Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5G/SOC: Inside the world’s.

Published byNelson Lindsey Modified over 8 years ago

Similar presentations

Presentation on theme: "© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5G/SOC: Inside the world’s."— Presentation transcript:

1 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5G/SOC: Inside the world’s most advanced SOCs E Malligarjunan Sr. Consultant – Security & End User Computing

2 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2 We see security everywhere. Web & application security Data protection Data center security Intelligence & operations Mobility and devices Identity and access Cloud security Information governance STAR T

3 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3 Security Operations Center Situational Awareness Intrusion Analysis Security Monitoring Cyber Defense Center (CDC) Security Operations Center (SOC) Threat Operations Center (TOC) Security Defense Center (SDC) Cyber Security Intelligence Response Center (C-SIRC) Threat Management Center (TMC) Security Intelligence & Operations Center (SIOC) Security Intelligence & Threat Handlers (SITH) Security Threat and Intelligence Center (STIC)

4 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4

5 5 Lifecycle of Events to Incidents Technology Process Network & system owners Incident handler Case closed Escalation People Level 1 Level 2 Engineer 1 Firewall Router Intrusion Detection Web Server Proxy Server ESM Serve r 2 3 4 5 6 People, process, technology

6 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1G/SOC

7 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 7 1G/SOC: 1970’s - 1995 Birth of the Internet: businesses not connected, or via slow connections Nuisance programs & minimally impacting malicious code Information Security tools appear Military & Governments start to build SOCs and CERTs

8 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 8 1G/SOC Data Feeds FirewallsIDS Network equipment

9 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2G/SOC

10 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10 2G/SOC: 1996 - 2001 Malware outbreaks & intrusion detection MSSPs begin to offer SOC as a service to customers SIEM concepts are introduced

11 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 11 2G/SOC data feeds FirewallsIDS Network equipment

12 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3G/SOC

13 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 13 3G/SOC: 2002 - 2005 Botnets, cybercrime, intrusion prevention, and compliance Largest companies in specific industries create SOCs internally

14 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 14 Intelligence feeds Vulnerability scanning Server and desktop OS 3G/SOC data feeds Firewalls/ VPN IDPS Databases Network equipment System health information Web traffic Anti-virus

15 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4G/SOC

16 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16 4G/SOC: 2006 - 2013 Hacktivism, Intellectual Property Theft, Advanced Persistent Threat Wide adoption of continuous security monitoring as breaches fill headlines

17 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 17 4G/SOC data feeds Network equipment Vulnerability scanning Anti-virus Business context Physical infrastructure Identity management System health information Web traffic Intelligence feeds Directory services Firewalls/ VPN IdpsDatabases Applications Server and desktop OS

18 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5G/SOC

19 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 19 Subtle threat detection, hunt teams, counter-intel, anti-fragile, Advanced analytics, big data 5G/SOC—2013 - ???? The Internet Client/server Mobile, social, big data & the cloud CRM SCM HCM MRM Amazon Web Services IBM GoGrid Joyent Hosting.com Tata Communications Datapipe Alterian Hyland LimeLight NetDocuments NetReach OpenText Google HP EMC Qvidian Sage salesforce.com Xactly Zoho Ariba CCC DCC Cost Management Order Entry Product Configurator Bills of Material Engineering Inventory Manufacturing Projects Quality Control Education Lifestyle Music Reference Sport Travel Every 60 seconds 400,710 ad requests 2000 lyrics played on Tunewiki 1500 pings sent on PingMe 34,597 people using Zinio 208,333 minutes of Angry Birds played 23,148 apps downloaded Unisys Burroughs Hitachi NEC Taleo Workscape Cornerstone onDemand OpSource PPM PaperHost Xerox Microsoft SLI Systems IntraLinks SugarCRM Volusion Adobe Avid Corel Microsoft Serif Yahoo CyberShift Saba Softscape Sonar6 Yahoo! Quadrem Elemica Kinaxis SCM ADP VirtualEdge CyberShift Kenexa Saba Softscape Sonar6 Exact Online FinancialForce.com Intacct NetSuite SAP NetSuite Plex Systems Database ERP HCM PLM Claim Processing Bull Fijitsu Cash Management Accounts Receivable Fixed Assets Costing Billing Time and Expense Activity Management Payroll Training Time & Attendance Rostering Sales tracking & Marketing Commissions Service Data Warehousing 98,000 tweets Finance box.net Facebook LinkedIn Pinterest Atlassian SmugMug Amazon iHandy PingMe Snapfish Urban Scribd. Pandora AppFog Bromium Splunk kaggle Parse ScaleXtreme SolidFire Quickbooks Foursquare buzzd Dragon Diction eBay SuperCam UPS Mobile Scanner Pro Rackspace Jive Software Paint.NET Business Entertainment Games Navigation News Photo & Video Productivity Social Networking Utilities Workbrain SuccessFactors Workday TripIt Zynga Baidu Twitter Yammer Atlassian MobilieIron SmugMug Atlassian Amazon PingMe Associatedcontent Flickr YouTube Answers.com Tumblr. MobileFrame.com Mixi CYworld Qzone Renren Xing Yandex Heroku RightScale New Relic CloudSigma cloudability nebula Zillabyte dotCloud BeyondCore Mozy Viber Fring Toggl MailChimp Hootsuite Fed Ex Mobile DocuSign HP ePrint iSchedule Khan Academy BrainPOP myHomework Cookie Doodle Ah! Fasion Girl Mainframe

20 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 20 How we got here Increased awareness Advancements in technology Increasing regulation Consumerization of IT 10+ years of breaches Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

21 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 21 5G/SOC Acknowledge security threats are driven by human adversaries Assume compromise Anti-fragile enterprise Interaction with peers; organizations readily share information Hunt teams search large data sets to find threats and attack patterns we did not know about previously Convergence of IT Security and IT Operations tools to facilitate better visibility Data visualization drives how anomalies are discovered and researched

22 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 22 Hunt teams Select a subset of fields to save long term for analytical searches Use Cases: Previously unseen connections from DMZ servers Previously unseen connections from critical business servers Previously unseen executables launching Abnormal logins from service accounts Abnormal logins from admin accounts big data analysis Red Team: To Simulate the Advanced attacks.. …track malicious groups and individuals both inside and outside

23 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 23 5G/SOC functional process framework Intelligence Detect Respond Remediate

24 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 24 Security Intelligence Manager Intelligence Team Monitoring and Analysis Rules & Content Development Triage & Prioritization Hunt Teams Infrastructure Support Incident Management Escalation Handling and Root Cause Analysis Forensics Other Functions Red Team ? Business Office 5G/SOC org structure

25 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. How has security visualization evolved?

26 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 26 1G/SOC

27 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 27 2G/SOC

28 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 28 3G/SOC

29 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 29 4G/SOC

30 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 30 5G/SOC

31 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 31 The now & future of security

32 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 32

33 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 33 For more information Visit these booths & demos B.A.S.I.C. ESP Global Services Mock SOC After the event Contact your sales rep Visit HP ESP at: www.hp.com/go/espservices www.hp.com/go/espservices Visit HP SIOC at: www.hp.com/go/siocwww.hp.com/go/sioc Follow the ESP blog at: www.hp.com/go/securityproductsblog www.hp.com/go/securityproductsblog Download the whitepaper: ‘5G/SOC: SOC Generations'‘5G/SOC: SOC Generations' Your feedback is important to us. Please take a few minutes to complete the session survey.

34 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Thank you! arjun@hp.com Come on! It can‘t go wrong every time... Security should never be an afterthought

35 © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Security for the new reality

Download ppt "© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5G/SOC: Inside the world’s."

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Intelligent Rail Initiative.

© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Intelligent Rail Initiative.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
© 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Ville Norpo Hewlett-Packard Oy 16.8.2015.

© 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Ville Norpo Hewlett-Packard Oy
Andrew Joiner, General Manager, HP Software, Autonomy, Emerging Technology Colin Mahony, General Manager, HP Software, Vertica.

Andrew Joiner, General Manager, HP Software, Autonomy, Emerging Technology Colin Mahony, General Manager, HP Software, Vertica.
 Cloud computing is one of the more recent technologies that many businesses, individuals and other industry organizations believe to by one of the keys.

 Cloud computing is one of the more recent technologies that many businesses, individuals and other industry organizations believe to by one of the keys.
PeopleProcessesEcosystem Source: IDC My information everywhere “Everything” on my terms New life/work style options New ways to collaborate and connect.

PeopleProcessesEcosystem Source: IDC My information everywhere “Everything” on my terms New life/work style options New ways to collaborate and connect.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
WHAT IS YO PEDIA? YO PEDIA is a software that let's you do everything on the internet and desktop through ONE window.

WHAT IS YO PEDIA? YO PEDIA is a software that let's you do everything on the internet and desktop through ONE window.

Similar presentations

Ads by Google