© 2020 Trend Micro Inc.1
Minding Security GapsHow Virtual Patching can protect businesses
Krista Laplante-Gaul –[email protected] Sales Engineer
© 2020 Trend Micro Inc.2
Why are zero-day vulnerabilities & exploits significant
Vulnerabilities Exploits
https://www.trendmicro.com/vinfo/fr/security/news/vulnerabilities-and-exploits/security-101-zero-day-vulnerabilities-and-exploits
© 2020 Trend Micro Inc.3
State of Vulnerabilities
© 2020 Trend Micro Inc.4
The 10 most exploited vulnerabilities
A comparison of the detection counts of the 10 most exploited vulnerabilities from 2017 to 2020
© 2020 Trend Micro Inc.5
The Lifecycle of a Vulnerability
6 © 2020 Trend Micro Inc.
How it works
0-day Exposure N-day Exposure
Vulnerability discovered and
submitted to the ZDI program
Digital Vaccine®
Filter Created
Vendor Notified
Vendor Patchor
Public Disclosure
Active Attacks
Patches Applied
Virtual Patch Defenses Available
Average of 96 days zero-day filter coverage from date of DV filter shipped to ZDI public disclosure
Virtual Patch
https://www.zerodayinitiative.com
7 © 2020 Trend Micro Inc.
Case Study – CVE-2020-0688
Vendor ships a bug
Researcherfinds bug
Vendor Patch
Virtual Patch
Sells Bug Report
Vendor Notified
Active Attacks
In the Wild
An RCE bug was discovered in all versions of Microsoft Exchange Server
Bug report contracted with the ZDI on November 19, 2019
Vendor Notified on November 26, 2019 Virtual patch shipped on December 7, 2019 Vendor patch released on
February 11, 2020
Vendor Patch
Blog Published
ZDI blog published onFebruary 25, 2020
Active attacks detected on March 15, 2020
November 22, 2019
November 26, 2019December 7, 2019
February 11, 2020
February 11, 2020
© 2020 Trend Micro Inc.8
What happens to unpatched IT infrastructures?
© 2020 Trend Micro Inc.9
Window to Patch Very Small
Source: https://www.darktrace.com/en/blog/zero-logon-exploit-detected-within-24-hours-of-vulnerability-notice/
https://www.trendmicro.com/en_ca/what-is/zerologon.html
© 2020 Trend Micro Inc.10
Prioritize and defend against the latest threats
© 2020 Trend Micro Inc.11
Prioritizing vulnerabilities
(Source: 2019 Gartner)
© 2020 Trend Micro Inc.12
• “Vulnerabilities and their exploitation are still the root cause of most breaches.”
• The vast majority of malware are leveraging known vulnerabilities to propagate
• How do you tune to maximize defenses with the resources you have?
• How do you prioritize the most important threats?
Addressing your highest security risks
https://www.gartner.com/smarterwithgartner/gartner-top-security-projects-for-2020-2021/
© 2020 Trend Micro Inc.13
Protect against the full range of threats
https://www.trendmicro.com/en_ca/business/capabilities/intrusion-prevention.html
© 2020 Trend Micro Inc.14
Thank You!Krista Laplante-Gaul –[email protected] Sales Engineer
Top Related