©2015 Check Point Software Technologies Ltd. 1 WINNING WITH CHECK POINT MOBILE THREAT PREVENTION...
20
©2015 Check Point Software Technologies Ltd. 1 ©2015 Check Point Software Technologies Ltd. WINNING WITH CHECK POINT MOBILE THREAT PREVENTION
-
Upload
caroline-skinner -
Category
Documents
-
view
221 -
download
0
Transcript of ©2015 Check Point Software Technologies Ltd. 1 WINNING WITH CHECK POINT MOBILE THREAT PREVENTION...
©2015 Check Point Software Technologies Ltd. 1©2015 Check Point Software Technologies Ltd.
WINNING WITH CHECK POINT MOBILE THREAT PREVENTION
©2015 Check Point Software Technologies Ltd. 2[Protected] Non-confidential content
Agenda
• Mobile Threats 101
• The Check Point Advantage
• Mobile Threat Prevention Competitive Landscape
©2015 Check Point Software Technologies Ltd. 3[Protected] Non-confidential content
Consumerization of IT
Enterprise Systems
Consumer Services
©2015 Check Point Software Technologies Ltd. 4
Rapidly Expanding Mobile Threats
11.6 million mobile devices infected2
MOBILE THREATS are ESCALATINGin frequency and sophistication EVERY YEAR
©2014 Check Point Software Technologies Ltd. 4 [Restricted] ONLY for designated groups and individuals
• 1st malware for Android and iOS
• Root exploits
• Banking malware• SMS Trojans
• CABIR worm,Infecting Symbian OSvia Bluetooth connection 1Source: Symantec, “A Brief History of Mobile Malware” February 2014
2Source: Kindsight Security Labs Malware Report 2013
2014
201220102005
2004
First mobile virus1
2007First iPhone
2008First Android
• Spyware
• Ransomware
©2015 Check Point Software Technologies Ltd. 5
Mobile Threats 101
Malware & MRATS
Network Attacks
Exploits
©2015 Check Point Software Technologies Ltd. 6
WHEN CYBERCRIMINALS GET INWHAT’S THE WORST THAT COULD HAPPEN?
Extract Information (app data, contact lists, etc.)
Turn on the Microphone
(eavesdrop into conversations)
Turn on the Camera
(look around, steal images)
Track Device Location
(follow comings and goings)
Send Email and SMS Messages
(impersonate the user)
Change PIN and Lock Device
(hold device for ransom)
©2015 Check Point Software Technologies Ltd. 7[Protected] Non-confidential content
Agenda
• Mobile Threats 101
• The Check Point Advantage
• Mobile Threat Prevention Competitive Landscape
©2015 Check Point Software Technologies Ltd. 8
The Challenge
Unknown, Targeted & 0day Cyber Threats
Static Policy Enforcement
Data LeakagePrevention
Mobile Device Management
(Missing!) Advanced Threat Detection & Mitigation
Secure Containers & Wrappers
Protection Against Known Threats
Anti-Virus, App Reputation
©2015 Check Point Software Technologies Ltd. 9
Advanced Threat
Prevention
Adaptive Risk Mitigation
Visibility & Intelligence
Comprehensive Mobile Threat Prevention
NetworksDevices Apps
Mobile Threat Prevention
©2015 Check Point Software Technologies Ltd. 10
Check Point MTPIndustry’s best catch-rate
U N K N O W N M A LWA R E I N M O B I L E A P P L I C AT I O N
100
90
80
70
60
50
40
30
20
10
0
9988
21
90
71
CHECK POINT FIREEYE Palo Alto
Networks
AVG LOOKOUT
Source: Lacoon competitive benchmark 2015
%
©2015 Check Point Software Technologies Ltd. 11
Delivering Best-in-Class Threat Prevention for All Mobile Devices
Risk Score
3Active Agent
1
Behavioral Risk Engine
2
How it WorksAgent runs in background; sends data to Behavioral Risk Engine
Analyzes device, application and network detecting attacks
Assigns real-time risk score identifying threat level
Immediate on-device, MDM and network remediation
1
2
3
4
Real-Time Intelligence and Control
SIEM Integration
4
MDM/EMM Integration
• On-Device Protection & Mitigation• Risk Based Network Protection
©2015 Check Point Software Technologies Ltd. 12
Threat Technologies
Advanced App Analysis
Sandboxing (Emulation)
Advanced Static Code Analysis
Uncovers new malware and targeted exploits
Network Anomaly Detection
Wi-Fi Man-in-the-Middle (MitM) attacks
Evasive botnets and time bomb malware
Host Threat Analysis
Malicious Configurations
Exploits and file system manipulation
Threat FrameworkMulti-dimensional Risk/Trust assessments
Accurate risk classifications to effectively mitigate risk
©2015 Check Point Software Technologies Ltd. 13[Protected] Non-confidential content
Agenda
• Mobile Threats 101
• The Check Point Advantage
• Mobile Threat Prevention Competitive Landscape
©2015 Check Point Software Technologies Ltd. 14 14
Insertion Point Malware Malware MalwareNetwork
& Exploits
Network
Application based Threats ✓ Partial Partial
Network & OS based Threats ✓ ✓ ✓Vulnerability Management ✓Multi-Platform ✓ ✓ ✓ Partial Partial
Adaptive Mitigation ✓ Partial Partial
- Confidential and Proprietary -
Competitive Analysis
©2015 Check Point Software Technologies Ltd. 15
Lookout Enterprise (SF based, Employees: ~300, $132M funding)
Description̶L Consumer AV trying to get into Enterprise mobile protection̶L AV + backup + device wipe
Capabilities̶L Signature-based AV, Reputation
Weaknesses̶L Only detects known signatures̶L No App behavior detection, no-advanced detection and network/MitM detection
capabilities̶L Limited ability to detect or protect against iOS attacks̶L No Active risk-based mitigation option̶L Not a mature enterprise App: limited dashboard, enterprise integration (MDM,
SIEM)
©2015 Check Point Software Technologies Ltd. 16
Skycure (Startup - Israeli R&D, Employees: ~20, $3M seed funding)
Description̶L Mobile Firewall, on device protection for iOS, just added very basic Android
client (network, MITM focus)
Capabilities̶L Focus on protecting against WiFi and network attacks̶L Very slick iOS attack demo
Weaknesses ̶L Unable to protect against the main attack vector on Android: Applications.
Cannot analyze and detect app behavior. ̶L No ability to detect or protect against exploits on device ̶L Not a mature enterprise App: limited dashboard, enterprise
integration (MDM, SIEM)
©2015 Check Point Software Technologies Ltd. 17
Zimperium (Startup - Israeli R&D, SF - HQ, Employees: ~20, $8M funding)
DescriptionL̶ Intrusion Prevention System for Android devices
CapabilitiesL̶ Focus on Android client-based threat detection (basic iOS)
WeaknessesL̶ Basic ability to detect or protect against iOS AttacksL̶ Unable to protect against the main attack vector on Android: Applications. Cannot analyze and detect App behavior.
L̶ No ability to detect or protect against exploits in the network L̶ Not a mature enterprise App: limited dashboard, enterprise integration (MDM, SIEM)
©2015 Check Point Software Technologies Ltd. 18
Marble Security (Private, founded 2005. Funding: $43.20M) (formerly IRONKEY)
Description̶L Mobile Security Management Platform
Capabilities̶L Trying to be All Things Mobile (Security + MDM + MAM + Secure
Messaging)
Weaknesses̶L Lack sophisticated detection and prevention capabilities on the device̶L Partner with Appthority for app reputation̶L Vendor lock-in: many enterprises already have MDM/MAM from large
MDM vendors̶L Morphing – split focus to develop broad, shallow feature set
©2015 Check Point Software Technologies Ltd. 19©2015 Check Point Software Technologies Ltd.
THANK YOU!
©2015 Check Point Software Technologies Ltd. 20
Attack Detection
On Device
In Apps
In Network
Device Support
IOS
Android
Proactive Protection
On-Device
In Network
Access Management
MDM MAM CONTAIN-ERS
GATE-WAYS
MOBILE AV
APPREP
SAND-BOX
SKYCURE ZIMPER -IUM
LOOKOUT
MARBLESECURITY
Check Point MTP
Check Point MTP Delivers Comprehensive Mobile Security to enable Enterprises to Confidently Roll Out and Support Mobility Initiatives & Lower TCO
