Click me
Transcribed

Deploy Deep Security Virtual Patching

TREND MICRO" Securing Your Journey to the Cloud DICK MANAGES AN ENTERPRISE HIRO MANAGES AN DATACENTER WITHOUT VIRTUAL ENTERPRISE DATACENTER PATCHING. THAT IS PROTECTED BY VIRTUAL PATCHING FROM DEEP SECURITY. DICK AND HIRO'S ENTERPRISES GET ATTACKED BY ZERO-DAY MALWARE DICK'S SERVERS ARE VULNERABLE HIRO IS ALREADY SHIELDED AND UNABLE TO PREVENT AGAINST THE UNDERLYING VULNERABILITY BY AN THE MALWARE ACTIVE DEEP SECURITY INFECTION. RULE. A DICK UNDERGOES MALWARE HIRO RECEIVED THE CLEANUP AND REMEDIATION VULNERABILITY RULE WITHIN DOWNTIME AND EXPENSES. HOURS AND WELL BEFORE ZERO-DAY MALWARE ATTACK. DICK STAYS LATE TO RUN AN INVESTIGATION TO SEE IF ANY OF HIS COMPANY'S CONFIDENTIAL DATA WAS BREACHED. AT HOME, HIRO WATCHES THE EVENING NEWS AND HEARS OF OTHER COMPANIES' STRUGGLES TO RECOVER FROM THE ZERO-DAY ATTACK. A FEW WEEKS LATER... DICK AND HIRO RECEIVE THE PATCH NOTICE FROM THEIR ISV. IT'S RATED IMPORTANT BY THE VENDOR. HIRO IS ALREADY SHIELDED BY THE ACTIVE DEEP SECURITY RULE. DICK HAS OTHER HIGH OFF PRIORITY PROJECTS SCHEDULED FOR THAT WEEK SO PUTS IT ON TO-DO TASK LIST FOR DUE TO RESOURCE LATER. CRUNCH AND THE VOLUME OF HIRO TESTS THE PATCH ON A HIGH-PRIORITY PROJECTS, DICK'S NON-PRODUCTION SYSTEM. SERVERS STAY IT DOES NOT APPEAR TO BREAK UNPATCHED. ANYTHING. SEVERAL MONTHS PASS. HIRO WAITS UNTIL THE NEXT SCHEDULED MAINTENANCE DICK'S ENTERPRISE GETS ATTACKED BY MALWARE TARGETING THIS WINDOW TO APPLY THE PATCH. VULNERABILITY. DICK'S SERVERS GET INFECTED. HIRO SIPS HIS COFFEE KNOWING THAT HIS SYSTEMS ARE DICK UNDERGOES MALWARE SHIELDED FROM ATTACK DURING TESTING. HE CAN WAIT CLEANUP AND REMEDIATION UNTIL THE NEXT SCHEDULED PATCH CYCLE TO APPLY THE DOWNTIME AND EXPENSES. PATCH TO APPLY THE PATCH DURING, OR BEYOND. A DICK FINDS EVIDENCE OF DATA AT THE NEXT AUTOMATED THEFT DURING THE INFECTION D RECOMMENDATION SCAN, PHASE. MANAGEMENT IS NOT DEEP SECURITY DISCOVERS WHEN НАРPY. THE PATCH HAS BEEN APPLIED AND TURNS OFF THE RULE. DICK AND HIRO RECEIVE ANOTHER PATCH NOTICE FROM THE ISV. THIS TIME PATCH IS CRITICAL. DICK DROPS EVERYTHING AND TESTS THE CRITICAL PATCH ON A NON-PRODUCTION SYSTEM. HIRO KNOWS HE IS ALREADY SHIELDED BY AN ACTIVE DEEP SECURITY RULE PROVIDED WITHIN HOURS OF VULNERABILITY ANNOUNCEMENT TIME AND WELL BEFORE PATCH. THE PROCESS TAKES UP MOST OF HIRO TESTS THE CRITICAL PATCH THE DAY. DICK WORRIES THAT AN ON A NON-PRODUCTION SYSTEM. EXPLOIT MAY SNEAK IN DURING THE PATCH DOES NOT APPEAR TO THIS TIME. BREAK ANYTHING. DICK SHUTS DOWN MISSION CRITICAL SERVER TO DO AN HIRO RELAXES KNOWING THAT HIS SYSTEMS ARE EMERGENCY PATCH SHIELDED FROM ATTACK DURING THIS TESTING PERIOD. ON OFF EMERGENCY PATCH CAUSES DICK D HIRO DOES NOT TAKE THE TO INCUR APPLICATION OUTAGE, MISSION CRITICAL SERVER DOWN WHICH IMPACTS REVENUE AND TO DEPLOY THE EMERGENCY APPLICATION SLA. PATCH. HIRO SAVES OPERATIONAL TIME. HIRO ALSO MAINTAINS APPLICATION UPTIME DICK CURSES HIS LUCK THAT HE IS HAVING TO RESULTING IN IMPROVED REVENUE AND SLA. SPEND AS MUCH ONE-THIRD OF HIS PRECIOUS CIO LAUDS HIRO AND HIS TEAM FOR DELIVERING ON IT COMMITMENTS. IT TIME ON UNPLANNED PATCHING. A TIME INVESTED IN EMERGENCY PATCHING FORCES DICK TO HIRO APPLIES PATCH DURING THE NEXT SCHEDULED DELAY OTHER CRITICAL IT MAINTENANCE PATCH WINDOW. PROJECTS DICK AND HIRO RECEIVE AN END OF SUPPORT NOTICE FROM THEIR ISV FOR OPERATING SYSTEM XYZ. END NEU END NEW DICK CONDUCTS AN EVALUATION AND DETERMINES HIRO CONDUCTS AN EVALUATION AND DETERMINES THAT HE CANNOT MIGRATE HIS LEGACY APPLICATION THAT HE CANNOT MIGRATE HIS LEGACY APPLICATION OVER TO A NEWER VERSION OF THIS OPERATING OVER TO A NEWER VERSION OF THIS OPERATING SYSTEM, SYSTEM. DICK TALKS TO HIS ISV AND FINDS D HIRO KNOWS DEEP SECURITY OUT HE CAN GET A CUSTOM VIRTUAL PATCHING WILL CONTINUE TO SHIELD HIS SYSTEM IN THE ABSENCE OF PATCH SUPPORT AGREEMENT THAT WILL COST HIM AN ADDITIONAL $200K ANNUALLY. PROTECTION FROM THE OS VENDOR. DICK WILL TAKE HIS CHANCES AND LEAVE HIS APPLICATION RUNNING ON THE OUT-OF-SUPPORT OS WITHOUT A SUPPORT CONTRACT AND NO PATCH PROTECTION. DICK'S SYSTEM GETS EXPLOITED BY A NEW PIECE OF MALWARE TARGETING A VULNERABILITY ON THE OLD OS A NEW PIECE OF MALWARE TARGETING A VERSION. SENSITIVE CUSTOMER DATA IS COMPROMISED AND VULNERABILITY ON THIS UNSUPPORTED OS VERSION DICK'S COMPANY IS FORCED TO INITIATE EXPENSIVE BREACH EMERGES BUT DEEP SECURITY VIRTUAL PATCHING NOTIFICATION PROCEDURES. DICK FEELS BAD FOR HIMSELF BLOCKS THE ATTACK. AND HIS COMPANY. HERO HIRO IS SEEN AS A HERO IN HIS ORGANIZATION. Don't be like Dick. Be a Hiro. Deploy Deep Security Virtual Patching. ППП %24

Deploy Deep Security Virtual Patching

shared by Angel on Mar 24
297 views
1 shares
0 comments
The Real Benefits of Virtual Patching: Avoid emergency patching. You can shield vulnerabilities before exploits attack.

Publisher

Trend Micro

Source

Unknown. Add a source

Category

Technology
Did you work on this visual? Claim credit!

Get a Quote

Embed Code

For hosted site:

Click the code to copy

For wordpress.com:

Click the code to copy
Customize size