av is dead long live managed endpoint security
TRANSCRIPT
1
Antivirus is Dead**Long live Managed Endpoint Security
© 2014 N-able Technologies, Inc. All rights reserved.
2
Presented By
© 2014 N-able Technologies, Inc. All rights reserved.
Ali MahmoudN-able Technologies
@alimahmoud_
3
Last 5 years in SecurityAre we getting better or worse?
© 2014 N-able Technologies, Inc. All rights reserved.
4
Major Security Breaches(20 Mn or more records stolen)
1. “World’s Biggest Data Hacks”, Access 22 Oct 2014.Available at: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
© 2014 N-able Technologies, Inc. All rights reserved.
5
Top 5 Operating Systems Market Share
© 2014 N-able Technologies, Inc. All rights reserved.
1. Operating System Market Share, by W3Counter. Available at: http://www.w3counter.com/globalstats.php?year=2014&month=9
6
Windows 8 is growing but will be a while before it overtakes Windows 7
1. “Windows 7 Licenses sold worldwide to 2012”, Statista, Accessed: 24 November 2014, Available at: http://www.statista.com/statistics/273490/global-amount-of-licenses-sold-of-windows-7/2. “After 15 months, Windows 8 has sold 100 million fewer copies than Windows 7 did”, Emil Protalinski, Published 13 February 2014. Accessed: 24 Nov, 2014. Available at: http://thenextweb.com/microsoft/2014/02/13/15-months-windows-8-sold-100-million-fewer-copies-windows-7/
0
100
200
300
400
500
600
700
800
Dec '09 Dec '10 Dec '11 Dec '12
Win 7 Licenses Sold (in millions)1
20 Mn copies per month on average
2
© 2014 N-able Technologies, Inc. All rights reserved.
7
Vulnerabilities by operating system version
1. “The Secunia Vulnerabilty Review 2014” by Secunia. Available at: http://secunia.com/resources/reports/vr2014/
© 2014 N-able Technologies, Inc. All rights reserved.
8
Web Browser Market Share
1. Web Browser Market Share, by W3Counter. Available at: http://www.w3counter.com/globalstats.php?year=2014&month=9
© 2014 N-able Technologies, Inc. All rights reserved.
9
Vulnerabilities across top 5 browsers
1. “The Secunia Vulnerabilty Review 2014” by Secunia. Available at: http://secunia.com/resources/reports/vr2014/
© 2014 N-able Technologies, Inc. All rights reserved.
10
Brian Dye of Symantec® estimates
antivirus now catches just 45% of all attacks
© 2014 N-able Technologies, Inc. All rights reserved.
http://online.wsj.com/news/article_email/SB10001424052702303417104579542140235850578-lMyQjAxMTA0MDAwNTEwNDUyWj
11
Antivirus is Dead**Long live managed endpoint security
© 2014 N-able Technologies, Inc. All rights reserved.
12
Traditional way of preventing threats
New virus discovered Antivirus company creates a fix in the form of a “signature”
Users download signatures
© 2014 N-able Technologies, Inc. All rights reserved.
13
Problem 1: Vulnerability window could be months
Fix Found User protected
TIME
Zero-Day
"hackers exploit security vulnerabilities in
software for 10 months on average before
details of the holes surface in public”
Source: Wikipedia.org
Available at: Wikipedia - Zero-day_attackDate sourced: 2014-07-10
© 2014 N-able Technologies, Inc. All rights reserved.
14
Problem 2: Depending on user to apply updates
Remind me later(so I can ignore it again)
Update Now
Its time to update your antivirus again…
© 2014 N-able Technologies, Inc. All rights reserved.
15
Problem 3: No defense against modern attacks
Ransomware (e.g. Cryptolocker)
© 2014 N-able Technologies, Inc. All rights reserved.
16
The reality behind signature based antivirus
• Detects < 50% of attacks
• Could take days before users is protected
• Does not protect against modern threats
© 2014 N-able Technologies, Inc. All rights reserved.
17
The Solution?
Managed Endpoint Security
© 2014 N-able Technologies, Inc. All rights reserved.
18
Signature Based Antivirus
Managed Endpoint Security
Methodology File Signatures File SignaturesFile BehaviorHeuristics Algorithms
Elements of Network Security
© 2014 N-able Technologies, Inc. All rights reserved.
19
Signature Based Antivirus
Managed Endpoint Security
Methodology File Signatures File SignaturesFile BehaviorHeuristics Algorithms
Malware Classes File Infectors (virus) All Classes of malware(File infectors, Spyware, Greyware, Randsomware, Root kits, Spambots, Hijacker, etc)
Elements of Network Security
© 2014 N-able Technologies, Inc. All rights reserved.
20
Signature Based Antivirus
Managed Endpoint Security
Methodology File Signatures File SignaturesFile BehaviorHeuristics Algorithms
Malware Classes File Infectors (virus) All Classes of malware(File infectors, Spyware, Greyware, Randsomware, Root kits, Spambots, Hijacker, etc)
User Control N/A Full Control
Elements of Network Security
© 2014 N-able Technologies, Inc. All rights reserved.
21
Signature Based Antivirus
Managed Endpoint Security
Methodology File Signatures File SignaturesFile BehaviorHeuristics Algorithms
Malware Classes File Infectors (virus) All Classes of malware(File infectors, Spyware, Greyware, Randsomware, Root kits, Spambots, Hijacker, etc)
User Control N/A Full Control
Other Features • Ingress/Egress firewall• IPS/IDS sensors & warning systems• Data input/output control,
including portable devices
Elements of Network Security
© 2014 N-able Technologies, Inc. All rights reserved.
22
Behavior Based Protection
Heuristic Algorithms
Application Control /
User Management
Managed Endpoint SecurityProtection Against All Classes of Malware
© 2014 N-able Technologies, Inc. All rights reserved.
23
Behavior Based Detection
Hook Installed in every process
Watches for suspiciousaction
Intercepts and evaluatesAPI calls
Keeps process statistics
Evaluates and Blocks/removes suspicious items
© 2014 N-able Technologies, Inc. All rights reserved.
24
Heuristic Algorithms
• Use rules to evaluate suspicious trends• Many to one signatures
• Catch all variants
• Sandboxing• Evaluate actions rather than files
• Find malware before it executes
© 2014 N-able Technologies, Inc. All rights reserved.
25
You are only as strong as your weakest link
Window has detected that a problem exists between keyboard and chair.
© 2014 N-able Technologies, Inc. All rights reserved.
26
Application Control & User Management
• Malware uses Social Engineering
• Reduce risk from user error
• Malware changes but behavior doesn’t
© 2014 N-able Technologies, Inc. All rights reserved.
27
Protect Against All Classes of Malware
Full Malware Protection
Spyware
Greyware
Randsomware
Root kits
File infectors (virus)
Spambots
Hijacker
and more…
Behavior Based
Heuristic Algorithms
User Control/Mgmnt
© 2014 N-able Technologies, Inc. All rights reserved.
28
Managed Security Benefits
Protect Your Customers
• Modern Threats
• User Error
• Unprotected Endpoints
• Out of Date Endpoints
Show Your Value
• Continuously Audit
• Send Report To Your Customers
© 2014 N-able Technologies, Inc. All rights reserved.
29
N-able Security ManagerBased on the Award Winning BitDefender
© 2014 N-able Technologies, Inc. All rights reserved.
30
100% Protection in the May 2014
AV-comparatives test
N-able Security ManagerBased on Bitdefender’s® Award Winning Engine
© 2014 N-able Technologies, Inc. All rights reserved.
31
Top 5 consumer antivirus software protection1 by market share2
1. “This is how well security packages protect porous XP systems” 28 August 2014.
Available at: http://www.av-test.org/en/news/news-single-view/this-is-how-well-security-packages-protect-porous-xp-systems/
2. “Antivirus and Threat Report January 2014” January 2014.Available at: https://www.opswat.com/about/media/reports/antivirus-january-2014
© 2014 N-able Technologies, Inc. All rights reserved.
32
Security Manager: AV Defender
Bitdefender wins AV-TEST 2013
#1 in protection & performance1
Bitdefender aces AV-COMPARATIVES performance test2
Protection 6/6
Performance 6/6
Usability 6/6
1. “Bitdefender Wins AV-TEST #1 Spot in Protection and Performance”, 17 February 2014.
Available at: http://www.av-test.org/en/test-procedures/award/2013
2. “This is how well security packages protect porous XP systems” 28 August 2014.Available at: http://www.av-test.org/en/news/news-single-view/this-is-how-well-security-packages-protect-porous-xp-systems/
© 2014 N-able Technologies, Inc. All rights reserved.
33
$70.00
Consumer Antivirus Pricing
1. Protection for your PCMicrosoft pricing., Accessed 22 Oct 2014.
Available at: http://windows.microsoft.com/en-CA/windows/security-essentials-download
2 Avast Pro Antivirus. pricing, Accessed 22 Oct 2014. Available at: http://www.avast.com/en-ca/pro-antivirus
3 AVG Internet Security 2015pricing, Accessed 22 Oct 2014. Available at: http://www.avg.com/ppc/ca-en/is_buy
4 ESET Smart Security. ESET pricing, Accessed 22 Oct 2014.
Available at: http://www.eset.com/us/store/smart-security/
5 Symantec pricing, Accessed 22 Oct 2014. Available at:
http://norton.symantec.com/norton/ps/3up_ca_en_navnis360_sym_3up.html?om_sem_cid=hho_sem_sy:ca:ggl:en:e|kw0000088753|26752847361|c&country=CA
$350.00
© 2014 N-able Technologies, Inc. All rights reserved.
34
Start your 30-Day Free Trial
N-central® + Security Manager
Remote Management Made Simple
START MY FREE TRIAL
or
http://bit.ly/1neBB7w
© 2014 N-able Technologies, Inc. All rights reserved.
35
Thank you!
© 2014 N-able Technologies, Inc. All rights reserved.
36
Legal Information
The N-able Technologies and N-central trademarks are the exclusive property of N-able Technologies, Inc. and its affiliates, are registered with the U.S. Patent and Trademark Office and the Canadian Intellectual Property Office, and may be registered or pending registration in other countries. All other N-able trademarks, service marks, and logos may be common law marks, registered or pending registration in the United States, Canada, or in other countries. All other trademarks mentioned herein are used for identification purposes only and may be or are trademarks or registered trademarks of their respective companies.
© 2013 N-able Technologies, Inc. All rights reserved. © 2014 N-able Technologies, Inc. All rights reserved.