Application Hackers Have A Handbook. Why Shouldn't You?

Editor's Notes

• #7: Stripped down and customized version of Mac OS Xdoes not have common binaries such as bash, ssh, or even ls.MobileSafari - many features of Safari have been removedNo Flash plug-in, many file types cannot be downloaded
• #8: Each application runs with its UID in its own Dalvik virtual machineProvides CPU protection, memory protectionAuthenticated communication protection using Unix domain socketsOnly ping, zygote (spawn another process) run as rootApplications announces permission requirementCreate a whitelist model – user grants accessBut don’t want to ask user often – all questions asked as install timeInter-component communication reference monitor checks permissions
• #9: Train your developersReview your codeTest, test and test againProtect in real-time and virtual patch with technologies like web application firewalls
• #20: Trustwave provides a unified set of offerings to help you address the security challenges and trends we just mentioned. And we do it by hiding the complexity of the environment.At the end of the day, this is what we want the customer to remember – four things about Trustwave that are unique and we do better than anyone else. And how these areas all work together to address customer issues.SpiderLabs – Simple is IntelligentSpiderLabs is the advanced Security team at Trustwave and drives our security research, penetration testing, and incident response offerings. SpiderLabs has completed thousands of forensics investigations, application and network penetration tests in over 50 countries – we believe more than any other provider. SpiderLabs are “ethical hackers at the leading edge of security”.This deep experience gives SpiderLabs unparalleled insight into current and emerging security threats, which then provides real-time threat intelligence to significantly enhance our security products as well as managed security offerings. In fact, we just announced the SpiderLabs Threat Intelligence program where organizations can also get the same threat knowledge we have been providing our internal MSS – this is focused in the areas of Malware, Mobility, Infrastructure and Virtualization/Cloud. SpiderLabs is also very active in sharing our insights with the security community, such as publishing research papers, speaking at events like DefCon and BlackHat and perhaps most visibly, the annual Global Security Report. Unified Security – Simple is UnifiedThe current approach to security, we think, is ineffective. The world has changed – too many threats, evolving far too quickly from a diverse set of attack vectors. Days and sometimes months pass before a company even realizes it has been compromised. According to the latest Global Security Report, only 16% of all organizations were able to self-detect an attack! This disturbing stat also highlights another major challenge - the complexity that organizations face.Trustwave’s Unified Security approach is designed to address this changing world. We have a comprehensive set of security offerings to protect you from the web layer, to the application layer to the network layer and finally to the data layer. Our offerings include award winning secure web gateways, web filters, web app firewalls, network access control, UTM, data loss prevention, secure email gateways, and encryption products. What is unique is how we deliver these products as unified solutions to provide better security and simplicity of use. Trustwave solutions collaborate with our award winning SIEM to help analyze seemingly disconnected events, and correlate them to recognize threats that would have otherwise been missed. In short, SIEM becomes the nerve center that collects information from individual security solutions, correlates them to gain insight about threats and then takes action to prevent an attack. We “bring all our security, all in one place”“Unified security is a strategy that correlates and analyzes information from disparate sources, enabling security products to cooperate, understand and jointly repel external and internal threats to data”Managed Security Services –Simple is FocusedTrustwave is one of the leading managed security providers in the world – with global 24x7x365 SOC coverage. Our MSS vision is to “help organizations run their security while they focus on running their business”. In addition to the foundational offerings like UTM, firewalls etc, that many MSS vendors provide, we also provide next generation and high-value managed offerings like Managed NAC, WAF, SIEM, FIM, Encryption etc that others do not. This enables Trustwave to not only provide one of the broadest MSS offerings, but also deliver a pathway for companies who need sophisticated security technologies, delivered as simple to consume managed offerings. Finally, Trustwave MSS benefits greatly from the real-time threat intelligence from our SpiderLabs division – based on the thousands of forensic investigations and penetration tests done in over 50 countries. This insight helps the Trustwave MSS team to build the right policies to protect our customers, and from threats they were not even aware of. We are honored to be recognized by Forrester as a leader in MSS in their Forrester Wave report.We’re changing the way managed security providers are viewed in the industry – previously it was just to reduce costs in capex and optimize resources. However, now, with Trustwave MSS, you’re not just getting affordable, simplified security but also better security.Compliance and Validation – Simple is ClearWe are the global leader in PCI compliance. This unique heritage also provides us a strong blueprint to help address other regulations such as HIPAA, Data Privacy, SOX, ISO2700x etc. Our products are tuned to not only secure your data but also provide reports that can prove compliance with regulations (for eg our SIEM has over 1400 reports) We have over half a million subscribers in our TrustKeeper portal using us for compliance. They use unique offerings like the “To Do list” which helps guide users on compliance issues and offer approaches for remediation. We also combine security and compliance solutions to make it easier for organizations – we have successfully helped franchises and other distributed organizations with bundled and packaged solutions to address compliance and security.Elevator pitch“Trustwave’s unified security approach provides organizations simple solutions to complex security and compliance challenges. Our best-in-class solutions, including SWG, WAF, NAC, Encryption and others, build on a layered strategy, offering protection from the web, applications, to networks, email and ultimately to the data itself. Uniquely, these solutions collaborate with our market-leading SIEM technology to correlate and analyze security events in real time, helping businesses quickly understand vulnerabilities and take action to repel both internal and external threats.  These unified solutions, enhanced with intelligence from Trustwave’s SpiderLabs, an advanced security and research team, can be deployed on-premise or delivered as managed services through our award-winning portal, TrustKeeper.”