© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

Slides:



Advertisements
Similar presentations
THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
Advertisements

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
Security Life Cycle for Advanced Threats
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
© 2012 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
A Federated Approach to Systems Management Todd Nugent Mike Huffstatler Sr. Product Specialist Systems Engineer.
11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.
©2011 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks.
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
Cyber Security Discussion Craig D’Abreo – VP Security Operations.
Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
© 2012 Bradford Networks. All rights reserved. Secure BYOD.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep
It’s Not Your Father’s NAC: Next-generation NAC
Network Access Control 101 Securing the Critical Edge of Your Network.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Introducing Quick Heal Endpoint Security 5.2. “Quick Heal Endpoint Security 5.2 is designed to provide simple, intuitive centralized management and control.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.
Dell Connected Security Solutions Simplify & unify.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
© 2012 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks.
PAGE Intelligence Meets Vulnerability Management NYC ISSA January 24, 2013.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Network security Product Group 2 McAfee Network Security Platform.
HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
Synchronized Security Revolutionizing Advanced Threat Protection
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Network Access Control 101 Securing the Critical Edge of Your Network.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions.
ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.
IS3220 Information Technology Infrastructure Security
Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.
ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.
Why SIEM – Why Security Intelligence??
So how to identify exactly who and what is on your network at any point in time? Andrew Noonan, SE ForeScout February 2015.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.
Kevin Watson and Ammar Ammar IT Asset Visibility.
IT Security Mandatory Solutions Andris Soroka 2nd of July, RIGA.
Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.
Proactive Incident Response
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Your Partner for Superior Cybersecurity
OIT Security Operations
Cloud App Security vs. O365 Advanced Security Management
NAC 101 Transforming Network Security through Visibility, Control and Response Sanjit Shah, VP BD & Marketing Hello and welcome to today’s session on.
The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.
Hybrid Management and Security
Cloud-First, Modern Windows Management and Security
Network Access Control 101 Securing the Critical Edge of Your Network
Network Access Control 101 Securing the Critical Edge of Your Network
Network Access Control 101 Securing the Critical Edge of Your Network
Securing Your Digital Transformation
Sizing …today. T: Here’s how. .
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Shifting from “Incident” to “Continuous” Response
Panda Adaptive Defense Platform and Services
Building an Integrated Security System Microsoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft
Presentation transcript:

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds

Agenda Changing Threat Landscape Evolution of NAC to Security Automation Intro to Bradford Networks Leveraging Integration and Correlation Rapid Threat Response Business Impact

Profile of Todays Advanced Cyber Threats Data Consolidation Data Exfiltration Data Exfiltration Internal Network Scan Internal Network Scan Phishing on End Users Device Phishing on End Users Device Users Device Compromised Attack surface is now 3x what is was just a few years ago.

The Enterprise Today … Dynamic, Complex 4 Datacenter Network Users Devices Secure Risk Network Access Control Assessing the Risk of Every User and Device Network Access Control Assessing the Risk of Every User and Device BACK DOOR SAFE SAFE BLIND SPOT Visibility Policies Enforcement

Network Visibility W HO W HAT W HEN Real-Time Visibility Single Network Sentry Appliance …. L OCATION 2 L OCATION N L OCATION 1 W HERE VPNVPN

Flexible Network Access Policies W HO W HAT W HERE W HEN T RUSTED U SERS T RUSTED TIME T RUSTED D EVICES T RUSTED L OCATIONS

Policy Enforcement IdentifyUser Assign Network Access AssessRisk IdentifyDevice No Access Guest Access Restricted Access Unrestricted Access

Endpoint Compliance Safe Configuration Mandatory Applications Required OS Patch Levels Endpoint Protection Minimum Application Version VLANAssignment Device Risk Assessment

Network Access Control Gaining and Removing Network Access Endpoint Visibility & Compliance Threat Investigation Workflows Workflows Self-ServiceOnboardingSelf-ServiceOnboarding Threat / Device Correlation Correlation Isolate Investigate Block Connect Reassign Reconfigure Network Access Policies Security Information & Event Management Intrusion Detection Systems Security Intelligence & Big Data Analytics Advanced Persistent Threat Detection Active Directory Antivirus Patch Management Mobile Device Management Application Whitelisting Visibility Trusted Configurations Risk Indication Network Change Automation Automation Rapid Threat Response Response ControlNetworkAccess Criteria for Gaining Network Access Criteria for Removing Network Access

Evolution of NAC Rapid Threat Response Minimize Threat Think Time Threat Investigation Simplify Investigation Workflows Consumerization/ BYOD Enable Safe Network Provisioning Endpoint Compliance Ensure Safe Devices Self-Service Onboarding Enable Scalable Onboarding NAC 1.0 Safe Onboarding NAC 2.0 BYOD NAC 3.0 Security Automation

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response

Cyber Threat Lifecycle AttackToCompromiseCompromiseToDetection DetectionToContainment AttackDetectionCompromise

Why Detection to Containment Takes 7 Days More Records Breached Theft Escalating Total Cost More Impact on Brand Impact Threats Are Targeted and Complex Fragmented IT Skills Silos of Security Information Too Many Security Events Detection to Containment Time

Getting Threat Response Down to 7 Seconds VisibilityPreventionDetectionResponse Cyber Security Strategy Threat Containment Threat Intelligence Restrict Access Block Device RemediateDevice DetermineMotiveTraceMethodUncoverMistakes Manual Automation 7 SECONDS

Live Inventory of Network Connections (LINC) SmartEdge Integration Platform Leader in Rapid Threat Response Network Analytics and Forensics About Bradford Networks Best Buy Rating From SC Magazine

SmartEdge Platform U SER D EVICE C ONNECTION T IME Network Firewalls Detection BYOD Endpoint Protection SIEM A PPLICATIONS

Rapid Threat Response (RTR) Essentials … Live Inventory of Wired, Mobile and VPN Connections Real-Time and Flexible Control of Network Access Business-Criticality of User and Endpoints Integrated High Fidelity Security Alerts

Network Sentry/RTR in Action ResponseResponse Restrict Access ThreatContainment 7 SECONDS Block Device Remediate Device DetectionDetection IP Address + User Name + Security Group + Device Type + Operating System + Wired Adapters + Wireless Adapters + Installed Applications + Network Location + Connection Port

Business Impact with Bradford Networks Reduce Threat Response Time From Days to Seconds Automate Response and Reduce Burden on Security Staff Quickly Contain Threats, Prevent Propagation Minimize Cost, Protect Brand, Protect Assets