacks Anti-Spam Gateways Relies largely on antivirus, signature- based detection (some behavioral); no true spear phishing protection Firewalls/NGFW Block IP/port connections, applicatio n-level control, no visibility Despite all this technology 95% of organizations are compromised
  • 4. solutions for demanding business Multi-Staged Cyber Attack Exploit Detection is Critical All Subsequent Stages can be Hidden or Obfuscated 1 Callback Server IPSFile Share 2 File Share 1 Exploit Server 5 32 4 1. Exploitation of System 2. Malware Executable Download 3. Callbacks and Control Established 4. Lateral Spread 5. Data Exfiltration Firewall 4
  • 5. solutions for demanding business What Is An Exploit? Compromised webpage with exploit object 1. Exploit object rendered by vulnerable software 2. Exploit injects code into running program memory 3. Control transfers to exploit code Exploit object can be in ANY web page An exploit is NOT the same as the malware executable file! 5
  • 6. solutions for demanding business Structure of a Multi-Flow APT Attack Exploit Server Embedded Exploit Alters Endpoint 1 6
  • 7. solutions for demanding business Structure of a Multi-Flow APT Attack Callback ServerExploit Server Embedded Exploit Alters Endpoint 1 Callback2 7
  • 8. solutions for demanding business Structure of a Multi-Flow APT Attack Callback ServerExploit Server Encrypted Malware Embedded Exploit Alters Endpoint 1 Callback2 Encrypted malware downloads 3 8
  • 9. solutions for demanding business Structure of a Multi-Flow APT Attack Callback ServerExploit Server Encrypted Malware Command and Control Server Embedded Exploit Alters Endpoint 1 Callback2 Encrypted malware downloads 3 Callback and data exfiltration 4 9
  • 10. solutions for demanding business FireEye’s Technology: State of the Art Detection CORRELATEANALYZE ( 5 0 0 , 0 0 0 O B J E C T S / H O U R ) Within VMs Across VMs Cross-enterprise Network Email Mobile Files Exploit Callback Malware Download Lateral Transfer Exfiltration DETONATE 10
  • 11. solutions for demanding business Who detected the attack first? (Detections by month) 0 5000 10000 15000 20000 25000 30000 07/13 08/13 09/13 10/13 11/13 12/13 FireEye found First Detected by vendor in VirusTotal 11
  • 12. Industry: Government (Federal) Top APT Business Impact Backdoor.APT. Houdini(25%) Loss of sensitive information. Houdini is believed to be the developer’s name of VBS- based RAT known to target international energy industry and take part in spammed email campaign. Top Crimeware Business Impact Malware.Archive (68%) Malware is discovered inside archive file (ZIP, RAR) Malware.Binary (52%) Loss of sensitive financial information, e.g. credit card, banking login FireEye PoV Customers Compromised HadAPT 31 100% 39% 0.39 2.63 11058.1 11046.3 303.06 4939 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 164.75 13.95 350.44 352.55 MaxAverage(Per Week)
  • 13. Industry: High-Tech Top APT Business Impact Backdoor.APT. Gh0stRAT (40%) Remote Access Tools (RAT) that lead to loss of intellectual property, trade secret, and sensitive internal communication.Backdoor.APT. DarkComet (40%) Top Crimeware Business Impact Malware.Binary (67%) Never-seen-before malware. Signature based protection defenseless. Exploit.Kit.Neutrino (67%) Infection with several types of malware that steal credentials or restrict access to computer and demands ransom. FireEye PoV Customers Compromised HadAPT 18 100% 28% 1.46 8.66 41486.9 43022.5 86.92 3011.14 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 198.9 12.9 2708.9 2629.8 MaxAverage(Per Week)
  • 14. Industry: Financial Top APT Business Impact Backdoor.APT.Houdini (29%) Loss of sensitive information. Houdini is believed to be the developer’s name of VBS- based RAT known to target international energy industry and take part in spammed email campaign. Top Crimeware Business Impact Exploit.Browser (66%) An attempt to compromise endpoint by exploiting vulnerability in the Web browser. If successful, attacker can install and execute malicious software without end users consent. Exploit.Kit.Neutrino (54%) Infection with several types of malware that steal credentials or restrict access to computer and demand ransom. FireEye PoV Customers Compromised HadAPT 71 99% 10% 0.78 5.68 1602.83 1405.78 174.1 3183.1 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 90.48 6.26 24.21 34.85 MaxAverage(Per Week)
  • 15. Industry: Services / Consulting / VAR Top APT Business Impact Backdoor.APT.XtremeRA T (50%) Being victim of common RATs capabilities including key logging, screen capturing, video capturing, file transfers, system administration, password theft, and traffic relaying. Top Crimeware Business Impact Exploit.Browser (53%) An attempt to compromise endpoint by exploiting vulnerability in the Web browser. If successful, attacker can install and execute malicious software without end users consent. Malware.Archive (53%) Malware is discovered inside archive file (ZIP, RAR) FireEye PoV Customers Compromised HadAPT 19 100% 11% 1.75 20.77 83.06 52.15 151.15 187.85 Web Exploit Malware Download Unique Malware Unique Callback Impacted Hosts 18.05 12.23 5.57 13.34 MaxAverage(Per Week)
  • 16. solutions for demanding business FireEye Product Portfolio SEG IPS SWG IPS MDM Host Anti-virus Host Anti-virus MVX Threat Analytics Platform Mobile Threat PreventionEmail Threat Prevention DynamicThreat Intelligence NetworkThreat Prevention ContentThreat Prevention MobileThreat Prevention EndpointThreat Prevention EmailThreat Prevention

Editor's Notes

  1. Note:Threats @ perimeter – Network Threat Prevention PlatformData Center – Content Threat Prevention Platform for latent malwareObviously many people are now bringing in mobile devices… with Mobile Threat Prevention, we are able to leverage MVX to now analyze the new class of threats – threats via mobile apps. E.g. apps stealing contacts via mobile apps, which provides the attacker the email information (and legally valid sources) for the next stage of attackOn the endpoint, Mandiant brings us the MSO product, which will be rebranded into the FireEye platform as the Endpoint Threat Prevention PlatformFinally, we have the Email threat Prevention Platform for the spearphishing attacks that attackers use to penetrate organizations.The Threat Analytics Platform is a new product for analyzing advanced threats using a combination of of event logs and security device logs with homegrown threat intelligence from FireEye.