ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.

Slides:

Advertisements

Similar presentations

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Advertisements

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Next Generation Monitoring in Cisco Security Cloud Leon De Jager and Nitin.

Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Chapter 13: Sharing Printers on Windows Server 2008 R2 Networks BAI617.

Using The WDK For Windows Logo And Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Motorola Mobility Services Platform

2011 / 9/11/ S V E Security for Virtualized Environments The first comprehensive security solution for.

Adra Match BALANCER: Balance Sheet Reconciliation Software Powered by the Microsoft Azure Cloud MICROSOFT AZURE ISV PROFILE: ADRA MATCH Adra Match develops.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

Highlights Builds on Splunk implementations – extending enterprise value to include mission-critical IBM mainframe data. Unified mainframe data source.

Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

CensorNet Desktop Surveillance Description, Target audience, Positioning Components, Features

Alert Logic Provides a Fully Managed Security and Compliance Solution Based in the Cloud, Powered by the Robust Microsoft Azure Platform MICROSOFT AZURE.

Network security Product Group 2 McAfee Network Security Platform.

LegendCorp What is System Center Virtual Machine Manager (SCVMM)? SCVMM at a glance Features and Benefits Components / Topology /

Exchange Deployment Planning Services Exchange 2010 Complementary Products.

Company Confidential Leverage Your E-Business Suite as Part of Your Sales Performance Management Strategy January 17, 2008.

IT Priorities Minimize CAPEX Maximize employee productivity Grow the business Add new compute resources real- time to support growth Meet compliance requirements.

Mailjet and Microsoft Azure Offer All-in-One Infrastructure and Deliverability while Saving IT and Enterprise Time and Money with Scalability MICROSOFT.

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

What’s new in SEP Presenter’s Name Here Presenter’s Title Here.

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

Service Pack 2 System Center Configuration Manager 2007.

Ellis Paul Technical Solution Specialist – System Center Microsoft UK Operations Manager Overview.

Built atop SharePoint Online, WorkPoint 365 Offers a Project and Case Management Solution to Boost Business Productivity and Deliver Governance OFFICE.

©2015 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE. 1 Bomgar Privileged Access Management.

Microsoft Azure and ServiceNow: Extending IT Best Practices to the Microsoft Cloud to Give Enterprises Total Control of Their Infrastructure MICROSOFT.

The VERSO Product Returns Portal Incorporates Office 365 Outlook and Excel Add-Ins to Create Seamless Workflow for All Participating Users OFFICE 365 APP.

1 © Copyright 2015 EMC Corporation. All rights reserved. What’s new in RSA Via Lifecycle and Governance 7.0 RSA Customer Update – July 2015.

2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.

Boris Ulík Technology Solutions Professional Microsoft Slovakia Microsoft ® System Center 2012: System Center Endpoint Protection 2012.

© Copyright 2015 EMC Corporation. All rights reserved. 1 RSA FRAUDACTION DANIEL COHEN * FRAUDACTION ANTI-FRAUD SERVICES.

Enterprise Alert on Microsoft Azure Fully Automates Critical Incident Communication and Transforms It into an Intelligent, Reliable, and Mobile Experience.

Get Full Protection on Microsoft Azure with Symantec™ Endpoint Protection 12.1 MICROSOFT AZURE ISV PROFILE: SYMANTEC Symantec™ Endpoint Protection is an.

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

Advanced Endpoint Security Data Connectors-Charlotte January 2016

Deployment Planning Services

Hybrid Management and Security

A Virtual Tour of SophosLabs Building next-generation protection

Now, let’s implement/trial Windows Defender Advanced Threat Protection

“Introduction to Azure Security Center”

How Microsoft uses Windows Defender ATP–Welcome to a SecOps world!

Hybrid Management and Security

Microsoft Operations Management Suite Insight and Analytics

Configure and Manage Your Hybrid Cloud Environment at Scale

SaaS Application Deep Dive

Active Cyber Security, OnDemand

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

Panda Adaptive Defense Platform and Services

A 5-minute overview of ADAudit Plus

Business Document Platform

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

Your ServiceNow Story EXAMPLE ON THE NEXT PAGE. MODIFY TO MAKE YOU STORY Instructions for use: Look in the notes section for each page for additional.

Features - Benefits Major Release March 2019

Microsoft Data Insights Summit

Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

OSL150 – Get Hands on with Ivanti Endpoint Security

Presentation transcript:

ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview

2 © Copyright 2015 EMC Corporation. All rights reserved. RSA ECAT Detect by behavior of malware rather than a signature Deep endpoint visibility & real-time alerting Intelligent risk level scoring system to prioritize threats Confirm infections quickly & block with precision in real time Detect by behavior of malware rather than a signature Deep endpoint visibility & real-time alerting Intelligent risk level scoring system to prioritize threats Confirm infections quickly & block with precision in real time ECAT Scan Monitor & Alert Analyze Take Action OVERVIEW

3 © Copyright 2015 EMC Corporation. All rights reserved. RSA ECAT: Key Highlights  Deep, Fast Scans [5-20 min]  Proactively finds the unknown, hidden malware  Intelligent scoring system prioritizes alerts  Take action with blocking capability streamlining analyst workflow end-to-end  Intuitive for a Tier 1 analyst to use  Light, Configurable agent (2MB on disk, 10-20MB in memory)  Enterprise scalability; 50K agents per server

4 © Copyright 2015 EMC Corporation. All rights reserved. Introducing: RSA ECAT 4.1 This roadmap documents contains “forward looking statements” and are plans, not commitments TAGLINE & MESSAGING Tagline: Rule Your Endpoints - with RSA ECAT Release Headline: Hunt down and block malware missed by other tools. Get the most out of your security team with a 95% reduction in alert escalations Reduce incident response time from days to minutes by finding all other infected machines and the exact location of malicious files in a single click – easily determine root cause of infection in minutes “RSA ECAT has helped narrow down a 12-hour analysis to 10 or 15 minutes” – EMC CIRC ( the-crosshairs-of-a-cyberwar-that-never-ends) NETWORK FORENSICS SIEM & BEYOND ENDPOINT THREAT ANALYSIS

5 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 THEMES & CAPABILITIES Enhanced Detection & Visibility Active Response Streamlined Analyst Workflow Platform Maturity Simplified Pricing

6 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 ENHANCED DETECTION & VISIBILITY New intelligent risk scoring method based on machine learning – closer to an easy button – Quickly triage for highest priority issues; a score that analysts can trust Intelligent score

7 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 ENHANCED DETECTION & VISIBILITY Gain visibility and continue to protect endpoints while outside of corporate network – ECAT Remote Agent Relay

8 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 ENHANCED DETECTION & VISIBILITY Enhanced Mac visibility (closer to Windows) – Real-time detection (always running agent) – Module tracking behavior (end-to-end tracking of events) – Capture network connections (to C2 domain/IP) – Network, Process, and File System Trackers – Dedicated MAC IIOCs added

9 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 ENHANCED DETECTION & VISIBILITY Integrate intelligence data with STIX support – – Becoming de factor standard language used to communicate a set of cyber intelligence – Used by FSISAC – becomes benchmark for future industries

10 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 THEMES & CAPABILITIES Enhanced Detection & Visibility Active Response Streamlined Analyst Workflow Platform Maturity Simplified Pricing

11 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 ACTIVE RESPONSE Blocking is here – Take action natively in ECAT – File & process blocking capabilities – Quarantine

12 © Copyright 2015 EMC Corporation. All rights reserved. New Blocking capabilities enable taking action against suspicious modules detected by ECAT Agent. – Files from being written to disk (an error code is returned to the application) – Files from being loaded in memory Blocking and remediation options include: – Block (no remediation) : File is blocked but remain at its location – Quarantine: Files are moved to a quarantine directory (subdir from deleted files folder) and are only accessible to system administrators. – Delete: Only after a file was moved to the quarantine folder it can be deleted from file system

13 © Copyright 2015 EMC Corporation. All rights reserved. Blocking is enabled for the entire organization. Blocking inheritance is also available to follow a machine group configuration or an ad-hoc scenario. Manage (add, edit, delete) all blocked modules leveraging a single view of relevant machines and machines groups, modules, IIOCs, and more. Built-in ‘defense-mechanism’ from blocking modules holding trusted certificate and whitelisted status

14 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 THEMES & CAPABILITIES Enhanced Detection & Visibility Active Response Streamlined Analyst Workflow Platform Maturity Simplified Pricing

15 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 STREAMLINED ANALYST WORKFLOW Automated Status Listing – Reduce the time analysts spend on assigning bias status to modules Configure > Global Parameters

16 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 STREAMLINED ANALYST WORKFLOW Streamline analyst workflow directly from its source of infection: the end-point work station by forwarding suspicious modules to a sandbox system – Security Analytics Malware Analysis, or – 3 rd party sandbox support (ie Cuckoo)

17 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 THEMES & CAPABILITIES Enhanced Detection & Visibility Active Response Streamlined Analyst Workflow Platform Maturity Simplified Pricing

18 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 PLATFORM MATURITY An already enterprise class endpoint solution becomes even better - o Role based permissions o REST API o Overall performance of the UI

19 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 THEMES & CAPABILITIES Enhanced Detection & Visibility Active Response Streamlined Analyst Workflow Platform Maturity Simplified Pricing

20 © Copyright 2015 EMC Corporation. All rights reserved. Introducing RSA ECAT 4.1 SIMPLIFIED PRICING Eliminated the separate ECAT server cost and SKU – Combined the server cost into ECAT host Combined separate HashDB SKU into ECAT host – ONE SKU for ECAT product! Introducing subscription pricing in addition to perpetual Simplified # of tiers ECAT Tiers

EMC, RSA, the EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.