Forcepoint Israel Virtual Summit FY20
Transcript of Forcepoint Israel Virtual Summit FY20
© 2020 Forcepoint Forcepoint Proprietary
Forcepoint IsraelVirtual Summit FY20
Nitzan CohenRegional Director, Israel
September 2020
▪ 10Bis voucher 100 NIS, please send email to: [email protected]
▪ Kahoot: 1st place: 800 NIS Alcohol Package, 2nd, 3rd places-200 NIS Vouchers
▪ Q&A- Please send us through Chat
Logistics
▪ Opening 09:30-10:00
▪ Technical Updates (Round Table) 10:00-10:50
▪ Break 10:50-11:05
▪ Cyber Security In The New World (Round Table) 11:05-11:55
▪ Q&A, Kahoot- 11:55-12:10
Todays Agenda
© 2020 Forcepoint Add Classification Label: Forcepoint Private | Forcepoint Proprietary | Public
COVID 19- Mega Trends
• Economic Recession accelerate the
Digital transformation course
• Humans are the new Perimeter
• CISOs must react & Adjust fast
• Growing Adoption of the “Business
Oriented” approach
© 2020 Forcepoint
About Forcepoint
Forcepoint Proprietary 5
© 2020 Forcepoint© 2020 Forcepoint
3,500+
Employees14,500+
CustomersCloud-first
Hybrid-ready
Converged
security
6Forcepoint Proprietary
Forcepoint is the world’s leading user and data protection company
Commercial Leader
with
Content Security & DLP
Cloud / On-Premise / Hybrid
Pioneer on Cyber Frontlines
with
Financial Resources
Deep Understanding of Threat Detection
Networking Innovator
with
Advanced Evasion Prevention
Security at Scale
CASB
© 2020 Forcepoint
Our Mission
Foster safe and trusting
environments through a
converged platform that
understands digital identities and
their cyber behaviors to protect
employees and critical data
everywhere.
Forcepoint Strategy
Transform the security industry by leveraging human-centric
behavioral analytics to enable the rapid and automated
identification and mitigation of security risk from compromised user
behavior.
Our Vision, Mission, and Strategy
Our Vision
Understand the world’s
cyber behaviors to
STOP the bad
and FREE the good.
© 2020 Forcepoint
The Forcepoint solution portfolio
8Forcepoint Proprietary
Web Security
Shadow IT
Isolation
Enterprise Firewall & SD-WAN
Emerging SASE & Zero Trust
AMD (sandbox)
Email Security
Dynamic Edge Protection
Data Loss Prevention-
End Point
DLP Gateway & API
Discovery
Classification
Cloud App DLP
CASB
DDP
Dynamic Data Protection
Insider Threat
DUP (Dynamic User
Protection)
Behavioral Analytics
Data Guard
Dynamic User Protection
© 2020 Forcepoint© 2020 Forcepoint Forcepoint Proprietary
Forcepoint Israel
© 2020 Forcepoint Add Classification Label: Forcepoint Private | Forcepoint Proprietary | Public
Something We Believe In-
10
“Built to Last”
• When partnership with someone
• While interacting with a customer
• While managing a Channel
• When closing a deal
• While Building a team
Forcepoint Private | Forcepoint Proprietary | Internal
Customer
ValuePerformance
Value CommitmentSystem availability &
Operation efficiency
Leveraging Forcepoint offerings to ensure accelerated Customer Value, System availability & Operation efficiency
Customer Success
Forcepoint Private | Forcepoint Proprietary | Internal
1
2Tech week became a Tradition
ForcePoint Israel Market Share
FY20
© 2020 Forcepoint
▪ R&D (DLP, CASB, F1E)
▪ Committed, Professional, Service oriented & SOLID Sales Team
▪ Professional Services
▪ Support
▪ Market Share Active Training Center in Israel
▪ Experienced & Diversified Channel Partners
▪ MSP
Forcepoint Israel
Forcepoint Innovations @Israel Virtual Summit 2020
Erez EpsteinSr. Sales Engineer
© 2020 Forcepoint Public
Kfir MesikaAccount Manager
Dror HevlinCISO
Solaredge
Shlomi IshaiInfrastructure Manager
Ituran
© 2020 Forcepoint
Forcepoint 1 Endpoint
17
2019 F1E
Public
Innovations never stops….
© 2019 Forcepoint | 20
Con
verg
ed S
ecur
ity
Pla
tfor
mCloud
Uni
fied
End
poin
t
Managing endpoints with F1E
Anywhere
Web
NGFW
CASB
Today’s Reality
DLP / DDP
Mostly on-prem
FIT
Forcepoint One Endpoint
Improved User Experience
Simplified Operations
Greater Insights
© 2020 Forcepoint
Forcepoint 1 Endpoint
21
2019 F1E
2019 Data Classification
Public
Innovations never stops….
© 2019 Forcepoint | 22
lassifier - Taking Classification Beyond Security
BUSINESS CATEGORIZATION
DATARETENTION
SECURITYLABEL
POLICY
DATA HANDLINGLABELS
ENFORCE GRANULARsecurity policy and controls
INCREASEuser awareness
IMPROVEoperational effectiveness
OPTIMIZEsecurity technologies
REDUCEbusiness risk
Retention Codes
PII
Finance
Legal Instruction
NON-BUSINESS
GENERAL BUSINESS
INTERNAL ONLY
CONFIDENTIAL
NB
GB
IO
C
Metadata
INCREASE BUSINESS VALUE
© 2020 Forcepoint
Forcepoint 1 Endpoint
23
2019 F1E 2019 DLP Cloud
2019 Data Classification
Public
Innovations never stops….
© 2020 Forcepoint
DLP Cloud Apps
DLP Cloud Apps
F1E (DLP/CASB)
DLP Manager
HTTPS
APIInline
API
Audit Only
Quarantine
Safe Copy
Remove Sharing
Block
Unmanaged Devices Upload
Download
Share
External Share
Download
Upload
Share
Upload
Download
Upload
Copy
Move
*Inline Protection requires CASB License
SSO
© 2020 Forcepoint
CSG Integration with DPS | What is it?
Forcepoint Proprietary
DPS
DLP Instance
User
PCEP | PAC | Tunnels
Web Proxy
Web Logs
Events
DLP Policy
Post | http | https | ftp
File
Block/ Permitted
WEBFSM | DLP Manager 8.8 CSG Admin Portal
DLP Policy Engine
API
Calls/ Responses
CASB
Cloud Security Gateway
© 2020 Forcepoint
Forcepoint 1 Endpoint
26
2019 F1E 2019 DLP Cloud
2019 Data Classification
2020 RBI
Public
Innovations never stops….
© 2019 Forcepoint | 27
Web Security Has Evolved
ForcepointWeb Security
Automated malicious domain blocking
URL Filtering
Webpage & content (file) deep inspection
SSL/TLS inspection
User-requested exceptions for “gray areas”
Data Loss Prevention (DLP) scanning
Shadow IT risk ranking
Cloud App Security Broker (CASB) integration
Other FWs
Forcepoint
NGFW
ForcepointCASB
© 2020 Forcepoint
How Browser Isolation Works
Malware embedded in
active web-content
Ericom RBI executes
content in an
isolated container
Safe rendering
information sent to
endpoint
Standard browsing
experience
1 2 3 4
© 2020 Forcepoint
Enable safe access to uncategorized or risky websites
Isolation: Forcepoint Web Security + Ericom Shield
► End-user connects to Forcepoint Web Security to access the web
► Black-listed URLs are blocked, white-listed are allowed through
► Uncategorized and policy-defined URL’s are sent to Ericom Shield for added malware protection
Forcepoint
Web Security
Safe Sites: Allow
Risky Sites: Isolate
Unsafe Sites: Block
© 2020 Forcepoint
Forcepoint 1 Endpoint
31
2019 F1E 2019 DLP Cloud 2020 DUP
2019 Data Classification
2020 RBI
Public
Innovations never stops….
© 2020 Forcepoint
Edge
Protection
Data
Protection
NEO Agent
D
E
P
32
Continuously Assessing Risk & Trust with DUP
Forcepoint Proprietary
USERS DATA
SaaS Apps
Private Apps
D
L
P
Joe @ Home
D
U
P
DUP
Behavioral
Analytics
IOBs
IOBs
Risk Score Risk Score
DEP DDP
© 2020 Forcepoint
Forcepoint 1 Endpoint
33
2019 F1E 2019 DLP Cloud 2020 DUP
2019 Data Classification
2020 RBI
Public
Innovations never stops….
2020 Next Generation CASB
© 2020 Forcepoint
Flexible Deployment Modes
• Cloud Provider API
Connection
• Cloud Provider Read
and/or Write Admin Rights
API Connectors
• Windows
• MacOS
• Android and iOS
• Inline protection
• Thick Client Support
• Reverse Proxy
• Full SSO Integration
• Inline protection
• Any device control
through web
Forward Proxy Agentless
API
SSO
© 2020 Forcepoint
GitHub security threats
35Forcepoint Proprietary | Public
Sensitive dataSource code
Access details
Password, keys & secrets
Comments
Local copies of dataclone, pull, diff, branch, etc.
App integrationBusiness flow apps
Unsanctioned apps
Public RepositoriesAccessible to anyone on GitHub.com
BYODUnmanaged devices
Unsanctioned IDE / text edit apps
CollaborationUnmonitored roles & invites
External contributor, collaborator
© 2020 Forcepoint
Access from unmanaged devices
Data clone to external device
New organization owner (super admin)
Create / convert public repositories
Repository ownership transfer
Restrict 3rd party OAuth App access
Elevated / permissive access granted (base permissions, repository permissions, etc.)
Collaborator / contributor invitations (and their roles)
GitHub full account export
Modification of billing settings
Secure GitHub with Forcepoint CASB
36Forcepoint Proprietary | Public
Top use cases
© 2020 Forcepoint
Forcepoint research team have mapped different activities… only on salesforce.com!
• 50 Critical impact activities
• 50 High impact activities
You can cover 50 critical user activities with a single rule!
Rapid ROI on Cloud protection.
Easy maintenance of CASB
Essential immediate visibility into risky behaviors
The Importance of Activity Impact Scoring
© 2019 Forcepoint | 39
CASB As A Platform
Encourage productivity while minimizing risk.
Sanctioned Apps
Unified Policy
Enforce-ment
Prevent Data
Leakage
Manage Privileged Accounts
Manage BYOD
AccessUnsanctioned Apps
Visibility into
Shadow IT
Identify Risky Apps
Prevent Risky
Usage
Identify Users at
Risk
© 2020 Forcepoint
Forcepoint 1 Endpoint
40
2019 F1E 2019 DLP Cloud 2020 DUP
2019 Data Classification
2020 RBI
Public
Innovations never stops….
2020 Next Generation CASB
© 2020 Forcepoint 41
2020 Dynamic Edge
Public
Innovations never stops….
© 2020 Forcepoint
DYNAMIC EDGE PROTECTION
Cloud Security Gateway (CSG)
CASBWeb Security
as a service
Threat
Protection
Data
Protectionas a service
Private Access (PA)
ZTNAFirewall
as a service
Threat
Protection
Data
Protectionas a service*
Private
Apps
Public Web &
SaaS Apps
Unified Agent
* coming H1’21
Converged security for applications and data everywhere
Risk-Adaptive Protection*
© 2020 Forcepoint© 2020 Forcepoint 43
Forcepoint Cloud Security Gateway
A converged security service for user and data protection in the cloud and on the web
• The only 100% cloud-native, centrally managed security service for users and data
• One converged service integrating web security, CASB, and DLP
• Advanced web and cloud threat protection for remote hospital staff
• Elimination of multiple point products
• Cost savings generated by reducing operational overload
• Simplified management, reporting, and compliance
© 2020 Forcepoint
Cloud Security Gateway: Converged user and data protection
44
Remote staff
No VPNs(Available via
Forcepoint Private Access)
Cloud Security Gateway
DPS – Block/Permit
Drive-thrutesting
Branch office
Integrated Security
Capabilities
SD-WAN
Full Visibility
RBI
add-on
availableBYOD Management
Support
Personal wireless
connections DLP Policy
Engine
Forcepoint Proprietary
Private EHR
© 2020 Forcepoint© 2020 Forcepoint
Zero Trust Network Access (Edge)
45Public
© 2020 Forcepoint
Connectivity for internal apps
• Inside private data centers (physical or cloud)
Same user experience everywhere
• No special UI, open apps in browser as usual
• No VPN client needed
No special firewall ports to administer
Part of DEP’s unified security policies
• Risk-adaptive access controls coming in 2021
Centralized visibility into app usage
Zero Trust Private Access – Internal Apps without VPNs
46Forcepoint Proprietary
DEPZT Private Access
Remote Workers
Branch Offices
Internal Appsin Data Center
Internal Apps in Private Enclave
© 2020 Forcepoint 47
2020 Dynamic Edge
2020 Forcepoint Advantage
Public
Innovations never stops….
© 2020 Forcepoint 48Forcepoint Proprietary
Forcepoint Advantage Coverage
Built for the Enterprise
Defense in Depth & Breadth
Future Proof
Unlimited Organic Growth
Transparent & Simple Packages
Advantage
User
Protection
Advantage
Data
Protection
Advantage
Edge
Protection
Benefits
+ +Forcepoint
Total
Advantage Data User Edge
© 2020 Forcepoint 49
2020 Dynamic Edge
2020 Forcepoint Advantage
2020 ???
Public
Innovations never stops….