Evasions: A Growing Threat for Government Networks
Network protocol normalization and reassembly is the basis of traffic inspection performed by next generation firewalls (NGFW) and intrusion prevention systems (IPS). But even common network protocols are complex, with multiple possible interpretations for the same traffic sequence.
In this webcast, learn how your agency can use targeted protocol stack fuzzing for automated discovery of traffic normalization errors. Attackers can use these errors to evade detection, bypass security devices, and allow exploits and malware (including aggressive ransomware attacks like WannaCry) into your network undetected. We will demonstrate how many up-to-date security devices still have vulnerabilities to basic evasive techniques and how to test your solution’s efficacy.
Specific topics include:
- A brief introduction to evasion vulnerabilities
- Forcepoint’s approach of targeted protocol fuzzing to automatically discover evasions
- Applying evasion to attack to demonstrate efficacy
- A demo of attackers’ methods to evade detection and bypass NGFW and IPS devices
Opi Niemi, Senior Research Director, Forcepoint
Michael Knapp, Director of Network Security Sales Engineers, Forcepoint