410 likes | 425 Views
Only A.I. can stop the hackers of tomorrow. W hat is the core function of Grey Wizard?. Grey Wizard protects Web sites Web Applications Web API against all hacking attacks. PRODUCT Where does Grey Wizard come from?. Meet Radek.
E N D
Whatis the core function of Grey Wizard? Grey Wizard protects Websites Web Applications Web API against all hacking attacks.
PRODUCT Where does Grey Wizard come from?
Meet Radek Meet Radek - CEO and founder of Grey Wizard
SHORT STORY OF GREY WIZARD 2013 Radek works for Allegro Group 2013 attack 2014 Radek designs today’s OLX 2014 attack No solutions on the market. 2014 is founded 2015 Top GW employes join from Google, OLX, Beyond.pl
New era of attacks = new era of protection OLD ERA NEW ERA Hardware Cloud Software Cloud Software with Machine Learning 2005 2010 2016 +
PRODUCT Full Web Protection +
PROTECTION + Intelligent Web Application Firewall Data Theft / Brute Force Protection DDoS protection Full Web Protection API protection BOT mitigation SOC + Customer Service 24/7
Grey Wizard Shield is based on 2Pillars: DDoS Protection Web Application Firewall 1
Grey Wizard Shield is based on 2Pillars: DDoS Protection Web Application Firewall 1
Traditional WAFs are not enough Traditional WAFs are not enough! To block ALLunwanted visitors!
Web Application Firewall Static rules (GW R&D) OWASP requirements 2018 Static rules Patches from external providers Web Application Firewall Tailored rules for each client Machine Learning Dynamic rules Heuristics
MACHINE LEARNING AND BEHAVIOURAL ANALYSIS Number of requests per IP % of TOR network requests Number of API request 63 different metrics Level of similarities of requests Detailed Cookie analysis # of API logs per minute ETC... Number of requests per Country % change in API logs CAPTCHA IP BLOCK LEARNING MODE (3 days) PROTECTION MODE
1. To mitigate Top 10 risksaccording to OWASPorganisation Cross-Site Scripting (XSS) Broken Authentication and Session Management XML External Entities Injection Insecure Deserialization Sensitive Data Exposure UsingComponents with Known Vulnerabilities Insufficient Logging & Monitoring Broken Access Control
2. BAD BOTs All Websites • Find Vulnerabilities (They find weak points on websites and report to hackers or infect them) • Hurt Your SEO Ranking • Skew Your Analytics • Infect Your Customers’ Devices • Charged More for Advertising (Ad companies) E-commerce • Price Scraping (For e-commerce that sells commodities) • Collect Site Data (Inventories, Prices, Content) • Fake baskets (Empty inventories) • Scalping Products & Tickets • Fake Account Creation
3. To comply with newlegal requirements General Data Protection Regulation Data breach -> Fines of 20m EUROS or 4% of REVENUE
4.. To protect against DDoS attacks DDoS 75% of organisations were attacked To build DDoS Protection Infrastructure you need: Servers in at least 3 safe Data Centers with + goodsoftware + 24/7 Monitoring + bandwidth that can handle 100’s of Gbps of traffic = too costly for one company
5.. To protect against consecutive Data Breaches Probability of consecutive data breach in next 24 months 27.7% Data: IBM by Ponemon Institute 2017 2014 2017 22.4%
(Costs companies have to incur after data breach) BASIC LIST OF COSTS: • Engaging forensic IT experts, • Hiring a law firm, • Offering victims identity protection services, • Resources spent notifying victims and about the incident, • Brand destruction, • Customers and stakeholders leaving.
(Average cost per record breached ) 160 $ - average cost per record $1.9M -> For less than 10.000 records $6.9M -> For more than 50.000 records (70$-360$ depending on industry and country) Dane: IBM by Ponemon Institute 2017
6. To keep data inside EU Main POP in TIER IV Data Center. Safest possible DC in EU. Other POPs are located ONLY in European Union. (Data doesn’t flow outside EU)
7. To deal withshortage ofsecurity specialists 20% Dane: Helpnetsecurity & Gartner 2017 50%
9. Website Performance Better Website Performance (CDN, LOAD BALANCING, IMAGE OPTIMISATION)
8. SETUP - Fast, Automatic, Easy 1. 2. READY !!!
VALUE FOR MANAGERS • Website always online. • Protects client database. • Protects brand. • No hardware needed. • No software needed. • No high bandwidth needed. (to protect against DDoS) • No IT security experts needed at any time. • No trainings are required. • No hidden costs. • 24/7/365 Top Expert Support. • Setup takes 5 min and it’s easy.
VALUE FOR IT • 24/7/365 automatic protection of WEB infrastructure • Clear history of different levels of incidents • Virtual patching (Magento, Wordpress, etc) • Tailored rules • Reports • Compatible with AWS, Wordpress, Magento, etc… • MULTI-TENANT and MSSP FRIENDLY • CDN • Load balancing • Server health checks • Setup takes 5 min • Everything is self tuning • Top expert support 24/7/365
RECEIVING SUPPORT Business Enterprise Call our technical support 9-17 Grey Wizard Panel 24/7 Dedicated phone line 24/7/356 Dedicated Engineer Ticket response time Median (6 min) Guaranteed (3h) Median (6 min) Guaranteed (1h)
RECEIVING SUPPORT OUR TEAM becomes PART OF YOUR IT TEAM
CLIENTS, PROBLEMS, SOLUTIONS + Huge DDoS attacks + Brute force attacks + Eliminated DDoS to zero + Brute force attacks close to to zero + Network secured. +IOT devices can be left unupdated +We also secure their website and forums. No security problems so far • Global IOT network with sensitive data. • Wine ordering logistics app under attack • App completely secured Global discount supermarket • DDoS + Brute force attacks • Server overload + DDoS & Brute force attacks eliminated. + Server usage decreased by 80%
CUSTOMER SEGMENTATION BUSINESS • Traffic: 30Mbps • DDoS: 20Gbps • SLA: 99.9% • Domains: 1 € 300+ SEGMENTATION BY NEEDS • Traffic • DDoS protection • SLA • Customer Service • Number of Domains ENTERPRISE STANDARD • Traffic: 200Mbps • DDoS: 50Gbps • SLA: 100% • Domains: 3 • +3h of security consult € 3000+ (ALL PLANS ARE FLEXIBLE - you can increase the metrics)
AWARDS • 2018 Cybersecurity Excellence Award, (WebSecurity) • 2018 Fortress Cybersecurity Award (WebSecurity) • 2018 Top 25 Information Security Solution Providers in the World by CIO Applications Europe
Grey Wizard summary 3 Independent Data Centers located only in EU. Median ticket response time 6 minutes Customer service 24/7/365 SOC monitoring 24/7/365 Full Web Protection DDoS + WAF + API + BOTs No Hardware. No Software Installation. No experts required 5 minute setup All configuration is automatic No specialists required Competitive pricing
Information for Partners All Yellow Cube Partners: Get Free Protection. Today. Forever.
Information for Sales Teams Sales Teams: • Just convince the customer. • Grey Wizard takes care of technical support. • First monthlyfee as a bonus toevery sales person.
Wojciech Maciejewski Global Business Development Manager Tel: (+48) 789 339 492 Email: wm@greywizard.com