Web Security Netevents Debate Panel

1
Web SecurityNetevents Debate Panel

• Rick Moy, President
• NSS Labs

2
Independent Product Testing Certification

• Since 1991
• Largest independent lab for security
  performance (100Gbps )
• Public Certification Private Testing Services
• Anti-malware, IDS/IPS, Firewall, UTM, Encryption,
  PCI DSS
• Offices in San Diego, CA Austin, TX

Vendor Clients
3
Attacks from the web

• Not just standard packages
• of custom web applications increasing
• 100k SQL injection per day (source IBM X-Force)
• Increasingly custom/targeted malware
• Increasingly sophisticated multi-step attacks

4
Client Attacks

• Social engineering against the user
• Phish
• Average lifespan 52 days
• High volume, blended threats with drive-by
  downloads
• Web malware
• 53 (trend)
• China 1 host of malware sites in 2008
• Browser plug-ins key attack vector
• Against the machine Drive-by exploits
• Vulnerabilities in plug-ins and browsers

5
Layers of Protection
Internet
Web Threats
Reputation / Security Service
Network Perimeter
Firewall
Secure Web Gateway
UTM
IPS
Client Host
Server Security
Web Browser
Firewall
HIPS

• Endpoint Protection
• Firewall, HIPS, Anti-malware, White listing

Anti-malware
File Integrity Monitoring
6
Multiple Layers of Defense
Internet Threats
7
Questions

• How has the economy impacted web security? Whats
  yet to come in 2009?
• If companies can only focus on one product issue,
  what should it be and where? Perimeter or
  client/host?
• 0-day and pro-active protection hype or
  achievable?
• How will web security products evolve throughout
  2010?