Month: March 2017

Posted on

PAN-OS 8.0: Announcing New and Expanded Partner Integrations

The Palo Alto Networks partner ecosystem has over 100 industry-leading security and IT providers. To support the growing number of customer use cases, we proactively build integrations with a select few strategic partners to drive deeper engineering-to-engineering technology integrations. We’re pleased to announce a few new ones along with the recent release of PAN-OS 8.0:

ServiceNow Integration

Palo Alto Networks Next-Generation Security Platform, including WildFire and AutoFocus, now integrates with the ServiceNow Security Operations tool, reducing risk by speeding the time to mitigate incidents leveraging automated workflows. This integration drives compelling customer value by automatically enriching the context around security incidents, enabling security teams to make faster and more effective decisions, as well as driving automated creation of ServiceNow tickets to simplify workflows.

New MineMeld Ecosystem

The MineMeld application is now integrated with AutoFocus, allowing customers to drive automated prevention from any third-party source of threat intelligence. In order to provide the widest and deepest visibility into the threat landscape, we built an extensive ecosystem of threat intelligence partners, including commercial, open-source and private providers. In addition to the pre-built integrations, MineMeld is extensible and can easily aggregate, correlate, validate and drive automated prevention from other organizations.

Preventing Credential Theft and Abuse

Further enhancing our threat prevention capabilities, Palo Alto Networks is delivering new capabilities to prevent credential theft by addressing both the theft of passwords and the use of stolen passwords. One of the many ways this is being done is through implementing contextual control over access with policy-driven multi-factor authentication. This is done from the network firewall, without changing the application’s native authentication methods, and extends to integrations with Okta, Duo Security and Ping Identity.

Learn more about the new third party technology integrations within PAN-OS 8.0.

[Palo Alto Networks Research Center]

Posted on

Addressing Technology Gender Gap is All of Our Responsibility

I recently met a young woman in Ireland who was working toward a technology-oriented degree, and she recalled being among three women in her course at the beginning of the semester. By the end of the semester, she was the last woman standing.

My new acquaintance suspected that her female classmates wavered on continuing their course of study because their classes were so male-dominated. And who can blame them? While some women are more comfortable than others being vastly outnumbered, the shortage of female mentors and role models in the technology sector poses a major concern, further illuminated by ISACA’s The Future Tech Workforce: Breaking Gender Barriers report.

The scarcity of mentors and female role models were the main barriers to career advancement cited by the survey’s respondents, with workplace gender bias and unequal growth opportunities also rating among the main factors.

I can empathize with the respondents, having experienced more than my share of conferences and board meetings lacking friendly female faces. I recall attending one conference where I was one of two women among about 200 delegates.

While there has been occasional progress during my 25-plus years working in IT and information security, the gender disparity in the technology field remains pronounced – a source of major concern from both societal and workforce perspectives. A Deloitte Global projection indicated less than 25 percent of IT jobs in developed countries would be held by women at the close of 2016, and nearly 9 in 10 respondents to ISACA’s study indicated they are concerned with the number of women in the technology sector.

Addressing this gender gulf is everyone’s responsibility – men, women, employers, educators and industry associations such as ISACA, which last year launched its Connecting Women Leaders in Technology program. Promoting networking and mentorship is a key piece of the program. Women should be encouraged to be confident and persistent in pursuit of their technology careers, and a mentor in the field – whether male or female – can be the most effective person to make that case.

There also is much that enterprises can do, such as ensuring they are offering equitable pay for men and women and providing flexible working arrangements. Having ‘Keep in touch’ days when women are on maternity leave, in addition to encouraging professional development opportunities such as webinars and online courses, are other worthwhile ways to ensure that women remain connected to the organization while on leave.

In addition to promoting a more just society, enterprises have bottom-line motivation to hire and promote women. Research from The Peterson Institute for International Economics and EY shows that an organization with at least 30 percent female leaders could add up to 6 percentage points to its profit margin.

This does not surprise me. The women I have worked with are highly motivated, focused and encouraging of their colleagues. They are as knowledgeable – if not moreso – than their male counterparts.

Yet even at a time when more women are urgently needed, given the global shortage of skilled technology professionals, women still deal with too few career opportunities and too many barriers to advancement. Even as technology transforms the global economy at a staggering pace, we are still dealing with gender bias that hampered our mothers and grandmothers.

A challenge this large and this persistent can feel overwhelming, but there are steps each of us can take to make meaningful progress. If we are resolute, the day will come when our classrooms, offices and board rooms are filled with empowered women ready to make their mark on the technology workforce.

Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, FACS CP, board director of ISACA and director of information security and IT assurance at BRM Holdich

[ISACA Now Blog]

Posted on

Faces of ISACA: Babiak Motivated to Help Women Take Final Career Steps

Jan Babiak draws upon her decades of high-level career experience to work toward expanded opportunities for women working in technology – all the way to the top.

Babiak, a longtime ISACA member and board member with Walgreens Boots Alliance., Inc., Bank of Montreal and GHD Group, has made advocating for women advancing to upper management one of her core priorities. She is involved in the International Women’s Forum and Women Corporate Directors, among other organizations, in her efforts to connect women with leadership opportunities.

“There aren’t a lot of women who have been successful in the C-suite themselves available to help women make that last step, and that last step is actually one of the most difficult, so that’s an area I have real passion around,” Babiak said.

Babiak has encountered many of the barriers noted by respondents in The Future Tech Workforce: Breaking Gender Barriers report throughout her career, which included 28 years with EY – 20 of those based in London working in leadership roles related to information security and regulatory issues. She has been in hundreds of meetings – counting those with clients – in which she was the only woman, given the male-dominated state of the field.

“Sometimes I was welcome, but sometimes there was clear resentment or, worse yet, patronization,” Babiak said. “As I earned the right to influence who else would be admitted to leadership, I worked to sponsor the best talent, and that included both men and women in equal measure. Interestingly, I found I always had a much higher percentage of women in my leadership teams than my male peers, and our results were usually much better. Now that really feels great, and is a testament to the tangible benefits of diverse experiences.”

Babiak believes a comprehensive approach must be taken to seriously address a wide range of systemic issues that have created the gender disparity in the technology field.

“A great starting point is having measurement, transparency and accountability for gender equality at every level – in the schools, in the workplace, in government, etc.,” Babiak said. “Another key area of emphasis would include educating the parents and teachers of young girls about the opportunities in technology for their daughters. They are the greatest influence and, sadly, they often have biases that actively discourage interests in STEM related areas.”

In addition to promoting career advancement for women, Babiak directs much of her focus toward helping boards and senior management better understand cyber security priorities, as well as advising those on technical career paths how they can grow into management roles.

While Babiak has lived in Nashville, Tennessee, since 2010, she considers herself “a global citizen.” She returns to the United Kingdom several times a year and travels extensively on a global scale.

“It’s interesting seeing how wonderful it is when you mix the different experiences of people from different cultures and people with different challenges from a regulatory standpoint,” Babiak said. “To see how global the world is has been a tremendous and wonderful enlightenment for me. I wish everyone had that experience.”

[ISACA Now Blog]

Posted on

CDANS 2017: Keeping Cybersecurity Skills Sharp With Cyber Range

We enjoy meeting with and presenting to the many hard-working professionals responsible for securing government and critical national infrastructure in Europe, the Middle East, Africa, Asia and the U.S., and this year at Cyber Defence and Networks Security (CDANS) 2017, attended by several of these regions, we decided to try something dynamic.  We invited our partner Cyber Test Systems to join us to run a Cyber Range as a pre-conference workshop. Cyber Range is used by technologists – network engineers, cyber operations professionals, and others charged with some level of responsibility for their enterprise’s security – to hone their cybersecurity skills against the most cutting-edge attacks we can find today. Cyber Test Systems does this regularly for network and security professionals across all manner of critical infrastructure – from government entities to commercial interests. And we are privileged that they continue to choose Palo Alto Networks Next-Generation Security Platform to find, analyze, and prevent the advanced attacks they’re pulling from the internet for their Cyber Range workshops.

Typically, Cyber Range assists professionals in understanding today’s most advanced threats, using some of the most advanced real-world malware actually culled from the internet for the purposes of education. Cyber Range also:

  • Exposes security professionals to different kinds of threats seen on critical infrastructure networks today, including:
    • Ransomware
    • Botnets and their command-and-control (C2) traffic
    • Phishing attacks
    • Other forms of advanced malware
    • DDoS attacks (DDoS, RDoS, DRDoS)
  • Enables professionals to improve their skills and speed in identifying these threats which they can then put into practice within their own networks.
  • Offers professionals real-world, hands-on experience using the power of the Next-Generation Security Platform, which integrates security capabilities for faster time-to-detection and signature creation within five minutes of seeing a new advanced threat.
  • Provides practitioners with hands-on experience with a mobile Cyber Range suite, which is portable, evolves with the latest attacks, and is available for reuse in national and commercial exercises to maintain team skillsets across those responsible for security – network, security, endpoint and data center teams – as advanced threats evolve.

Cyber Test Systems uses real threats, pulled from their research across the internet, and then regenerates them realistically using their series of Network Traffic Generators (CTS-NTG).

Normally, these Cyber Range workshops are attended by the practitioners. But at CDANS, we were privileged to be joined by CISOs and other, more-senior-level management who were eager to learn as well. In addition to balancing the needs of the varied technical levels of the participants, we provided an overview of a typical network topology, the network they would be protecting, and the overall exercise objectives. We reiterated the importance of using automation for speed to detection and prevention and the importance of complete visibility across the network – thinking in the context of the cyberattack lifecycle – and of all of the many applications traversing their networks. Having a grounding in the equipment, network and exercise objectives, participants were then presented with a series of attacks against their respective networks with a great deal of hands-on assistance to understand what they were seeing, including:

  • Recent ransomware such Petya Goldeneye, Merry Christmas, Cerber, Sopra, CryptoMix, Osiris variant of Locky
  • Recent web exploit kits, such as Magnitude, KaiXin, Rig-E, Rig-V, Sundown
  • Phishing attacks
  • Malicious domains and websites
  • Exploits of vulnerable clients and servers
  • DDoS attacks including DDoS, RDoS, and DRDoS attacks – just like the Mirai botnet DRDoS attack
  • Recent botnets’ command and control, such as Kelihos botnet and Mirai botnet

We were delighted to discover that Cyber Test Systems had even pulled brand new, never-before-seen malware in the wild, which WildFire,  Palo Alto Networks malware analysis environment, immediately identified in real-time in the exercise. All features of Palo Alto Networks platform were fully leveraged throughout the exercise, including App-ID, Threat Prevention, URL Filtering, and WildFire to detect and mitigate the cyberattack scenario, one after the other.

Our instructors, including the Cyber Test Systems team and two of our London-based systems engineers, acted as red teams, yellow teams, white teams and green teams, guiding our participants who played the role of the blue team throughout the exercise.

Based on the feedback, and their tenacity throughout a full day of exercising, and regardless of the technical level of the professionals who participated, they were all able to take back new insights and a new appreciation for the diversity of threats that are possible to mitigate, which they – or their teams – may face regularly. From all of us, as Cyber Range hosts, it was a privilege and an honor to meet and work with these professionals throughout this workshop.

Learn more about the work we do with Cyber Range:

Palo Alto Networks held its inaugural abbreviated Cyber Range at Ignite 2016 and, with the positive customer feedback, will be repeating it at Ignite 2017. We’d love for you to join us!

[Palo Alto Networks Research Center]

Posted on

VirusTotal Adds Palo Alto Networks to Intelligence Feeds

Palo Alto Networks is happy to announce the addition of the Palo Alto Networks (Known Signatures) scanner to VirusTotal, continuing our long-standing relationship with the organization, and furthering our commitment to threat intelligence sharing. This new integration allows users of VirusTotal to query malware samples against known antivirus signatures from the Palo Alto Networks Threat Intelligence Cloud, and ensures the continued joint cooperation between our organizations, in service of our joint customers and the industry as a whole.

What does this announcement mean?

The addition of the Palo Alto Networks (Known Signatures) scanner to VirusTotal provides a number of benefits to both Palo Alto Networks customers and users of the VirusTotal service, including:

  • Palo Alto Networks will continue to enrich our visibility into the threat landscape with samples sourced from VirusTotal, as an extension of what we receive via WildFire submissions and other third-party feeds.
  • VirusTotal users will be able to check malware samples against known antivirus signatures in the Palo Alto Networks Threat Intelligence Cloud.

How does this announcement affect Palo Alto Networks customers?

There is no impact to Palo Alto Networks customers or to the protections they receive from the Threat Intelligence Cloud, as part of the Next-Generation Security Platform. We do not rely on any third-party service, including VirusTotal, to provide known or unknown file verdicts for our customers. We continue to employ our WildFire threat analysis service to detonate and identify malware, extract threat intelligence and drive preventions for unknown threats, which are enforced via Threat Prevention, URL filtering (PAN-DB), Aperture and Traps.

Palo Alto Networks is firmly committed to sharing threat intelligence across public, private and commercial organizations, in order to raise the collective immunity against cyberattacks for the entire industry. Being part of the VirusTotal community continues to augment our ability to collect samples, ensuring we have wide visibility into threats sourced from internal and external sources and driving up the cost of launching successful attacks, as protections are automatically shared with Palo Alto Networks customers via WildFire.

[Palo Alto Networks Research Center]

English
English
Exit mobile version