T.E.N. Knowledge Base

ISE® Southeast 2018

Web application rewalls (WAFs) entered the security market at the turn of the century as web apps became increasingly complex and critical to digital life. Technologists modeled the WAF after network rewalls to act as a security policy enforcement point positioned between the app and the client endpoint. A WAF is con gured with rules and policies that are meant to protect apps from exploitation leveraging signatures and patterns that are known threats.

Headquartered in Atlanta, Aaron’s, Inc. is a 3.2 billion dollar omni-channel provider of lease-purchase solutions that was founded in 1955 and has been publicly traded since 1982. Aaron’s, Inc. owns the brands Aaron’s, Progressive Leasing and HELPcard. The company sells and leases furniture, consumer electronics, home appliances and accessories through more than 1,860 company-operated and franchised stores in 47 states and Canada and its e-commerce platform Aarons.com. Progressive Leasing, a virtual lease-to-own company, provides lease-purchase solutions through approximately 19,000 retail locations in 46 states. The company’s second-look credit arm, HELPcard, provides a variety of credit products that are originated through a federally insured bank.

Autonomous Application Protection (AAP)  > Download Whitepaper
Applications are prime targets for cyberattacks because they handle troves of personally identi able information, nancial information, and other critical data. Over the past decade, app-targeted attacks have become more common and sophisticated. In fact, applications are now the number-one attack vector of major breaches. Traditional application security tools have failed to protect organizations from attack because they rely on past signatures that are irrelevant to zero-day attacks, lack real-time context and situational awareness, and su er from high false positive and negative rates. At Prevoty, we believe that securing applications requires radical thinking: Applications must defend themselves. Prevoty has developed the rst and only completely autonomous runtime application self-protection (RASP) solution that enables applications to monitor and protect themselves in real-time, at runtime, neutralizing attacks and protecting against both known and unknown threats.

Business Email Compromise (BEC) Attack Trends Report  > Download Whitepaper
In the second half of 2017, BEC attacks continued to accelerate with 96% of organizations analyzed by Agari being attacked at least one time, and with the average business experiencing 45 BEC attacks from June through December 2017. Because BEC attacks have no payload (such as a malicious attachment or URL) to detect and block, they are able to slip past most of the conventional security technology used to protect organizations. To build the security controls and resources needed to protect organizations and their employees, it is critical to gain a better understanding of the nature of BEC attacks. Until now, relatively little research has been done on this topic.

Attivo Networks - ThreatDefend  > Download Whitepaper
We had intended to include Attivo Networks’ ThreatDefendTM Detection and Response Platform in our deception networks group but after looking pretty closely at it we decided that it is quite a bit more than a deception grid. It is true, of course, that this system includes BOTsink, a deception tool that is both effective and well-known. But BOT- sink is just part of the story. This is a full-fea- tured incident response system.

The Leader in Next-Gen Endpoint Security  > Download Whitepaper
With over 3,000 customers globally—including 30 of the Fortune 100—and over 9 million endpoints under protection, Carbon Black is the leading choice for next-gen endpoint security. Whatever your endpoint security needs and goals, and wherever you’re starting, our solutions enable you to replace ine ective antivirus, lock down your servers and critical systems, and arm incident response teams with the most e ective tools to hunt and shut down threats. In short, we’re here to help.

Zero Trust Security: A New Paradigm for a Changing World  > Download Whitepaper
A significant paradigm shift occurred in the last few years. Much like other technological shifts of the last decade — when cloud computing changed the way we do business, agile changed the way we develop software and Amazon changed the way we shop — Zero Trust presents us with a new paradigm in how we secure our organizations, our data and our employees.

Cloud Infrastructure Security - It’s Time to Rethink Your Strategy  > Download Whitepaper
Infrastructure security used to be easier. Now, it is dramatically more complex, owing to a broad range of factors. At the top of the list: how the virtualization of infrastructure removes the ability to use control of the physical IT environment as a security defense.

As security professionals struggle with how to keep up with non-stop threats from every angle, a 10+ year old technology, data loss prevention (DLP) is hot again. A number of macro trends are driving the wider adoption of DLP. But as we looked at the resources out there, we couldn’t nd one source that could provide all the essential information in one place. So we created this guide to provide answers to the most common questions about DLP all in an easy to digest format.

Applying Deception Mechanisms for Detecting Sophisticated Cyber Attacks  > Download Whitepaper
A new and deadly generation of remotely controlled targeted corporate network attacks is challenging core network security assumptions, making prevention- centric strategies obsolete. While network security teams are starting to shift their focus from perimeter defense to post-breach detection, traditional detection tools fall short of the mark, either generating far too many false-positives or altogether failing to detect attacks in real time. These shortcomings are discussed in a study published by Mandiant Consulting,2 which found that 53 percent of all data breaches are discovered by an internal noti cation, not through external detection e orts. The study further mentions that the average time between infection and detection by an external source was 99 days.

Webcast: Rethinking Data Security in a Zero Perimeter World  > Download Webcast
In this webcast, Bharath Vasudevan, along with Eric Ogren, Sr. Security Analyst at 451 Research, discuss how the zero perimeter world has turned the traditional approach to data protection on its head and taking a human-centric, risk adaptive approach can transform an organization’s data security program. It serves as an excellent companion piece to the Rethinking Data Security eBook.

What Illumio Does  > Download Whitepaper
Segmentation is the best way to prevent the spread of threats inside data centers and cloud environments. Traditional network segmentation, well understood by security and infrastructure teams, was designed to subdivide the network into smaller network segments through VLANS, subnets, and zones. Although these constructs can provide some isolation, their primary function is to boost network performance and requires control of the infrastructure, which is often a challenge in the public cloud.

In contrast, Illumio’s adaptive micro-segmentation technology enforces security policies – what should and should not be allowed to communicate among various points on the network – by ltering traf c. If networking supports how things can communicate, security dictates if they should.

SAP and GDPR: Keeping Your Organization Ahead of the Upcoming EU Law  > Download Whitepaper
With each passing year, the information age becomes even more digitalized. Almost every process from shopping to healthcare, in one way or another, demands the handover of digitized personal data into the care of those who promise to handle it responsibly. With the submergence of society under the digital wave of the new millennium this data might rapidly be drifting out of reach. Out of reach and into the nets of those that treat it like a commodity or worse.

Key takeaways from VOICE OF THE ANALYST STUDY  > Download Whitepaper
Security analysts are spending most of their time on activities that are the least likely to thwart an attack.

Splunk 2018 Predictions  > Download Whitepaper
Each year brings bigger and better technology and innovation — 2018 will not be any different. Transportation and urban living are expected to change with IoT sensor-driven information enhanced by new predictive analysis and techniques. Machine learning (ML) will finally go mainstream in the enterprise, transforming business with intuitive, out-of-the-box ML experiences. And security technology will become an enabler, rising to meet the challenge of increasingly sophisticated attacks to help keep data safe.

An Insider’s Guide To Email Authentication Through DMARC  > Download Whitepaper
Email is the primary communications medium globally, with over 6.3 billion mailboxes used by 3.7 billion people worldwide in 2017 — half the planet — and it continues to grow. (Radicati 2017) 98.5% of Internet users check email daily, and the average U.S. white collar worker spends 6.3 hours a day checking email — even in the bathroom. (Adobe 2015)

How to automate security operations centers with artificial intelligence  > Download Whitepaper
More and more enterprises are establishing security operations centers (SOCs) in response to the rising tide of cyberattacks. Not only are risks, threats and attackers increasing in number, they’re also increasing in sophistication and damage potential. Targeted threats are especially dangerous and are the most timeconsuming to detect.

Over the past several years, ZeroFOX has identified and remediated tens of thousands of social engineering pro les and fake accounts impersonating our customers. These accounts spoof a company’s brand or executive persona, hijack their logo, and try to mimic the authentic account in order to attack employees and defraud customers. In this white paper, we share some of the trends we have witnessed, delve into the most common and dangerous impersonator tactics, and ultimately try to answer the question: what are all these fraudulent profiles doing?

Shane Callahan

Shane Callahan
Director, IT Information Security
Tractor Supply Company

The Increasing Impact of Insider Threats  > Summary
Insider threats continue to be one of the top cyber security threats and have proven that they are a force to be reckoned with. According to a 2017 Insider Threat Report, 53% of companies estimate remediation costs of $100,000 and more, with 12% estimating a cost of more than $1 million. The same report suggests that 74% of companies feel that they are vulnerable to insider threats, with 7% reporting extreme vulnerability. Every company will face an insider-related breach sooner or later regardless of whether it will be caused by a malicious action or an honest mistake. As costs related to insider threats continue to grow, what can Information Security Executives and their security teams do to combat this all too familiar foe?

Craig  Froelich

Brent Comstock
Group Vice President for Identity & Access Management, Strategy and Technology
SunTrust Banks, Inc.

Sponsored by:

The Human Point: Security in a Perimeter-less Age  > Summary
Digital transformation has empowered employees to access and interact with data and intellectual property through a variety of systems, applications, and devices. Because of this, traditional security perimeters are eroding or becoming obsolete. Rather than focus on building bigger walls, the security industry needs better visibility. In addition, increases in the sheer volume of data means organizations no longer have the line of sight they once did, leaving them exposed to vulnerabilities and compliance violations. Understanding how, when, and why people interact with critical data, no matter where it is located, is crucial. It has become imperative that we examine the behavior-centric risks ranging from the common user error that turns an email lure into a ransomware debacle, to sporadic, anomalous activities that, once presented in context, can illuminate the early stages of a malicious insider threat. In a world where malware is continually evolving, critical data is moving to the cloud, and criminals are exploring new vectors of attack, how can security professionals stay up to date with, and keep ahead of, changes in the industry?

Curley Henry
Executive Director, Cybersecurity Strategy and Architecture
Southern Company

Turning the Tables with Deception-Based Security  > Summary
In recent years, deception-based security has become one of the most talked about and prominent information security solutions on the market. Having evolved far beyond the humble honey pot origins of yore, modern deception technology can be deployed in a number of ways across the enterprise. From larger scale network models to deception solutions focused on endpoints, applications, and data, there now exist a plethora of ways that companies can shape deceptive security solutions to fit their needs. As attackers continue to become more aggressive and deceptive in their methods of attack, it’s imperative that security teams are able to also make the best use of deception to combat against them. If deception can be used to attack, it can also be used as a means of defense.

Nir Valtman

Nir Valtman
Head of Application Security
NCR Corporation

Sponsored by:

The Evolution of AppSec: From WAFs to Autonomous Application Security  > Summary
Web application firewalls (WAFs) entered the security market at the turn of the century as web apps became increasingly complex and critical to digital life. As app-targeted attacks have become more common and sophisticated, WAFs have failed in much the same way that other firewalls, rule-based security measures, and legacy security solutions have: defenses that rely on past signatures and patterns always lose. With the acceleration of DevOps application development, a more refined and modernized solution is necessary. Autonomous application security can provide real time visibility into attacks, help bridge the DevSecOps gap, and reduce overall risk.