agility americas how websafe can protect …...how websafe can protect customers from web-based...
TRANSCRIPT
![Page 1: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/1.jpg)
![Page 2: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/2.jpg)
How WebSafe Can Protect Customers from Web-Based Attacks
Mark DiMinico Sr. Mgr., Systems Engineering—Security
![Page 3: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/3.jpg)
Drivers for Fraud Prevention—WebSafe Protection
![Page 4: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/4.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
![Page 5: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/5.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
![Page 6: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/6.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
![Page 7: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/7.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
![Page 8: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/8.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
Nearly half of internet users encountered malware in the last year Sep 16, 2015
![Page 9: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/9.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
Nearly half of internet users encountered malware in the last year Sep 16, 2015
![Page 10: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/10.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
Nearly half of internet users encountered malware in the last year Sep 16, 2015
![Page 11: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/11.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
Nearly half of internet users encountered malware in the last year Sep 16, 2015
![Page 12: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/12.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
Nearly half of internet users encountered malware in the last year Sep 16, 2015
![Page 13: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/13.jpg)
Drivers for Fraud Prevention—WebSafe Protection
Three Never-Ending Battles 1. Humans will always make mistakes 2. System and application
vulnerabilities continue to emerge 3. Malware detection typically lags
Social Engineering
Phishing
Vulnerability Exploit
Malware Infection
Fraud Scheme
Execution
Money Loss
$
SECURITY
Gameover ZeuS adds nasty trick Crypto to slip through firewalls By Richard Chirgwin, 4 Feb 2014
Nearly half of internet users encountered malware in the last year Sep 16, 2015
![Page 14: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/14.jpg)
© 2016 F5 Networks
Perimeter Security
4
Security Investments Are Misaligned with Reality
![Page 15: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/15.jpg)
© 2016 F5 Networks
Perimeter Security
25% 90%
OF ATTACKS ARE FOCUSED HERE
OF SECURITY INVESTMENT
4
Security Investments Are Misaligned with Reality
![Page 16: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/16.jpg)
© 2016 F5 Networks
Perimeter Security Identity & Application Security
25% 90% 72% 10%
OF ATTACKS ARE FOCUSED HERE
OF SECURITY INVESTMENT
OF ATTACKS ARE FOCUSED HERE
OF SECURITY INVESTMENT
4
Security Investments Are Misaligned with Reality
![Page 17: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/17.jpg)
© 2016 F5 Networks
Browser Is the Weakest LinkEndpoint risks to “Data in Use”
HTTP/HTTPS
Secured Data Center
Customer Browser
![Page 18: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/18.jpg)
© 2016 F5 Networks
Browser Is the Weakest LinkEndpoint risks to “Data in Use”
HTTP/HTTPS
Secured Data Center
WAF
HIPS
Traffic management
NIPS
DLP
Network firewall
SIEM
Customer Browser
![Page 19: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/19.jpg)
© 2016 F5 Networks
Browser Is the Weakest LinkEndpoint risks to “Data in Use”
HTTP/HTTPS
Secured Data Center
WAF
HIPS
Traffic management
NIPS
DLP
Network firewall
SIEM
Customer Browser
![Page 20: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/20.jpg)
© 2016 F5 Networks
Browser Is the Weakest LinkEndpoint risks to “Data in Use”
HTTP/HTTPS
Secured Data Center
WAF
HIPS
Traffic management
NIPS
DLP
Network firewall
SIEM Leveraging browser application behavior • Caching content, disk
cookies, history • Add-ons, plug-ins
Customer Browser
![Page 21: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/21.jpg)
© 2016 F5 Networks
Browser Is the Weakest LinkEndpoint risks to “Data in Use”
HTTP/HTTPS
Secured Data Center
WAF
HIPS
Traffic management
NIPS
DLP
Network firewall
SIEM Leveraging browser application behavior • Caching content, disk
cookies, history • Add-ons, plug-ins
Manipulating user actions: • Social engineering • Weak browser settings • Malicious data theft • Inadvertent data loss
Customer Browser
![Page 22: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/22.jpg)
© 2016 F5 Networks
Browser Is the Weakest LinkEndpoint risks to “Data in Use”
HTTP/HTTPS
Secured Data Center
WAF
HIPS
Traffic management
NIPS
DLP
Network firewall
SIEM Leveraging browser application behavior • Caching content, disk
cookies, history • Add-ons, plug-ins
Manipulating user actions: • Social engineering • Weak browser settings • Malicious data theft • Inadvertent data loss
Embedding malware: • Browser Keyloggers • Framegrabbers • Data miners • MITB/MITM • Phishers/Pharmers
Customer Browser
![Page 23: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/23.jpg)
© 2016 F5 Networks
Browser Is the Weakest LinkEndpoint risks to “Data in Use”
HTTP/HTTPS
Secured Data Center
WAF
HIPS
Traffic management
NIPS
DLP
Network firewall
SIEM Leveraging browser application behavior • Caching content, disk
cookies, history • Add-ons, plug-ins
Manipulating user actions: • Social engineering • Weak browser settings • Malicious data theft • Inadvertent data loss
Embedding malware: • Browser Keyloggers • Framegrabbers • Data miners • MITB/MITM • Phishers/Pharmers
Hmmmm…
ZERO TRUST
![Page 24: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/24.jpg)
© 2016 F5 Networks
F5’s WebSafe Capabilities
![Page 25: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/25.jpg)
© 2016 F5 Networks
F5’s WebSafe Capabilities
Advanced Phishing Detection
Application Layer Encryption
Automatic Transaction Detection
Malware Detection
![Page 26: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/26.jpg)
© 2016 F5 Networks
Advanced Phishing Attack Detection and Prevention
• Alerts of extensive site copying or scanning
• Alerts on uploads to a hosting server or company
• Alerts upon login and testing of phishing site
• Logging of credentials used at phishing site
• Enables shuts down of phishing server sites during testing
Identifies phishing threats early on and stops attacks before emails are sent
Internet
Web Application
Alerts at each stage of phishing site development
![Page 27: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/27.jpg)
© 2016 F5 Networks
Advanced Phishing Attack Detection and Prevention
• Alerts of extensive site copying or scanning
• Alerts on uploads to a hosting server or company
• Alerts upon login and testing of phishing site
• Logging of credentials used at phishing site
• Enables shuts down of phishing server sites during testing
Identifies phishing threats early on and stops attacks before emails are sent
Internet
Web Application
2. Save copy to computer
1. Copy website
Alerts at each stage of phishing site development
![Page 28: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/28.jpg)
© 2016 F5 Networks
Advanced Phishing Attack Detection and Prevention
• Alerts of extensive site copying or scanning
• Alerts on uploads to a hosting server or company
• Alerts upon login and testing of phishing site
• Logging of credentials used at phishing site
• Enables shuts down of phishing server sites during testing
Identifies phishing threats early on and stops attacks before emails are sent
Internet
Web Application
2. Save copy to computer
3. Upload copy to spoofed site
4. Test spoofed site
1. Copy website
Alerts at each stage of phishing site development
![Page 29: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/29.jpg)
© 2016 F5 Networks
Clientless Generic and Targeted Malware Detection
• Analyzes browser for traces of common malware (i.e., Zeus, Citadel, Carberp, etc.)
• Both signature- and behavior-based approach
• Detects MitB • Detects Remote Access Trojans
(RATs) • Advanced threats leveraging both
MitB and MitM (Dyre) • Real-time alerts and visibility
Recognize and safeguard against sophisticated threats originating from your clients
![Page 30: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/30.jpg)
© 2016 F5 Networks
Advanced Application-Layer Encryption
• Form fields can be obfuscated to impede hacker visibility
• Sensitive information can be encrypted in real time
• Data decryption leverages BIG-IP hardware
• Intercepted information rendered useless to attacker
• Helps identify stolen credentials
Secures credentials and other valuable data submitted on web forms
ENCRYPTION AS YOU TYPE
![Page 31: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/31.jpg)
© 2016 F5 Networks
Transaction Anomaly Detection
• Analyzes user interaction with the browser
• Mouse movements, button interactions, page read time, etc.
• Detects automated transactions • Ensure integrity of transaction data
• Received vs. sent data check • Provides real-time alerts and visibility
Identifies non-human client behavior and data manipulation
![Page 32: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/32.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
![Page 33: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/33.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
![Page 34: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/34.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
![Page 35: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/35.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
SOCs currently in Seattle, WA, and Warsaw, Poland
![Page 36: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/36.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
SOCs currently in Seattle, WA, and Warsaw, Poland
SOC services are complimentaryfor WebSafe customers
$
![Page 37: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/37.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
SOCs currently in Seattle, WA, and Warsaw, Poland
SOC services are complimentaryfor WebSafe customers
$
Optional web site takedown
for phishing sites
![Page 38: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/38.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
SOCs currently in Seattle, WA, and Warsaw, Poland
SOC services are complimentaryfor WebSafe customers
$
Optional web site takedown
for phishing sites
Filtering alerts by severity and ignoring
false positives
![Page 39: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/39.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
SOCs currently in Seattle, WA, and Warsaw, Poland
SOC services are complimentaryfor WebSafe customers
$
Optional web site takedown
for phishing sites
Filtering alerts by severity and ignoring
false positives
Provide detailed incident reports
![Page 40: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/40.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
SOCs currently in Seattle, WA, and Warsaw, Poland
SOC services are complimentaryfor WebSafe customers
$
Optional web site takedown
for phishing sites
Filtering alerts by severity and ignoring
false positives
Provide detailed incident reports
Continuous WebSafe deployment validation
![Page 41: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/41.jpg)
© 2016 F5 Networks
Benefits of the F5 Security Operations Centers
Fraud analysis that extends a customer’s security team
Real-time alerts activated by phone, SMS, and email
SOCs currently in Seattle, WA, and Warsaw, Poland
SOC services are complimentaryfor WebSafe customers
$
Optional web site takedown
for phishing sites
Filtering alerts by severity and ignoring
false positives
Provide detailed incident reports
Continuous WebSafe deployment validation
Researching and investigating new
global fraud technologies
![Page 42: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/42.jpg)
© 2016 F5 Networks
In Real Time
Fraud Protection Service—Total Protection
Malware and phishing attacks designed to steal identity, data, and
money
Full Transparency
No endpoint software or user
involvement required
On All Devices
Cross-device and cross-channel
attacks
Protect Online Users
Banks, financial institutions, e-
commerce, insurance, social media sites, etc.
Prevent Fraud
Help companies protect their
customers, data, and reputation
WEBSAFE & MOBILESAFE: TOTAL FRAUD PROTECTION
![Page 43: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/43.jpg)
Protect Your Appsto Secure Your Data
© 2016 F5 Networks
![Page 44: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/44.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
![Page 45: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/45.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
Customer has a network firewall in their DMZ
![Page 46: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/46.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Of course this can be a BIG-IP system running AFM
![Page 47: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/47.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Web Application
BIG-IP LTM
A local traffic pool is hosting a web application on several servers
![Page 48: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/48.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Data Center
Web Application
BIG-IP LTM
This can be running within the corporate data center…
![Page 49: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/49.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Web Application
BIG-IP LTM
…or within a public or private cloud
![Page 50: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/50.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Web Application
BIG-IP Fraud Protection Service (FPS) is provisioned along with BIG-IP LTM and an FPS profile is added
to the virtual server
BIG-IP LTM +FPS
![Page 51: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/51.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Web Application
Internet users send requests for the web
application
BIG-IP LTM +FPS
![Page 52: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/52.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Web Application
BIG-IP FPS inserts obfuscated JavaScript code into the response
BIG-IP LTM +FPS
![Page 53: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/53.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
Web Application
On the BIG-IP system, a pool is configured for
the Alert Server
BIG-IP LTM +FPS
Alert Server
![Page 54: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/54.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
On Premise
SIEM 3rd party risk engine
Web Application
This can either be on premises…
BIG-IP LTM +FPS
![Page 55: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/55.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
On PremiseF5 SOC
SIEM 3rd party risk engine
Web Application
Alert Server
Alerts in the Cloud
...or in the cloud
BIG-IP LTM +FPS
![Page 56: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/56.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
On PremiseF5 SOC
SIEM 3rd party risk engine
Web Application
Alert Server
Alerts in the Cloud
When malicious activity is detected, BIG-IP FPS sends alerts
to the configured pool
BIG-IP LTM +FPS
![Page 57: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/57.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
On PremiseF5 SOC
SIEM 3rd party risk engine
Web Application
Alert Server
Alerts in the Cloud
Whether on premises or in the cloud, the Alert Dashboard displays information about all detected
malicious activity
BIG-IP LTM +FPS
![Page 58: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/58.jpg)
© 2016 F5 Networks
Typical WebSafe Architecture
DMZ
BIG-IP AFM
On PremiseF5 SOC
SIEM 3rd party risk engine
Web Application
Alert Server
Alerts in the Cloud
The F5 SOC does not have any access to on premises
Alert Servers
BIG-IP LTM +FPS
![Page 59: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/59.jpg)
• Add class to your personal schedule. • Survey will pop up in Mobile App. • Answer the multiple choice. • Submit your question to complete. • Receive 5 points!
Give Feedback – Get Points!
![Page 60: Agility Americas How WebSafe Can Protect …...How WebSafe Can Protect Customers from Web-Based Attacks Mark DiMinico Sr. Mgr., Systems Engineering—Security Drivers for Fraud Prevention—WebSafe](https://reader030.vdocuments.us/reader030/viewer/2022040406/5ea646d08429aa38bf0649b4/html5/thumbnails/60.jpg)