1 ©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. ©2015. CYREN Ltd. All...

1©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. This document and the contents therein are the sole property of CYREN and may not be transmitted or reproduced without CYREN’s express written permission.

CYREN Web Security: Zero Hour Detection

Pete StarrRob Bruce

2©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. 2©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.

About CYREN

THE BEST KEPT SECRET IN INFORMATION SECURITY FOR MORE THAN A DECADEFounded in 1991, CYREN (NASDAQ and TASE: CYRN) is a long-time innovator in cybersecurity. With full-function Security as a Service (SecaaS) solutions and technology components for embedded deployments, CYREN provides web, email, endpoint and mobile security solutions that the world’s largest IT companies trust for protection against today’s advanced threats.

2©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.

https://cyren.com/

3©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.

CYREN Powers the World’s Security

200+ OEM customers

500K Points of presence

600M End users

17BDaily Transactions


Security Challenges

http://pages.cyren.com/CyberThreats_Report_2015Q2.html?utm_campaign=ALL_ALL_2015_Q2_CyberThreats_Report&utm_medium=ad_banner&utm_source=resource_center




The Malware Trend is Worrying

Malware Emails Malware URLs


Mobile Malware year in Review


40 to 50 million emails distributed in short bursts lasting only three- to five-minutes each

Mapping Attacks


CYREN Recurrent Pattern Detection (RPD)


Outbreak Peak

RPD detection:

0.5-2 minutes

90% of top AVsReleased

signatures

CYREN RPD Outbreak Protection

20-30 hours

First Signatu

re

AV Signature Protection

OutbreakBegan

CYREN Zero Hour Malware Detection


CYREN Delivers the Earliest Protection Against New Threats

Timing shows number of hours/days for competitors to detect after CYREN first detection of outbreak.

For a Real-Time Comparison of CYREN Zero-Hour Detection, visit:http://www.cyren.com/malware-outbreak-detection.html#dashboard

http://www.cyren.com/malware-outbreak-detection.html#dashboard

11©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.

Reputation Calculation – A Synergy of Insights

webfeed.softupdate.org

invoice-myups.org

terminal.vla-engineering.com

217.71.50.24

178.132.203.166

invoiceid-[a-z0-9]{20}.doc

invoiceid-[a-z0-9]{20}.pdf.zipspam campaign attachments

D20aeb6ccc9f9c258ef158b47c3f33613141f7afebfd7bd0e61b0

f76c7061f97

5a6e6396d05739f08109c8f9e9e8eacc2f395c2201d560963cd39ceb5c36d72

8

Hash value

Hash value

1e5dd90edb812ce1d741b63439c28cf2934693e292c8b47fd06519d7449d7c

1c

Drop

s file

Connects to

app.invoice-myups.org

Connects to

Subd

omai

n of

Zeus

Known dropper ofKnow

n dr

oppe

r of

Known

variant of

www-myups.org

[email protected]

Registrant is

Registrant is

no-replays-[0-9a-z]{6}@ups.invoice

notifications-[0-9a-z]{6}@ups.invoice

Spam

min

g ad

dres

ses

600+ Million users contributing data 200+ partner global data footprint 17 Billion transactions per day

600,000 Malicious IPs 500,000 Malicious Files (AV & VOD) 50,000 APKs 50,000 Malicious URLs

Malware Distribution URLs (total 3.8M) Zero-Day URLs (total 1.3M) Phishing URLs (total 0.9M`


CYREN Platform Solutions

Global threat analysis, behavioral, and dynamic reputation scoring is only available via tools that use the Cloud.

Cloud-driven cybersecurity solution enabling full content inspection, including SSL traffic to better protect users from rapidly evolving cyber threats

Cybersecurity products and solutions responsive to advanced malware and other cyber attacks, which target data centers and routinely bypass conventional signature-based defenses

Use cloud-based solutions to arm your organization with the intelligence needed to prevent and handle breaches.

Cyber Threat Protection

WebSecurity

Our Cyber vision: To be the most accurate and actionable threat detection solution for unknown threats.


Capture and interrogate all network entities and classify them by reputation

Block zero-day malware delivery Detection of security incidents post infection Contain infections by blocking C&C communication Block exfiltration of data performed via HTTP/S

communication

Threat Prevention

Threat Detection

Threat Containment

Incident Response

Securing corporate assets with advanced threat protection and analytics

OUTBOUND Botnet C&C Traffic, Malicious URL / IP, Spam

Malware, Adware, Spyware, Malicious Scripts INBOUND

CyberThreat Protection


TCO

A Modern Solution to Today’s Threats

Security Roaming

15©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. © 2014 CYREN Confidential and Proprietary 15

Mobile App

Consumer Cloud

Private Cloud

Blocking Threats Enforcing Business Policy

Cloud AppPublic Cloud

Analyzing Web Traffic Applying Cyber Intelligence

BotExploits APT

Malware

Roaming HomeProduction Industrial Internet of

Things

Branch MobileHQ Remote Office

Protection for Every Business or Technology Model


WebSecurity

CYREN WebSecurity Platform

CYRENDATA

CENTERS

INTERNET

CYRENWEB

NODES

• Partner & Administrator Web Application• Database• Authentication servers• Central Logging• Geo-Location Logic• Shared threat intelligence

• Traffic inspection (AV)• Policy enforcement (URL Filtering)• VPN Servers• Port Forwarding

• GRE • PAC Files

• PAC Files

• Corporate & BYOD (iOS, Android)

• Global Proxy (iOS)• VPN (IPSec) &

OpenVPN

OFFICE

ROAMING

MOBILE

Routing

CYRENDNS

SERVICE


Public WIFI

Site based authentication allows for filtering of public and guest WiFi networks.

Route HTTP traffic using policy-based routing

DNS based filtering available to offer low-latency, no client configuration security

Protect visitors and employees’ BYOD devices whilst connected to your public/guest networks.


No capital expense for hardware or software Eliminates the cost and complexity associated with installing and

maintaining multiple appliances Up-to-the-moment applied cyber intelligence Simple to deploy, easy to administer, whether your operations are

centralized or distributed Scales with you - regardless of volume of users, devices, or locations

The Lowest Total Cost of Ownership (TCO)Cloud-based Web Security as a Service drives down your cost


Phishing

Protecting you from cybercriminal attempts to obtain corporate data, using impersonated trustworthy communication via an email or malicious URL

The Best Protection from Today’s Threats

Zero-hour protection, powered by our unique Cyber Intelligence, ensures you’re always protected against the latest threats

Compliance and Productivity

Unprecedented visibility of employee Web use, means you can set and enforce your Internet Use policies

Applied Cyber Intelligence Disrupts the Cyber Kill Chain and Boosts Productivity

Zero-day Malware


A ‘clean’ Internet connection protects users wherever they are Simple deployment options No requirement to backhaul remote workers’ traffic back to a

centralized security stack Policy enforcement and protection for up to 5 devices per user Protect notebooks, tablets and smartphones, across multiple

operating systems with flexible controls for BYOD/corporate No discernible impact on device performance Ensures a clean, secure Internet connection for Corporate IoT

deployments

The Best Solution for Remote, Roaming, and IoTDesigned for 21st Century business computing


Setting a New Standard for Regional Privacy

• Application layer is served within the region

• Personal private (PII) data (user name, email, site name, customer name) never leaves the home region

• Public data (policy, configuration, hashed values) replicated across regions enables seamless roaming

• Logs do not include any PII

• Hashed values map to private data for reporting purposes only in the relevant home region

Comply with privacy laws prohibiting transfer of users’ personal data outside the region

22©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. This document and the contents therein are the sole property of CYREN and may not be transmitted or reproduced without CYREN’s express written permission.

Any Questions?


• Business has transformed the way it uses technology, opening up a new threat landscape

• Zero day threats are a threat to customers even with mature security controls

• The traditional centralized, hardware-driven approach to Web security was never designed for this landscape

• Privacy is important in a cloud driven world• CYREN WebSecurity is that solution

Summary


You can also find us here:

www.CYREN.com

twitter.com/cyreninc

linkedin.com/company/cyren

©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.

Thank You. Any Questions or Thoughts?

Pete StarrPrinciple Sales Engineer+44 7595 [email protected]

Rob BruceRegional Sales Director+44 7966 405361 [email protected]

mailto:[email protected]

mailto:[email protected]

1 ©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. ©2015. CYREN Ltd. All...

Documents

Transcript of 1 ©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. ©2015. CYREN Ltd. All...