the Presentation

Download Report

Transcript the Presentation

Do you know who
your employees
are sharing their
credentials with?
Do they?
Yair Grindlinger, CEO and Co-Founder
There are
1,358,671
data records
stolen
every day…
Just ask…
Corp Control
Corporate
Network – Devices - Servers
No Control
Employee
Device – Network - App
Breaches We’ve Met
STOLEN DATA
ADMIN HIJACK
Unmanaged
internal/external sharing
leading to
misappropriated data
used for insider trading
3rd PARTY APP
Administrator account
hijacked leaving key
operations vulnerable;
passwords,
permissions and etc
COMPLIANCE
3rd-Party app steals
confidential data and
stores it on their
servers
PUBLIC WIFI
Hackers leveraged
public wifi to steal
critical data and login
credentials
PCI/PHI, like SSN
and credit card
numbers, insecurely
stored on the cloud
PHISHING
Fake messages
sent to capture login
credentials for use
in identifying fraud
activities
Cloud Apps Security Solution Overview
Apps
Cloud App Limitations
Mitigations
All
Un-managed application adoption
Discovery
Corporate
Unified auditing,
usage analysis, and alerts
Analyze
Sanctioned
Context/risk based access, data
and usage controls
Control
Sanctioned
Integrate security to cloud
applications
Protection
Secure Sanctioned Apps
Threat Detection
Risk-Based
Authentication
Threat Detection &
Prevention
3rd Party IT and Security Tools
Full Stack Security
DLP, Exfiltration, Advanced Threat Protection
APP
Deep App Insight & Audit, Adaptive App Control
IDENTITY
Risk Based Authentication, Account Hijack Protection
OS
DEVICE
NETWORK
Anti Phishing, MiTB Protection
Host State Verification (OS, Browser, End point Sec.)
Device Session Pinning, Device Fingerprinting
IP Session Pinning, IP Reputation, SSL Enforce
APP AGNOSTIC
CLIENT
APP
SPECIFIC
CONTENT
Risk-Based Authentication
THREAT
PREVENTION
preauthentication
BEHAVIOR
EVENT
(RISK SCORE)
ROLE
LOCATION
DEVICE
NETWORK
RISK
ENGINE
postauthentication
ALLOW
BLOCK
MITIGATION
• USER AUTH
• DEVICE AUTH
• REDUCE
PRIVILEGES
THREAT
DETECTION
Cross Application Threat Detection
Dashboard
Auditing
Alerts
Anomalies
Prevention can
confuse users
and
false positives
can stop business
Security tools should
communicate
with users
and
enable business
Here’s whatcha need…
Context Based, central, cross application platform
Threat Detection + Prevention
Real time user centric mitigation
Complete control of the entire cloud / web
application security stack
Leverage APIs & 3rd party security solutions
Thank You
Yair Grindlinger, CEO & Co-Founder
[email protected]
www.firelayers.com