Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fortify YOUR Defense with CyberSponse Adaptive Security

Published byてるえ たなせ Modified over 5 years ago

Similar presentations

Presentation on theme: "Fortify YOUR Defense with CyberSponse Adaptive Security"— Presentation transcript:

1 Fortify YOUR Defense with CyberSponse Adaptive Security

2 What is Security Orchestration Automation & Response?
Why do I care or need it?

3 What are the key things Security Teams should look to automate?
Phishing Endpoint Infections Hunt, Block & Tackle Incident Response Multiple Logins Attempts SIEM Rules Auth Events Alert Mission: Block Malicious Intent or Close as False Positive Source Target Response Who is? Asset? Block IP Geolocation? Owner? Disable Account Reputation? Cause? Patch Vulnerability Threat Intel? Who else? Audience questions: 1. How many Alerts What are the key elements needed to be ready for SOAR?  TTR Status Next 12 Mins? False Positive? 100+ alerts in queue 3+ Security Tools 3+ Security Staff

4 Challenges that SOAR Solves in Current Environment
Alert Fatigue Slow Response Times Lack of Collaboration Challenges Alerts Overload Lenient Rules > False Positives > Alert Fatigue Strict Rules > True Negatives > Weak Security Multiple, Disintegrated Tools Fact: You would easily have 18 to 25 products to deal with Question: How many SIEM or Firewalls can you learn? Manual and Inconsistent responses causing weak security posture Solution: SOAR augments human analyst Single Pane of Glass to manage all activities of SOC Measure and Boost SOC Efficiency Deliver consistent investigation and response Leverage automation without programing skills Salient Features and Use Cases Integrated with SIEM to receive, respond and close the alert Automated Triaging, Enrichment, Investigation and Remediation Investigations for Phishing, C&C, Data Exfiltration etc. Automated Remediation with human approval Integrations with 250+ products, actions

5 SOAR’s Integrate your SOC with diverse tools
Investigate Remediate Enrich Ingest Triage Contain 250+ Connectors, Actions

6 Enterprise Case Management Orchestration and Automation
Why you want an Incident Response and Automation Platform Enterprise Case Management Orchestration and Automation Incident Response Platform Highly Configurable Role based Access Multi-Tenant Case Management Orchestration & Automation Playbooks Connectors/Integrations SOAR Platform Case Management Automated Playbooks Multi Tenant Highly configurable platform Contextual Data Visualization Build your own Modules Visual Playbook Designer, Out of Box Connectors, Real Life Use Case’s Reference Content Distributed/Federated Architecture Control Access to Data and Playbooks

7 SOAR’s Automate Information Flow & Incident Response
Action Block URL, IP, Domain, File hash Disable User Account Reset Password Orient Gauge the Impact Integrations s Lorem Ipsum Lorem ipsum dolor sit amet, consectetur adipiscing elit SIEM Alerts Observe Enriched contextual data from Threat Intel, Asset Management, User Directory, Historical Data Decide Manual Decisions, Tasks, Approvals Other Alerts (EDR, IDS etc) Actionable Data SOAR Alert Record Response Playbooks

8 How to Obtain a Security Operations ROI with SOAR
FASTER RESPONSE Time Per to Complete Weekly Incidents Time Spent Time Cost Savings Annually Savings (Hours) Savings (%) ($150/h) 45 50 390 0% $0.00 Manual minutes Incidents hours 22 75 190 200 75% $180,000 Semi-Automated 1.4 100 12 378 98% $472,800 Automated Minutes INCREASE MORALE Cost Savings MANAGE ALERTS Threat Window

9 Explore CyOPsTM Community Edition Reach us at Sales@CyberSponse.com
Manage: Alerts, Incidents, Indicators, Tasks across Tenants Measure: MTTD, MTTR, ROI, Reports, Dashboards Respond: Automate, Visual Playbook Designer, Out of Box Connectors Solutions: SOC Automation, Vulnerability Management and BYOS

Download ppt "Fortify YOUR Defense with CyberSponse Adaptive Security"

Similar presentations

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.

The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
2015 NetSymm Overview NETSYMM OVERVIEW December 2015 2015.

2015 NetSymm Overview NETSYMM OVERVIEW December
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.

Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.

2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.
ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.

ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
R0 G74 B141 R221 G221 B221 R114 G114 B114 R0 G93 B91 R165 G33 B53 R207 G151 B27 CO PowerPoint colour palette RGB breakdown R189 G208 B238 HP Operations.

R0 G74 B141 R221 G221 B221 R114 G114 B114 R0 G93 B91 R165 G33 B53 R207 G151 B27 CO PowerPoint colour palette RGB breakdown R189 G208 B238 HP Operations.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Visual Analytics for Cyber Defense Decision-Making Anita D’Amico, Ph.D. Secure Decisions division of Applied Visions, Inc.

Visual Analytics for Cyber Defense Decision-Making Anita D’Amico, Ph.D. Secure Decisions division of Applied Visions, Inc.
Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.
If it’s not automated, it’s broken!

If it’s not automated, it’s broken!

Similar presentations

Ads by Google