Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business.

Slides:

Advertisements

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

Advertisements

Security Life Cycle for Advanced Threats

BalaBit Shell Control Box

Security intelligence: solving the puzzle for actionable insight Fran Howarth Senior analyst, security Bloor Research.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.

The Most Analytical and Comprehensive Defense Network in a Box.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

Access Control Chapter 3 Part 5 Pages 248 to 252.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

Cyber Security Discussion Craig D’Abreo – VP Security Operations.

Security & Privacy The changing world of Privacy and the core drivers.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Boost your network security with NETASQ Vulnerability Manager.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

MIGRATION FROM SCREENOS TO JUNOS based firewall

seminar on Intrusion detection system

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Department Of Computer Engineering

Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon

Intrusion Detection Presentation : 1 OF n by Manish Mehta 01/24/03.

Unify and Simplify: Security Management

1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.

The Most Analytical and Comprehensive Defense Network in a Box.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

Intrusion Detection Presentation : 3 OF n by Manish Mehta 02/21/03.

The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.

APM for Security Forensics ENHANCING IT SECURITY WITH POST-EVENT INTRUSION RESOLUTION Lakshya Labs.

Ali Alhamdan, PhD National Information Center Ministry of Interior

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

1© Copyright 2014 EMC Corporation. All rights reserved. Applying the Power of Data Analytics to Cyber Security Dr. Robert W. Griffin Chief Security Architect.

Cryptography and Network Security Sixth Edition by William Stallings.

Brandon Traffanstedt Systems Engineer - Southeast

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.

Why SIEM – Why Security Intelligence??

Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:

Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper Security Threat Response Manager (STRM)

DATS Portfolio. PARTNERS & Solutions END TO END DATA CENTER SOLUTIONS Building a robust, resilient IT infrastructure. Lenovo System x combines unbeatable.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon

Protect your Digital Enterprise

Deployment Planning Services

Hybrid Management and Security

Cloud App Security vs. O365 Advanced Security Management

“Introduction to Azure Security Center”

Hybrid Management and Security

Microsoft Operations Management Suite Insight and Analytics

Active Cyber Security, OnDemand

Our Solutions Focus: Threat Detection and Investigation

Evaluating a Real-time Anomaly-based IDS

Continuous Intelligence for Microsoft Office 365 Deployments That Reduces Risk, Raises Visibility “As more and more organizations leverage modern-day,

Securing Your Digital Transformation

THE NEXT GENERATION MSSP

Varonis Overview.

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Ed oms team OMS: Log Analytics Ed oms team.

Protect Your Microsoft Azure Cloud Assets Against Inside and Outside Threats With Balabit’s Shell Control Box Privileged User Monitoring Solution Partner.

Panda Adaptive Defense Platform and Services

Human (user) behavior patterns and analytics

Enhanced alerting and collaborative incident management

Microsoft Data Insights Summit

Security intelligence: solving the puzzle for actionable insight

STEALTHbits Technologies, Inc.

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Presentation transcript:

Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business

TRADITIONAL APPROACHES ARE NOT ENOUGH… Impossible to pre-define all rulesConstant fear of breachesActivities without context

HUMANS ARE THE NEW PERIMETER ”Professionals target people. And any solutions will have to target the people problem, not the math problem”

CONTEXTUAL SECURITY INTELLIGENCE Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI Immediate reaction Real-time knowledge of all actions Recognition of the unusual Norm and pattern recognition and learning

BENEFIT AREAS OF CSI Intervention in the kill chain Breach Prevention Behavior Intelligence Efficient forensics Security Operations Initiation of new policies Compliance ROI Breach & account risk detection Risk Assessment Risk Compliance Breach Operations Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI

BREACH PREVENTION Breach Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Unusual behavior patterns ●Insider threats and hijacked accounts ●APT Kill Chain

SECURITY OPERATIONS Operations Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Response & forensics capabilities ●Real-time notificatin & alerting ●Automated security reactions & intervention

RISK ASSESSMENT Risk Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Account and global risk estimation ●Identifying policy violations ●Gap between privileges and actual behavior

COMPLIANCE Compliance Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Audit and review ●Integration with existing systems ●Prioritize and highlight critical areas

 Instant access to data  Centralized data collection  Data delivery for analytics  Filtering and normalization Vast amount of data Access and monitoring CONTEXTUAL SECURITY INTELLIGENCE SUITE 12 Enriched Data Platform  Manage all access points  Transparent monitoring  Visualize commited actions  Movie-like replay & search  Machine learning of activities  Anomaly Detection  Real-time intervention  Risk scoring and alerting The User Perspective Behavioural Analytics The Problem The Solution CSI.DATA CSI.USER CSI.RISK Not asked and not known

ARCHITECTURE - SIMPLIFIED

PREVENTION BY MONITORING LET’S EXAMINE A HUMAN ATTACK! Initial intrusion Time-frame for preventionForensics Outbound connection Expand accessStrengthen foothold Exfiltrate data 9 Cover tracks

CONTEXTUAL SECURITY INTELLIGENCE SUITE IN ACTION Privileged User User Profiles Login Time Login Location Host login Commands Keystrokes Mouse Applications Peer groups Privileged User Behavior Analytics Log Activity Log Activity Session Activity Session Activity

CONTEXTUAL SECURITY INTELLIGENCE SUITE IN ACTION Privileged Imposter User Profiles Login Time Login Location Host login Commands Keystrokes Mouse Applications Peer groups Privileged User Behavior Analytics Log Activity Log Activity Session Activity Session Activity Discover Security Operations Center

CONTEXTUAL SECURITY INTELLIGENCE SUITE IN ACTION Privileged Imposter User Profiles Login Time Login Location Host login Commands Keystrokes Mouse Applications Peer groups Privileged User Behavior Analytics Log Activity Log Activity Session Activity Session Activity Discover Security Operations Center Investigate Respond

HIGHLY VISUAL INTERFACE IT IS THE REAL-TIME DASHBOARD

HOW IS CSI DIFFERENT? Traditional security approachContextual security approach Manually definedSelf learning Enforcing controlReal-time knowledge & interaction Security damages continuityMore Security with more freedom ROI only when accatckedImmediate visibility of ROI Partial visionFull knowledge of all actions

London Tower 42, 25 Old Broad Street, London EC2N 1HN Paris 105, rue Jules Guesde, Levallois Perret New York 40 Wall St. 28th Floor, NYC, NY Munich Stefan-George-Ring 29. D München 200+ employees > 50% y/y growth over year 100+ resellers 600 Customers Budapest Alíz street 2. H-1117 Budapest

Follow us!

THANK YOU Follow us!