qualysguard infoday 2012 - malware detection service – enterprise edition
Post on 18-Nov-2014
584 Views
Preview:
DESCRIPTION
TRANSCRIPT
QualysGuard® Malware Detection Service – Enterprise Edition
Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe
Why MDS?
1
Thousands of sites are infected daily
“Malvertising”- Exploits hidden inside legitimate looking ads
Malware propagates to the visitors of the site
Unknown malware is hard to recognize
Do you know if your site is serving Malware?
MDS Benefits
2
Avoid your site from being blacklisted
0-day defense
Prevents visitors from getting infected
Brand reputation
Protects against a loss of revenue
SaaS - Nothing to install or download
MDS service tiers
3
Free
• Single site •Domain and email address of user must match •5 scans •No scheduled scans, no support
Enterprise Edition Trial
•30 day trial •Up to 20 sites, 1000 pages per site • Sites can be be “unvalidated”- users sign terms and agreement •After 30 days, gets downgraded to Free version
Enterprise Edition
•1000 pages by default •More blocks can be purchased (consult your TAM)
MDS activity
4
You plug in your URL
Qualys Virtual Machine Farm
1. Enter URL 2. We breadth crawl URL (we stay in the
domain) 3. We do both behavioral and static
analysis 4. Qualys will email user if Malware is
found.
MDS Analysis - Static
5
Encoded JavaScript Document.write with obfuscation Web Bugs Vulnerable Control Instantiation Character encoding on inline frames
MDS Analysis - Behavioral
6
Microsoft Windows registry keys being written Rogue processes being started Programs being installed and started Files being written to disk
MDS User Interface
MDS Dashboard
Last Scan
Upcoming Scans
Infected sites Infections
MDS Knowledgebase
Adding Sites - Wizard Upload multiple
sites via CSV Up to 1000 pages Add Asset Tags
Assets
Scanning
View Scan Results View Thread
for each scan
Reporting
Reporting
Thank You training@qualys.com
top related