john prisco
DESCRIPTION
John Prisco. President and CEO Triumfant, Inc. Customer Information Security Concerns. Our defenses are designed to defeat threats we have seen before. We have very little protection against new types of threats. - PowerPoint PPT PresentationTRANSCRIPT
John PriscoPresident and CEO
Triumfant, Inc.
Our defenses are designed to defeat threats we have seen before. We have very little protection against new types of threats.
The time it takes for us to learn about and defend against a new threat is measured in days or weeks.
We are largely unaware of the changes occurring within our computing environment on a day-to-day basis.
Customer Information Security Concerns
Defenses are unable to adequately protect computers
2002 2003 2004 2005 2006 2007 2008 2009 20100
2,000,000
4,000,000
6,000,000
8,000,000
10,000,000
12,000,000
20,547 39,374 108,481 221,506 362,196986,463
2,677,786
5,724,106
10,114,682
Signature Counts By Year
Net New Signatures Cumulative Total
The Static Defense Shield Problem
Understand
Use machine intelligence to convert sensory input into knowledge
Inform
Provide flexible and powerful interfaces optimized for data navigation
Act
Provide the ability to synthesize responses to address new threats on-the-fly
What We Need:An Active, Adaptable Defense
Dramatically increase the volume and flow of sensory input
Sense
Deep Scan Don’t assume, collect everything• Continuously scans over 200,000 attributes
- Registry keys - Files- Processes - Services- Open ports - Event Logs- Performance counters - Security settings- Hardware attributes - Memory tables
• 500 sensitive attributes scanned every 10 seconds
Sense
Understand
PowerfulAnalytics
?Known Good
Known Bad
Normal
Data must be converted into knowledge• The Adaptive Reference Model
• A detailed baseline model of what is normal at a particular point in time• Compares subsequent snapshots and
determines if changes have malicious intent.• Based on patented data mining algorithms
Understand
Inform: An Actionable View Into Your Environment
Inform: Actionable View Into Your Environment
PointRemediation
Awareness Enables Precise Action• Automatically derives a custom-built
remediation response on-the-fly• Surgically precise and unobtrusive• Removes malware and corrects collateral
damage• All remediations are reversible
Act
Patented algorithms that remove malware in minutes• Finds and removes malware that other defenses miss • Does not require signatures or any prior knowledge• Continuous monitoring of the detailed state of the computer
provides situational awareness of the entire enterprise• Effective against APTs, polymorphics and sophisticated targeted
attacks from determined adversaries
Triumfant Active Defense:On the Endpoint
In the time it took me to deliver this speech
more than 4000 new malware threats
were detected.
Parting Thought