Download - Anup Ghosh

Transcript
Page 1: Anup Ghosh
Page 2: Anup Ghosh

Anup GhoshFounder and CEO

Invincea, Inc.www.invincea.com

Page 3: Anup Ghosh

The Time for Innovation is NOW – The Stakes Are Enormous

The Lost Decade of Information Security• Security industry has fundamentally failed in its mission

• Classifying exploits & victim mentality have inhibited innovation

• Compliance drove mediocrity

• Industry fallen in love with crime scene analytics while given up on prevention

• List based techniques developed in the 1990s no longer

work

Page 4: Anup Ghosh

The Time for Innovation is NOW – The Stakes Are Enormous

We ALL Own This Problem FUD? Or Fact…

• RSA • Epsilon • LizaMoon • Barracuda Networks • Oak Ridge National Labs • Sony • Lockheed Martin • Northrup Grumman• GMAIL • Citi• Gannet Military Publications • Pacific Northwest National • BAH • DigiNotar• Raytheon• USAF Drones

2011 so far… • “White House” eCard • OddJob • HBGary Federal• Night Dragon • Tatanga • London Stock Exchange• French Finance Ministry • Dupont, J&J, GE • DroidDream • Charlieware • Nasdaq • Office of Australian Prime

Minister • Comodo

Page 5: Anup Ghosh

Shady RAT – One Campaign…Dozens of Victims

Page 6: Anup Ghosh

The Time for Innovation is NOW – The Stakes Are Enormous

The User is The Unwitting Accomplice• Ubiquitous usage of Internet and Email has

enabled adversaries to shift tactics

• Full frontal assaults still exist but it is far easier to prey on the psychology of the user

• Spear Phishing – The New Black • Drive by Downloads

• Malicious sites • Hijacked trusted sites

• Trust in social networks • Facebook and Twitter worms

• Faith in Internet search engines• Poisoned SEO

• User Initiated Infections • Fake A/V and fear mongering

Click…Click…Boom!

“I don’t know security…but I know what I like. Click, click, click…”

Stan from Accounting| December 2010

Page 7: Anup Ghosh

Time for a Paradigm Shift

7

“The Web is the primary source of malware infection.”

“The better approach is a protective layer that complements existing anti-virus solutions and that never allows those threats to enter the PC environment in the first place.”

“A new approach to end-point security is needed.”

Page 8: Anup Ghosh

Invincea - Innovating to Combat the Malware Scourge

Take Security decisions out of the user’s hands

Protect the network from the user and the user from himself…put him in a bubble while on the Internet or interfacing with ANY untrusted content

Make the user’s mistakes irrelevant to the security of your network

Give the user free reign to complete his mission without fear for your overall security footing – zero trust with zero drag

Drive real-time situational awareness by making ALL of your desktop browsers and PDF readers malware detectors and forensics agents

Addressing the largest attack surface:

Spear Phishing

Drive bys Social

Network Worms

Poisoned SEO

User Initiated Infections

Page 9: Anup Ghosh

Invincea Browser Protection

9

The Time for Innovation is NOW – The Stakes Are Enormous

Page 10: Anup Ghosh

Host Operating System(native kernel)

10

Compromise of Normal OS and Browser leads to direct compromise of Host OS

Have to reimage entire system

Physical Hardware

Browser Virtual Machine

Separate OS Kernel

Invincea Browser Protection

Incoming Threats

Inco

min

g Th

reat

s

Vulnerability

Normal OS and Browser

INVINCEA

Page 11: Anup Ghosh

Host Operating System(native kernel)

11

Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS

Physical Hardware

Virtual Machine

Separate OS Kernel

Invincea Browser Protection

Incoming Threats

Vulnerability

INVINCEA

Page 12: Anup Ghosh

Host Operating System(native kernel)

12

Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS

Physical Hardware

Virtual Machine(VMWare)

Separate OS Kernel

Invincea Browser Protection

Incoming Threats

Vulnerability

INVINCEA

Page 13: Anup Ghosh

Host Operating System(native kernel)

13

Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS

Physical Hardware

Page 14: Anup Ghosh

Host Operating System(native kernel)

14

Invincea (Guest Kernel) is distinct from host system Infections of the virtual browser and kernel do not effect Host OS

Physical Hardware

Virtual Machine

Separate OS Kernel

Invincea Browser Protection

INVINCEA

Page 15: Anup Ghosh

CEF

Invincea Threat

Analyzer

COLLECT INTEL ON THE ADVERSARY

Invincea Threat Data

Server

Page 16: Anup Ghosh

Invincea ArcSight Dashboard

16

Page 17: Anup Ghosh

Invincea Event Graph

17

Page 18: Anup Ghosh

Invincea Named Most Innovative Company at RSA 2011

www.invincea.com

The Time for Innovation is NOW – The Stakes Are Enormous


Top Related