Download - Anup Ghosh
Anup GhoshFounder and CEO
Invincea, Inc.www.invincea.com
The Time for Innovation is NOW – The Stakes Are Enormous
The Lost Decade of Information Security• Security industry has fundamentally failed in its mission
• Classifying exploits & victim mentality have inhibited innovation
• Compliance drove mediocrity
• Industry fallen in love with crime scene analytics while given up on prevention
• List based techniques developed in the 1990s no longer
work
The Time for Innovation is NOW – The Stakes Are Enormous
We ALL Own This Problem FUD? Or Fact…
• RSA • Epsilon • LizaMoon • Barracuda Networks • Oak Ridge National Labs • Sony • Lockheed Martin • Northrup Grumman• GMAIL • Citi• Gannet Military Publications • Pacific Northwest National • BAH • DigiNotar• Raytheon• USAF Drones
2011 so far… • “White House” eCard • OddJob • HBGary Federal• Night Dragon • Tatanga • London Stock Exchange• French Finance Ministry • Dupont, J&J, GE • DroidDream • Charlieware • Nasdaq • Office of Australian Prime
Minister • Comodo
Shady RAT – One Campaign…Dozens of Victims
The Time for Innovation is NOW – The Stakes Are Enormous
The User is The Unwitting Accomplice• Ubiquitous usage of Internet and Email has
enabled adversaries to shift tactics
• Full frontal assaults still exist but it is far easier to prey on the psychology of the user
• Spear Phishing – The New Black • Drive by Downloads
• Malicious sites • Hijacked trusted sites
• Trust in social networks • Facebook and Twitter worms
• Faith in Internet search engines• Poisoned SEO
• User Initiated Infections • Fake A/V and fear mongering
Click…Click…Boom!
“I don’t know security…but I know what I like. Click, click, click…”
Stan from Accounting| December 2010
Time for a Paradigm Shift
7
“The Web is the primary source of malware infection.”
“The better approach is a protective layer that complements existing anti-virus solutions and that never allows those threats to enter the PC environment in the first place.”
“A new approach to end-point security is needed.”
Invincea - Innovating to Combat the Malware Scourge
Take Security decisions out of the user’s hands
Protect the network from the user and the user from himself…put him in a bubble while on the Internet or interfacing with ANY untrusted content
Make the user’s mistakes irrelevant to the security of your network
Give the user free reign to complete his mission without fear for your overall security footing – zero trust with zero drag
Drive real-time situational awareness by making ALL of your desktop browsers and PDF readers malware detectors and forensics agents
Addressing the largest attack surface:
Spear Phishing
Drive bys Social
Network Worms
Poisoned SEO
User Initiated Infections
Invincea Browser Protection
9
The Time for Innovation is NOW – The Stakes Are Enormous
Host Operating System(native kernel)
10
Compromise of Normal OS and Browser leads to direct compromise of Host OS
Have to reimage entire system
Physical Hardware
Browser Virtual Machine
Separate OS Kernel
Invincea Browser Protection
Incoming Threats
Inco
min
g Th
reat
s
Vulnerability
Normal OS and Browser
INVINCEA
Host Operating System(native kernel)
11
Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS
Physical Hardware
Virtual Machine
Separate OS Kernel
Invincea Browser Protection
Incoming Threats
Vulnerability
INVINCEA
Host Operating System(native kernel)
12
Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS
Physical Hardware
Virtual Machine(VMWare)
Separate OS Kernel
Invincea Browser Protection
Incoming Threats
Vulnerability
INVINCEA
Host Operating System(native kernel)
13
Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS
Physical Hardware
Host Operating System(native kernel)
14
Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS
Physical Hardware
Virtual Machine
Separate OS Kernel
Invincea Browser Protection
INVINCEA
CEF
Invincea Threat
Analyzer
COLLECT INTEL ON THE ADVERSARY
Invincea Threat Data
Server
Invincea ArcSight Dashboard
16
Invincea Event Graph
17
Invincea Named Most Innovative Company at RSA 2011
www.invincea.com
The Time for Innovation is NOW – The Stakes Are Enormous