SECURITY LIFECYCLE REVIEW

International School Yangon

PREPARED BY: 
VSS 
Palo Alto Networks 
www.paloaltonetworks.com

The Security Lifecycle Review summarizes the threat exposure and security risks
facing International School Yangon and the customers connecting to their networks.
The data used for this analysis was gathered by Palo Alto Networks during the report
time period. The report provides actionable intelligence and risk assessment around the
applications, URL traffic, and types of content that are traversing the International
School Yangon network as well as volume and types of threats and vulnerabilities that
are observed. Recommendations are provided that can be employed to reduce the
overall risk exposure for both the network operator and their customers.

Report Period: 8 DAYS

Fri, Mar 06, 2020 - Fri, Mar 13, 2020
 TABLE OF CONTENTS

3 Executive Summary

4 Applications
Applications at a Glance
Applications that Introduce Risk
Applications that Introduce Risk — Detail
SaaS Applications

16 URL Activity
URL Activity

17 Threats
Threats at a Glance
Application Vulnerabilities
Command and Control Analysis

20 Summary

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 2
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

EXECUTIVE SUMMARY FOR International School Yangon
The Security Lifecycle Review summarizes the business and security risks facing International School Yangon. The data used for this analysis was
gathered by Palo Alto Networks during the report time period. The report provides actionable intelligence around the applications, URL traffic, types of
content, and threats traversing the network, including recommendations that can be employed to reduce the organization’s overall risk exposure. 

Confidential Information - Do Not Redistribute

KY FINDING

368
APPLICATIONS IN USE
368 total applications are in use, presenting
potential business and security challenges. As
critical functions move outside of an
organization’s control, employees use non-
work-related applications, or cyberattackers
use them to deliver threats and steal data.
67
HIGH RISK APPLICATIONS
67 high-risk applications were observed,
including those that can introduce or hide
malicious activity, transfer files outside the
network, or establish unauthorized
communication.
96
SAAS APPLICATIONS
96 SaaS applications were observed in your
network. To maintain administrative control,
adopt SaaS applications that will be managed
by your IT team.

2,756,455 2,763,055
VULNERABILITY EXPLOITS TOTAL THREATS
2,756,455 total vulnerability exploits were 2,763,055 total threats were found on your
observed in your organization, including network, including vulnerability exploits,
brute-force, info-leak and code-execution. malware, and outbound command and control
activity.

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 3
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Applications at a Glance
Applications can introduce risk, such as delivering threats, potentially allowing data to leave the network, enabling unauthorized access, lowering
productivity, or consuming corporate bandwidth. This section will provide visibility into the applications in use, allowing you to make an informed decision
on potential risk versus business benefit.

KY FINDING
High-risk applications such as photo-video, file-sharing and internet-utility were observed on the network, which should be investigated due to their
potential for abuse.
368 total applications were seen on the network across 29 sub-categories, as opposed to an industry average of 363 total applications seen in other
Higher Education organizations.
1.31 TB was used by all applications, including networking with 597.43 GB, compared to an industry average of 7.46 TB in similar organizations.

HIGH-RISK APPLICATIONS 13
photo-video 12
The first step to managing security and business risk is identifying which
11
applications can be abused to cause the most harm. We recommend file-sharing 11
closely evaluating applications in these categories to ensure they are not
7
introducing unnecessary compliance, operational, or cyber security risk. internet-utility 7

6
email
7

6
social-networking 5

  Company Industry Average

NUMBER OF APPLICATIONS ON NETWORK BANDWIDTH CONSUMED BY APPLICATIONS

Company 368 Company 1.31 TB

INDUSTRY AVERAGE 363 INDUSTRY AVERAGE 7.46 TB

ALL ORGANIZATIONS 227 ALL ORGANIZATIONS 6.39 TB

CATEGORIES WITH THE MOST APPLICATIONS CATEGORIES CONSUMING THE MOST BANDWIDTH
The following categories have the most applications variants, and should Bandwidth consumed by application category shows where application
be reviewed for business relevance. usage is heaviest, and where you could reduce operational resources.

106 597.43 GB
business-systems 102
networking 2.84 TB

82 314.29 GB
collaboration 70
media 1.32 TB

69 187.80 GB
general-internet 68
collaboration 1.39 TB

60 140.52 GB
media general-internet
55 930.35 GB

51 74.51 GB
networking 69
business-systems 965.03 GB

Company Industry Average Company Industry Average

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 4
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Applications that Introduce Risk

The top applications (sorted by bandwidth consumed) for application subcategories that introduce risk are displayed below, RISK LEVEL
including industry benchmarks on the number of variants across other Higher Education organizations. This data can be 5
4
]- High
used to more effectively prioritize your application enablement efforts.
3
2
KY FINDING 1
A total of 368 applications were seen in your organization, compared to an industry average of 363 in other Higher
Education organizations.
The most common types of application subcategories are internet-utility, photo-video and management.
The application subcategories consuming the most bandwidth are encrypted-tunnel, infrastructure and photo-video.

Number of Applications in the subcategory Industry Average Number of Applications in the subcategory Industry Average

11 12 9 12
Email  10.68 G  Remote-Access  1.05 G 
TOP EMAIL APPS TOP REMOTE-ACCESS APPS

gmail-base ms-rdp
9.89 G 1.04 G
outlook-web-online anydesk
538.74 M 3.99 M
yahoo-mail-base teamviewer-base
173.41 M 2.47 M
icloud-mail chrome-remote-desktop
66.10 M 2.02 M
smtp teamviewer-web
6.77 M 45.54 K
zoho-mail splashtop-remote
3.70 M 8.37 K
gmx-mail citrix
1.68 M 2.67 K
hotmail pcanywhere-base
1.41 M 1.66 K

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 5
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Number of Applications in the subcategory Applications that Introduce Risk

Industry Average Number of Applications in the subcategory Industry Average

26 27 12 10
File-Sharing  13.38 G  Encrypted-Tunnel  301.68 G 
TOP FILE-SHARING APPS TOP ENCRYPTED-TUNNEL APPS

mega-base ssl
8.84 G 291.50 G
google-drive-web open-vpn
1.96 G 8.85 G
bittorrent ipsec-esp-udp
791.03 M 1.33 G
ms-onedrive-base ssh
580.90 M 10.13 M
whatsapp-file-transfer hola-unblocker
553.91 M 589.94 K
dropbox-base panos-global-protect
277.65 M 103.34 K
 
google-cloud-storage-download ike
235.02 M 85.30 K
kakaotalk-file-transfer hotspot-shield
91.10 M 57.47 K

Number of Applications in the subcategory Industry Average Number of Applications in the subcategory Industry Average

19 16 21 19
Instant-Messaging  3.48 G  Social-Networking  168.83 G 
TOP INSTANT-MESSAGING APPS TOP SOCIAL-NETWORKING APPS

snapchat facebook-base
1.95 G 162.93 G
whatsapp-base reddit-base
566.11 M 2.19 G
facebook-chat twitter-base
452.93 M 1.32 G
whatsapp-web pinterest-base
230.21 M 1.20 G
qq-base google-classroom
141.97 M 781.80 M
kakaotalk-base quora-base
62.52 M 189.21 M
wechat-base linkedin-base
31.25 M 104.31 M
imo tumblr-base
17.36 M 104.22 M

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 6
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Number of Applications in the subcategory Applications that Introduce Risk

Industry Average Number of Applications in the subcategory Industry Average

32 30 3 3
Photo-Video  215.01 G  Proxy  7.02 M 
TOP PHOTO-VIDEO APPS TOP PROXY APPS

facebook-video http-proxy
124.19 G 6.72 M
netflix-base psiphon
38.67 G 243.13 K
youtube-base ultrasurf
23.51 G 64.11 K
instagram-base
13.22 G
http-video
6.18 G
rtcp
2.81 G
twitch
1.92 G
tiktok
1.58 G

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 7
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Applications that Introduce Risk — Detail

RISK APPLICATION CATEGORY SUB CATEGORY  TECHNOLOGY BYTES SESSIONS

4 gmail-base collaboration email browser-based 9.89 GB 116224

3 outlook-web-online collaboration email browser-based 538.74 MB 8406

3 yahoo-mail-base collaboration email browser-based 173.41 MB 1160

2 icloud-mail collaboration email client-server 66.1 MB 3104

5 smtp collaboration email client-server 6.77 MB 91

3 zoho-mail collaboration email browser-based 3.7 MB 113

4 gmx-mail collaboration email browser-based 1.68 MB 55

4 hotmail collaboration email browser-based 1.41 MB 14

4 ssl networking encrypted-tunnel browser-based 291.5 GB 1843816

3 open-vpn networking encrypted-tunnel client-server 8.85 GB 656

2 ipsec-esp-udp networking encrypted-tunnel client-server 1.33 GB 14

4 ssh networking encrypted-tunnel client-server 10.13 MB 48

4 hola-unblocker networking encrypted-tunnel client-server 589.94 KB 784

2 panos-global-protect networking encrypted-tunnel client-server 103.34 KB 20

2 ike networking encrypted-tunnel client-server 85.3 KB 60

3 hotspot-shield networking encrypted-tunnel client-server 57.47 KB 5

3 mega-base general-internet file-sharing browser-based 8.84 GB 270

5 google-drive-web general-internet file-sharing browser-based 1.96 GB 3214

5 bittorrent general-internet file-sharing peer-to-peer 791.03 MB 114597

4 ms-onedrive-base general-internet file-sharing client-server 580.9 MB 5840

3 whatsapp-file-transfer general-internet file-sharing client-server 553.91 MB 272

4 dropbox-base general-internet file-sharing client-server 277.65 MB 15504

2 google-cloud-storage-download general-internet file-sharing browser-based 235.02 MB 1091

2 kakaotalk-file-transfer general-internet file-sharing client-server 91.1 MB 296

2 snapchat collaboration instant-messaging client-server 1.95 GB 16296

Notes:

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 8
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

RISK APPLICATION Applications

CATEGORYthat Introduce
SUB CATEGORY  Risk — Detail
TECHNOLOGY BYTES SESSIONS

1 whatsapp-base collaboration instant-messaging client-server 566.11 MB 8046

3 facebook-chat collaboration instant-messaging browser-based 452.93 MB 3086

2 whatsapp-web collaboration instant-messaging browser-based 230.21 MB 1498

4 qq-base collaboration instant-messaging client-server 141.97 MB 4937

 
2 kakaotalk-base collaboration instant-messaging client-server 62.52 MB 2103

2 wechat-base collaboration instant-messaging client-server 31.25 MB 5455

4 imo collaboration instant-messaging browser-based 17.36 MB 784

4 facebook-video media photo-video browser-based 124.19 GB 18427

3 netflix-base media photo-video browser-based 38.67 GB 12399

4 youtube-base media photo-video browser-based 23.51 GB 20911

2 instagram-base media photo-video client-server 13.22 GB 59444

4 http-video media photo-video browser-based 6.18 GB 207

1 rtcp media photo-video client-server 2.81 GB 368

4 twitch media photo-video browser-based 1.92 GB 169

2 tiktok media photo-video client-server 1.58 GB 14036

5 http-proxy networking proxy browser-based 6.72 MB 449

5 psiphon networking proxy browser-based 243.14 KB 17

4 ultrasurf networking proxy client-server 64.11 KB 1

4 ms-rdp networking remote-access client-server 1.04 GB 207136

1 anydesk networking remote-access client-server 3.99 MB 48

3 teamviewer-base networking remote-access client-server 2.47 MB 18

2 chrome-remote-desktop networking remote-access browser-based 2.02 MB 274

2 teamviewer-web networking remote-access browser-based 45.54 KB 5

1 splashtop-remote networking remote-access client-server 8.37 KB 3

3 citrix networking remote-access client-server 2.67 KB 19

Notes:

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 9
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

RISK APPLICATION Applications

CATEGORY that Introduce
SUB CATEGORY  Risk — Detail
TECHNOLOGY BYTES SESSIONS

2 pcanywhere-base networking remote-access client-server 1.66 KB 18

4 facebook-base collaboration social-networking browser-based 162.93 GB 363628

1 reddit-base collaboration social-networking browser-based 2.19 GB 3424

3 twitter-base collaboration social-networking browser-based 1.32 GB 7679

2 pinterest-base collaboration social-networking browser-based 1.2 GB 4773

2 google-classroom collaboration social-networking browser-based 781.8 MB 6342

1 quora-base collaboration social-networking browser-based 189.21 MB 782

3 linkedin-base collaboration social-networking browser-based 104.31 MB 2565

2 tumblr-base collaboration social-networking browser-based 104.22 MB 138

Notes:

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 10
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

SaaS Applications
SaaS–based application services continue to redefine the network perimeter. Often labeled “shadow IT,” most of these services are adopted directly by
individual users, business teams, or even entire departments. In order to minimize data security risks you need control over SaaS applications used your
network .

KY FINDING
File-Sharing subcategory has the most number of unique SaaS applications.
In terms of data movement, gmail-base is the most used SaaS application in your organization.

SAAS APPLICATIONS BY NUMBERS
Review the applications being used in your organization. To maintain administrative control, adopt SaaS applications that will be managed by your IT team

NUMR OF AA APPLICATION
Company 96

INDUSTRY AVERAGE 78

368  
ALL ORGANIZATIONS 51

total apps 
  96  PRCNTAG OF ALL APPLICATION
SaaS apps
Company 26.09%

INDUSTRY AVERAGE 21.49%

ALL ORGANIZATIONS 22.47%

SAAS APPLICATION BANDWIDTH
Monitor the volume of data movement to and from SaaS applications. Understand the nature of the applications and how they are being used

AA APPLICATION ANDWIDTH
Company 35.85 GB

INDUSTRY AVERAGE 213.05 GB

1.31 T  
ALL ORGANIZATIONS 202.35 GB

total data flow  

35.85 G  PRCNTAG OF ALL ANDWIDTH
for SaaS apps
Company 2.73%

INDUSTRY AVERAGE 2.86%

ALL ORGANIZATIONS 3.16%

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 11
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

TOP SAAS APPLICATION SUBCATEGORIES

The following displays the number of applications in each application subcategory. This allows you to assess the most used applications organization.

TOP AA APPLICATION UCATGORI Y TOTAL NUMR OF APPLICATION
file-sharing 14

management 14

office-programs 11

internet-utility 7

Number of Applications in the subcategory Industry Average Number of Applications in the subcategory Industry Average

14 27 14 27
File-Sharing  11.91 G  Management  189.97 M 
TOP FILE-SHARING APPS TOP MANAGEMENT APPS

mega-base new-relic
8.84 G 99.84 M
google-drive-web github-base
1.96 G 54.47 M
ms-onedrive-base jamf
580.90 M 16.37 M
dropbox-base trello-base
277.65 M 8.42 M
google-cloud-storage-download service-now-base
235.02 M 4.39 M
weiyun-base datadog
2.84 M 2.06 M
  sourceforge-base workable
2.70 M 1.50 M
slideshare-base gist
765.77 K 1.24 M

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 12
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Number of Applications in the subcategory Industry Average Number of Applications in the subcategory Industry Average

11 11 7 40
Office-Programs  3.59 G  Internet-Utility  5.32 G 
TOP OFFICE-PROGRAMS APPS TOP INTERNET-UTILITY APPS

google-docs-base learnosity
3.31 G 3.01 G
lucidchart icloud-base
70.18 M 1.47 G
ms-teams grammarly
68.55 M 647.41 M
evernote-base kami
58.46 M 190.01 M
ms-office365-base yunpan-base
52.69 M 4.27 M
lucidpress-base google-keep
15.84 M 143.59 K
prezi-base adobe-echosign
9.96 M 100.15 K
ms-delve
5.10 M

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 13
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

TOP SAAS APPLICATIONS

The following displays the top 10 SaaS applications used in your organization and the application usage comparison against your industry peers and all
other Palo Alto Networks customers.

TOP AA APPLICATION Y DATA MOVMNT
9.89 GB
Gmail-Base
8.83 GB

8.84 GB
Mega-Base
3.53 GB

3.31 GB
Google-Docs-Base
11.86 GB

3.01 GB
Learnosity
0 Byte

 
1.96 GB
Google-Drive-Web
11.34 GB

1.47 GB
Icloud-Base
6.21 GB

976.78 MB
Zoom-Meeting
106.63 MB

781.80 MB
Google-Classroom
397.44 MB

752.01 MB
Flipgrid
642.35 KB

647.41 MB
Grammarly
157.41 MB

Company Industry Average

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 14
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

SAAS APPLICATIONS BY HOSTING RISK

Based on your SaaS usage, it is imperative to regularly review SaaS applications being accessed, who is accessing them, and how they are being used. 
The following chart displays the number of applications by each hosting risk characteristic.

Poor Terms of Service 32

Data Breaches 5

No Certifications 43

Poor Financial Viability 5

The following charts display the top applications by bandwidth for each hosting risk characteristic.

10.67 G 9.03 G
Apps With Poor Terms Of Service Apps With Data Breaches
mega-base mega-base
8.84 G 8.84 G
flipgrid yahoo-mail-base
752.01 M 173.41 M
viber-base mailchimp
452.03 M 9.51 M
kami onelogin
190.01 M 5.17 M
yahoo-mail-base yahoo-calendar
173.41 M 1.47 M
new-relic
  99.84 M
acronis-cloud-backup
69.40 M
viber-voice
22.00 M

19.41 G 192.33 M
Apps With No Certifications Apps With Poor Financial Viability
mega-base kami
8.84 G 190.01 M
learnosity gmx-mail
3.01 G 1.68 M
google-drive-web helpscout
1.96 G 591.51 K
icloud-base classin
1.47 G 27.23 K
google-classroom dochub-base
781.80 M 15.64 K
flipgrid
752.01 M
grammarly
647.41 M
ms-onedrive-base
580.90 M

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 15
 

EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

URL Activity
Uncontrolled Web surfing exposes organizations to security and business risks, including exposure to potential threat propagation, data loss, or
compliance violations. The most common URL categories visited by users on the network are shown below.

KY FINDING
High-traffic URL categories were observed on the network, including computer-and-internet-info, Sanctioned Search and web-based-email.
Users visited a total of 74,698 URLs during the report time period across 40 categories.
There was a variety of personal and work-related Web activity present, including visits to potentially risky websites.

HIGH-RISK URL CATEGORIES 16
unknown 83,339
The Web is a primary infection vector for attackers, with
8
high-risk URL categories posing an outsized risk to the malware 6,019
organization. Solutions should allow for fast blocking of
3
undesired or malicious sites, as well as support quick private-ip-addresses 281,990
categorization and investigation of unknowns.
Company Industry Average
 

HIGH-TRAFFIC URL CATEGORIES COMMONLY USED URL CATEGORIES
The top 5 commonly visited URL categories, along with industry The top 20 most commonly visited URL categories are shown below.
benchmarks across your peer group, are shown below.
online-storage-and-backup 1,821
business-and-economy 1,414
34,548
computer-and-internet-info music 1,412
2,868,769
training-and-tools 1,395
15,731 internet-communications-and-telephony 1,342
Sanctioned Search 0 web-advertisements 1,137
financial-services 1,013
4,253
web-based-email reference-and-research 866
69,502
games 674
3,914 internet-portals 673
social-networking
1,770,643 streaming-media 508
news 358
2,194
content-delivery-networks insufficient-content 278
544,463
questionable 233
dating 149
Company Industry Average entertainment-and-arts 117
educational-institutions 109
personal-sites-and-blogs 98
travel 95
shareware-and-freeware 66

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 16
 
EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Threats at a Glance
Understanding your risk exposure, and how to adjust your security posture to prevent attacks, requires intelligence on the type and volume of threats used
against your organization. This section details the application vulnerabilities, known and unknown malware, and command and control activity observed on
your network.

KY FINDING
2,756,455 total vulnerability exploits were observed in your organization, including brute-force, info-leak and code-execution.
0 malware events were observed, versus an industry average of 2,630 across your peer group.
6,600 total command and control requests were identified, indicating attempts by malware to communicate with attackers to download additional
malware, receive instructions, or exfiltrate data.

brute-force 2,756,278 99% 82% 38%

2,756,455 info-leak 154

62%
Vulnerability code-execution 21
Exploit(s) Other 2 18%
1%
Company Industry All
Average Organizations
 

6,600
Known Connections 6,600
Command and
Control Detection(s)

FILES LEAVING THE NETWORK
Transferring files is a required and common part of doing business, but you must maintain visibility into what content is leaving the network via which
applications, in order to limit your organization’s exposure to data loss.

via

0
different
application(s)

0
file(s) potentially
leaving the network

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 17
 

EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Application Vulnerabilities
Application vulnerabilities allow attackers to exploit vulnerable, often unpatched, applications to infect systems, which often represent one of the first steps
in a breach. This page details the top five application vulnerabilities attackers attempted to exploit within your organization, allowing you to determine which
applications represent the largest attack surface.

KY FINDING
8 total applications were observed delivering exploits to your environment.
2,756,455 total vulnerability exploits were observed across the following top three applications: ms-ds-smbv1, ms-ds-smbv3 and ms-ds-smbv2.
13 unique vulnerability exploits were found, meaning attackers continued to attempt to exploit the same vulnerability multiple times.

APPLICATIONS DELIVERING EXPLOITS TOTAL VULNERABILITY EXPLOITS UNIQUE VULNERABILITY EXPLOITS

8 2,756,455 13

13 3,846,232 35

14 3,023,264 35

Company Industry Average All Organizations

VULNRAILITY XPLOIT PR APPLICATION
(TOP 5 APPLICATIONS WITH MOST DETECTIONS)

  DETECTIONS EXPLOIT ID SEVERITY  

2,754,867 Ms-Ds-Smbv1
   
  2,754,867 SMB: User Password Brute Force Attempt HIGH

1,266 Ms-Ds-Smbv3
 
  1,266 SMB: User Password Brute Force Attempt HIGH

145 Ms-Ds-Smbv2
 
  145 SMB: User Password Brute Force Attempt HIGH

106 Web-Browsing
 
  6 Netgear DGN Device Remote Command Execution Vulnerability CRITICAL

  3 GPON Home Routers Remote Code Execution Vulnerability CRITICAL

  1 Microsoft Windows HTTP.sys Remote Code Execution Vulnerability CRITICAL

  4 Joomla HTTP User Agent Object Injection Vulnerability HIGH

  3 Huawei HG532 Home Gateway Remote Code Execution Vulnerability HIGH

  82 ZmEu Scanner Detection MEDIUM

  7 PHP CGI Query String Parameter Handling Information Disclosure Vulne MEDIUM
rability

65 Portmapper
 
  65 RPC Portmapper DUMP Request Detected MEDIUM

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 18
 

EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Command and Control Analysis

Command-and-control (CnC) activity often indicates a host in the network has been infected by malware, and may be attempting to connect outside of the
network to malicious actors, reconnaissance attempts from outside, or other command-and-control traffic. Understanding and preventing this activity is
critical, as attackers use CnC to deliver additional malware, provide instruction, or exfiltrate data. Detection and response products may provide detail on
the malicious network and host activity that has occurred as a result of the identified malware.

KY FINDING
2 total applications were used for command-and-control communication.
6,600 total command-and-control requests were seen on your network.
6,600 total suspicious DNS queries were observed.

web-browsing: 1

  6,600 2
CnC Request(s) Application(s)
were seen on your network. were used for
Command-and-Control
communication.

dns: 6,599

6,600 SUSPICIOUS DNS QUERIES 0 SPYWARE PHONE HOME

TOP 10
generic:sdk.appsflyer.tk
6,297
335749728
200
336141642
102
Hiddad.yh C2 traffic
1

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 19
 

EXECUTIVE SUMMARY APPLICATIONS SAAS APPLICATIONS URL ACTIVITY THREATS SUMMARY

Summary: International School Yangon
The analysis determined that a wide range of applications and cyber attacks were present on the network. This activity represents potential business and
security risks to International School Yangon, but also an ideal opportunity to implement safe application enablement policies that, not only allow business
to continue growing, but reduce the overall risk exposure of the organization. 

HIGHLIGHTS INCLUDE:
High-risk applications such as photo-video, file-sharing and internet-utility were observed on the network, which should be investigated due to their
potential for abuse.
368 total applications were seen on the network across 29 sub-categories, as opposed to an industry average of 363 total applications seen in other
Higher Education organizations.
2,756,455 total vulnerability exploits were observed across the following top three applications: ms-ds-smbv1, ms-ds-smbv3 and ms-ds-smbv2.
0 malware events were observed, versus an industry average of 2,630 across your peer group.
2 total applications were used for command and control communication.

KY FINDING

 
368 67 96
APPLICATIONS IN USE HIGH RISK APPLICATIONS SAAS APPLICATIONS

2,756,455 2,763,055
VULNERABILITY EXPLOITS TOTAL THREATS

RCOMMNDATION
Implement safe application enablement polices, by only allowing the applications needed for business, and applying granular control to all others.
Address high-risk applications with the potential for abuse, such as remote access, file sharing, or encrypted tunnels.
Address command and control communication by examining the network or host source. Detection and response or logging solutions may provide an
indication of what occurred.
Deploy a security solution that can detect and prevent threats, both known and unknown, to mitigate risk from attackers.
Use a solution that can automatically re-program itself and other security products, creating and coordinating new protections for emerging threats,
sourced from a global community of other enterprise users.

INTERNATIONAL SCHOOL YANGON | SECURITY LIFECYCLE REVIEW  Report Period: 8 DAYS 20