dell client solutions security portfolio · dell client solutions security portfolio comprehensive,...
TRANSCRIPT
![Page 1: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/1.jpg)
Dell Client Solutions Security PortfolioComprehensive, easy-to-manage solutions for protecting your data wherever it goes
![Page 2: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/2.jpg)
2 Dell - Restricted - Confidential
Ransomware 2017 Statistics
1) Now over a 1 Billion dollar a year business!
1) Consumers will be attacked every 20 seconds
2) Organizations will be attacked every 40 seconds
2) Phishing emails have become the number one delivery vehicle.
3) Ransomware variants grew 11x last year.
4) Once attacked, the majority of organizations are infected (71%).
5) Backups are often slow to restore and sometimes do not have all of the data.
6) Encryption was just the beginning
1) Threaten to release captured data.
2) Steal victim info and credentials.
![Page 3: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/3.jpg)
3 Dell - Restricted - Confidential
City & County Ransomware Attacks
• Licking County in Ohio goes back to paper-and-pen after Ransomware attack:
– https://www.tripwire.com/state-of-security/latest-security-news/county-shut-system-following-ransomware-attack/
• City of Atlanta: Veeam Backups Attacked. https://www.wsbtv.com/news/local/atlanta/ransomware-attack-cost-city-27-million-records-show/730813530.
• CT Judicial: Court proceedings affected. http://www.courant.com/breaking-news/hc-courts-judicial-ransomware-attack-0310-story.html.
• San Francisco Public Transportation System opened all of their turnstiles for a weekend because of Ransomware:– http://www.forbes.com/sites/thomasbrewster/2016/11/28/san-francisco-muni-hacked-ransomware/#489f5a8954dd
![Page 4: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/4.jpg)
4 Dell - Restricted - Confidential
School Ransomware Attacks
• Rhinebeck Central School District, NY took 9 hours to recover a server from a Ransomware attack.
• http://www.dailyfreeman.com/general-news/20160615/rhinebeck-school-district-computer-system-attacked-by-ransomware
• Riverdale, NJ email and website held hostage.
• http://archive.northjersey.com/news/education/ransomware-takes-school-data-hostage-1.1534163
• Big Fork, Montana unable to access student records
• http://www.washingtontimes.com/news/2016/nov/24/ransomware-attack-on-bigfork-schools-fix-in-works/
• Senator Charles Schumer asks for Federal assistance to prevent future ransomware attacks:
• https://www.schumer.senate.gov/newsroom/press-releases/schumer-reveals-russian-hackers-zeroing-in-on-upstate-ny-forcing-small-governments-to-pay-big-bills-to-remove-ransomware-that-can-breach-municipal-computer-systems-upstate-towns-and-villages-are-easy-prey-for-hack-attack-that-ends-up-costing-local-taxpayers-and-could-jeopardize-personal-info-senator-urges-feds-to-give-local-governments-the-tools-to-fight-back
![Page 5: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/5.jpg)
Dell - Restricted - Confidential5
Endpoint Security Suite Enterprise advanced threat prevention
Commodity threats Zero-day & advanced threats
99%
0%
100%
50%
Leading Anti-Virus
Endpoint Security Suite Enterprise (powered by Cylance)
Average effectiveness against Malware
Signature-based anti-virus and anti-malware solutions are increasingly ineffective against Zero-Day threats, advanced persistent threats, targeted
attacks, and even commodity malware
![Page 6: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/6.jpg)
Dell - Restricted - Confidential6
How are you balancing end user expectations with the need to protect data?
End user demands Data protection
![Page 7: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/7.jpg)
7
THE DELL ENDPOINT DATA SECURITY & MANAGEMENT PORTFOLIO
▪ Dell Encryption
▪ Mozy Pro
▪ Mozy Enterprise
Data Threat Identity Management
▪ Dell Threat
Defense (Cylance)
▪ RSA NetWitness
Endpoint
▪ Dell Security Tools
▪ RSA SecurID
Access
▪ Dell Command
▪ AirWatch Green
▪ AirWatch Blue
▪ AirWatch Express
Dell DP | Endpoint Security Suite Enterprise
![Page 8: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/8.jpg)
8
IN THE GARTNER ADAPTIVE SECURITY ARCHITECTURE
EPP AND EDR OCCUPY DIFFERENT QUADRANTS
NetWitness® Endpoint
Cylance PROTECT
![Page 9: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/9.jpg)
Dell - Restricted - Confidential9
The future of security
Past
AI
Present Future
AV SANDBOXING ISOLATION
z
HIPS / ANTI-EXPLOITATION
Endpoint Detection &
Response
Pre-ExecutionHumans Needed
Post-ExecutionPre-ExecutionNo Humans
![Page 10: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/10.jpg)
Dell - Restricted - Confidential10
EDR/HIPS – Find it faster
![Page 11: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/11.jpg)
Dell - Restricted - Confidential11
Sandboxing
![Page 12: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/12.jpg)
12
Proactively identify threats without signatures
Algorithmic Science
• Machine Learning
• Cluster & Classify
Confidence Scoring
Threat Indicators
• Anomalies
• Collection
• Data Loss
• Deception
• Destruction
![Page 13: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/13.jpg)
2018 SVM
99+%
security
WannaCry
-19Mo.
Petya-Like
-20Mo.
GlassRAT
-18Mo.
effectiveness
GoldenEye
-13Mo.
Remsec
-18Mo.
zCryptor
-7Mo.
Shamoon2
-17Mo.
Satan
-18Mo.
![Page 14: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/14.jpg)
Dell - Restricted - Confidential14
Dell ESS Advanced Threat Protection
• 99% Efficacy
• No signature file updates required– Doesn’t require Patient 0.
– Prevents malware/viruses from ever being able to run
• Works when the PC is not connected to the Internet– Protection at your most vulnerable point.
• PCI and HIPAA Certified
![Page 15: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/15.jpg)
Dell - Restricted - Confidential15
Detect and stop malware attacks that target the PCs BIOS
• BIOS is an extremely high impact compromise - attacking the root of trust for the PC and thus are very persistent
• Anti-malware solutions cannot scan this low-level PC function making an exploit nearly invisible at this layer
• Dell BIOS verification directly addresses the gap in other anti-malware solutions, with Dell’s latest generation of PCs and is enabled with ESS Enterprise.
• Verification is off-host, in other words verification occurs in a secure cloud location and tests the PC BIOS measurement against the point of origin – the Dell BIOS labs measurement official measurements.
• This unique to Dell protection is enabled and managed with Endpoint Security Suites Enterprise advanced threat protection policies
• BIOS verification places Dell ahead of the competition: HP Sure Start verifies on the potentially compromised PC, and does not provide reporting to the IT dept. of a potential issue. Lenovo does not have a solution
• Does not perform validation check on other Dell platforms, non Dell or custom BIOS
Presented in Endpoint Details page
Dell exclusive BIOS verification
![Page 16: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/16.jpg)
16 Dell - Restricted - Confidential
A Better Encryption Experience.
Centralized, remote management &
compliance
Reduce deployment time with pre-installed
encryption, available when purchased on Dell
commercial PCs
Deploy 5X faster than traditional
encryption solutions, saving >3 hours per PC
Single source for simplified purchase and
support experience
Remotely manageall encryption from a
single console, even for non-Dell devices
Strong encryptionwon’t interfere with existing IT processes,
such as patch management
Save time with a single remote management console, easy deployment and seamless integration into your IT environment
Available on Dell and non-Dell platforms
![Page 17: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/17.jpg)
17 Dell - Restricted - Confidential
File level encryption that protects data no-matter where is goes…
…and IT maintains encryption keys and control
Dell Data Protection | Encryption
A simple, comprehensive, flexible way to protect data from device to the cloud on Dell and non-Dell devices
Corporate issue PC
Personal tablet
BYOD Smartphone
USB & other removable
media
Public Cloud
Company data
File level encryption
![Page 18: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/18.jpg)
18 Dell - Restricted - Confidential
Dell Data Protection | Encryption Portfolio
External Media Edition Encryption for SD, CD/DVD, USB & other removable media plus port controls and blocking
BitLocker ManagerEasily manage Microsoft BitLocker™ for comprehensive enterprise-wide protection, auditing and compliance
Rights ManagementEncryption follows the file wherever it goes. You control who has access to information.
Hardware- and software-based encryption
Protect data wherever it goes
Centralized management & compliance for heterogeneous environments
Personal Edition Locally managed software encryption for all local drives and External Media
Enterprise Edition Centrally managed software encryption for all local drives and External Media
Advanced ThreatProtection99% EfficacyNo signature files
Self-Encrypting Drive (SED)Fully integrated compliance & management of SEDs with your other encryption
![Page 19: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/19.jpg)
End User Computing Product Group
Protected Endpoint DevicesEnterprise Server
Active Directory
SQL Database
Existing Infrastructure
Internet
DELL Data Protection deployed
+ Leverages existing infrastructure for seamless integration
+ Device detection and enforced provisioning across all connections
Protected Endpoint Devices
Central Admin Console
INTERNAL NETWORK DMZ
FIR
EWA
LL
Policy Proxy
REMOTE NETWORK
FIR
EWA
LL
Protected Endpoint Devices
+ Local policy enforcement ensures data protection travels with the device at all times
+ Scalable, single point of management and control for all platforms
![Page 20: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/20.jpg)
20© Copyright 2016 EMC Corporation. All rights reserved.
Persistence, Device Discovery, Geofencing
Dell Data Guardian
Endpoint Backup & Recovery
Multi-Factor Authentication & Endpoint Detect & Response
Endpoint Advanced Threat & Malware Prevention
Data Protection Encryption
ESSE Suite
Dell EMC’s “Security Onion”“We make the bad guys cry with our multi-layered security portfolio!”
• $2.2M patient records resulting from stolen laptop
![Page 21: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/21.jpg)
Dell - Restricted - Confidential21
Lost or Stolen Laptops
![Page 22: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/22.jpg)
22 Dell - Restricted - Confidential
What Data is on the Laptop?
- Is it sensitive information?
- PII
- PCI
- PHI
- Company IP
- Is it Encrypted?
- Is it Backed Up?
- Did the user save it to a network share?
- How quickly can you re-provision the laptop?
![Page 23: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/23.jpg)
23 Dell - Restricted - Confidential
Is it Sensitive Data?
• Absolute DDS
– 1) Remote Wipe/Asset Recovery
– BIOS level
– Geo-locate the device
– Brick the device
– Work with local law enforcement to recover
– 2) Data Discovery
– Identify PCI, PHI, PII and other sensitive data.
– Alert the organization to the risks of losing the data and the potential costs
– 3) Self-Healing
– Define critical applications that need to be on the device
– SCCM agent, Antivirus, Encryption, etc.
![Page 24: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/24.jpg)
24© Copyright 2016 EMC Corporation. All rights reserved.
ENDPOINT RECOVERY SOLUTIONSMOZY PROVIDES BACKUP TO A NON EXECUTABLE ENVIRONMENT, ISOLATED OFF-PREMISE WITH POINT IN TIME RECOVERY OPTIONS
Non Executable Data Store
Data Stores are:
Non readable
Non Executable
Immutable Copy
Roll back to a point in time
User & Admin Based restore options
Point in Time
Isolated
Backups are not accessible without authentication
No Third Party Access
Protect
Isolated Off-Premise
![Page 25: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/25.jpg)
25© Copyright 2016 EMC Corporation. All rights reserved.
Enhanced Licenses Options
ENTERPRISE
• Base Functionality +
• For Large, Diverse User
Base (15 Replicas)
• SSO Portal Use for Saas
and Web Integrations
• Hardware, Software,
On-Demand & Risk
Based Authenticators
Perpetual Licenses + Tokens
PREMIUM
• Hybrid Deployment (On
Prem + Cloud)
• Secure Legacy, Web
and Saas Applications
• Provide Context Driven
Policies for Identity
Assurance
• All Authentication
Methods
Subscription Model
![Page 26: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/26.jpg)
26© Copyright 2016 EMC Corporation. All rights reserved.
HU
ND
RED
S O
F A
PP
LIC
ATIO
NS
ON
-PR
EM
AN
D IN
TH
E C
LOU
D
Access Manager
Cloud
On-Premises
Who can access?
What can they access?
Where can they access?
SEC
UR
E A
CC
ESS C
ON
TR
OL W
ITH
CO
NV
EN
IEN
T S
ING
LE S
IGN
-ON
Convenient Single Sign-On
Secure Access Control
SAML / WS-FED
Password
Vaulting
Reverse Proxy
IWA
Any User, Anywhere, Any Device
![Page 27: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/27.jpg)
27© Copyright 2016 EMC Corporation. All rights reserved.
A Hybrid Approach
• A secure approach to
supporting all
applications
• Sensitive user & org
information remains
on-premises
• Active Directory
passwords are
NEVER sent to cloud
• Dedicated runtime
not shared with
other tenants
Identity Router
SecurID Access
![Page 28: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/28.jpg)
28© Copyright 2016 EMC Corporation. All rights reserved.
Identity Assurance
RoleNetwork
Session
Device
App
Desktop or Mobile
(Web Browser)
PASS
![Page 29: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/29.jpg)
29© Copyright 2016 EMC Corporation. All rights reserved.
Identity Assurance Workflow
![Page 30: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/30.jpg)
30© Copyright 2016 EMC Corporation. All rights reserved.
![Page 31: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/31.jpg)
31© Copyright 2016 EMC Corporation. All rights reserved.
![Page 32: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/32.jpg)
32© Copyright 2016 EMC Corporation. All rights reserved.
![Page 33: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/33.jpg)
33© Copyright 2016 EMC Corporation. All rights reserved.
![Page 34: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/34.jpg)
34© Copyright 2016 EMC Corporation. All rights reserved.
• Schedule a Dell Security Consultation– Discuss your current environment
– Identify potential gaps
– Create a plan to address
TAKING THE NEXT STEP
![Page 35: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/35.jpg)
End User Computing Product Group
Protected Endpoint DevicesEnterprise Server
Active Directory
SQL Database
Existing Infrastructure
Internet
DELL Data Protection deployed
+ Leverages existing infrastructure for seamless integration
+ Device detection and enforced provisioning across all connections
Protected Endpoint Devices
Central Admin Console
INTERNAL NETWORK DMZ
FIR
EWA
LL
Policy Proxy
REMOTE NETWORK
FIR
EWA
LL
Protected Endpoint Devices
+ Local policy enforcement ensures data protection travels with the device at all times
+ Scalable, single point of management and control for all platforms
![Page 36: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/36.jpg)
End User Computing Product Group
Security Coverage
Confidential36 6/11/2018
99% 1%Prevention Detection
![Page 37: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/37.jpg)
End User Computing Product Group
% w
here
“d
ays
or
less
”
Time to Discovery
Time to Compromise
Breaches Still Occur. What’s Happening?
Time to compromise is
decreasing• Majority of attacks
(>92%) succeed within
minutes
• Data exfiltration occurs
within days (>98%)
Source: 2016 Verizon Data Breach Investigation Report
• Time to detect attacks is
improving
• But not nearly enough
to keep pace with
attackers’ time to
compromise
![Page 38: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/38.jpg)
End User Computing Product Group
Why RSA NetWitness Endpoint?
Detect by threat behavior
rather than by signature
Rapid Response Enabled
by Full Scope Visibility
Intelligent Risk-Level
Scoring System
More rapidly expose
new, unknown, and
non-malware threats on
endpoints
Eliminate white noise;
prioritize threats more
efficiently & accurately
Provide all data needed
to confirm threats and
quickly take action
73RISK
!
!
!
!
!!
!
!
! !
!
!
![Page 39: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/39.jpg)
End User Computing Product Group
Accelerating Detection, Analysis, and Response
On Corporate
Network
Off Corporate
Network
DETECTIONLightweight kernel-level
agent for continuous
endpoint monitoring
• Live Memory Analysis
• Non-Malware Attacks &
PowerShell Attacks
• Suspicious Events
• Process Inventory & Tracking
• Machine Network Data
• Machine Physical Data
• Machine Security
Configuration, OS & Status
• Registry and MFT
ANALYSISPowerful server-side
multilayered analysis for
real-time threat detection
• Behavioral analysis detects
threat behavior & user-initiated
suspicious events
• Ingests threat intel from RSA
Experts, NW Endpoint
Community, and 3rd parties
• Reputation: Whitelisting &
Blacklisting
• Customizable YARA Engine
• Easily scalable, with up to 50K
agents per server
87Risk
RESPONSEQuickly understand root cause
& full scope to better respond
• Immediate Threat Blocking and
Quarantining
• Isolate with Machine Containment
• Send hash to Sandboxing, Google,
VirusTotal, and other resources
• Pivot to RSA NetWitness® Logs &
Packets
• Integrate with RSA NetWitness®
SecOps Manager and other systems
![Page 40: Dell Client Solutions Security Portfolio · Dell Client Solutions Security Portfolio Comprehensive, easy-to-manage solutions for protecting your data wherever it goes. ... • Licking](https://reader031.vdocuments.us/reader031/viewer/2022013021/5edb900ead6a402d6665d759/html5/thumbnails/40.jpg)
End User Computing Product Group
Rapidly and Accurately Analyze ALL Threats
IP/Domain Information & Geo
Threat Intelligence + RSA Community
YARA Rules Engine
Blacklisting (Multi-A / V )
File / App Whitelisting & Reputation
“Gold Image” Baselining
Certificate Validation
Live Memory Analysis
Direct Physical Disk Inspection
User-Initiated Suspicious Behavior
Endpoint/Module Behavior Analytics
73
85
99
21
87
RSA NetWitness Endpoint combines multiple detection methodologies to
detect both KNOWN and UNKNOWN threats faster and more accurately.