Black Hat USA 2011 //Uplink Underwriters
Caesars Palace Las Vegas, NV • August 3 - August 4
Gunnar Peterson, Blake Dournaee
How to Combat Advanced Persistent Threats at the Application Layer - Security Gateway deployment patterns for APT
Today, it is clear a new wave of organized, state sponsored, espionage is targeting commercial and federal information systems with continuous long term attacks. Most vendor countermeasures are promoting anti-malware AV & simplistic IP level firewall solutions to protect client or endpoint computer systems with access to the network. This focus has proven largely ineffective as adversaries typically test against major AV packages prior to launching attacks resulting in high client infection rates. This puts more emphasis on application level security to protect information- even after client infection has occurred. In this technical webinar, independent federal security expert Gunnar Peterson explores how a Security Gateway, deployed at the network edge can deliver deeper inspection of XML based web service traffic for advanced APT threat identification, attribution, and proactive monitoring.
Session includes a screen share of gateway configuration to combat APT. You learn:
- Latest insight from federal & commercial APT countermeasure projects
- Typical malware to app attack patterns
- Security for inbound and outbound traffic
- How gateway policy enforcement points can leverage IdM, AuthN and AuthZ
- How gateways improve SIEM proactive monitoring
- Showcase configuration of code injection protection, service virtualization and trust (white-list) based processing of application traffic
A Closer Look at Key Management: Strategies for Email Encryption
Changes in the regulatory environment are driving most enterprises to adopt email encryption to protect against data breaches. However, once data has been encrypted, the critical asset that must be secured is the encryption key, not just the encrypted data. With respect to email encryption, key management brings a unique element into the picture: keys must be accessible by recipients who are potentially outside of the enterprise. In this session, we will take a detailed look at various key management approaches as they relate to the problem of email encryption—and discuss how each can address the most common enterprise use-cases and security concerns.