MSSP Security Orchestration Shopping List

Slides:

Advertisements

Similar presentations

XProtect ® Professional Efficient solutions for mid-sized installations.

Advertisements

XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.

HP Quality Center Overview.

Key Considerations for Report Generation & Customization Richard Wzorek Director, Production IT Confidential © Almac Group 2012.

The Most Analytical and Comprehensive Defense Network in a Box.

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

The Most Analytical and Comprehensive Defense Network in a Box.

PO320: Reporting with the EPM Solution Keshav Puttaswamy Program Manager Lead Project Business Unit Microsoft Corporation.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C

1 Warranty and Repair Management For Infor XA Release 7 WARM Denise Luther – Sr. XA Consultant WARMS Technical Manager CISTECH, Inc. Rod Fortson – Sr.

Oracle Application Express. Program Agenda Oracle Application Express Overview Use Cases Key Features Packaged Applications Packaging Pricing Call to.

Introduction – Addressing Business Challenges Microsoft® Business Intelligence Solutions.

Last Updated 1/17/02 1 Business Drivers Guiding Portal Evolution Portals Integrate web-based systems to increase productivity and reduce.

1 1 Securing (Accountability for) Cloud Content Peter McGoff – SVP and General Counsel.

2015 NetSymm Overview NETSYMM OVERVIEW December

Smart cloud orchestrator - the first implementation in the world at Wroclaw University of Technology for supporting design processes in education at universities.

SG SCM with MKS scmGalaxy Author: Rajesh Kumar

ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.

ABOUT COMPANY Janbask is one among the fastest growing IT Services and consulting company. We provide various solutions for strategy, consulting and implement.

Documents. Process. Data. Payables

Sales Play - ADP 2.0 HPE ArcSight Partner Enablement

Web GIS: Architectural Patterns and Practices

Deck Customization Checklist

AuraPortal Cloud Helps Empower Organizations to Organize and Control Their Business Processes via Applications on the Microsoft Azure Cloud Platform MICROSOFT.

Wallpaper only – on screen during welcome and chat

Hybrid Management and Security

MICROSOFT AZURE ISV PROFILE: BMC SOFTWARE

TOPdesk Service Management Software on Azure

Segmap Solutions Mapping segments.

Presenter Date | Location

Sales Infinite CRM Software Solution

Barracuda Networks Creates Next-Generation Security Solutions That Enable Customers to Accelerate Their Adoption of Microsoft Azure MICROSOFT AZURE APP.

Hybrid Management and Security

Microsoft Operations Management Suite Insight and Analytics

QlikView Connector for Informatica Powercenter An Introduction

Wonderware Online Cost-Effective SaaS Solution Powered by the Microsoft Azure Cloud Platform Delivers Industrial Insights to Users and OEMs MICROSOFT AZURE.

Extensible Platform Microsoft Dynamics 365

Speaker’s Name, SAP Month 00, 2017

Gain powerful insights into your print environment

A Day In The Life of Extended CRM

Introduction to Magento Magento is one of the most popular ecommerce solutions in the world. But learning this powerful content management system also.

By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union

Yellowfin: An Azure-Compatible Business Intelligence Platform That Connects People with Their Data for Better Decision Making MICROSOFT AZURE APP BUILDER.

Be Better: Achieve Customer Service Excellence and Create a Lean RMA and Returns Process with Renewity RMA and the Power of Microsoft Azure MICROSOFT AZURE.

Healthcare Cloud Security Stack for Microsoft Azure

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Skybox Cyber Security Best Practices

Druva inSync: A 360° Endpoint and Cloud App Data Protection and Information Management Solution Powered by Azure for the Modern Mobile Workforce MICROSOFT.

Automating Profitable Growth™

One-Stop Shop Manages All Technical Vendor Data and Documentation and is Globally Deployed Using Microsoft Azure to Support Asset Owners/Operators MICROSOFT.

Panda Adaptive Defense Platform and Services

AIMS for BizTalk, Built on the Microsoft Azure Platform, Empowers Enterprises to Automate Insight and Analytics and Boost Value Creation MICROSOFT AZURE.

Healthcare Cloud Security Stack for Microsoft Azure

Enterprise Program Management Office

Microsoft Virtual Academy

Single Cell’s Progenitor Powered by Microsoft Azure Improves Organisational Efficiency with Strategic Procurement, Contract Management, and Analytics MICROSOFT.

1 5 Identify Connect Leverage MOBILE-READY SINGLE PLATFORM

Automating Profitable Growth

Automating Profitable Growth™

Service management system at cloud

AT&T Firewall Battlecard

Fortify YOUR Defense with CyberSponse Adaptive Security

OU BATTLECARD: Oracle Identity Management Training

Changing Role Tier 1 SOC Analysts Should You Stop Hiring?

What You Should Know About Driving Down MTTD and MTTR

Security Orchestration - A Catalyst for MSSP Speed to Market

OPIsrael And The Value Of Next Generation SOCs

Presentation transcript:

MSSP Security Orchestration Shopping List

Introduction To say that MSSPs have a security orchestration challenge is the understatement of the century. But not just any security orchestration platform can satisfy the multi-tenant requirements of MSSPs. Managed security services providers (MSSPs) can teach a master class on today’s threat landscape.

MSSPs and SOC With dozens of client environments to monitor, MSSPs get a broad view of what it takes to detect, manage and respond to cyberthreats of all kinds. And don’t get us started about all the false positives to be addressed day in and day out. MSSPs are also in the unique position of needing to understand how to fully leverage the vast landscape of security tools. Whereas an enterprise security operations team (SOC) would need the capabilities to manage one SIEM, for example, an MSSP needs to be prepared to manage a variety of client-selected technologies.

SIEM & WAF From SIEMs and web application firewalls (WAF) to intrusion detection systems (IDS) and anti-malware solutions, MSSPs must be ready to manage them all. Below is a quick look at what you should be looking for when exploring security orchestration solutions if you, or someone you love, is part of an MSSP. security orchestration solutions

Security Orchestration Table Security orchestrationSecurity orchestration should provide a centralized security operations platform as the nucleus of its security management. A single console provides MSSPs with a centralized, detailed view of multiple customers. Within the scope of security orchestration are core features and functionality that should be considered table stakes for any organization.

Triage and Case Management Triage Streamline alert management and the triage process by eliminating noise, grouping related alerts, and integrating multiple data sources to provide and enrich insight across grouped alerts. Case Management Manage the entire SOC through a complete view presented in a single pane of glass, which analysts can use as their primary workbench.

Playbook Library & Case Visualization Playbook Library Accelerate time to value with an out-of-the-box playbook knowledge base that drives the full range of playbook requirements and provides a balance between automation and analyst interaction. Case Visualization Visual representation of each case provides an intuitive understanding of complex cases and threats in a fraction of the usual time required.

Reporting & Case Reduction Reporting One-click reporting of activity and KPI measurements to customers. Automation of reporting and distribution process. Case Reduction & Clustering Reduces caseload via graph contextualization, clustering of contextually relevant cases, and automated case prioritization.

Cyber Ontology

Reporting & Case Reduction Automation Automate cumbersome manual processes with a machine-speed response. Typical processes ripe for security automation include data normalization, alert filtration and consolidation and case enrichment.security automation Playbook and Workflow Authoring Playbook design capability to create and implement analyst-customized workflows (without scripting).

Additional MSSP Requirements ● Be sure to look for solutions that go beyond core security orchestration functionality to include these capabilities, tailored to the needs of MSSPs: ● Adapt workflows for similar use-cases to specific customers ● Integrate SLA expectations with KPI performance measurement and reporting ● Provide customer visibility through automated reporting and distributed dashboards ● Collaboration between MSSP security professionals and customer resources ● Health monitoring across MSSP customer base

Multi Tenancy Multi-tenancy (at the environmental level, and in terms of data, permissions, dashboard, reporting, and unique customer playbooks) is crucial for any MSSP who wishes to reap the full value of security orchestration across its customer base and to give teams the proverbial single pane of glass access and vision.

MSSP Multi-Tenancy

Integration Given the infinite possible configurations, a security orchestration solution must have the capability to integrate with any environment. Out-of-the-box integrations offer an important solution, as well as an architecture that supports easily expanded integrations with the endless data sets MSSPs will encounter. For example, multiple SIEMs and non-standard alert sources, including s.security orchestration

MSSP Techstack

Let’s Go Shopping For a deeper look and a full security orchestration shopping list, download our MSSP buyer’s guide for security orchestration and automation.security orchestration shopping list