F5

Applications are driving innovation and massive growth in data. There is an app for everything—organizations offer apps with data access to employees and consumers to drive greater productivity, meet demands, and ultimately achieve a competitive advantage. But, security today is broken. We need to use differents tactics.

How do we know?

We know because companies keep getting their data stolen.Just look at news headlines on any given day.Data breaches keep happening, despite organizations:

Increasing their security budgets
Deploying dozens of specialized security solutions
Complying with regulatory requirements

We are still approaching security with a decades-old mindset

that focuses on location-based protection—building walls and barriers.(Note: the red circle represents a traditional perimeter-based approach to security.)

This has led many companies to invest heavily in network-based and specialized security solutions, for example, next generation firewalls, data loss prevention (DLP), Advanced Persistent Threat (APT) solutions, Intrusion detection and intrusion protection (IDS/IPS) systems; anti-virus solutions.

 It’s not that these solutions aren’t useful or necessary; they are—each one has its purpose. But, by themselves, they just aren’t adequate anymore.Many are blind to today’s threats,and they’re  into what’s happening with your application. That’s because they were never designed to do that.

And consider this: How many employees are directly connected to your corporate network anymore?Very few. Virtually every worker is mobile at some point during the workday, and your fully-remote users are never directly connected.

With the prevalence of cloud-based and SaaS apps, many workers can complete an entire day’s work without ever connecting to the corporate network.

These users, who are mostly outside of your network now, pose an even greater risk to your company because they’re sharing company data using devices, networks, and applications that are beyond your control.What’s the result? (Where does that leave us today?)

SSL-visible
Location-independent
Session-based
Continuous trust verification
Strategic control points
App availability

NETWORK THREATS

Today, the real data security threat is not happening at the network layer. Yes in the last few years there has been a lot of attacks at the network layer, a lot of money being spent there to prevent viruses, spam, spy-ware; lots of attention being spent here. Attacks at the network layer are highly visible, they affect productivity, they are messy & annoying

APPLICATION THREATS

But when you compare that with threats on the application side, it is dramatically different
Application threats really are all about the core of your organization
This has to do with employee records, confidential information, sometimes intellectual property, has to do with financial records
This are the things that really affect the core of the corporation
This is Indiana Jones stealing the crown jewels inside your corporation
The key thing to remember here is most of the data theft attacks are application level attacks
The applications are the door way to your data/information NOT YOUR NETWORK
LET ME REPEAT THIS, this is IMPORTANT — The applications are the door way to your data NOT YOUR NETWORK
Data needs to be human-reviewed and researched for “actionable” intel.
The value of threat intelligence is awareness during the hacker’s early phase BEFORE they attack.
So you can get prepared by tuning your controls or deploying new ones.

Who: Threat Actor Groups, Nation-states, Countries & Toolkits. Trends by Geolocation, ASN & Regional Registries

What they are doing: Exploit trends by Target (Identity, App, DDoS), Impacted software

When they are doing it: Timing trends, Continual, Seasonal, Time of Day, Day of Week

How they are doing it: Attack Types, 0-day exploits, Unpatched vulnerabilities, Social engineering, Trends by Targets (geo and industry)

Why they are doing it: Understanding targets and purposes (Financial, Competitive Advantage, Espionage, Notoriety, Cyber warfare)

Then we take it a step further by informing you “what’s next” in emerging attack trends, and how to mitigate a particular threat.

Full-proxy architecture

Speaker notes: Now we’ll show you how we deliver this protection. F5 provides security on a full proxy architecture. We inspect every packet in the flow of traffic and are able to profile that at every layer of the OSI stack. TCP, SSL, HTTP…we understand everything about these protocols and can take action on threats. And because it’s a full proxy addressing one flow through the stack, all of the processes communicate with each other to gain a full understanding of the attack and apply the most appropriate response.

Additionally, all of these security services are on hardware that is purpose-built to deliver at extremely high performance and scale so you don’t get the performance degradation of typical security solutions. It’s all one box: management and power efficiencies, lower TCO.