On Wednesday, October 15, in the Moscow office of the Mail.Ru Group, a seminar will be held for specialists at all levels in the field of information security. The general theme of the seminar was “The Practice of Choosing Solutions to Protect Against Zero-Day Threats and Targeted Attacks”, organized by the RISSPA Association with the support of the Mail.Ru Group. The seminar will feature presentations by industry experts and information security solution providers.

Program of performances

Denis Bezkorovainy, Vice-President of the Association RISSPA
“Preface. Prepare a sleigh in the summer: complex threats, APT and targeted attacks - tomorrow's reality ”

The report will address important industry questions: what is APT and targeted attacks - another horror story or a real threat? Why the cost of information security is growing, and the number of successful attacks is not reduced?
')
It will also look at how protection has evolved and why new-class solutions have appeared on the market, how they differ from conventional security systems, what are the main mechanisms used to detect hidden and new threats.

Evgeny Kutumin, Information Security Consultant, Palo Alto Networks
“Expose the Invisible: How to Detect and Stop APT”

Eugene's report will be devoted to the current state of the automated process control system networks in the Russian Federation and the existing problems from the point of view of specialists from Palo Alto Networks. Statistics on zero-day threats and attacks for automated process control systems will be presented, as well as an analysis of an interesting business case from one of the customers.

Andrey Sukhanov, Head of the Department of Information Security and Response Incidents, Alfa Bank
"Experience in choosing solutions to protect against targeted attacks in a financial institution"

In his report, Andrei will talk about why it was necessary to implement a system of protection against targeted attacks in the bank, by what criteria the decision was made and how the implementation process proceeded.

Mikhail Kondrashin, Technical Director, Trend Micro Russian Representative Office
“Protecting corporate environments from sophisticated threats: will the turtle catch up with Achilles?”

The key problem in providing protection against modern threats lies in the fact that many heads of information security services cannot imagine how topical attacks have become relevant. But they are the main cause of data leakage. On the other hand, modern approaches to security do not allow to reflect the next threat, if it is not widespread. Most likely, in the next few years, it will be the fight against targeted attacks that will become the main battlefield in the field of information security. In this situation, all manufacturers need to determine the strategy, because no traditional remedy is suitable here. There is an opinion that protected networks should learn to independently identify unknown threats and automatically develop immunity.

Viktor Serdyuk, General Director of DialogueScience, CJSC
“Practical aspects of protection against targeted attacks based on the FireEye solution”

Over the past few years, the number of companies that have been hit by targeted attacks by attackers - Advanced Persistent Threat (APT) has increased significantly. The most striking examples are: Operation Aurora, Red October, viruses Stuxnet, Flame, and others. A feature of these attacks is the ability to bypass existing information protection tools, for example, by using previously unknown vulnerabilities in software and hidden control channels.

One way to protect against targeted attacks is to use specialized solutions to detect malicious code that exploits zero-day vulnerabilities. An example of this solution is the FireEye product. It allows you to control all possible channels of penetration of malicious code and detect attacks by analyzing potentially dangerous objects in its own virtual infrastructure.

The report will consider the features of targeted attacks, as well as practical aspects of protection based on the FireEye solution. The functionality of the solution, typical variants of its application, as well as the experience of implementation in Russian companies will be described.

Dmitry Popovich, Marketing Director, Cezurity
"In search of a weak link"

The phenomenon of targeted attacks has been discussed over the past few years. Attackers bypass remedies, are fixed in information systems and for months, or even years, go unnoticed. Today, many vendors offer their solutions to detect and protect against such attacks. But the problem remains relevant. What allows attackers to stay one step ahead?

Approximate range of issues to be addressed in the report:

• The level of maturity of information security and the evolution of remedies;
• What to protect? Which link is usually the weakest?
• Is it possible to do with local analysis?
• How to make sure that you are no longer attacked?
• Prospects for the development of individual detection technologies.

The seminar starts at 16.45, October 15, 2014. The venue is the office of MailRu Group, Leningradsky Prospect 39, p. 79.

To participate in the seminar must be registered . At registration you can order a parking space. An online broadcast will be organized on our website, and you can then watch the video of the reports on our youtube channel .