Scribd Logo
Upload

Welcome to Scribd!

  • SecuriPass Marketing v2 PDF

    Uploaded by

    Lee Chee Soon
    16 views15 pages

    Original Title

    SecuriPass Marketing v2.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    16 views15 pages

    SecuriPass Marketing v2 PDF

    Uploaded by

    Lee Chee Soon

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    That affects the industry

    Banking & Small Medium


    Government Businesses Financial HealthCare Enterprises YOU
    About ThothTrust
    ● Who Are We
    – Providers of …
    ● Data & Identity Protection solutions
    ● Secure Data Execution
    ● Secure Communications

    ● What We do
    – Dedicated to innovate and create new solutions or
    improve existing solutions in the IT Security domain
    Current Status of Credential
    Security
    ● Many large corporations and Governments have
    experienced some form of credential breach in
    recent years.
    ● Frequency of credential breaches are escalating.
    ● Increase in the spread of malware via compromised
    credentials.
    ● Mega-breaches are a stepping stone to more
    sophisticated attacks on national infrastructures
    and international e-commerce.
    Notable Breaches
    ● Ashley-Madison Database Leak
    – 36 million credentials leaked
    ● Yahoo website hacks
    – 1.5 billion credentials leaked
    – Biggest leak in history
    ● US Office of Personnel Management
    – 21.5 million US Government employee details leaked
    ● Instagram API leaks credentials
    – Currently still under investigation
    – Flaw in API leaks sensitive information of ‘verified accounts’
    Notable Breaches

    Partial graphical visualization of credential breaches in history


    Yahoo’s database breaches visualized as the breach with the most credential leaks in history
    ● Full visualization:
    – http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
    Consequences of Credential
    Breaches
    ● Credential Cracking
    – Attackers attempts to de-obfuscate hashed
    passwords and PINs with bruteforce
    – Cloud computing makes work of large scale
    bruteforce cracking of obfuscated passwords and
    PINs easier and at a very low cost
    – Use as a stepping stone to break into associated
    accounts to carry out more sophisticated attacks
    Consequences of Credential
    Breaches
    ● Credential Stuffing
    – Follow-up action after Credential Cracking phase
    – Attackers cracked to attack associated online
    accounts
    – Attacker feeds cracked credentials into automated
    program that will be used for identity impersonation
    – Using impersonated identity from successful breach
    to spread malware, conduct spear-phishing attacks
    and other illegal activities
    Safeguarding Your Enterprise
    Credentials
    ● Steps to safeguard enterprise credentials
    – Detect breaches
    ● Monitoring software and application
    – Prevent breaches
    ● OS, network and application level hardening
    – Deny use of leaked credentials
    ● Credential obfuscation and encryption
    Safeguarding Your Enterprise
    Credentials
    ● Attackers maybe sophisticated enough to slip
    pass monitoring tools and find weaknesses in
    OS and application level hardening
    ● Encrypted credentials with hardware protected
    keys makes stealing credentials less worthwhile
    ● Credential encryption is the most effective
    measure to deny use of leaked credentials and
    a less worthwhile target to attack
    SecuriPass
    ● World’s first out-of-the-box credential encryption
    hardware solution
    ● Utilizes CC EAL 5+ certified secure processor
    ● Utilizes strong cryptography and network
    address white lists to secure access to
    hardware
    ● USB module form factor allows easy scalability
    and compatibility with most computer system
    Integrating SecuriPass for
    Credential Protection
    ● Easy access by any enterprise applications or portals via
    secure Web API
    ● Web API designed for easy development and with
    simplicity in mind to allow easy integration into enterprise
    systems by developers
    ● Simple and clear documentation for developers
    ● White list prevents unauthorized computers from
    accessing the SecuriPass suite
    ● Curated suite of strong cryptographic algorithms for
    secure network connection to SecuriPass suite
    Benefits of Choosing SecuriPass
    ● Lower total cost of ownership and maintenance
    when compared to other means of securing
    enterprise credentials
    – Cheaper than in-house development of software
    logic for dedicated purpose of protecting credentials
    – Cheaper than using Hardware Security Modules to
    protect passwords
    ● No specialized firmware installation required to
    simplify maintenance of hardware modules
    Benefits of Choosing SecuriPass
    ● Fast and easy integration with Enterprise
    applications reduces enterprise security
    development, deployment and maintenance
    time and cost
    ● Strong credential protection comparable to
    those of highly expensive Hardware Security
    Modules
    Thank You

    You might also like