kaspersky security intelligence...
TRANSCRIPT
![Page 1: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/1.jpg)
KASPERSKY SECURITY INTELLIGENCE SERVICES
Alexander Mazikin
Global Presales Manager, Security Intelligence Services
![Page 2: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/2.jpg)
SERVICES MAP
2
Security Awareness
Professional Trainings
SECURITY TRAINING
Digital Forensics
Malware Analysis
INVESTIGATION SERVICES
THREAT INTELLIGENCE
Threat Data Feeds
Botnet Tracking
Intelligence Reporting
SECURITY ASSESSMENT
Penetration Testing
Security Assessment
![Page 3: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/3.jpg)
GARTNER’S ADAPTIVE SECURITY CYCLE
3
RESPOND
PREDICT PREVENT
DETECT
• Digital Forensics
• Malware Analysis
• Penetration Testing
• Security Assessment
• Professional Trainings
• Tailored Reporting
• Threat Data Feeds
• Botnet Tracking
• APT Intelligence Reporting
• Security Awareness
![Page 4: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/4.jpg)
TARGET AUDIENCE AND USE CASES
4
Customer SOC (Security Operation Center)
Train your employees
and experts
Enterprises Government MSSP ISP/Telco Banks
Improve your SIEM
with KL data feeds
Get early warning
about global APTs
and threats targeting
your organization
In case of an incident get
help from our forensics
experts
Mitigate a risk of
intrusion with
KL PenTesting
Uncover vulnerabilities
in your applications
![Page 5: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/5.jpg)
CYBERSECURITY TRAINING
5
![Page 6: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/6.jpg)
SECURITY TRAINING – POC
6
► KL trainer conducts a remote session for
the customer to explain the required courses
in more details
![Page 7: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/7.jpg)
SECURITY TRAINING – CASE STUDIES
7
City of London Police
Kaspersky Lab has delivered several courses
in the areas of Digital Forensics and Malware
Analysis
Public reference is available and you can
request an official pdf approved by COLP
management
You can find more in public press releases:
http://www.kaspersky.com/about/news/viru
s/2014/City-of-London-Police-and-
Kaspersky-Lab-lead-the-way-in-
combatting-fraud
http://www.computerworlduk.com/news/se
curity/3539039/city-of-london-police-
brings-in-kaspersky-to-train-officers-to-
tackle-cybercrime/
![Page 8: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/8.jpg)
THREAT INTELLIGENCE SERVICES
8
Threat Data Feeds
A customer gets more from existing SIEM
solution by leveraging Threat Data from KL
► Malicious URLs
► Phishing URLs
► Botnet C&C URLs
► Malware Hashes
► Mobile Malware Hashes
► Mobile Botnet C&C URLs
► P-SMS Trojan Feed
![Page 9: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/9.jpg)
THREAT INTELLIGENCE SERVICES
9
Intelligence Reporting
► APT Intelligence Reporting
A customer gets exclusive, proactive access
to descriptions of high-profile cyber-
espionage campaigns, including indicators of
compromise (IOC)
► Customer / Country Specific Reporting
OSINT is a main source of intelligence:
• Network Reconnaissance and
Vulnerability Analysis
• Malware and Cyber-Attack Tracking
Analysis
• Staff, Data Leakage and Underground
Activities Analysis
► Industry Reporting
Quarterly reporting about threats related to
industry (Financial, Telco etc.)
![Page 10: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/10.jpg)
THREAT INTELLIGENCE SERVICES
10
Botnet Tracking
Expert monitoring and notification services to
identify botnets threatening online banking of
a banking customer
► Almost real time notifications (every 15
min)
► JSON compatible
► Can be offered for MSSP or banks
![Page 11: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/11.jpg)
THREAT INTELLIGENCE SERVICES – POC
11
► Data Feeds – two week pilot*
► Intelligence Reporting – 3 private reports
for evaluation*
► Botnet Tracking – two week pilot or
report for the last two months
*an NDA is required
![Page 12: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/12.jpg)
THREAT INTELLIGENCE – CASE STUDIES
12
Telefonica
► Telefonica has subscribed to KL Data
Feeds, Botnet Tracking and Intelligence
Reporting for 2nd year
► You can find more in public press
releases:
• http://www.kaspersky.com/about/news/
business/2014/Kaspersky-Lab-and-
Telefonica-join-forces-to-improve-cyber-
protection-for-European-and-Latin-
America-customers
• http://www.eurocomms.com/industry-
news/49-online-press/9898-telefonica-
signs-cyber-security-deal-with-
kaspersky-lab
![Page 13: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/13.jpg)
INCIDENT INVESTIGATION SERVICES
13
Digital Forensics
Digital Forensics is an investigation service
aimed at producing a detailed picture of an
incident. Forensics can include malware
analysis if any malware was discovered
during the investigation. Kaspersky Lab
experts piece together the evidence to
understand exactly what is going on,
including the use of HDD images, memory
dumps and network traces. The result is a
detailed explanation of the incident.
Malware Analysis
Malware Analysis offers a complete
understanding of the behavior and objectives
of specific malware files that are targeting
your organization.
![Page 14: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/14.jpg)
INCIDENT INVESTIGATION – POC
14
► KL Digital Forensics. KL provides
the customer a sample report on
Digital Forensics*
► Malware Analysis. A customer can
provide KL a single malware sample
for analysis
*an NDA is required
![Page 15: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/15.jpg)
INCIDENT INVESTIGATION – CASE STUDIES
15
Collaboration with Interpol
► Kaspersky Lab helped Interpol to establish
a forensics lab in Singapore
► You can find more in public press
releases:
• http://www.kaspersky.com/about/news/b
usiness/2013/Kaspersky_Lab_signs_up_
to_actively_support_INTERPOL_Global_
Complex_for_Innovation_Singapore
![Page 16: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/16.jpg)
SECURITY ASSESSMENT SERVICES
16
Penetration Testing
Kaspersky Lab’s Penetration Testing Service gives
you a greater understanding of security flaws in your
infrastructure, revealing vulnerabilities, analyzing the
possible consequences of different forms of attack,
evaluating the effectiveness of your current security
measures and suggesting remedial actions and
improvements.
Security Assessment
Kaspersky Lab’s Security Assessment Services
uncovers vulnerabilities in applications or systems of
any kind, from large cloud-based solutions, ERP
systems, online banking and other specific business
applications, to embedded and mobile applications
on different platforms (iOS, Android and others) or
specific systems (Telecom, SCADA, ATM etc.).
![Page 17: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/17.jpg)
SECURITY ASSESSMENT – WHY KL?
17
KL is able to delivery Security Assessment of non-standard systems
► Telecom specific systems (OSS, BSS, base stations, media GW, GSM/UMTS/LTE, IP,
SS7)
► ATM / POC
► SCADA, PLC, smart meters
Qualified Team
► Experienced white-hat hackers known for their security
research and acknowledged for security advisories by Microsoft,
Google, Apple, Oracle, Cisco, Siemens, SAP, Citrix and others
![Page 18: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/18.jpg)
DOCUMENTATION
18
Available Materials:
► SIS Catalog
► Security Training – Program Description
► Threat Data Feeds – Technical Description
► Intelligence Reporting – Technical Description
► Intelligence Reporting – How to use IOCs
► Penetration Testing – Technical Description
► Application Security Assessment –
Technical Description
► Digital Forensics and Malware Analysis –Technical Description
► Marketing Presentations
The materials could be requested from [email protected]
![Page 19: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/19.jpg)
KL ENTERPRISE WEBSITE
19
![Page 20: KASPERSKY SECURITY INTELLIGENCE SERVICESnitidcreative.com/2016/web/kl-media/docs/AlexanderMazikin-Servicio… · and threats targeting your organization In case of an incident get](https://reader033.vdocuments.mx/reader033/viewer/2022051918/600ac94466de896db3327d16/html5/thumbnails/20.jpg)
THANK YOUAlexander Mazikin
Global Presales Manager, Security Intelligence Services