Download the Presentation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
Document related concepts

Computer security wikipedia , lookup

Security-focused operating system wikipedia , lookup

Microsoft Security Essentials wikipedia , lookup

Malware wikipedia , lookup

IT risk management wikipedia , lookup

Mobile security wikipedia , lookup

Transcript 
Artificial Intelligence.
Real Threat Prevention.
Todd Radermacher
Renzo Saunders
$2.4B Worth Of Noise – Investment Focus On The Endpoint
The Cylance Approach to Security
Isolation
Whitelisting
AI
No Human-Derived
Detection Methods
Enterprise
Detection &
Response
Antivirus
Exploit
Prevention
© 2015 Cylance, Inc.
3
Buyers Guide: Secrets To Endpoint Security Evaluations
Framework Created By Former CISO of Intel,
Malcolm Harkins
10 Questions To Ask
4.5M Endpoints Protected – Stories From
The Field
Drivers Behind A New Endpoint Strategy
Cylance CEO – Stuart McClure
Former CTO of McAfee, Former
CISO Of Kaiser Permanente
Cylance Chief Scientist- Ryan Permeh
Former Chief Scientist of McAfee
Cylance CISO – Malcolm Harkins
Former CISO of Intel
9 Boxes Of Control
Control Types
RESPOND
Risk
Highest Risk
Highest Cost
Most Liability
Focus is on
Minimizing
damage – only
variables are time
to detect and time
to contain
DETECT
PREVENT
Lowest Risk
Lowest Cost
Limited Liability
Automated
End User Impact
Cost
Semi-Automated
Manual
Control Approaches
Source: Upcoming Release of Managing Risk and Information Security 2 nd Edition – Malcolm Harkins
Focus is on
Minimizing
vulnerability
and potential for
harm
9 Boxes Of Control
Control Types
RESPOND
Risk
Where most of the industry is focused
Highest Risk
Highest Cost
Most Liability
Focus is on
Minimizing
damage – only
variables are time
to detect and time
to contain
DETECT
PREVENT
Lowest Risk
Lowest Cost
Limited Liability
Automated
End User Impact
Cost
Semi-Automated
Manual
Control Approaches
Source: Upcoming Release of Managing Risk and Information Security 2 nd Edition – Malcolm Harkins
Focus is on
Minimizing
vulnerability
and potential for
harm
3rd
Party Data Feeds To Make Convictions?
#1
Source: cgma.org
Can We Test Offline?
#2
Source: gfi.com |
Will Your Behavioral Analysis / IOC’s Stop
Ransomware?
#2.1
Source: gfi.com |
Will you protect against packed malware?
Legitimate
Packer
Software
#3
Do You Have A Demo vs. Production Mode?
False Positives
Efficacy
#4
Is Your Comparative Marketing Accurate?
#5
Can I Consolidate? What Is Your Largest
Signature Based AV Replacement?
#6
Privacy? What Are You Accessing & Where
Does It Go?
#7
Weaponized Unstructured Data? Scripts?
Fileless Attacks via Memory?
Or
#8
End User Impact? Deployment & Required
Staffing Per 1K Endpoints?
#9
What Is Required To Do A POC?
“Don’t believe us. Don’t
believe our competitors.
Believe in yourself, and Test
It Yourself.”
Cylance CEO
Stuart McClure
#10
9 Boxes Of Control
Control Types
RESPOND
Risk
Where most of the industry is focused
Highest Risk
Highest Cost
Most Liability
Focus is on
Minimizing
damage – only
variables are time
to detect and time
to contain
DETECT
PREVENT
Lowest Risk
Lowest Cost
Limited Liability
Automated
Cost
Semi-Automated
Manual
Control Approaches
Source: Upcoming Release of Managing Risk and Information Security 2 nd Edition – Malcolm Harkins
Focus is on
Minimizing
vulnerability
and potential for
harm
ç
Impact Of The New Strategy In Cylance Community
th
1/10
|
th
1/40
70%
99%
ç
Market Validation
Visionary Quadrant Leader
“Cylance is easily the fastest
growing Endpoint Protection
Platform startup in the last ten
years.”
“…very accurate at detecting
new variants and repacked
versions of existing malware.”
Market Validation
Visionary Quadrant Leader
“Cylance is easily the fastest
growing Endpoint Protection
Platform
startupAutomation
in the last ten
“Intelligent
years.”
Steps
Up…CylancePROTECT
“…very
at detecting
usesaccurate
AI to validate
the
new
variants and repacked
risks”
Source: accenture.com/securityvision
versions
of existing malware.”
Market Validation
Visionary Quadrant Leader
“Cylance is easily the fastest
growing Endpoint Protection
Platform
startup
in the last ten
“Intelligent
Automation
years.”
Steps
Up…CylancePROTECT
“…very
at detecting
usesaccurate
AI to validate
the
new
variants and repacked
risks”
Source: accenture.com/securityvision
versions
of existing malware.”
What is CylancePROTECT?
Unrivaled Threat Prevention & Protection
PREdictive
PREvention
PRE-Execution
PRE-Zero-Day
Enterprise Ready
•
•
•
•
•
Malware | Exploits | Scripts
Microsoft Approved AV
Windows & Mac OS X
SaaS Convenience
PCI-DSS / HIPAA Compliant
Lightweight & Flexible
• 1-3% CPU / ~40 MB Memory Footprint
AI & Machine Learning Applied
ML & AI Applied To
Infosec
1.Feature Extraction
2.Regularization
3.Cross-Validation
© 2015 Cylance, Inc.
25
Cylance Unlocks the DNA of Malware
Elastic Cloud Computing Now
Makes it Possible
• We have 1000’s of nodes in AWS
• Algorithmic science puts machines to
work
Machine Learning Under the
Hood
① Collect both good & bad files
② Extract features
③ Train & Vectorize features
④ Classify & Cluster
⑤ A.I. produces confidence score
Threat Indicators
• Anomalies, Destruction
• Data Loss, Deception
Deployment Process
Topics:
•
Deployment
•
Console navigation
Detections
Topics:
•
Review detections
•
Policy development
•
Zones
Topics:
•
Memory protection
•
Enable quarantine
Hosts
Stage 2
Stage 1
Policy
Monitor only
Stage 3
Auto quarantine
ATQ +Memdef
THANK YOU
Todd Benshoof
[email protected]
818-434-1637
Thank You.
Related documents
Do you know someone may be watching you?
Do you know someone may be watching you?
the Presentation
the Presentation
Emsisoft Internet Security
Emsisoft Internet Security
Entrusting Endpoints
Entrusting Endpoints
NSS Labs 2015 Enterprise Endpoint Testing
NSS Labs 2015 Enterprise Endpoint Testing
How Artificial Intelligence Will Secure the 21st Century
How Artificial Intelligence Will Secure the 21st Century
Taking Control of Advanced Threats
Taking Control of Advanced Threats
Mr. Carey`s Geometry Class Chapter One Definitions
Mr. Carey`s Geometry Class Chapter One Definitions
Actors behind advanced threats - Med-IT
Actors behind advanced threats - Med-IT
Towards a framework for Network-based Malware detection System
Towards a framework for Network-based Malware detection System
HEAT Device Control
HEAT Device Control
Pre-Class 5/11/10
Pre-Class 5/11/10
Minimizing Resource Cost in Project Scheduling Problem with
Minimizing Resource Cost in Project Scheduling Problem with
Standard Construction Specifications
Standard Construction Specifications
Web Based Attacks
Web Based Attacks
Dan A CSC 345 Term Paper
Dan A CSC 345 Term Paper
The following disclaimers apply to each PDF document contained
The following disclaimers apply to each PDF document contained
DATASHEET Malwarebytes Endpoint Security
DATASHEET Malwarebytes Endpoint Security
Geometry Vocabulary
Geometry Vocabulary
Which endpoint to choose ? (in phase II sarcoma clinical trials)
Which endpoint to choose ? (in phase II sarcoma clinical trials)
full paper - Acta Electrotechnica et Informatica
full paper - Acta Electrotechnica et Informatica
PPT - Department of Computer Science
PPT - Department of Computer Science