Presentation is loading. Please wait.

Presentation is loading. Please wait.

Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business.

Published byMildred Higgins Modified over 8 years ago

Similar presentations

Presentation on theme: "Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business."— Presentation transcript:

1 Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business

2

3

4 TRADITIONAL APPROACHES ARE NOT ENOUGH… Impossible to pre-define all rulesConstant fear of breachesActivities without context

5 HUMANS ARE THE NEW PERIMETER ”Professionals target people. And any solutions will have to target the people problem, not the math problem”

6 CONTEXTUAL SECURITY INTELLIGENCE Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI Immediate reaction Real-time knowledge of all actions Recognition of the unusual Norm and pattern recognition and learning

7 BENEFIT AREAS OF CSI Intervention in the kill chain Breach Prevention Behavior Intelligence Efficient forensics Security Operations Initiation of new policies Compliance ROI Breach & account risk detection Risk Assessment Risk Compliance Breach Operations Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI

8 BREACH PREVENTION Breach Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Unusual behavior patterns ●Insider threats and hijacked accounts ●APT Kill Chain

9 SECURITY OPERATIONS Operations Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Response & forensics capabilities ●Real-time notificatin & alerting ●Automated security reactions & intervention

10 RISK ASSESSMENT Risk Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Account and global risk estimation ●Identifying policy violations ●Gap between privileges and actual behavior

11 COMPLIANCE Compliance Discover Anomalies Investigate & Respond Monitor Activities Profile Users CSI ●Audit and review ●Integration with existing systems ●Prioritize and highlight critical areas

12  Instant access to data  Centralized data collection  Data delivery for analytics  Filtering and normalization Vast amount of data Access and monitoring CONTEXTUAL SECURITY INTELLIGENCE SUITE 12 Enriched Data Platform  Manage all access points  Transparent monitoring  Visualize commited actions  Movie-like replay & search  Machine learning of activities  Anomaly Detection  Real-time intervention  Risk scoring and alerting The User Perspective Behavioural Analytics The Problem The Solution CSI.DATA CSI.USER CSI.RISK Not asked and not known

13 ARCHITECTURE - SIMPLIFIED

14 PREVENTION BY MONITORING LET’S EXAMINE A HUMAN ATTACK! 1234567 8 Initial intrusion Time-frame for preventionForensics Outbound connection Expand accessStrengthen foothold Exfiltrate data 9 Cover tracks

15 CONTEXTUAL SECURITY INTELLIGENCE SUITE IN ACTION Privileged User User Profiles Login Time Login Location Host login Commands Keystrokes Mouse Applications Peer groups Privileged User Behavior Analytics Log Activity Log Activity Session Activity Session Activity

16 CONTEXTUAL SECURITY INTELLIGENCE SUITE IN ACTION Privileged Imposter User Profiles Login Time Login Location Host login Commands Keystrokes Mouse Applications Peer groups Privileged User Behavior Analytics Log Activity Log Activity Session Activity Session Activity Discover Security Operations Center

17 CONTEXTUAL SECURITY INTELLIGENCE SUITE IN ACTION Privileged Imposter User Profiles Login Time Login Location Host login Commands Keystrokes Mouse Applications Peer groups Privileged User Behavior Analytics Log Activity Log Activity Session Activity Session Activity Discover Security Operations Center Investigate Respond

18 HIGHLY VISUAL INTERFACE IT IS THE REAL-TIME DASHBOARD

19

20 HOW IS CSI DIFFERENT? Traditional security approachContextual security approach Manually definedSelf learning Enforcing controlReal-time knowledge & interaction Security damages continuityMore Security with more freedom ROI only when accatckedImmediate visibility of ROI Partial visionFull knowledge of all actions

21 London Tower 42, 25 Old Broad Street, London EC2N 1HN Paris 105, rue Jules Guesde, 92300 Levallois Perret New York 40 Wall St. 28th Floor, NYC, NY 10005 Munich Stefan-George-Ring 29. D-81929 München 200+ employees > 50% y/y growth over year 100+ resellers 600 Customers Budapest Alíz street 2. H-1117 Budapest

22 ERIC.PARIETTI@BALABIT.COM Follow us!

23 THANK YOU Follow us!

Download ppt "Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business."

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
Security Life Cycle for Advanced Threats

Security Life Cycle for Advanced Threats
BalaBit Shell Control Box

BalaBit Shell Control Box
Security intelligence: solving the puzzle for actionable insight Fran Howarth Senior analyst, security Bloor Research.

Security intelligence: solving the puzzle for actionable insight Fran Howarth Senior analyst, security Bloor Research.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.

USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
Access Control Chapter 3 Part 5 Pages 248 to 252.

Access Control Chapter 3 Part 5 Pages 248 to 252.
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
Cyber Security Discussion Craig D’Abreo – VP Security Operations.

Cyber Security Discussion Craig D’Abreo – VP Security Operations.
Security & Privacy The changing world of Privacy and the core drivers.

Security & Privacy The changing world of Privacy and the core drivers.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Boost your network security with NETASQ Vulnerability Manager.

Boost your network security with NETASQ Vulnerability Manager.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
seminar on Intrusion detection system

seminar on Intrusion detection system
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Department Of Computer Engineering

Department Of Computer Engineering
Ken Paiboon 214.274.3436 ken@exabeam.com User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon 214.274.3436 ken@exabeam.com.

Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon

Similar presentations

Ads by Google