- 20
- 13 165
Barry Secure
Canada
เข้าร่วมเมื่อ 2 ม.ค. 2013
Cisco Security presentations, demos and updates
Cisco Secure Workload Demo 3.9
In today’s world, applications are everywhere and can be hard enough to manage, let alone secure. Cisco Secure Workload enables customers to have visibility and control into all their applications and provide automated policy to quickly and efficiently improve security policy.
Cisco Secure Workload main use cases:
• Microsegmentation: Cisco Secure Workload enables security teams to implement a secure, zero-trust model for workloads using microsegmentation. It automates the policy generation for microsegmentation using unsupervised machine learning and near real-time application behavior analysis. It normalizes this policy based on the priority and hierarchy before enforcing it. These policy elements are enforced for an application using the operating system firewall capabilities such as ipsets and iptables, in the case of Linux servers, and the Windows Filtering Platform or Windows advanced firewall, in the case of Microsoft Windows servers. This approach delivers a stateful and consistent segmentation across multicloud data centers at scale. It also allows you to minimize lateral movement in case of security incidents. Additionally, in a virtualized and container environment, this mechanism ensures that segmentation policy moves with the workload, allowing increased application mobility without the need for an infrastructure-specific segmentation policy. As application dependencies and communication patterns evolve, Cisco Secure Workload helps ensure that the policy is updated automatically.
• Workload anomalous behavior detection: Data center workloads are deployed for a specific activity or a function. Therefore, workload behavior could be baselined and proactively detect anomalous behaviors. To achieve this, Cisco Secure Workload monitors the process and communication activities on the workloads. It can detect various malicious behavior activities like:
o Privilege escalations
o Shell-code executions
o MITRE-identified techniques and tactics
o Side-channel attacks
o Unseen commands
In this way, security operations can quickly identify indicators of compromise and take remediation steps to minimize the impact.
• Reducing the attack surface: Attack surfaces are introduced in the data center due to vulnerabilities associated with the software packages, OS versions, and due to the stale ports and processes running in the environment. Cisco Secure Workload, in real time, identifies the full inventory of all software packages installed on the workloads and provides the ability to detect common vulnerabilities and exposures associated with these packages. It also provides actionable security insight where administrators can define policies to quarantine or restrict communication of workloads when certain vulnerabilities are detected. Additionally, it also identifies those open ports with process bindings that are not used. This concrete information helps administrators determine if something can be safely shutdown to reduce the exposure.
Cisco Secure Workload main use cases:
• Microsegmentation: Cisco Secure Workload enables security teams to implement a secure, zero-trust model for workloads using microsegmentation. It automates the policy generation for microsegmentation using unsupervised machine learning and near real-time application behavior analysis. It normalizes this policy based on the priority and hierarchy before enforcing it. These policy elements are enforced for an application using the operating system firewall capabilities such as ipsets and iptables, in the case of Linux servers, and the Windows Filtering Platform or Windows advanced firewall, in the case of Microsoft Windows servers. This approach delivers a stateful and consistent segmentation across multicloud data centers at scale. It also allows you to minimize lateral movement in case of security incidents. Additionally, in a virtualized and container environment, this mechanism ensures that segmentation policy moves with the workload, allowing increased application mobility without the need for an infrastructure-specific segmentation policy. As application dependencies and communication patterns evolve, Cisco Secure Workload helps ensure that the policy is updated automatically.
• Workload anomalous behavior detection: Data center workloads are deployed for a specific activity or a function. Therefore, workload behavior could be baselined and proactively detect anomalous behaviors. To achieve this, Cisco Secure Workload monitors the process and communication activities on the workloads. It can detect various malicious behavior activities like:
o Privilege escalations
o Shell-code executions
o MITRE-identified techniques and tactics
o Side-channel attacks
o Unseen commands
In this way, security operations can quickly identify indicators of compromise and take remediation steps to minimize the impact.
• Reducing the attack surface: Attack surfaces are introduced in the data center due to vulnerabilities associated with the software packages, OS versions, and due to the stale ports and processes running in the environment. Cisco Secure Workload, in real time, identifies the full inventory of all software packages installed on the workloads and provides the ability to detect common vulnerabilities and exposures associated with these packages. It also provides actionable security insight where administrators can define policies to quarantine or restrict communication of workloads when certain vulnerabilities are detected. Additionally, it also identifies those open ports with process bindings that are not used. This concrete information helps administrators determine if something can be safely shutdown to reduce the exposure.
มุมมอง: 35
วีดีโอ
Cisco Panoptica demo
มุมมอง 5632 ปีที่แล้ว
Cisco Panoptica is a comprehensive product that protects containers, Kubernetes, server less, service mesh, and API security in a single platform. Sign up for free at securecn.cisco.com/
Application Security
มุมมอง 6472 ปีที่แล้ว
Applications are critical assets for businesses. Given that applications are supposed to be more and more agile today, and at the same time attack surface are larger, and legacy tools alone won’t be enough, besides all the regulations and compliance requirements we need to meet. Data shows that 90% of security teams had experienced security incidents, a lot of organizations don’t even have secu...
Ransomware and defense strategy
มุมมอง 9962 ปีที่แล้ว
Ransomware is a type of malicious software or malware. It encrypts a victim's data, after which the attacker demands a ransom. Once the ransom is paid, the attacker sends a decryption key to restore access to the victim's data. The ransom can range from a few hundred dollars to millions of dollars. Typically, payment is demanded in the form of a cryptocurrency, such as bitcoins. Ransomware pene...
Cisco Secure Malware Analytics (Threat Grid)
มุมมอง 3K2 ปีที่แล้ว
Demo of Cisco Secure Malware Analytics (Threat Grid) Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it.
Secure Workload demo
มุมมอง 1.5K2 ปีที่แล้ว
Cisco Secure Workload (formerly Tetration) Achieve the security required for today's heterogeneous multicloud environment with Cisco Secure Workload. Protect workloads across any cloud, application, and workload-anywhere. Automate and implement a secure zero-trust model for micro-segmentation based on application behavior and telemetry. Proactively detect and remediate indicators of compromise ...
Cisco Security Blueprint
มุมมอง 9102 ปีที่แล้ว
Intro and walk through of Cisco Security blueprint tool The Security Blueprint is a vendor agnostic tool that will perform a health check on customer’s security capabilities and assist in identifying gaps and recommending potential solutions that will benefit the customer based on industry best practice.
SecureX platform overview
มุมมอง 853 ปีที่แล้ว
SecureX platform overview SecureX is a cloud-native, built-in platform experience that connects our Cisco Secure portfolio and your infrastructure. It is integrated and open for simplicity, unified in one location for visibility, and maximizes operational efficiency with automated workflows. Radically reduce threat dwell time and human-powered tasks to stay compliant and counter attacks. - Inte...
SecureX Threat Response
มุมมอง 2693 ปีที่แล้ว
SecureX Threat Response overview and demo Demostrate how SecureX CTR - Cisco Threat Response, a core platform application can be leveraged to accelerate threat investigations and incident management by aggregating and correlating global intelligence and local context in one view. SecureX offers Simplified experience with cross-product integration Unified visibility with cross-product analytics ...