SlideShare a Scribd company logo

Evaluating Mobile Threat Defense Solutions

S
Skycure

This document outlines steps for evaluating a mobile threat defense solution, including defining important requirements, success criteria, planning a trial, and validating findings. It recommends aggregating industry best practices, listing objectives to prioritize and score solutions, executing a 30-day trial on 5-20 devices to collect threat data and assess user experience, and talking to references to confirm the evaluation process and results. The goal is to thoroughly test solutions and choose one that protects against all mobile threat vectors and meets critical requirements.

Technology
1 of 14
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 1 Webinar Tools for Evaluating a Mobile Threat Defense Solution
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 2 Quick Housekeeping • There will be time for Q&A at the end • Ask questions using the GTW chat pane • The webinar is being recorded • All attendees will receive a copy of the slides/recording Join the discussion #MobileThreatDefense
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 3 Meet Your Speaker Mic McCully Sr. Solutions Consultant, Skycure
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 4 Agenda • Mobile Threat Landscape • Important Requirements • Success Criteria • RFP/RFI Additional Important Items • Trial Execution • Reference Questions
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 5 Old Endpoint vs. New Endpoint IPS IDS FIREWALL USB SECURITY DLP DATA ENCRYPTION WIRELESS SECURITY APPLICATION CONTROL AV
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 6 Mobile Threat Landscape Physical Malware Vulnerabilities Network
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 7 Important Requirements • Aggregate best practices from industry experts - Deployment process - End-user experience - Threat detection & protection • Network threats • Malware • Device vulnerabilities - Management and Administration - Integrations • EMM/MDM • SIEM • Exchange • Other
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 8 Success Criteria • May be different for each company • List and prioritize objectives • Add relative weighting • Creates a scorecard for objective solution comparison admin
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 9 RFP/RFI Additional Important Items • Scalability – size of eventual deployment • Managed, unmanaged and shared devices • Support process – vendor + in-house, level 1,2 • Licensing model – subscription for growth and flexibility • Impact on IT resources • Impact on end-user productivity, acceptance • Solution/infrastructure security • …
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 10 Planning a Trial • What are you trying to prove? - Function • How complete is the threat detection? • Review SANS threat vectors – network, malware, vulnerabilities, physical • Collect/develop sample threats for testing – work with vendor on methods - End-user acceptance • Privacy • Performance impact - Current organizational risk • Quantify the current risk exposure • Use a meaningful sample • Report
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 11 During the Trial Recommend 30 Day Trial • Step 1 – Deploy solution (Recommend 5-20 devices in varying use cases) • Step 2 – Request assessment report after a few weeks Expected Results NUMBER OF DEVICES WITH MALICIOUS APPS INSTALLED PERCENTAGE OF DEVICES EXPOSED TO NETWORK THREATS PERCENTAGE OF MOBILE DEVICES RUNNING OS WITH HIGH-SEVERITY VULNERABILITIES EVERY ORG with 200+ devices had iOS malware 81.57% 7.22%
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 12 Validate Findings • Insist on references - Validate the collected information during the process in addition to elements that can only be collected from someone who has been down the path. • Sample questions: How was your evaluation process? Describe your deployment What obstacles did you encounter? Why did you make the decision to move forward? What value have you seen so far?How has the company been to work with? How are issues handled? ???
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 13 Summary • Be sure solution defends against all mobile threat vectors • Check off all critical requirements for an MTD solution • Prioritize and score success criteria for your company • Execute a thorough Proof of Concept • Talk to references to validate findings
Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 14 Next Steps • Download the SANS Institute report here: - http://get.skycure.com/sans-mobile-threat-protection • Download the Skycure app from the App Store or Google Play • Request a 30-day free enterprise trial - http://get.skycure.com/enterprise-edition-trial Q&A

Recommended

How Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesHow Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesSkycure
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsSkycure
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroSkycure
 
The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecuritySkycure
 
How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksSkycure
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorKaspersky
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 

Recommended

How Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesHow Aetna Mitigated 701 Malware Infections on Mobile Devices
How Aetna Mitigated 701 Malware Infections on Mobile DevicesSkycure
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
 
Mobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsMobile Security: 2016 Wrap-Up and 2017 Predictions
Mobile Security: 2016 Wrap-Up and 2017 PredictionsSkycure
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroSkycure
 
The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecuritySkycure
 
How to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksHow to Predict, Detect and Protect Against Mobile Cyber Attacks
How to Predict, Detect and Protect Against Mobile Cyber AttacksSkycure
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorKaspersky
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesSkycure
 
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky
 
How to Add Advanced Threat Defense to Your EMM
How to Add Advanced Threat Defense to Your EMMHow to Add Advanced Threat Defense to Your EMM
How to Add Advanced Threat Defense to Your EMMSkycure
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesKaspersky
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Skycure
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky
 
Introduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssIntroduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssAndrew Wong
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Kyle Lai
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentationData Unit
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Kaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKirill Kertsenbaum
 
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...centralohioissa
 
Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?Check Point Software Technologies
 
Kaspersky
KasperskyKaspersky
KasperskyKappa Data
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome KitLuca Simonelli
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey מוטי שגיא
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product SecuritySoftServe
 
Continuous Security Testing
Continuous Security TestingContinuous Security Testing
Continuous Security TestingRay Lai
 

More Related Content

What's hot

How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesSkycure
 
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky
 
How to Add Advanced Threat Defense to Your EMM
How to Add Advanced Threat Defense to Your EMMHow to Add Advanced Threat Defense to Your EMM
How to Add Advanced Threat Defense to Your EMMSkycure
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesKaspersky
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Skycure
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky
 
Introduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssIntroduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssAndrew Wong
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Kyle Lai
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentationData Unit
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Kaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKirill Kertsenbaum
 
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...centralohioissa
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey מוטי שגיא
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 

What's hot (20)

How Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile DevicesHow Healthcare CISOs Can Secure Mobile Devices
How Healthcare CISOs Can Secure Mobile Devices
 
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, SolutionsKaspersky Lab's Corporate Presentation - our Values, Business, Solutions
Kaspersky Lab's Corporate Presentation - our Values, Business, Solutions
 
How to Add Advanced Threat Defense to Your EMM
How to Add Advanced Threat Defense to Your EMMHow to Add Advanced Threat Defense to Your EMM
How to Add Advanced Threat Defense to Your EMM
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-Adversaries
 
Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability Accessibility Clickjacking, Devastating Android Vulnerability
Accessibility Clickjacking, Devastating Android Vulnerability
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise Portfolio
 
Introduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for BusinesssIntroduction to Kaspersky Endpoint Security for Businesss
Introduction to Kaspersky Endpoint Security for Businesss
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
Kaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISHKaspersky Endpoint Security and Control - ENGLISH
Kaspersky Endpoint Security and Control - ENGLISH
 
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
 
Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?Are You Prepared for the Next Mobile Attack?
Are You Prepared for the Next Mobile Attack?
 
Kaspersky
KasperskyKaspersky
Kaspersky
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome Kit
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal Moti Sagey CPX keynote _Are All security products created equal
Moti Sagey CPX keynote _Are All security products created equal
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
 

Similar to Evaluating Mobile Threat Defense Solutions

Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product SecuritySoftServe
 
Continuous Security Testing
Continuous Security TestingContinuous Security Testing
Continuous Security TestingRay Lai
 
Application Security - Dont leave your AppSec for the last moment Meetup 2104...
Application Security - Dont leave your AppSec for the last moment Meetup 2104...Application Security - Dont leave your AppSec for the last moment Meetup 2104...
Application Security - Dont leave your AppSec for the last moment Meetup 2104...lior mazor
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
NPryadko-LinkedInResume
NPryadko-LinkedInResumeNPryadko-LinkedInResume
NPryadko-LinkedInResumeNadia Pryadko
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security Rogue Wave Software
 
Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...Dilum Bandara
 
Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Mykhailo Antonishyn
 
Zen Test Labs Mobile Application Testing
Zen Test Labs Mobile Application TestingZen Test Labs Mobile Application Testing
Zen Test Labs Mobile Application TestingZen Test Labs
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
AppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOpsAppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOpsCheckmarx
 
Next generation software testing trends
Next generation software testing trendsNext generation software testing trends
Next generation software testing trendsArun Kulkarni
 
Better Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous DeliveryBetter Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous DeliveryTechWell
 
BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...
BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...
BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...Mike Spaulding
 
PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?Black Duck by Synopsys
 
Deploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving InfrastructuresDeploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving InfrastructuresSBWebinars
 

Similar to Evaluating Mobile Threat Defense Solutions (20)

Digital Product Security
Digital Product SecurityDigital Product Security
Digital Product Security
 
Continuous Security Testing
Continuous Security TestingContinuous Security Testing
Continuous Security Testing
 
Application Security - Dont leave your AppSec for the last moment Meetup 2104...
Application Security - Dont leave your AppSec for the last moment Meetup 2104...Application Security - Dont leave your AppSec for the last moment Meetup 2104...
Application Security - Dont leave your AppSec for the last moment Meetup 2104...
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
NPryadko-LinkedInResume
NPryadko-LinkedInResumeNPryadko-LinkedInResume
NPryadko-LinkedInResume
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015
 
Experience Sharing on School Pentest Project (Updated)
Experience Sharing on School Pentest Project (Updated)Experience Sharing on School Pentest Project (Updated)
Experience Sharing on School Pentest Project (Updated)
 
Create code confidence for better application security
Create code confidence for better application security Create code confidence for better application security
Create code confidence for better application security
 
Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...Security Culture from Concept to Maintenance: Secure Software Development Lif...
Security Culture from Concept to Maintenance: Secure Software Development Lif...
 
Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Secure SDLC in mobile software development.
Secure SDLC in mobile software development.
 
Zen Test Labs Mobile Application Testing
Zen Test Labs Mobile Application TestingZen Test Labs Mobile Application Testing
Zen Test Labs Mobile Application Testing
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
System_Analyst
System_AnalystSystem_Analyst
System_Analyst
 
AppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOpsAppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOps
 
Next generation software testing trends
Next generation software testing trendsNext generation software testing trends
Next generation software testing trends
 
Better Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous DeliveryBetter Security Testing: Using the Cloud and Continuous Delivery
Better Security Testing: Using the Cloud and Continuous Delivery
 
BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...
BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...
BlackHat Presentation - Lies and Damn Lies: Getting past the Hype of Endpoint...
 
PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?PCI and Vulnerability Assessments - What’s Missing?
PCI and Vulnerability Assessments - What’s Missing?
 
Deploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving InfrastructuresDeploying Secure Modern Apps in Evolving Infrastructures
Deploying Secure Modern Apps in Evolving Infrastructures
 

Recently uploaded

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Recently uploaded (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 

Evaluating Mobile Threat Defense Solutions

  • 1. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 1 Webinar Tools for Evaluating a Mobile Threat Defense Solution
  • 2. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 2 Quick Housekeeping • There will be time for Q&A at the end • Ask questions using the GTW chat pane • The webinar is being recorded • All attendees will receive a copy of the slides/recording Join the discussion #MobileThreatDefense
  • 3. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 3 Meet Your Speaker Mic McCully Sr. Solutions Consultant, Skycure
  • 4. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 4 Agenda • Mobile Threat Landscape • Important Requirements • Success Criteria • RFP/RFI Additional Important Items • Trial Execution • Reference Questions
  • 5. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 5 Old Endpoint vs. New Endpoint IPS IDS FIREWALL USB SECURITY DLP DATA ENCRYPTION WIRELESS SECURITY APPLICATION CONTROL AV
  • 6. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 6 Mobile Threat Landscape Physical Malware Vulnerabilities Network
  • 7. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 7 Important Requirements • Aggregate best practices from industry experts - Deployment process - End-user experience - Threat detection & protection • Network threats • Malware • Device vulnerabilities - Management and Administration - Integrations • EMM/MDM • SIEM • Exchange • Other
  • 8. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 8 Success Criteria • May be different for each company • List and prioritize objectives • Add relative weighting • Creates a scorecard for objective solution comparison admin
  • 9. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 9 RFP/RFI Additional Important Items • Scalability – size of eventual deployment • Managed, unmanaged and shared devices • Support process – vendor + in-house, level 1,2 • Licensing model – subscription for growth and flexibility • Impact on IT resources • Impact on end-user productivity, acceptance • Solution/infrastructure security • …
  • 10. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 10 Planning a Trial • What are you trying to prove? - Function • How complete is the threat detection? • Review SANS threat vectors – network, malware, vulnerabilities, physical • Collect/develop sample threats for testing – work with vendor on methods - End-user acceptance • Privacy • Performance impact - Current organizational risk • Quantify the current risk exposure • Use a meaningful sample • Report
  • 11. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 11 During the Trial Recommend 30 Day Trial • Step 1 – Deploy solution (Recommend 5-20 devices in varying use cases) • Step 2 – Request assessment report after a few weeks Expected Results NUMBER OF DEVICES WITH MALICIOUS APPS INSTALLED PERCENTAGE OF DEVICES EXPOSED TO NETWORK THREATS PERCENTAGE OF MOBILE DEVICES RUNNING OS WITH HIGH-SEVERITY VULNERABILITIES EVERY ORG with 200+ devices had iOS malware 81.57% 7.22%
  • 12. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 12 Validate Findings • Insist on references - Validate the collected information during the process in addition to elements that can only be collected from someone who has been down the path. • Sample questions: How was your evaluation process? Describe your deployment What obstacles did you encounter? Why did you make the decision to move forward? What value have you seen so far?How has the company been to work with? How are issues handled? ???
  • 13. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 13 Summary • Be sure solution defends against all mobile threat vectors • Check off all critical requirements for an MTD solution • Prioritize and score success criteria for your company • Execute a thorough Proof of Concept • Talk to references to validate findings
  • 14. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 14 Next Steps • Download the SANS Institute report here: - http://get.skycure.com/sans-mobile-threat-protection • Download the Skycure app from the App Store or Google Play • Request a 30-day free enterprise trial - http://get.skycure.com/enterprise-edition-trial Q&A

Editor's Notes

  1. SANS link