• Sonuç bulunamadı

KOBILERI HEDEF ALAN 5 SIBER TEHDIT

N/A
N/A
Protected

Academic year: 2022

Share "KOBILERI HEDEF ALAN 5 SIBER TEHDIT"

Copied!
14
0
0

Yükleniyor.... (view fulltext now)

Tam metin

(1)

KOBİ’leri Hedef Alan Yeni Nesil Tehditler ve Önlemler

trapmine.com

(2)

2

(3)

KOBILERI HEDEF ALAN 5 SIBER TEHDIT

3

• Advanced Persistent Threat

• An advanced persistent threat is an attack in which an unauthorized user gains access to a system or network and remains there for an extended period of time without being detected.

• Spear Phishing

• Spear phishing is the act of sending and emails to specific and well-researched targets while purporting to be a trusted sender. The aim is to either infect devices with malware or convince victims to hand over information or money.

• Unknown and Known Malware

• Unknown malware is just that malware that has not been discovered yet. These types of attacks are known as zero-day attacks.

• Pass-The-Hash Attacks

• A Pass-the-Hash (PtH) attack is a technique whereby an attacker captures a password hash (as opposed to the password characters) and then simply passes it through for authentication and potentially lateral access to other networked systems.

• Ransomware

• Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website.

(4)

MODERN TEHDİTLERİN ANATOMİSİ

User opens

a Word Document

Executes Powershell scripts/Malware

Final MS Office document

exploits a vulnerability Finds and extracts data

4

(5)

GELENEKSEL GÜVENLİK ÇÖZÜMLERİ NEDEN BAŞARISIZ OLUYOR?

5

(6)

Detection and Response Prevent Known and

Unknown Malware

Prevent Non-Malware Attacks

Endpoint Visibility Cloud Intelligence and

Machine Learning Lightweight and

Easy-to-Deploy

YENİ NESİL UÇ NOKTA GÜVENLİĞİ

6

(7)

7

TRAPMINE v4.0: YENİ NESİL UÇ NOKTA GÜVENLİĞİ

▪ Multi-Vectoral Malware Engine

▪ Reputational Detection Engine

▪ Machine Learning/AI Based Detection Engine

▪ Behavioral Detection Engine

▪ Detection Analysis

▪ Root Cause Analysis

▪ Related Alert Analysis

▪ Attack Time Line Analysis

▪ MITRE ATT&CK® Integration

▪ Advanced Detection and Protection Policies

▪ Device Controller Policies

▪ Device Controller Logs

▪ Application Control Policies

▪ Blacklist Policies

▪ White List Policies

▪ Compromise Assesment

▪ Live Hunting

▪ Automated Hunting

▪ Anti-Exploit and Advanced Threat Protection

(8)

DAVRANIŞSAL ANALİZ

8

(9)

YAPAY ZEKA

9

MODEL

EVALUATE IN

REAL-LIFE

EXTRACT FEATURES

TRAIN MODEL

v

MALICIOUS FILES

BENIGN FILES

ACCUMULATING SAMPLES

UPDATE FEATURES

(10)

TEHDİT AVCILIĞI VE OLAYA MÜDEHALE

10

Live Query Artifacts

Running Processes File by Name

File by Hash Registry Values OS Startup Entries Powershell v3+ History Active Mutexes and Events

Injected Threads ... more

TRAPMINE ESM

THREAT HUNTING and INCIDENT RESPONSE MODULE

v

TRAPMINE Agents

(Desktops, Notebooks, Servers, etc.)

Live Response

smss.exe csrss.exe wininit.exe services.exe

lsass.exe svchost.exe WUDFHost.exe

Live Request

Example: Running Processes

Live Action

Example: Kill Process, Block Process, Download Process, Get Process Dump

(11)

PREVENTION EFFICACY 100 %

BAĞIMSIZ TEST SONUÇLARI

• TRAPMINE achieves %100 prevention against in-the- wild and custom threats!

• TRAPMINE has been certified by UK-based

independent test lab MRG-Effitas for its effective protection againt cyber threats.

* https://www.mrg-effitas.com/wp-content/uploads/2017/08/MRG-Effitas-Trapmine_v105.pdf

* https://www.mrg-effitas.com/wp-content/uploads/2018/08/TRAPMINE_ML_report.pdf

11

(12)

12

(13)

GOOGLE VIRUSTOTAL’E ENTEGRE OLAN ILK YERLI COZUM

13

We welcome Trapmine scanner to VirusTotal. In the words of the company:

“Trapmine ThreatScore is a machine learning-powered malware detection engine developed to identify known and never-before-seen malware. This engine is a part of TRAPMINE Endpoint Detection & Protection Platform. Trapmine combines machine learning, behavior monitoring and endpoint deception techniques to provide fool-proof defense against malware, exploit attempts, file-less malware, ransomware and other forms of targeted attacks. Windows PE files submitted to VirusTotal will be analyzed by Trapmine ML engine and the verdicts will be displayed to VirusTotal users.”

Trapmine has expressed its commitment to follow the recommendations of AMTSO and, in compliance with our policy, facilitates this review by MRG Effitas, an AMTSO-member tester.

(14)

Thank you.

Referanslar

Benzer Belgeler

Özellikle akademik başarı durumlarında bazı konular performans hedef takibi gerektirirken bazıları ustalık hedef takibi gerektirebilir bu sebeble hangi hedef

Türkiye Hazır Beton Birliği (THBB) “güvenli ve dayanıklı yapıların inşası için standartlara uygun, kaliteli beton kullanımının artması ve tekniğine uygun,

In our study, pain perception was statistically significantly lower in patients who underwent the office hysteroscopy with the no touch method than in those who underwent

Türkiye Hazır Beton Birliği, hazır beton sektöründe çalışan pompa, transmikser ve santral operatörleri ile laboratuvar teknisyenleri için düzenlediği kurslarına

se*"7enbi Koç kadar uzun süre "1 num aralı işa d a m ı” unvanını sürdür­ memiş; onun kadar değişik alanlarda büyük şirketler kurmamış; onun kadar

Türkiye’nin en eski ticarethanesi olarak 256 yıldır varlığını sürdüren Hasan­ paşa Fınnı Türk gastronomisine de hizmet vermiş, birçok ürün ilk kez burada

Lastly, the rainfall predictions after training, testing are obtained that are quite accurate and through comparison outlined that the actual and predicted data

To address this fundamental concern, we present a dynamic analysis framework for use in detailed examination of evasive malware that hides their behavior during analysis. The