SlideShare a Scribd company logo
1 of 23
Download to read offline
Symantec Website Security Solutions
and Algorithm Agility Announcements
February 13, 2013

Quentin Liu, Sr. Director Engineering
Robert Hoblit, Sr. Director of Product Management
Deena Thomchick, Director of Product Marketing
                                                    1
What’s New

             • Website Security Solutions (WSS) Vision and Strategy



             • New SSL Encryption Algorithms
                 • Elliptic Curve Cryptography (ECC)
                 • Digital Signature Algorithm (DSA)
                 • Symantec’s Partners for ECC Adoption



             • Expanding WSS Portfolio to Protect Future of the Internet
               and eCommerce
                 • Symantec Certificate Intelligence Center Service
                 • Symantec Secure App Service
                 • Symantec AdVantage
Protecting the Hyper-Connected World
Need for NEW Protection Models to Secure the Future Internet

                                 Technology
                                 Advancements
                                                                 Advanced
          Clouds                                                 Threats
                                   Mobile
     Information
     Explosion                                                              Regulatory &
                                                                            Compliance
                                             30 Billion
                                             Connected
                                             Devices
             IT Complexities
             & Challenges
                                                                        Applications
                                                          eCommerce
                                                          $1 Trillion
                               Digital &
                               Social Life                         Advertising
                                                                   $102 Billion



                                                                                           3
Website Security Solutions Vision

         Enabling people, businesses and countries… to protect and
4.0

         manage their digital information… so they can focus their time
         and energy achieving their aspirations

         Enable our                   Protect the               Confer Trust to




                                                        Trust
                            Protect
Enable




         customers to                 information and           accelerate the
         meet                         online presence           growth of
         performance,                 of our                    online
         compliance,                  customers and             information
         privacy and                  their end users           sharing and
         security                                               global Internet
         regulatory                                             commerce
         requirements


                                                                                  4
Website Security Solutions Strategy



                   Trusted
                   Advertising

                            Trusted
                Trusted     Applications
                Shopping


     Foundation of Trust on the Internet

                                           5
Key Drivers Demand the Need for New SSL Solutions


           NIST                 Compliance
      Recommendations          Requirements
                                          ECC
                                          DSA
                                          RSA
          Increased           Mobile & Cloud
      Attacks & Outages        Proliferation


                                                    6
Extending Symantec SSL:
New Algorithms and Solutions

    First CA to offer
    3 crypto algorithms

    Available soon in
    Managed PKI SSL
    Certificates

    No additional charges
    for ECC and DSA

More Choices | Improved Performance | Increased Security


                                                           7
Elliptic Curve Cryptography Overview


                                                    ECC
           1                           2                           3                           4
    Stronger                  Efficient                       Highly                 Future of
   Encryption               Performance                      Scalable               Crypto Tech
• Shorter key than RSA     • Efficiency increases       • Large SSL deployments   • Viable for many years
                             with higher server           w/out additional        • Built for Internet of
• 256-bit ECC = 3072-bit
                             loads                        hardware                  Things
  RSA
                           • Utilizes less server CPU   • Securing the            • Supports billions of new
• 10k times harder to
                                                          enterprise:               devices coming online
  crack than RSA 2048      • PC’s: Faster page load
                             time                          • Use fewer            • Ideal for Open Networks
• Meets NIST
                                                             resources
  recommendations          • Ideal for mobile                                     • Truly ‘future proof” trust
                             devices                       • Lower costs            infrastructure in place



                                                                                                                 8
ECC Delivers Increased Security
10k Times Harder to Break Than RSA Key
                                             Current acceptable security
                                             Current Ind. Std.
                                              Level [10^24 MIPS years]
                       18000
                                                                                                                 The longer the RSA key, the
                       16000                                                                                    less applicable it becomes in
                                                                         SYMC ECC
                                                                           SYMC ECC                                    the real world.
                       14000

                       12000
    Key Size (bits)




                       10000
                                                                                                                      ECC
                        8000
                                                                                                                      RSA

                        6000

                        4000
                                                                                                                 ECC maintains very complex
                        2000                                                                                     cryptography w/key lengths
                                                                                                                that meet demands of reality
                           0
                                  1.00E+12          1.00E+24               1.00E+28       1.00E+47   1.00E+66

                                                                           MIPS Years to break

    Source: Symantec Internal Research and Testing
    Computations http://www.nsa.gov/business/programs/elliptic_curve.shtml
                                      ECC offers greater security as compared to other prevalent algorithms.
                             Symantec ECC-256 certificates will offer equivalent security of a 3072-bit RSA certificate.
                      Compared to a 2048 RSA key (which is the industry norm), ECC-256 keys are 10,000 times harder to crack.

                                                                                                                                          9
Improved Server Performance Under Peak Loads

                                                 • ECC 256 has better performance
                                                   than RSA at 0, 90k and 200k
                                                   connections
          Web pages encrypted w/ECC load
            faster than those with RSA           • ECC performance numbers are
                                                   expected to significantly improve
                                                   over time as the industry
                                                   optimizes for ECC as they did for
                                                   RSA

                                                 • With better performance –
                                                   customers will need to purchase
                                                   fewer servers to handle SSL
                                                   connections – a big cost savings

                                                 • Performance Efficiencies
                                                        Uses less server power
                                                        Handles more requests
                                                        Scalable
Source: Symantec Internal Research and Testing


                                                                                 10
Improved Desktop Performance and User Experience
As a server gets hit
    with more
  traffic, ECC…


 processes more
   requests…


   in less time…


without affecting
     load…

  …than RSA
                       Source: Symantec Internal Research and Testing

                                                                        11
Industry-leading Companies Partner with Symantec to
Accelerate ECC Adoption




                                                      12
Symantec RSA and DSA Provides More Choices




                Both RSA and DSA are offered at 2048 bits and are
                 equivalent in security strength and performance

  • RSA is currently 100% of the World’s SSL    • DSA was developed by the NSA
    Certificate install base                      (US Government) as an alternative
  • If you’re on the web and see                  to RSA
    HTTPS, you’re using RSA                     • Although historically of interest to the US
  • The industry this year will move from         public sector, it is yet another choice in
    1024 to 2048-bit keys                         crypto algorithm

  • From a brute force attack                   • DSA offers the same security and key
    perspective, RSA 2048 keys will be viable     length as RSA, with different math
    until 2030
                                                                                                13
The Most Common SSL Concerns by Enterprises
                                  What does this cost an enterprise?
  “Typical company
  lost $222k last year
  due to certificate
                                 • Missed sales
  mishaps”                         opportunities
                                 • Damage to brand
Biggest certificate issues due     and credibility
to the following:
                                 • Defection to
  • Unexpected Expirations         competitors
  • Rogue Certificates           • Calls to customer
  • Misconfigured                  support
    Certificates                 • Lost productivity
  • Missed Server Install        • Calls to tech
  • Security Breaches              support
                                 Source: Symantec SSL Management Customer Survey, February 2013

                                                                                             14
New
Symantec®            Certificate Intelligence Center 2.0
Discover, Track and Automate SSL Certificate lifecycle

 Automation
 •   Avoid painful, multi-step process to renew, replace and install a certificate
 •   Consolidate to Symantec certificates
 •   Auto-discover supported applications
 •   Eliminate human error and installation overhead


 Discovery and Business Continuity
 •   Highly optimized discovery of SSL certificates
 •   Scheduled and on-demand discovery capabilities
 •   Rich reporting functionality
 •   Notification capabilities



                                                                                           15
New
Symantec®          Secure App Service
Secure and Track Code Signing Keys

 Security and Control

 • Prevent security compromise with unique keys for each signing
 • Maintain control and avoid stolen or misplaced keys by storing keys with a trusted Certificate
   Authority
 • Ensure accountability with full audit and reporting capabilities
 • Provide support for a wide range of file options including Microsoft Authenticode, Java
   .jar, Java Mobile and Android
 • Easily integrate with enterprise environment via SOAP API
 • Full management GUI available in Summer 2013




                                                                                                    16
Malvertisements and Repercussions
An advertisement infected with malware = malvertisement


                      Increase 20x                Repercussions
                      from 2010 to
                          2012                     •   Business Disruption
                                       50% +       •   Loss of Revenue
                                     publishers    •   Brand and Reputation Damage
                                        have
                                    experienced    •   Long Term Business Impact
                                      1+ times
                                                   •   Reparation Costs
              Prime Time for
                 Attacks:
               Peak online
               traffic, long
              weekend, etc.


 Source: Symantec AdVantage Malvertising Survey
 September 2012

                                                                                     17
Symantec® AdVantage
Real-time detection, notification and analysis of malvertisements

    “Symantec AdVantage provides critical security against the malicious
      advertisements that can ruin display advertising, damage brand
         reputation and ultimately, hurt eCommerce businesses.”
                                       Eng Tat, Head of Technology Development, Innity


  Brand Protection and Business Continuity
 • Avoid browser shutdowns and being blacklisted with real-time detection and instant
   notification of malvertisements
 • Identify new threats including zero-day threats, with new revolutionary scanning
   methodology
 • Improve security with visual ad trace-back to track source of malvertisement
 • Develop strategic business decisions based on detailed ad analytics, reputation
   scores and other key data points


                                                                                         18
WSS Advances Future of Online Trust and Protection

                      Symantec Website Security Solutions
                      accelerates the growth of online
                      information sharing and eCommerce

   • Leadership: Algorithm Agility with ECC, DSA and RSA
   • First Certificate Authority (CA) to offer commercially available ECC
     solutions for:
         Improved protection
         Improved server performance under peak loads
         Improved desktop performance for better end user experience
         Meeting NIST, government and compliance requirements
   • Symantec partners with industry leaders to accelerate ECC adoption
   • New to WSS Portfolio: CIC v2, Secure App Service, AdVantage
                                                                            19
Q   A

        20
Thank you!
    Presenter’s Name
    Presenter’s Email
    Presenter’s Phone


    Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
    the U.S. and other countries. Other names may be trademarks of their respective owners.

    This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or
    implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.


Presentation Identifier Goes Here                                                                                                                                                     21
Quotes
     “The future is going to necessitate increasingly higher security cryptography and Akamai sees ECC as a technology
     that will allow cloud platforms to scale to meet those security demands without the crippling complexity of today’s
     common algorithms,” explained Stephen Ludin, chief architect, Akamai Technologies. “It is a significant step
     forward to better protect our data online in this hyper-connected world. As the Certificate Authority ecosystem for
     ECC gets ready, we will be building support into the Akamai Intelligent Platform.”



     “Citrix recognizes that ECC encryption represents the future of SSL encryption,” said Steve Shah, Sr. Director, Citrix.
     “This shift in the cryptographic infrastructure is clearly a next generation approach to the security
     ecosystem, allowing for better scalability in cloud computing and the supporting infrastructure. Once the
     certification authority infrastructure is in place, the trend will be clear to follow for networking product groups to
     make remote datacenters more accessible quickly, even allowing for increasing key sizes and increasing security
     needs.”



     “F5 helps customers seamlessly combine industry-leading traffic management with security and access
     solutions, including VPN and SSL encryption capabilities,” said Jason Needham, VP of Product Management and
     Product Marketing, F5 Networks. “One of the primary goals is to give organizations more choice and flexibility in
     deploying technologies to suit their business needs. F5 is proud to team up with leaders like Symantec to help
     enterprises and service providers enhance web and mobile security while scaling to better support cloud and BYOD
     initiatives.”

     “We believe in constantly furthering web security, which is why Chrome supports Elliptic Curve Digital Signature
     Algorithm (ECDSA) on all modern operating systems,” said Adam Langley, software engineer at Google.
Quotes
   “HID Global specializes in security access solutions for the cloud, data and the door, with a comprehensive portfolio
   incorporating both physical and logical access solutions,” said Julian Lovelock, VP of Product Marketing at HID Global. “We’re
   very supportive of the new DSA and ECC algorithm options emerging in the marketplace, and we strongly feel that where the
   NIST Suite B has drawn up the future of security algorithms, the industry will follow.”


   "Juniper's SSL VPN solution, #1 in the world market, supports both ECC and DSA algorithms for added security and flexibility.
   The Junos Pulse SSL VPN client and gateway software are both FIPS compliant,” said Michael Callahan, VP of product
   marketing, Juniper Networks. “We are fully committed to and continue to invest in standards-based security
   solutions, including the strictest of NIST Suite B standards for our customers, across federal, enterprise and service provider
   markets.”




   “At Opera we are committed to both high quality and security, and we welcome the adoption of new and improved security
   standards on the web. Elliptic Curve Cryptography provides significant improvements over earlier algorithm standards, and
   we are delighted to see Symantec support it. Opera's Presto engine added support for ECC in version 395.” Source: Security
   Manager at Opera




   “Red Hat and Symantec have long collaborated to bring compelling, secure solutions to our customers. We continue to be
   interested in providing the advantages of increased security and computational efficiency that elliptical curve cryptography
   (ECC) offers for key management and digital signature, and have been an active participant with Symantec in Project Beacon.
   Currently, our Red Hat Certificate System supports ECC public-key cryptographic systems and continues to enhance its web
   browser and operating system ECC support." - Bryan Che, General Manager, Cloud Business Unit, Red Hat

More Related Content

What's hot

Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec
 
Introducing Kaspersky Security for Virtualization - Light Agent
Introducing Kaspersky Security for Virtualization - Light AgentIntroducing Kaspersky Security for Virtualization - Light Agent
Introducing Kaspersky Security for Virtualization - Light AgentKaspersky
 
Introducing Kaspersky Security for Virtualization
Introducing Kaspersky Security for VirtualizationIntroducing Kaspersky Security for Virtualization
Introducing Kaspersky Security for VirtualizationAriel Martin Beliera
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentationData Unit
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012Symantec
 
Total Defense Product Information
Total Defense Product InformationTotal Defense Product Information
Total Defense Product InformationZeeshan Humayun
 
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Amazon Web Services
 
Dell sonicwall connected security
Dell sonicwall connected securityDell sonicwall connected security
Dell sonicwall connected securityMotty Ben Atia
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
Kaspersky Endpoint Security for Business 2015
Kaspersky Endpoint Security for Business 2015Kaspersky Endpoint Security for Business 2015
Kaspersky Endpoint Security for Business 2015Kaspersky
 
kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.Onwubiko Emmanuel
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorKaspersky
 
CCNA Security - Chapter 5
CCNA Security - Chapter 5CCNA Security - Chapter 5
CCNA Security - Chapter 5Irsandi Hasan
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked  - Omar SantosIt's 2012 and My Network Got Hacked  - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santossantosomar
 
Kaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent   launch presentationKaspersky security for virtualization light agent   launch presentation
Kaspersky security for virtualization light agent launch presentationShapeBlue
 

What's hot (20)

Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility Strategy
 
Introducing Kaspersky Security for Virtualization - Light Agent
Introducing Kaspersky Security for Virtualization - Light AgentIntroducing Kaspersky Security for Virtualization - Light Agent
Introducing Kaspersky Security for Virtualization - Light Agent
 
Introducing Kaspersky Security for Virtualization
Introducing Kaspersky Security for VirtualizationIntroducing Kaspersky Security for Virtualization
Introducing Kaspersky Security for Virtualization
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Total Defense Product Information
Total Defense Product InformationTotal Defense Product Information
Total Defense Product Information
 
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
 
Dell sonicwall connected security
Dell sonicwall connected securityDell sonicwall connected security
Dell sonicwall connected security
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2
 
Kaspersky Endpoint Security for Business 2015
Kaspersky Endpoint Security for Business 2015Kaspersky Endpoint Security for Business 2015
Kaspersky Endpoint Security for Business 2015
 
kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.kaspersky presentation for palette business solution June 2016 v1.0.
kaspersky presentation for palette business solution June 2016 v1.0.
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise Portfolio
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
 
Supply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy SectorSupply Chain Threats to the US Energy Sector
Supply Chain Threats to the US Energy Sector
 
CCNA Security - Chapter 5
CCNA Security - Chapter 5CCNA Security - Chapter 5
CCNA Security - Chapter 5
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked  - Omar SantosIt's 2012 and My Network Got Hacked  - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santos
 
Kaspersky security for virtualization light agent launch presentation
Kaspersky security for virtualization light agent   launch presentationKaspersky security for virtualization light agent   launch presentation
Kaspersky security for virtualization light agent launch presentation
 

Similar to Symantec Web Security Solutions

Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 
Cloud computing
Cloud computingCloud computing
Cloud computingRazib M
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudCompTIA UK
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud StrategyInternap
 
Cloud conference & expo presentation
Cloud conference & expo presentationCloud conference & expo presentation
Cloud conference & expo presentationTelstra
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochuretmcleland
 
Isc2conferancepremay15final
Isc2conferancepremay15finalIsc2conferancepremay15final
Isc2conferancepremay15finalMahmoud Moustafa
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1CloudExpoEurope
 
Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012gaborvodics
 
Fosec2011 keynote address
Fosec2011 keynote addressFosec2011 keynote address
Fosec2011 keynote addressthreesixty
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesMichele Vecchione
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA AutomationCisco Canada
 
MISA Cloud Workshop _Reimagining Services delivery in the cloud
MISA Cloud Workshop _Reimagining Services delivery in the cloudMISA Cloud Workshop _Reimagining Services delivery in the cloud
MISA Cloud Workshop _Reimagining Services delivery in the cloudMISA Ontario Cloud SIG
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14L S Subramanian
 
A rede como um sensor de segurança
A rede como um sensor de segurança A rede como um sensor de segurança
A rede como um sensor de segurança Cisco do Brasil
 
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012Internap
 
Cracking the Cloud Ecosystem
Cracking the Cloud EcosystemCracking the Cloud Ecosystem
Cracking the Cloud EcosystemLumos Networks
 

Similar to Symantec Web Security Solutions (20)

Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
 
Developing Your Cloud Strategy
Developing Your Cloud StrategyDeveloping Your Cloud Strategy
Developing Your Cloud Strategy
 
eMCA Suite
eMCA SuiteeMCA Suite
eMCA Suite
 
Cloud conference & expo presentation
Cloud conference & expo presentationCloud conference & expo presentation
Cloud conference & expo presentation
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochure
 
Isc2conferancepremay15final
Isc2conferancepremay15finalIsc2conferancepremay15final
Isc2conferancepremay15final
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1
 
Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012Data Power For Pci Webinar Aug 2012
Data Power For Pci Webinar Aug 2012
 
Fosec2011 keynote address
Fosec2011 keynote addressFosec2011 keynote address
Fosec2011 keynote address
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future Challanges
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA Automation
 
MISA Cloud Workshop _Reimagining Services delivery in the cloud
MISA Cloud Workshop _Reimagining Services delivery in the cloudMISA Cloud Workshop _Reimagining Services delivery in the cloud
MISA Cloud Workshop _Reimagining Services delivery in the cloud
 
Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14Lss implementing cyber security in the cloud, and from the cloud-feb14
Lss implementing cyber security in the cloud, and from the cloud-feb14
 
A rede como um sensor de segurança
A rede como um sensor de segurança A rede como um sensor de segurança
A rede como um sensor de segurança
 
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
Lax breakfast forum_developing_your_cloud_strategy_05_10_2012
 
Cracking the Cloud Ecosystem
Cracking the Cloud EcosystemCracking the Cloud Ecosystem
Cracking the Cloud Ecosystem
 

More from Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

More from Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Recently uploaded

My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIVijayananda Mohire
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...DianaGray10
 
Novo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4jNovo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4jNeo4j
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0DanBrown980551
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarThousandEyes
 
Patch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 updatePatch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 updateadam112203
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Alkin Tezuysal
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024Brian Pichman
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch TuesdayIvanti
 
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxEmil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxNeo4j
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameKapil Thakar
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxGraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxNeo4j
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FESTBillieHyde
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingFrancesco Corti
 
The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)codyslingerland1
 
How to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptxHow to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptxKaustubhBhavsar6
 
.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptxHansamali Gamage
 
UiPath Studio Web workshop series - Day 1
UiPath Studio Web workshop series  - Day 1UiPath Studio Web workshop series  - Day 1
UiPath Studio Web workshop series - Day 1DianaGray10
 

Recently uploaded (20)

My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAI
 
Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...Explore the UiPath Community and ways you can benefit on your journey to auto...
Explore the UiPath Community and ways you can benefit on your journey to auto...
 
Novo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4jNovo Nordisk's journey in developing an open-source application on Neo4j
Novo Nordisk's journey in developing an open-source application on Neo4j
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? Webinar
 
Patch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 updatePatch notes explaining DISARM Version 1.4 update
Patch notes explaining DISARM Version 1.4 update
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
 
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptxEmil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
Emil Eifrem at GraphSummit Copenhagen 2024 - The Art of the Possible.pptx
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First Frame
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxGraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
 
Technical SEO for Improved Accessibility WTS FEST
Technical SEO for Improved Accessibility  WTS FESTTechnical SEO for Improved Accessibility  WTS FEST
Technical SEO for Improved Accessibility WTS FEST
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
 
The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)The New Cloud World Order Is FinOps (Slideshow)
The New Cloud World Order Is FinOps (Slideshow)
 
How to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptxHow to become a GDSC Lead GDSC MI AOE.pptx
How to become a GDSC Lead GDSC MI AOE.pptx
 
.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx.NET 8 ChatBot with Azure OpenAI Services.pptx
.NET 8 ChatBot with Azure OpenAI Services.pptx
 
UiPath Studio Web workshop series - Day 1
UiPath Studio Web workshop series  - Day 1UiPath Studio Web workshop series  - Day 1
UiPath Studio Web workshop series - Day 1
 

Symantec Web Security Solutions

  • 1. Symantec Website Security Solutions and Algorithm Agility Announcements February 13, 2013 Quentin Liu, Sr. Director Engineering Robert Hoblit, Sr. Director of Product Management Deena Thomchick, Director of Product Marketing 1
  • 2. What’s New • Website Security Solutions (WSS) Vision and Strategy • New SSL Encryption Algorithms • Elliptic Curve Cryptography (ECC) • Digital Signature Algorithm (DSA) • Symantec’s Partners for ECC Adoption • Expanding WSS Portfolio to Protect Future of the Internet and eCommerce • Symantec Certificate Intelligence Center Service • Symantec Secure App Service • Symantec AdVantage
  • 3. Protecting the Hyper-Connected World Need for NEW Protection Models to Secure the Future Internet Technology Advancements Advanced Clouds Threats Mobile Information Explosion Regulatory & Compliance 30 Billion Connected Devices IT Complexities & Challenges Applications eCommerce $1 Trillion Digital & Social Life Advertising $102 Billion 3
  • 4. Website Security Solutions Vision Enabling people, businesses and countries… to protect and 4.0 manage their digital information… so they can focus their time and energy achieving their aspirations Enable our Protect the Confer Trust to Trust Protect Enable customers to information and accelerate the meet online presence growth of performance, of our online compliance, customers and information privacy and their end users sharing and security global Internet regulatory commerce requirements 4
  • 5. Website Security Solutions Strategy Trusted Advertising Trusted Trusted Applications Shopping Foundation of Trust on the Internet 5
  • 6. Key Drivers Demand the Need for New SSL Solutions NIST Compliance Recommendations Requirements ECC DSA RSA Increased Mobile & Cloud Attacks & Outages Proliferation 6
  • 7. Extending Symantec SSL: New Algorithms and Solutions First CA to offer 3 crypto algorithms Available soon in Managed PKI SSL Certificates No additional charges for ECC and DSA More Choices | Improved Performance | Increased Security 7
  • 8. Elliptic Curve Cryptography Overview ECC 1 2 3 4 Stronger Efficient Highly Future of Encryption Performance Scalable Crypto Tech • Shorter key than RSA • Efficiency increases • Large SSL deployments • Viable for many years with higher server w/out additional • Built for Internet of • 256-bit ECC = 3072-bit loads hardware Things RSA • Utilizes less server CPU • Securing the • Supports billions of new • 10k times harder to enterprise: devices coming online crack than RSA 2048 • PC’s: Faster page load time • Use fewer • Ideal for Open Networks • Meets NIST resources recommendations • Ideal for mobile • Truly ‘future proof” trust devices • Lower costs infrastructure in place 8
  • 9. ECC Delivers Increased Security 10k Times Harder to Break Than RSA Key Current acceptable security Current Ind. Std. Level [10^24 MIPS years] 18000 The longer the RSA key, the 16000 less applicable it becomes in SYMC ECC SYMC ECC the real world. 14000 12000 Key Size (bits) 10000 ECC 8000 RSA 6000 4000 ECC maintains very complex 2000 cryptography w/key lengths that meet demands of reality 0 1.00E+12 1.00E+24 1.00E+28 1.00E+47 1.00E+66 MIPS Years to break Source: Symantec Internal Research and Testing Computations http://www.nsa.gov/business/programs/elliptic_curve.shtml ECC offers greater security as compared to other prevalent algorithms. Symantec ECC-256 certificates will offer equivalent security of a 3072-bit RSA certificate. Compared to a 2048 RSA key (which is the industry norm), ECC-256 keys are 10,000 times harder to crack. 9
  • 10. Improved Server Performance Under Peak Loads • ECC 256 has better performance than RSA at 0, 90k and 200k connections Web pages encrypted w/ECC load faster than those with RSA • ECC performance numbers are expected to significantly improve over time as the industry optimizes for ECC as they did for RSA • With better performance – customers will need to purchase fewer servers to handle SSL connections – a big cost savings • Performance Efficiencies Uses less server power Handles more requests Scalable Source: Symantec Internal Research and Testing 10
  • 11. Improved Desktop Performance and User Experience As a server gets hit with more traffic, ECC… processes more requests… in less time… without affecting load… …than RSA Source: Symantec Internal Research and Testing 11
  • 12. Industry-leading Companies Partner with Symantec to Accelerate ECC Adoption 12
  • 13. Symantec RSA and DSA Provides More Choices Both RSA and DSA are offered at 2048 bits and are equivalent in security strength and performance • RSA is currently 100% of the World’s SSL • DSA was developed by the NSA Certificate install base (US Government) as an alternative • If you’re on the web and see to RSA HTTPS, you’re using RSA • Although historically of interest to the US • The industry this year will move from public sector, it is yet another choice in 1024 to 2048-bit keys crypto algorithm • From a brute force attack • DSA offers the same security and key perspective, RSA 2048 keys will be viable length as RSA, with different math until 2030 13
  • 14. The Most Common SSL Concerns by Enterprises What does this cost an enterprise? “Typical company lost $222k last year due to certificate • Missed sales mishaps” opportunities • Damage to brand Biggest certificate issues due and credibility to the following: • Defection to • Unexpected Expirations competitors • Rogue Certificates • Calls to customer • Misconfigured support Certificates • Lost productivity • Missed Server Install • Calls to tech • Security Breaches support Source: Symantec SSL Management Customer Survey, February 2013 14
  • 15. New Symantec® Certificate Intelligence Center 2.0 Discover, Track and Automate SSL Certificate lifecycle Automation • Avoid painful, multi-step process to renew, replace and install a certificate • Consolidate to Symantec certificates • Auto-discover supported applications • Eliminate human error and installation overhead Discovery and Business Continuity • Highly optimized discovery of SSL certificates • Scheduled and on-demand discovery capabilities • Rich reporting functionality • Notification capabilities 15
  • 16. New Symantec® Secure App Service Secure and Track Code Signing Keys Security and Control • Prevent security compromise with unique keys for each signing • Maintain control and avoid stolen or misplaced keys by storing keys with a trusted Certificate Authority • Ensure accountability with full audit and reporting capabilities • Provide support for a wide range of file options including Microsoft Authenticode, Java .jar, Java Mobile and Android • Easily integrate with enterprise environment via SOAP API • Full management GUI available in Summer 2013 16
  • 17. Malvertisements and Repercussions An advertisement infected with malware = malvertisement Increase 20x Repercussions from 2010 to 2012 • Business Disruption 50% + • Loss of Revenue publishers • Brand and Reputation Damage have experienced • Long Term Business Impact 1+ times • Reparation Costs Prime Time for Attacks: Peak online traffic, long weekend, etc. Source: Symantec AdVantage Malvertising Survey September 2012 17
  • 18. Symantec® AdVantage Real-time detection, notification and analysis of malvertisements “Symantec AdVantage provides critical security against the malicious advertisements that can ruin display advertising, damage brand reputation and ultimately, hurt eCommerce businesses.” Eng Tat, Head of Technology Development, Innity Brand Protection and Business Continuity • Avoid browser shutdowns and being blacklisted with real-time detection and instant notification of malvertisements • Identify new threats including zero-day threats, with new revolutionary scanning methodology • Improve security with visual ad trace-back to track source of malvertisement • Develop strategic business decisions based on detailed ad analytics, reputation scores and other key data points 18
  • 19. WSS Advances Future of Online Trust and Protection Symantec Website Security Solutions accelerates the growth of online information sharing and eCommerce • Leadership: Algorithm Agility with ECC, DSA and RSA • First Certificate Authority (CA) to offer commercially available ECC solutions for: Improved protection Improved server performance under peak loads Improved desktop performance for better end user experience Meeting NIST, government and compliance requirements • Symantec partners with industry leaders to accelerate ECC adoption • New to WSS Portfolio: CIC v2, Secure App Service, AdVantage 19
  • 20. Q A 20
  • 21. Thank you! Presenter’s Name Presenter’s Email Presenter’s Phone Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Presentation Identifier Goes Here 21
  • 22. Quotes “The future is going to necessitate increasingly higher security cryptography and Akamai sees ECC as a technology that will allow cloud platforms to scale to meet those security demands without the crippling complexity of today’s common algorithms,” explained Stephen Ludin, chief architect, Akamai Technologies. “It is a significant step forward to better protect our data online in this hyper-connected world. As the Certificate Authority ecosystem for ECC gets ready, we will be building support into the Akamai Intelligent Platform.” “Citrix recognizes that ECC encryption represents the future of SSL encryption,” said Steve Shah, Sr. Director, Citrix. “This shift in the cryptographic infrastructure is clearly a next generation approach to the security ecosystem, allowing for better scalability in cloud computing and the supporting infrastructure. Once the certification authority infrastructure is in place, the trend will be clear to follow for networking product groups to make remote datacenters more accessible quickly, even allowing for increasing key sizes and increasing security needs.” “F5 helps customers seamlessly combine industry-leading traffic management with security and access solutions, including VPN and SSL encryption capabilities,” said Jason Needham, VP of Product Management and Product Marketing, F5 Networks. “One of the primary goals is to give organizations more choice and flexibility in deploying technologies to suit their business needs. F5 is proud to team up with leaders like Symantec to help enterprises and service providers enhance web and mobile security while scaling to better support cloud and BYOD initiatives.” “We believe in constantly furthering web security, which is why Chrome supports Elliptic Curve Digital Signature Algorithm (ECDSA) on all modern operating systems,” said Adam Langley, software engineer at Google.
  • 23. Quotes “HID Global specializes in security access solutions for the cloud, data and the door, with a comprehensive portfolio incorporating both physical and logical access solutions,” said Julian Lovelock, VP of Product Marketing at HID Global. “We’re very supportive of the new DSA and ECC algorithm options emerging in the marketplace, and we strongly feel that where the NIST Suite B has drawn up the future of security algorithms, the industry will follow.” "Juniper's SSL VPN solution, #1 in the world market, supports both ECC and DSA algorithms for added security and flexibility. The Junos Pulse SSL VPN client and gateway software are both FIPS compliant,” said Michael Callahan, VP of product marketing, Juniper Networks. “We are fully committed to and continue to invest in standards-based security solutions, including the strictest of NIST Suite B standards for our customers, across federal, enterprise and service provider markets.” “At Opera we are committed to both high quality and security, and we welcome the adoption of new and improved security standards on the web. Elliptic Curve Cryptography provides significant improvements over earlier algorithm standards, and we are delighted to see Symantec support it. Opera's Presto engine added support for ECC in version 395.” Source: Security Manager at Opera “Red Hat and Symantec have long collaborated to bring compelling, secure solutions to our customers. We continue to be interested in providing the advantages of increased security and computational efficiency that elliptical curve cryptography (ECC) offers for key management and digital signature, and have been an active participant with Symantec in Project Beacon. Currently, our Red Hat Certificate System supports ECC public-key cryptographic systems and continues to enhance its web browser and operating system ECC support." - Bryan Che, General Manager, Cloud Business Unit, Red Hat

Editor's Notes

  1. Symantec is the first CA to offer 3 crypto algorithmsRSA 2048, DSA 2028 and ECC 256Included as options, free of chargeDSA included in standard MPKI SSL CertificatesECC and DSA offered in Premium MPKI SSL CertificatesWhy are we launching new algorithms?Offer choice to customersDSA 2048 for US Government preferencesECC 256 for high connection speeds at loadRSA 2048 for safe business as usualIt’s about the futureMore secure connections to your serversImproved performance on your serversPricing for SSL Cert with ECC and DSA – Premium Certificates and ServicesSymantec™ Secure Site Pro - $995Symantec Secure Site Pro EV SSL Certificates with ECC - $1495 (as of 2/13/13)
  2. The yellow bubble shows that ECC is already years ahead of the current industry standard of 2048-bit encryption, and we haven’t even began to test the limits of ECC’s capabilities to encrypt and protect data.ECC performs better in comparison to RSA as requests per second increaseThis translates into faster page loads for PCThese numbers are preliminary and are expected to greatly improveSource: Symantec Internal Research and TestingComputations http://www.nsa.gov/business/programs/elliptic_curve.shtmlECC:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHARSA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAECC 384-256-256 RSA 2048-2048-2048Desktop Page sizes: 200KSpecifications8 cores 7 GiB of memory
clock frequency: 2.33 ghznetwork: 1 GbpsWeb server: Apache 2.4.3.openssl: 1.0.1cWorst case scenario as session reuse = 0%
  3. In terms of server performance, ECCUses less server powerHandles more requestsScales well to handle:Traffic spikesBusiness growthEnterprise-wide network security ECC:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHARSA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAECC 384-256-256 RSA 2048-2048-2048Desktop Page sizes: 0K, 90K, 200KServer specifications8 cores 7 GiB of memory
clock frequency: 2.33 ghznetwork: 1 GbpsWeb server: Apache 2.4.3.openssl: 1.0.1cServer time: includes SSL Handshake time (key derivations: ECDHE) + data encryption + file transfer timeWorst case scenario as session reuse = 0%