Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.accessdata.com Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)

Published byRyann Trundle Modified over 9 years ago

Similar presentations

Presentation on theme: "Www.accessdata.com Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)"— Presentation transcript:

1 www.accessdata.com Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)

2 Who we are.. AccessData has been in this industry for over 25 years Offices in Utah, Houston, San Francisco, London, Virginia, Maryland, Frankfurt, Dubai, Australia and China Market leader/ Best of breed technologies in Forensics and eDiscovery 130,000+ Clients Globally Train over 6000 customers each year Sustained annual growth year after year of between 60% - 80% Gartner recognized as an Innovator in the space

3 AccessData Product & Services

4 Host-based Forensics Including Volatile Data Data Audit Paradigm Shift: An Integrated Platform Network Forensics Removable Media Monitoring Malware Threat Scoring & Analysis Integrated analysis in a single platform w/ built-in remediationCIRT Cyber Intelligence & Response Technology SSL Decryption

5 The Value of an Integrated Platform Integrated Platform DATA SPILLAGE Organization proactively performs audits using terms, such as “confidential” or “top secret”. All instances flagged for removal in accordance with policies. DATA SPILLAGE Organization proactively performs audits using terms, such as “confidential” or “top secret”. All instances flagged for removal in accordance with policies. VIRTUAL WORKFORCE VIRTUAL WORKFORCE Laptop checks in at intervals to be scanned for anomalies which are all recorded, including network and USB activity. Remote monitoring helps to identify any data theft or security breach. VIRTUAL WORKFORCE VIRTUAL WORKFORCE Laptop checks in at intervals to be scanned for anomalies which are all recorded, including network and USB activity. Remote monitoring helps to identify any data theft or security breach. INTRUSION ALERT Unauthorized port 443 traffic. Visualize communications, drill down into suspect host. Perform behavioral forensic analysis. Honeypot avoidance, crypto, dynamic loading, high entropy and other criteria indicate malware. Batch remediation function is leveraged. INTRUSION ALERT Unauthorized port 443 traffic. Visualize communications, drill down into suspect host. Perform behavioral forensic analysis. Honeypot avoidance, crypto, dynamic loading, high entropy and other criteria indicate malware. Batch remediation function is leveraged. CREDIT CARD INFORMATION REPORTED Help desk is called alerting them that employee discovered credit card information on an unsecure location. Company reactively conducts PCI audit to locate exposed credit card holder info. Instances are wiped. Findings are reported. CREDIT CARD INFORMATION REPORTED Help desk is called alerting them that employee discovered credit card information on an unsecure location. Company reactively conducts PCI audit to locate exposed credit card holder info. Instances are wiped. Findings are reported. ADVANCED MALWARE AND ZERO DAY DETECTION Proactive monitoring and the identification of malicious code behavior on multiple computers. Perform differential analysis of volatile data, perform malware analysis/ threat scoring. Analysis reveals malicious processes. Scan large enterprise for defined processes and/or similar behavior and issue batch remediation. Monitor for recurrence. ADVANCED MALWARE AND ZERO DAY DETECTION Proactive monitoring and the identification of malicious code behavior on multiple computers. Perform differential analysis of volatile data, perform malware analysis/ threat scoring. Analysis reveals malicious processes. Scan large enterprise for defined processes and/or similar behavior and issue batch remediation. Monitor for recurrence.

6 Multi-Team Collaboration for Improved Emergency Response Incident Response Team Information Assurance Team Network Security Team Compliance Team Computer Forensics Team

7 Introducing SSL Locksmith!!!

8 Encrypted Traffic is Exploding Encryption is an integral part of cloud computing and is used to secure e-commerce, Web 2.0 applications, email and VPNs SSL is the de-facto encryption standard SSL usage market data – SSL makes up more than 25% of traffic in most networks – 70% of traffic is encrypted in select verticals (health) – 52% CAGR in percentage of SSL-based WAN traffic A large number of enterprise and Internet- based Web 1.0/2.0-based applications use SSL – Microsoft Sharepoint, Salesforce.com, SAP, Oracle, WebEx, Windows Update, Google business applications (Gmail, docs, sites), Instant Messaging The increased amount of encrypted traffic in networks creates new threats and problems for network security Over 1 million SSL sites on the net

9 How does SSL Locksmith Work SSL Locksmith brokers SSL connections for its clients, by validating, and creating new internal certificates Clients must have SSL Locksmith Certification Authority certificate installed in order to broker SSL transactions

10 Perform Review of Encrypted Web Content

Download ppt "Www.accessdata.com Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)"

Similar presentations

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.
Security intelligence: solving the puzzle for actionable insight Fran Howarth Senior analyst, security Bloor Research.

Security intelligence: solving the puzzle for actionable insight Fran Howarth Senior analyst, security Bloor Research.
AFM INTERNAL AUDIT NETWORK MEETING MUTUAL ONE GROVE PARK, LEICESTER Current ‘Hot Topics’ in Information Security Governance Auditing David Tattersall 03.

AFM INTERNAL AUDIT NETWORK MEETING MUTUAL ONE GROVE PARK, LEICESTER Current ‘Hot Topics’ in Information Security Governance Auditing David Tattersall 03.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.
Security Controls – What Works

Security Controls – What Works
CHAPTER 3 Ethics and Privacy. Outline for Today Chapter 3: Ethics and Privacy Tech Guide: Protecting Information Assets REMINDER: Project 1 due tonight.

CHAPTER 3 Ethics and Privacy. Outline for Today Chapter 3: Ethics and Privacy Tech Guide: Protecting Information Assets REMINDER: Project 1 due tonight.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.
Solution Briefing Business Productivity in Action Keynote.

Solution Briefing Business Productivity in Action Keynote.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Similar presentations

Ads by Google