dual detection engines - using layered security to battle cybercrime
DESCRIPTION
Are you fighting a war with an army of one? Industry experts discuss the advantages to “layering” your security technology and the strategies to achieve the best protection result.TRANSCRIPT
© 2014 CYREN Confidential and Proprietary 1
Is Your Embedded Solution an Army of One?Using Layered Security to Battle Cybercrime
17 September 2014Live Webinar Event
© 2014 CYREN Confidential and Proprietary 2
WHAT IS LAYERED SECURITY?
Lay•ered Se•cur•i•ty (\ˈlā-әrd\ \si-ˈkyu̇r-ә-tē\) n.1. Combining two or more embedded engines, each of which brings different detection benefits, to enhance threat detection capabilities with the objective being to significantly reduce the risk of cybercrime, including malware, viruses, spam, and phishing. 2.Aggregate threat detection feeds from multiple sources, including other companies and other internal feed sources, into one single threat detection solution that can be delivered to customers
© 2014 CYREN Confidential and Proprietary 3
TROUBLING INTERNET SECURITY TRENDS
75% of all sent email Up by 131% in 2013 Up by 264% in 2013
Source: CYREN 2013 Security Yearbook, Q2 2014 Internet Threats Trend Report
© 2014 CYREN Confidential and Proprietary 4
HIGH PROFILE SECURITY BREACHES
© 2014 CYREN Confidential and Proprietary 5
ATTACKING INDIVIDUALS
© 2014 CYREN Confidential and Proprietary 6
For End Users: Increased Frustration Cluttered inboxes Unnecessary exposure to threats, e.g. Phishing Lost communications Lost productivity
For Providers: Lost Profit Increased support burden Increased infrastructure load Customer loss or ‘churn’
…WITH REAL BUSINESS IMPACT
© 2014 CYREN Confidential and Proprietary 7
LAYERED SECURITY— TWO ENGINES, TWO VENDORS
IncomingEmail
DeletedAttachments
Clean emails
Service Provider environment or Vendor Endpoint
Other Vendor
MTA or other application
© 2014 CYREN Confidential and Proprietary 8
LAYERED SECURITY— TWO ENGINES, ONE VENDOR
IncomingEmail
DeletedAttachments
Clean emails
Service Provider environment or Vendor Endpoint
MTA or other application
Local classification
cache
Cloud-based pattern detection
Multi-layer File scanning
© 2014 CYREN Confidential and Proprietary 9
LAYERED SECURITY— CYREN DETECTION COMPONENTS
Polymorphic Scanner Android malware Scanner
Cloud lookup module Encrypted File Scanner
Compressed File scannerPDF/Text Scanner
Heuristics Intelligent Signatures
Threat Data
© 2014 CYREN Confidential and Proprietary 10
RPD IN ACTION: REAL‐TIME THREAT MONITORING IN THE CYREN SECURITY CENTER
CYREN.COM/SECURITY‐CENTER
© 2014 CYREN Confidential and Proprietary 11
THE KEY: RISK MITIGATION
Assumptions:25,000,000 Emails/Day18,750,000 Spam Emails/Day (75%)
98% Detection Rate: 18,375,000 Spam Emails Detected375,000 Spam Emails Undetected
99% Detection Rate: 18,562,500 Spam Emails Detected187,500 Spam Emails Undetected 0
50,000
100,000
150,000
200,000
250,000
300,000
350,000
400,000
98% Detection Rate 99% Detection Rate
Spam Exposure by Detection Rate
With a 1% improvement in Detection Rate, exposure (risk) is reduced by 50%
© 2014 CYREN Confidential and Proprietary 12
\\ LAYERED SECURITY: ANTI‐VIRUS EXAMPLE
Problems: • Initial engine often missed malware ‐> long
wait times (typically up to one hour or more) to get new dat files
• Unable to get bug fixes/enhancements completed from their vendor in a timely manner.
• No consultative support on how to optimize security solution.
Solutions: • Added a second anti‐virus engine
(CYREN) to improve detection rate –capture more malware, reduce risk/exposure to company and users.
• As a result of the second engine, they improved their scanning performance, reducing their operational requirements.
• Qualitative benefit of additional support, consulting services & bug fixed/enhancements on a faster turn.
SERVICE PROVIDER (PREFERS ANONYMITY)
An alternative perspective to consider: Another important goal for AntiVirus is to be FAST & ACCURATE at scanning CLEAN files also ‐ optimizing resources.
© 2014 CYREN Confidential and Proprietary 13
\\
INTERNET SERVICE PROVIDER (PREFERS ANONYMITY)
LAYERED SECURITY: ANTI‐SPAM EXAMPLE
Problems: • This company was not getting the detection
rates they desired with their first engine.• They were searching for a company that could
integrate well with their infrastructure and current solution.
• Looking for a dedicated outbound anti‐spam solution
• They were looking to augment their email solution with Virus Outbreak Detection (VOD) and Anti‐Virus solutions
Solutions: • Added a second anti‐spam engine
(CYREN) to improve detection rate –capture more spam, reduce risk/exposure to company and users.
• CYREN was easily integrated into their infrastructure which is based on the Bizanga MTA (now Cloudmark).
• CYREN’s solutions can be combined for bullet proof solution: AS, AV & VOD.
© 2014 CYREN Confidential and Proprietary 14
\\ LAYERED SECURITY: URLF DATABASE + PHISHING FEEDS
RSA gets its phishing feeds from different providers, and uses them in combination to set security priorities. RSA uses CYREN’s phishing feed.
How CYREN’s Phishing Feed Works:
RSA’s PROCESS:• An analyst reviews the high priority URLs,
and checks to confirm it is phishing. • If a URL is confirmed as Phishing, RSA will:
1. Check if the URL belongs to one of their customers and, if so, alert them.
2. Use this data to sell their service to new customers: they get this fresh feed every 5 minutes. This is an almost real‐time service that they provide to their customers to protect and notify them on new possible attacks.
© 2014 CYREN Confidential and Proprietary 15
LEADING PROVIDER OF INTERNET SECURITY TECHNOLOGY AND CLOUD‐BASED SERVICES
NASDAQ: CYRN
© 2014 CYREN Confidential and Proprietary 16
GLOBAL REACH
OFFICESDATA CENTERS
© 2014 CYREN Confidential and Proprietary 17© 2014 CYREN Confidential and Proprietary17
WHAT MAKES US DIFFERENT
© 2014 CYREN Confidential and Proprietary 18
WHAT MAKES US DIFFERENT
++
SPEED, ACCURACY, AND REAL‐TIME INSIGHT
We see more than anyone else.
RECURRENT PATTERN DETECTION
Our patented detection technology
GLOBALVIEW CLOUD
The most robust transaction base in the industry
© 2014 CYREN Confidential and Proprietary 19
We focus on our core competencies so you can focus on yours. Products designed for
partners Won’t compete for your
business
COMMITTED TO PARTNER SUCCESSWHAT MAKES US DIFFERENT
20© 2014 CYREN Confidential and Proprietary 20
THANK YOU!
QUESTIONS?