APM for Security Forensics ENHANCING IT SECURITY WITH POST-EVENT INTRUSION RESOLUTION Lakshya Labs.

Slides:



Advertisements
Similar presentations
Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Advertisements

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Network Instruments Troubleshooting Techniques. What to look for in network monitoring solutions… Key Elements Real Time Statistics Visual Network Traffic.
Secrecy Preserving Signatures Filtering Packets without Learning the Filtering Rules.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
The Most Analytical and Comprehensive Defense Network in a Box.
Managed Premises Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
MSIT 458: Information Security & Assurance By Curtis Pethley.
1 Host Based Intrusion Detection: Analyzing System Logs Bob Winding, Vikram Ahmed University of Notre Dame 12/13/2006.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.
Host Intrusion Prevention Systems & Beyond
Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.
Building Survivable Systems based on Intrusion Detection and Damage Containment Paper by: T. Bowen Presented by: Tiyseer Al Homaiyd 1.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Securing Legacy Software SoBeNet User group meeting 25/06/2004.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Go Back in Time On Your Network Get Faster Problem Resolution.
Market Analysis Decision Group.
1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.
The Most Analytical and Comprehensive Defense Network in a Box.
What is FORENSICS? Why do we need Network Forensics?
Monitoring for network security and management Cyber Solutions Inc.
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Chris Shenefiel.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Observer Platform Network Security Forensics. Agenda Introduction o Today’s security challenges o Observer Platform network forensics benefits Five Steps.
SHAWN CROWE LTEC /026 ASSIGNMENT #3 Networking Components.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.
Module 11: Designing Security for Network Perimeters.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.
Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.
Presentation Layer (Graphical User Interface) AppGUI Logic Layer (Business Logic and data access) Network Discovery Device Information Extraction Network.
Janis Buikauskis Joe Kubena Kyle Nelson Chris Schrader.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
A presentation by John Rowley for IUP COSC 356 Dr. William Oblitey Faculty member in attendance.
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
Global Azure Bootcamp. Telemetry is collected at each tier: server backend, middleware, web service & browser 1 Telemetry arrives in Application Insights.
2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.
Juniper Networks Mobile Security Solution Nosipho Masilela COSC 356.
Contextual Security Intelligence Suite™ Preventing Data Breaches without Constraining Business.
Why SIEM – Why Security Intelligence??
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
HCNA-Security Huawei Certified Network Associate Security (HCNA-Security) validates the basics of network security knowledge and skills to support the.
Blue Coat Cloud Continuum
By: Surapheal Belay ITEC 6322 / Spring ABSTRACT NIST , guide to intrusion detection and prevention systems (IDPS), discusses four types of.
NPM and Security Forensics Mark Cromley Solutions Engineer Viavi Solutions, Inc.
Team 1 – Incident Response
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Deep Dive into the Blue VCU Infosec Team.
CSEC 640 Innovative Education--snaptutorial.com
NETWORK SECURITY LAB Lab 9. IDS and IPS.
Intrusion Detection Systems (IDS)
Human (user) behavior patterns and analytics
Security Delivery Platform for the Micro-segmented Data Center
Protect data in core business applications
Presentation transcript:

APM for Security Forensics ENHANCING IT SECURITY WITH POST-EVENT INTRUSION RESOLUTION Lakshya Labs

Application Performance Management  Monitoring and management of performance and availability of applications.  Detect and diagnose complex application performance problems to maintain an expected LOS. APM Dimensions  End User Experience  Runtime Application Architecture  Business Transaction  Deep Dive Component Monitoring  Analytics. Lakshya Labs

Whether your corporate network will be compromised? What to do when the breach is detected ?  Insider attack ?  Deep packet Inspection  The best APM solutions : Track and eliminate intrusions as well as fortify existing defenses to prevent future attacks.  Aids in the case of compliance violations, where regulatory agencies often demand a full report. Lakshya Labs

APM security Features  High-speed (10 Gb and 40 Gb) data center traffic capture.  Expert analytics of network activity.  Filtering using Snort or custom user defined rules.  Event replay and session reconstruction.  Capacity to store petabytes of traffic data for post-event analysis. Lakshya Labs

Case Study  Situation: Slow network and application response.  Used GigaStor (by Viavi) to perform deep-packet forensic analysis.  Discovery : A device sending a packet to every other device on the network. Lakshya Labs

Thank You Lakshya Labs

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.