1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.

Slides:

Advertisements

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

Advertisements

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.

Security Life Cycle for Advanced Threats

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

Malware\Host Analysis for Level 1 Analysts “Decrease exposure time from detection to eradication” Garrett Schubert – EMC Corporation Critical Incident.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

The Most Analytical and Comprehensive Defense Network in a Box.

1© Copyright 2011 EMC Corporation. All rights reserved. Advanced Persistent Threat Sachin Deshmanya & Srinivas Matta.

Copyright © sFlow.org All Rights Reserved sFlow & Benefits Complete Network Visibility and Control You cannot control what you cannot see.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

TRANSITIONING FROM RSA ENVISION -> RSA SECURITY ANALYTICS

Cyber Security Discussion Craig D’Abreo – VP Security Operations.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Microsoft Ignite /16/2017 4:54 PM

Unified Logs and Reporting for Hybrid Centralized Management

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

Understanding and Dealing with Modern Threats Trent Greenwood, Manager Security Practioners TOLA.

© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

The Most Analytical and Comprehensive Defense Network in a Box.

1 Table of Content 1.Business Diagnostic - Establishing a case for change –Changes in demand –New opportunities –Emerging threats 2.Vision Creation - Defining.

Dell Connected Security Solutions Simplify & unify.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

The Changing World of Endpoint Protection

Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

Network security Product Group 2 McAfee Network Security Platform.

1 1 Securing (Accountability for) Cloud Content Peter McGoff – SVP and General Counsel.

1© Copyright 2014 EMC Corporation. All rights reserved. Applying the Power of Data Analytics to Cyber Security Dr. Robert W. Griffin Chief Security Architect.

Sky Advanced Threat Prevention

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.

RECLAIM CONTROL OF MOBILE AND DISTRIBUTED DATA January 13, 2016.

Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.

ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.

2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.

ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.

Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business.

©2012 Bit9. All Rights Reserved Peter Llorens, PERegional Sales Manager, FL, Caribbean & Latin America Julio GutierrezSales Engineer, FL, Caribbean & Latin.

Why SIEM – Why Security Intelligence??

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper Security Threat Response Manager (STRM)

Surveillance and Security Systems Cyber Security Integration.

Physical Security Market to Global Analysis and Forecasts by Application, Services No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$

Physical Security Market to Global Analysis and Forecasts by Application, Services No of Pages: 150 Publishing Date: Feb 2017 Single User PDF: US$

Juniper Software-Defined Secure Network

Public Facilities and Cyber Security

Microsoft Operations Management Suite Insight and Analytics

Journey to Microsoft Secure Cloud

Active Cyber Security, OnDemand

SECURITY INFORMATION AND EVENT MANAGEMENT

THE NEXT GENERATION MSSP

Logsign All-In-One Security Information and Event Management (SIEM) Solution Built on Azure Improves Security & Business Continuity MICROSOFT AZURE APP.

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Shifting from “Incident” to “Continuous” Response

Securing the Threats of Tomorrow, Today.

Panda Adaptive Defense Platform and Services

Threat Monitoring and Defense A fully managed and monitored security and compliance solution for cloud, hybrid, & on-premises infrastructure.

Enhanced alerting and collaborative incident management

STEALTHbits Technologies, Inc.

Software Defined Perimeter Market Research Report By Forecast to 2023 Industry Survey, Growth, Competitive Landscape and Forecasts to 2023 PREPARED BY.

Presentation transcript:

1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory Manager Israel & Greece

2© Copyright 2012 EMC Corporation. All rights reserved. Threats are Evolving Rapidly Nation state actors PII, government, defense industrial base, IP rich organizations Criminals Petty criminal s Organized crime Organized, sophisticated supply chains (PII, financial services, retail) Unsophisticated Non-state actors Terrorist s Anti-establishment vigilantes “Hacktivists” Targets of opportunity PII, Government, critical infrastructure

3© Copyright 2012 EMC Corporation. All rights reserved. Business & IT are evolving rapidly too…

4© Copyright 2012 EMC Corporation. All rights reserved. Traditional Security is Not Working Source: Verizon 2012 Data Breach Investigations Report 99% of breaches led to compromise within “days” or less with 85% leading to data exfiltration in the same time 85% of breaches took “weeks” or more to discover

5© Copyright 2012 EMC Corporation. All rights reserved. Signature -based Compliance Driven Perimeter oriented Traditional Security is Unreliable

6© Copyright 2012 EMC Corporation. All rights reserved. AgileRisk-BasedContextual Effective Security Systems need to be:

7© Copyright 2012 EMC Corporation. All rights reserved. Resource Shift: Budgets and People Today’s Priorities Prevention 80% Monitoring 15% Response 5% Prevention 80% Monitoring 15% Response 5% Prevention 33% Intelligence-Driven Security Monitoring 33% Response 33%

8© Copyright 2012 EMC Corporation. All rights reserved. Attack Begins System Intrusion Attacker Surveillance Cover-up Complete Access Probe Leap Frog Attacks Complete Target Analysis TIME Attack Set- up Discovery/ Persistence Maintain foothold Cover-up Starts Attack Forecast Physical Security Containment & Eradication System Reaction Damage Identification Recovery Defender Discovery Monitoring & Controls Impact Analysis Response Threat Analysis Attack Identified Incident Reportin g Need to collapse free time Reducing Attacker Free Time ATTACKER FREE TIME TIME Source: NERC HILF Report, June 2010 (

9© Copyright 2012 EMC Corporation. All rights reserved. How do Advanced Threats impact the business?

10© Copyright 2012 EMC Corporation. All rights reserved. The Aftermath of an Advanced Attack Hard costs hurt –Emergency cleanup costs –Regulatory penalties –Customer restitution –Business process re-engineering Soft costs really hurt –Missed opportunity due to cleanup focus –Loss of customer confidence –Decline in employee morale & goodwill

11© Copyright 2012 EMC Corporation. All rights reserved. What is the approach for the future?

12© Copyright 2012 EMC Corporation. All rights reserved. Comprehensive Visibility “See everything happening in my environment and normalize it” High Powered Analytics “Give me the speed and smarts to discover and investigate potential threats in near real time” Big Data Infrastructure “Need a fast and scalable infrastructure to conduct short term and long term analysis” Integrated Intelligence “Help me understand what to look for and what others have discovered” Today’s Security Requirements

13© Copyright 2012 EMC Corporation. All rights reserved. RSA Security Analytics: Changing The Security Management Status Quo Unified platform for security monitoring, incident investigations and compliance reporting SIEM Compliance Reports Device XMLs Log Parsing SIEM Compliance Reports Device XMLs Log Parsing Network Security Monitoring High Powered Analytics Big Data Infrastructure Integrated Intelligence Network Security Monitoring High Powered Analytics Big Data Infrastructure Integrated Intelligence RSA Security Analytics Fast & Powerful Analytics Logs & Packets Unified Interface Analytics Warehouse RSA Security Analytics Fast & Powerful Analytics Logs & Packets Unified Interface Analytics Warehouse SEE DATA YOU DIDN’T SEE BEFORE, UNDERSTAND DATA YOU DIDN’T EVEN CONSIDER BEFORE

14© Copyright 2012 EMC Corporation. All rights reserved. RSA Live Integrated Intelligence How Do I Know What To Look For? Gathers advanced threat intelligence and content from the global security community & RSA FirstWatch ® Aggregates & consolidates the most pertinent information and fuses it with your organization's data Automatically distributes correlation rules, blacklists, parsers, views, feeds  Operationalize Intelligence: Take advantage of what others have already found and apply against your current and historical data

15© Copyright 2012 EMC Corporation. All rights reserved. THE ANALYTICS Reporting and Alerting Investigation Malware Analytics Administration Complex Event Processing Free Text Search Correlation Metadata Tagging RSA LIVE INTELLIGENCE SYSTEM Threat Intelligence – Rules – Parsers – Alerts – Feeds – Apps – Directory Services – Reports and Custom Actions Incident Management Asset Criticality Compliance REAL-TIME LONG-TERM EUROPE NORTH AMERICA ASIA Enrichment DataLogsPackets DISTRIBUTED COLLECTION WAREHOUSE Security Analytics Architecture