1©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. This document and the contents therein are the sole property of CYREN and may not be transmitted or reproduced without CYREN’s express written permission.
CYREN Web Security: Zero Hour Detection
Pete StarrRob Bruce
2©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. 2©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
About CYREN
THE BEST KEPT SECRET IN INFORMATION SECURITY FOR MORE THAN A DECADEFounded in 1991, CYREN (NASDAQ and TASE: CYRN) is a long-time innovator in cybersecurity. With full-function Security as a Service (SecaaS) solutions and technology components for embedded deployments, CYREN provides web, email, endpoint and mobile security solutions that the world’s largest IT companies trust for protection against today’s advanced threats.
2©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
3©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
CYREN Powers the World’s Security
200+ OEM customers
500K Points of presence
600M End users
17BDaily Transactions
4©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Security Challenges
http://pages.cyren.com/CyberThreats_Report_2015Q2.html?utm_campaign=ALL_ALL_2015_Q2_CyberThreats_Report&utm_medium=ad_banner&utm_source=resource_center
5©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
The Malware Trend is Worrying
Malware Emails Malware URLs
6©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Mobile Malware year in Review
7©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
40 to 50 million emails distributed in short bursts lasting only three- to five-minutes each
Mapping Attacks
8©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
CYREN Recurrent Pattern Detection (RPD)
9©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Outbreak Peak
RPD detection:
0.5-2 minutes
90% of top AVsReleased
signatures
CYREN RPD Outbreak Protection
20-30 hours
First Signatu
re
AV Signature Protection
OutbreakBegan
CYREN Zero Hour Malware Detection
10©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
CYREN Delivers the Earliest Protection Against New Threats
Timing shows number of hours/days for competitors to detect after CYREN first detection of outbreak.
For a Real-Time Comparison of CYREN Zero-Hour Detection, visit:http://www.cyren.com/malware-outbreak-detection.html#dashboard
11©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Reputation Calculation – A Synergy of Insights
webfeed.softupdate.org
invoice-myups.org
terminal.vla-engineering.com
217.71.50.24
178.132.203.166
invoiceid-[a-z0-9]{20}.doc
invoiceid-[a-z0-9]{20}.pdf.zipspam campaign attachments
D20aeb6ccc9f9c258ef158b47c3f33613141f7afebfd7bd0e61b0
f76c7061f97
5a6e6396d05739f08109c8f9e9e8eacc2f395c2201d560963cd39ceb5c36d72
8
Hash value
Hash value
1e5dd90edb812ce1d741b63439c28cf2934693e292c8b47fd06519d7449d7c
1c
Drop
s file
Connects to
app.invoice-myups.org
Connects to
Subd
omai
n of
Zeus
Known dropper ofKnow
n dr
oppe
r of
Known
variant of
www-myups.org
Registrant is
Registrant is
no-replays-[0-9a-z]{6}@ups.invoice
notifications-[0-9a-z]{6}@ups.invoice
Spam
min
g ad
dres
ses
600+ Million users contributing data 200+ partner global data footprint 17 Billion transactions per day
600,000 Malicious IPs 500,000 Malicious Files (AV & VOD) 50,000 APKs 50,000 Malicious URLs
Malware Distribution URLs (total 3.8M) Zero-Day URLs (total 1.3M) Phishing URLs (total 0.9M`
12©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
CYREN Platform Solutions
Global threat analysis, behavioral, and dynamic reputation scoring is only available via tools that use the Cloud.
Cloud-driven cybersecurity solution enabling full content inspection, including SSL traffic to better protect users from rapidly evolving cyber threats
Cybersecurity products and solutions responsive to advanced malware and other cyber attacks, which target data centers and routinely bypass conventional signature-based defenses
Use cloud-based solutions to arm your organization with the intelligence needed to prevent and handle breaches.
Cyber Threat Protection
WebSecurity
Our Cyber vision: To be the most accurate and actionable threat detection solution for unknown threats.
13©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Capture and interrogate all network entities and classify them by reputation
Block zero-day malware delivery Detection of security incidents post infection Contain infections by blocking C&C communication Block exfiltration of data performed via HTTP/S
communication
Threat Prevention
Threat Detection
Threat Containment
Incident Response
Securing corporate assets with advanced threat protection and analytics
OUTBOUND Botnet C&C Traffic, Malicious URL / IP, Spam
Malware, Adware, Spyware, Malicious Scripts INBOUND
CyberThreat Protection
14©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
TCO
A Modern Solution to Today’s Threats
Security Roaming
15©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. © 2014 CYREN Confidential and Proprietary 15
Mobile App
Consumer Cloud
Private Cloud
Blocking Threats Enforcing Business Policy
Cloud AppPublic Cloud
Analyzing Web Traffic Applying Cyber Intelligence
BotExploits APT
Malware
Roaming HomeProduction Industrial Internet of
Things
Branch MobileHQ Remote Office
Protection for Every Business or Technology Model
16©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
WebSecurity
CYREN WebSecurity Platform
CYRENDATA
CENTERS
INTERNET
CYRENWEB
NODES
• Partner & Administrator Web Application• Database• Authentication servers• Central Logging• Geo-Location Logic• Shared threat intelligence
• Traffic inspection (AV)• Policy enforcement (URL Filtering)• VPN Servers• Port Forwarding
• GRE • PAC Files
• PAC Files
• Corporate & BYOD (iOS, Android)
• Global Proxy (iOS)• VPN (IPSec) &
OpenVPN
OFFICE
ROAMING
MOBILE
Routing
CYRENDNS
SERVICE
17©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Public WIFI
Site based authentication allows for filtering of public and guest WiFi networks.
Route HTTP traffic using policy-based routing
DNS based filtering available to offer low-latency, no client configuration security
Protect visitors and employees’ BYOD devices whilst connected to your public/guest networks.
18©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
No capital expense for hardware or software Eliminates the cost and complexity associated with installing and
maintaining multiple appliances Up-to-the-moment applied cyber intelligence Simple to deploy, easy to administer, whether your operations are
centralized or distributed Scales with you - regardless of volume of users, devices, or locations
The Lowest Total Cost of Ownership (TCO)Cloud-based Web Security as a Service drives down your cost
19©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Phishing
Protecting you from cybercriminal attempts to obtain corporate data, using impersonated trustworthy communication via an email or malicious URL
The Best Protection from Today’s Threats
Zero-hour protection, powered by our unique Cyber Intelligence, ensures you’re always protected against the latest threats
Compliance and Productivity
Unprecedented visibility of employee Web use, means you can set and enforce your Internet Use policies
Applied Cyber Intelligence Disrupts the Cyber Kill Chain and Boosts Productivity
Zero-day Malware
20©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
A ‘clean’ Internet connection protects users wherever they are Simple deployment options No requirement to backhaul remote workers’ traffic back to a
centralized security stack Policy enforcement and protection for up to 5 devices per user Protect notebooks, tablets and smartphones, across multiple
operating systems with flexible controls for BYOD/corporate No discernible impact on device performance Ensures a clean, secure Internet connection for Corporate IoT
deployments
The Best Solution for Remote, Roaming, and IoTDesigned for 21st Century business computing
21©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Setting a New Standard for Regional Privacy
• Application layer is served within the region
• Personal private (PII) data (user name, email, site name, customer name) never leaves the home region
• Public data (policy, configuration, hashed values) replicated across regions enables seamless roaming
• Logs do not include any PII
• Hashed values map to private data for reporting purposes only in the relevant home region
Comply with privacy laws prohibiting transfer of users’ personal data outside the region
22©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential. This document and the contents therein are the sole property of CYREN and may not be transmitted or reproduced without CYREN’s express written permission.
Any Questions?
23©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
• Business has transformed the way it uses technology, opening up a new threat landscape
• Zero day threats are a threat to customers even with mature security controls
• The traditional centralized, hardware-driven approach to Web security was never designed for this landscape
• Privacy is important in a cloud driven world• CYREN WebSecurity is that solution
Summary
24©2014. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
You can also find us here:
www.CYREN.com
twitter.com/cyreninc
linkedin.com/company/cyren
©2015. CYREN Ltd. All Rights Reserved. Proprietary and Confidential.
Thank You. Any Questions or Thoughts?
Pete StarrPrinciple Sales Engineer+44 7595 [email protected]
Rob BruceRegional Sales Director+44 7966 405361 [email protected]