IBM InfoSphere Guardium for DB2 on z/os Technical Deep Dive
|
|
- Richard Flowers
- 8 years ago
- Views:
Transcription
1 IBM InfoSphere Guardium for DB2 on z/os Technical Deep Dive One of a series of InfoSphere Guardium Technical Talks Ernie Mancill Executive IT Specialist
2 Logistics This tech talk is being recorded. If you object, please hang up and leave the webcast now. We ll post a copy of slides and link to recording on the Guardium community tech talk wiki page: You can listen to the tech talk using audiocast and ask questions in the chat to the Q and A group. We ll try to answer questions in the chat or address them at speaker s discretion. If we cannot answer your question, please do include your so we can get back to you. When speaker pauses for questions: We ll go through existing questions in the chat 2
3 Reminder: Guardium Tech Talks Next tech talk: Encryption is Fundamental: A technical overview of Guardium Data Encryption Speakers: Tim Parmenter Date &Time: Thursday, October 9th, :30 AM Eastern Time (60 minutes) Register here:
4 Agenda Guardium Datasets and DB2 Overview Architecture Review Integration QRadar SIEM Alert and Log Integration Scenario RACF Integration with zsecure and VA Scenario Brand-x Integration with Custom Tables and Entitlement Scenario DB2 UET and extended Utility Tracking Scenario Brand-x Utility Reporting Scenario Identity Mapping with Java distributed applications Wrap-up and Q&A
5 IBM InfoSphere Guardium Real-time activity Monitoring
6 HTTPS STAP for DB2 on z/os Architecture Repository Parse (Appliance) TCP STAP ASC Filter and Format ASC Hooks IFI Format DB2 IFI DB2 z/os
7 Guardium for DB2 on z/os Capabilities Database Activity Monitoring Alerting ASC (SQL Collection via Control Block Inspection) IFI (Instrumentation Facility Limited Use) Blocking (thread termination) Entitlement Reporting (Who has what) Vulnerability Assessment Configuration Test (Security related zparms) Patch (Security related APARs) Privilege (System and Object Authorizations)
8 Infosphere Guardium STAP for Datasets on z/os Guardium S-TAP for Datasets on z/os Architecture
9 Guardium for Datasets on z/os Capabilities Dataset Activity Monitoring (Reporting) Alerting SMF Traces (No extra traces needed) SMS Control Blocks VSAM, Sequential, Partitioned CICS GLUE (Global User Exit) CICS related information for file activity RLM (Record Level Monitoring VSAM (KSDS and RRDS)
10 Alert Processing and Integration with IBM QRadar SIEM on z/os
11 What is an SIEM? Many customers are using SIEM (Security Information Event Management) solutions QRadar is IBMs SIEM offering Capability to provide Enterprise-wide view of security events from: Operating Systems DBMS Network Applications
12 Why QRadar? Cornerstone product for Industry Leading (according to Gartner) security offerings Well integrated with Guardium Easy to implement with industry standard Gateway to move from reactive security posture into predictive or analytic based security capability with Big Data
13 System z Security and Data Protection zsecure, Guardium, AppScan & QRadar improve Security Intelligence zsecure z/os RACF ACF2, TSS CICS Guardium DB2 IMS VSAM AppScan Web Apps Mobile Apps Web services Desktop Apps Security Devices Servers & Mainframes Network/Virtual Activity Database Activity Application Activity Configuration Info Threat Intelligence User Activity Vulnerability Information Event Correlation Activity Baselining & Anomaly Detection Offense Identification Extensive Data Sources Deep Intelligence + = Exceptionally Accurate and Actionable Insight Centralized view of mainframe and distributed network security incidents, activities and trends Better real-time threat identification and prioritization correlating vulnerabilities with Guardium and zsecure S-TAP feeds routed to QRadar via Guardium Central Policy Manager SMF data set feeds with zsecure Audit and Alert Increases accuracy of threat identification correlating application vulnerabilities with other security alerts to assign incident priorities and surface meaningful activity from noise Creates automatic alerts for newly discovered vulnerabilities experiencing active Attack Paths Produces increase accuracy of risk levels and offense scores, and simplified compliance reporting 13
14 SYSLOG Alert feed to QRadar SIEM What is collected What is stored Criteria for Exceptions Parsing and repository insert Policy TCP Events meeting collection criteria Exception criteria -application- SYSLOG process to UDP Inspection STAP DB2 (Guardium Appliance) UDP SIEM (QRadar) z/os
15
16 Real Time Data Leak Prevention with IBM Infosphere Guardium for DB2 on z/os
17 Real-Time Alerting vs Action (Data Leak Prevention) Traditional SMF or Log based activity monitoring latency measured in many hours (even days) Alerting with Guardium is in real-time and immediate. But, then with the alert surfaced..watcha gonna do bout it..call Guardium Thread Busters Exception based thread termination Latency between exception detection and thread termination is somewhere around 1 second (policy evaluation is done on appliance and thread termination request is signaled to the STAP)
18
19 Vulnerability Assessment and and Entitlement Integration with zsecure for RACF
20 With DB2 Grant Revoke.. Security is handled by DB2 Privileges are bestowed with the DB2 GRANT statement Privileges are typically controlled by the DBA Authorization and entitlement information is reflected in the DB2 Catalog With RACF based Security RACF or DB2 Grant/Revoke..who cares? Security is handled by RACF (via a DB2 exit routine) Privileges are bestowed using the RACF PERMIT command Privileges are typically controlled by the RACF administrator Authorization and entitlement information is stored in the RACF database When RACF is used the impact on Guardium is: Entitlement reporting is inaccurate Vulnerability testing is inaccurate (except when using zsecure Audit feed) Authorization information for Group administration is unavailable
21 DB2 Grant/Revoke Authorization Process Process with SQL Request SQL Primary ID Secondary ID Role SQL ID Control of Access within DB2 DB2 Catalog DB2 Authorization Checking Allowed using native DB2 Authority Auth Check SYSIBM.SYS AUTH SYSIBM.SYS AUTH SYSIBM.SYS AUTH Denied DB2 Object Or Authority DB2 Authorization Tables
22 DB2 External Security Authorization Process Process with SQL Request SQL Primary Secondary Role SQL ID Control of Access within RACF OK DB2 Catalog DB2 Authorization DB2 Object Checking Or Not Used using RACF Authority Denied SYSIBM.SYS AUTH SYSIBM.SYS AUTH SYSIBM.SYS AUTH DB2 Authorization Tables RACHECK RACF Database
23 Entitlement Reports VA Reports Guardium Appliance JDBC JDBC DB2 GDDMONITOR zsecure RACF ACF2 z/os
24 RACF Database DB2 Authorization Tables SDSNEXIT CKAJVA99 Stage 2 Merged Entitlement Info Load Format GDDMONITOR Tables
25
26 BUT ERNIE I don t use RACF, I use TOG* security!!!! *TOG (The Other Guys) a.k.a CA-ACF2 or CA-Top Secret
27 Approach for TOG Support Using a similar approach to zsecure Create z/os DB2 table(s) to store CA security elements Populate these with data from CA security products Use Guardium Custom Table Support do define clone of table on G-Machine Use Upload Data on Custom Query to move data into G-Machine Use Guardium Custom Query to build report.
28 Custom Reports Guard Group DB2 Guardium Appliance JDBC Custom Table TSS Extract TSS Database
29
30 End User Attribution with Guardium for DB2 on z/os
31 End User Attribution - Challenges Distributed application server issuing DB connections using AS credentials, not client end user. CICS Attach Applications where the CICS/DB2 interface definitions are coded to not use USERID as a result the CICS Region ID shows as DBUser. CICS File Control requests show the File Domain user (the CICS Region RACF ID) JDBC/ODBC connections to the DB server show incorrect credentials
32 Solutions WAS Server configurations to propagate credentials DB2 10 and Identity Propagation Java Properties Extended User Properties DB2 Supplied Stored Procedure SQLESETI Infosphere Guardium STAP for Datasets CICS GLUE
33
34 Bringing it all Together
35 Threats to DB2 Data on z/os Privileged User access to DB2 Data from outside of DB2. Access to Linear VSAM datasets Privileged User access to DB2 Data via SQL Abuse of privilege without business Need to Know External Threats SQL Injection (Hacking) Threats to DB2 Data Movement of data outside of DB2 Unloads Clones Test Data Replication
36 First Layer - Encryption (this forces only access to clear text data must be in the form of an SQL statement) Second Layer - Database Activity Monitoring (this ensures each SQL statement is inspected, audited, and subject to security policy control) Third Layer - Audit access to VSAM linear datasets Fourth Layer - Implement business need to know control for critical data (this reduces Defense abuse of privilege in Depth access) of DB2 Data Fifth Layer - Protect the use of unloads and extracts for the purpose of: Layered Protection Approach - Elements Test data management and generation Unloaded data for batch processes Extracts for external uses Replicated data Backup and Recovery assets
37 Layered Approach - Capabilities Encryption of Data at Rest with Infosphere Encryption Tool for DB2 and IMS Databases Fine-Grain Database Activity Monitoring with Infosphere Guardium for DB2 VSAM Activity Monitoring with Infosphere Guardium STAP for Datasets Review - Capabilities Business Need to Know controls on specific tables with DB2 10 and Row filters / Column masking Control of Data moved outside of DB2: Infosphere Guardium Encryption Expert for MP Optim Test Data Management and Data Privacy Solution z/os Encryption Facility Infosphere Guardium Encryption Tool for DB2 and IMS Databases Infosphere Guardium Database Activity Monitoring
38 Information, training, and community InfoSphere Guardium web site at ibm.com/guardium InfoSphere Guardium YouTube Channel includes overviews and technical demos developerworks forum (very active) Guardium DAM User Group on Linked-In (very active) Community on developerworks (includes content and links to a myriad of sources, articles, etc) Guardium Knowledge Center InfoSphere Guardium Virtual User Group. Open, technical discussions with other users. Send a note to bamealm@us.ibm.com if interested.
39 Reminder: Guardium Tech Talks Next tech talk: Encryption is Fundamental: A technical overview of Guardium Data Encryption Speakers: Tim Parmenter Date &Time: Thursday, October 9th, :30 AM Eastern Time (60 minutes) Register here:
InfoSphere Guardium Tech Talk Data privacy and dynamic masking for web applications: InfoSphere Guardium for Applications
InfoSphere Guardium Tech Talk Data privacy and dynamic masking for web applications: InfoSphere Guardium for Applications Nick Briers, WW Product Manager Ariel Farkash, Lead Developer Logistics This tech
More informationReal-Time Database Protection and. Overview. 2010 IBM Corporation
Real-Time Database Protection and Monitoring: IBM InfoSphere Guardium Overview Agenda Business drivers for database security InfoSphere Guardium architecture Common applications The InfoSphere portfolio
More informationHow To Secure A Database From A Leaky, Unsecured, And Unpatched Server
InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions Agenda Any questions unresolved? The Guardium Architecture Integration with Existing Infrastructure Summary Any questions
More informationOne Step Closer To Making Data Breaches a Thing of the Past
One Step Closer To Making Data Breaches a Thing of the Past Ernie Mancill, IBM Please note IBM Software Group Information Management software IBM s statements regarding its plans, directions, and intent
More informationMobile, Cloud, Advanced Threats: A Unified Approach to Security
Mobile, Cloud, Advanced Threats: A Unified Approach to Security David Druker, Ph.D. Senior Security Solution Architect IBM 1 Business Security for Business 2 Common Business Functions Manufacturing or
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationObtaining Value from Your Database Activity Monitoring (DAM) Solution
Obtaining Value from Your Database Activity Monitoring (DAM) Solution September 23, 2015 Mike Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer Integrigy Corporation
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationRagy Magdy Regional Channel Manager MEA IBM Security Systems
Ragy Magdy Regional Channel Manager MEA IBM Security Systems 1 Started my career in Security in 2003 by Joining ISS 2005 was named the ISS Regional Manager for the Middle East 2006 ISS was acquired by
More informationQRadar SIEM and FireEye MPS Integration
QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationEnterprise Database Security & Monitoring: Guardium Overview
Enterprise Database Security & Monitoring: Guardium Overview Phone: 781.487.9400 Email: info@guardium.com Guardium: Market-Proven Leadership Vision Enterprise platform for securing critical data across
More informationBig Data: Controlling the Perfect Storm September 24, 2013
Big Data: Controlling the Perfect Storm September 24, 2013 Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London 1 2 Generously sponsored by: Welcome Conference Moderator Matt Mosley Northern Virginia,
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationNY/TB RUG: The Mainframe isn t Dead: Call the Doctor not the Undertaker with Real-time Enterprise Alert Correlation
NY/TB RUG: The Mainframe isn t Dead: Call the Doctor not the Undertaker with Real-time Enterprise Alert Correlation Charles Mills Director of Special Projects CorreLog, Inc. Charles.Mills@CorreLog.com
More informationz/os VULNERABILITY SCANNING AND MANAGEMENT Key Resources, Inc. ray.overby@kr-inc.com (312) KRI-0007 www.kr-inc.com
1 z/os VULNERABILITY SCANNING AND MANAGEMENT Key Resources, Inc. ray.overby@kr-inc.com (312) KRI-0007 www.kr-inc.com 2 Ray Overby SKK - ACF2 Developer (1981-1988) Key Resources, Inc. incorporated in 1988
More informationDatabase Auditing & Security. Brian Flasck - IBM Louise Joosse - BPSolutions
Database Auditing & Security Brian Flasck - IBM Louise Joosse - BPSolutions Agenda Introduction Drivers for Better DB Security InfoSphere Guardium Solution Summary Netherlands Case Study The need for additional
More informationDeveloping Value from Oracle s Audit Vault For Auditors and IT Security Professionals
Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals November 13, 2014 Michael Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer
More informationPerformance Analytics with TDSz and TCR
Performance Analytics with TDSz and TCR Bradley Snyder IBM March 4, 2015 Session Number Insert Custom Session QR if Desired. Agenda How did this presentation come about? Business and Data Center Analytics
More informationA Database Security Management White Paper: Securing the Information Business Relies On. November 2004
A Database Security Management White Paper: Securing the Information Business Relies On November 2004 IPLocks, Inc. 441-A W. Trimble Road, San Jose, CA 95131 USA A Database Security Management White Paper:
More informationCorreLog: Mature SIEM Solution on Day One Paul Gozaloff, CISSP. Presentation for SC Congress esymposium CorreLog, Inc. Tuesday, August 5, 2014
CorreLog: Mature SIEM Solution on Day One Paul Gozaloff, CISSP Presentation for SC Congress esymposium CorreLog, Inc. Tuesday, August 5, 2014 Agenda 1. About CorreLog 2. Log Management vs. SIEM 3. The
More informationQRadar SIEM and Zscaler Nanolog Streaming Service
QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationNew Security Options in DB2 for z/os Release 9 and 10
New Security Options in DB2 for z/os Release 9 and 10 IBM has added several security improvements for DB2 (IBM s mainframe strategic database software) in these releases. Both Data Security Officers and
More informationEncryption is Fundamental: A Technical Overview of Guardium Data Encryption October 2014
IBM Security Systems Encryption is Fundamental: A Technical Overview of Guardium Data Encryption October 2014 Tim Parmenter InfoSphere Guardium Technical Professional Mark Jamison Accelerated Value Specialist
More informationApplication and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium
Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium Organizations need an end-to-end web application and database security solution to protect data, customers, and their businesses.
More informationEnforcive /Cross-Platform Audit
Enforcive /Cross-Platform Audit Enterprise-Wide Log Manager and Database Activity Monitor Real-time Monitoring Alert Center Before & After Change Image Custom Reports Enforcive's Cross-Platform Audit (CPA)
More informationBreaking down silos of protection: An integrated approach to managing application security
IBM Software Thought Leadership White Paper October 2013 Breaking down silos of protection: An integrated approach to managing application security Protect your enterprise from the growing volume and velocity
More informationWhite Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere
Protecting Databases from Unauthorized Activities Using Imperva SecureSphere White Paper As the primary repository for the enterprise s most valuable information, the database is perhaps the most sensitive
More informationSecurity Intelligence, Audit and Compliance for the Mainframe
Security Intelligence, Audit and Compliance for the Mainframe Rich Skinner, CISSP Brinqa Director of Risk Analytics & Big Data rskinner@brinqa.com August 15, 2013 Session: 13722 Agenda Today s Security
More informationSecurity Functions of IBM DB2 10 for z/os
IBM Information Management Software Front cover Security Functions of IBM DB2 10 for z/os Implement separation of duties Audit application and system activity Protect from intrusions and misplacements
More informationIBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop
Planning a data security and auditing deployment for Hadoop 2 1 2 3 4 5 6 Introduction Architecture Plan Implement Operationalize Conclusion Key requirements for detecting data breaches and addressing
More informationExploiting IT Log Analytics to Find and Fix Problems Before They Become Outages
Exploiting IT Log Analytics to Find and Fix Problems Before They Become Outages Session 17595 Paul Smith (Smitty) (paulmsm@us.ibm.com) IBM z Systems Service Management / zanalytics Architect Anuja Deedwaniya
More informationData Masking Secure Sensitive Data Improve Application Quality. Becky Albin Chief IT Architect Becky.Albin@softwareag.com
Data Masking Secure Sensitive Data Improve Application Quality Becky Albin Chief IT Architect Becky.Albin@softwareag.com Data Masking for Adabas The information provided in this PPT is entirely subject
More informationIBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide
IBM Security QRadar SIEM Version 7.1.0 MR1 Vulnerability Assessment Configuration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks
More informationCopyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Security Inside-Out with Oracle Database 12c Denise Mallin, CISSP Oracle Enterprise Architect - Security The following is intended to outline our general product direction. It is intended for information
More informationSecuring ephi with Effective Database Activity Monitoring. HIMSS Webcast 4/26/2011. p. 1
Securing ephi with Effective Database Activity Monitoring HIMSS Webcast 4/26/2011 p. 1 Agenda Agenda Database Security Primer Industry Trends What Works Integrated DB Security Product Demonstration Questions
More informationThe Digital Certificate Journey from RACF to PKI Services Part 2 Session J10 May 11th 2005
IBM eserver The Digital Certificate Journey from RACF to PKI Services Part 2 Session J10 May 11th 2005 Wai Choi IBM Corporation RACF Development Poughkeepsie, NY Phone: (845) 435-7623 e-mail: wchoi@us.ibm.com
More informationBridging the gap between COTS tool alerting and raw data analysis
Article Bridging the gap between COTS tool alerting and raw data analysis An article on how the use of metadata in cybersecurity solutions raises the situational awareness of network activity, leading
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationOracle Audit Vault and Database Firewall
Oracle Audit Vault and Database Firewall Angelo Maria Bosis Sales Consulting Director Oracle Italia Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with
More informationHow to Choose the Right Security Information and Event Management (SIEM) Solution
How to Choose the Right Security Information and Event Management (SIEM) Solution John Burnham Director, Strategic Communications and Analyst Relations IBM Security Chris Meenan Director, Security Intelligence
More informationRisk-based solutions for managing application security
IBM Software Thought Leadership White Paper September 2013 Risk-based solutions for managing application security Protect the enterprise from the growing volume and velocity of threats with integrated
More informationUnder the Hood of the IBM Threat Protection System
Under the Hood of the System The Nuts and Bolts of the Dynamic Attack Chain 1 Balazs Csendes IBM Security Intelligence Leader, CEE balazs.csendes@cz.ibm.com 1 You are an... IT Security Manager at a retailer
More informationOnegini Token server / Web API Platform
Onegini Token server / Web API Platform Companies and users interact securely by sharing data between different applications The Onegini Token server is a complete solution for managing your customer s
More informationApplication Monitoring for SAP
Application Monitoring for SAP Detect Fraud in Real-Time by Monitoring Application User Activities Highlights: Protects SAP data environments from fraud, external or internal attack, privilege abuse and
More informationGuide to Auditing and Logging in the Oracle E-Business Suite
Guide to Auditing and Logging in the Oracle E-Business Suite February 13, 2014 Stephen Kost Chief Technology Officer Integrigy Corporation Mike Miller Chief Security Officer Integrigy Corporation Phil
More informationSecurity management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.
Security management solutions White paper IBM Tivoli and Consul: Facilitating security audit and March 2007 2 Contents 2 Overview 3 Identify today s challenges in security audit and compliance 3 Discover
More informationFrom Rivals to BFF: WAF & VA Unite OWASP 07.23.2009. The OWASP Foundation http://www.owasp.org
From Rivals to BFF: WAF & VA Unite 07.23.2009 Brian Contos, Chief Security Strategist Imperva Inc. brian.contos@imperva.com +1 (650) 832.6054 Copyright The Foundation Permission is granted to copy, distribute
More informationIBM. Vulnerability scanning and best practices
IBM Vulnerability scanning and best practices ii Vulnerability scanning and best practices Contents Vulnerability scanning strategy and best practices.............. 1 Scan types............... 2 Scan duration
More informationSecuring Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group
Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability
More informationMySQL Security: Best Practices
MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationIBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems
IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems Proactively address regulatory compliance requirements and protect sensitive data in real time Highlights Monitor and audit data activity
More informationSecuring Data in Oracle Database 12c
Securing Data in Oracle Database 12c Thomas Kyte http://asktom.oracle.com/ Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationThe webinar will begin shortly
The webinar will begin shortly An Introduction to Security Intelligence Presented by IBM Security Chris Ross Senior Security Specialist, IBM Security Agenda The Security Landscape An Introduction to Security
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationIBM Security QRadar SIEM Version 7.1.0 MR1. Log Sources User Guide
IBM Security QRadar SIEM Version 7.1.0 MR1 Log Sources User Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks on page 108. Copyright
More informationSmartCloud Analytics Log Analysis
SmartCloud Analytics Log Analysis Clyde Richardson (richarcl@us.ibm.com) Technical Sales Specialist Anuja Deedwaniya (anujad@us.ibm.com) IBM z Systems Enterprise Architect Paul Smith (Smitty) (paulmsm@us.ibm.com)
More informationIBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
More informationHayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks
EXTENDING ACCESS WHILE ENHANCING CONTROL FOR YOUR ORGANIZATION S DATA LEVERAGE THE POWER OF F5 AND ORACLE TO DELIVER SECURE ACCESS TO APPLICATIONS AND DATABASES Hayri Tarhan, Sr. Manager, Public Sector
More informationConsolidating security across platforms with IBM System z
IBM Software Thought Leadership White Paper September 2010 Consolidating security across platforms with IBM System z Protect your business-critical information by leveraging the mainframe as a security
More informationCopyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Solutions for securing and auditing Oracle database Edgars Ruņģis Technology Consultant Why Are Databases Vulnerable? 80% of IT Security Programs Don t Address Database Security Forrester Research Enterprises
More informationLOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE The Tripwire VIA platform delivers system state intelligence, a continuous approach to security that provides leading indicators of breach
More informationIBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide
IBM Security QRadar Vulnerability Manager Version 7.2.1 User Guide Note Before using this information and the product that it supports, read the information in Notices on page 61. Copyright IBM Corporation
More informationThe Value of QRadar QFlow and QRadar VFlow for Security Intelligence
BROCHURE The Value of QRadar QFlow and QRadar VFlow for Security Intelligence As the security threats facing organizations have grown exponentially, the need for greater visibility into network activity
More informationIBM Security QRadar Version 7.2.5. Vulnerability Assessment Configuration Guide IBM
IBM Security QRadar Version 7.2.5 Vulnerability Assessment Configuration Guide IBM Note Before using this information and the product that it supports, read the information in Notices on page 93. Product
More information8 Steps to Holistic Database Security
Information Management White Paper 8 Steps to Holistic Database Security By Ron Ben Natan, Ph.D., IBM Distinguished Engineer, CTO for Integrated Data Management 2 8 Steps to Holistic Database Security
More informationApplying IBM Security solutions to the NIST Cybersecurity Framework
IBM Software Thought Leadership White Paper August 2014 Applying IBM Security solutions to the NIST Cybersecurity Framework Help avoid gaps in security and compliance coverage as threats and business requirements
More informationSubject: Request for Information (RFI) Franchise Tax Board (FTB) Security Information and Event Management (SIEM) Project.
chair John Chiang member Jerome E. Horton member Ana J. Matosantos August 27, 2012 To: Potential Vendors Subject: Request for Information (RFI) Franchise Tax Board (FTB) Security Information and Event
More informationCloud Security. Vaughan Harper IBM Security Architect
Cloud Security Vaughan Harper IBM Security Architect A new security reality is here Sophisticated attackers break through conventional safeguards every day Cloud, mobile, social and big data drive unprecedented
More information5 Simple Steps to Secure Database Development
E-Guide 5 Simple Steps to Secure Database Development Databases and the information they hold are always an attractive target for hackers looking to exploit weaknesses in database applications. This expert
More informationProtect the data that drives our customers business. Data Security. Imperva s mission is simple:
The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent
More informationInformation Technology Policy
Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov
More informationBest Practices. IBM Data Server Security. IBM Data Servers
IBM Data Servers Best Practices IBM Data Server Security Walid Rjaibi Senior Technical Staff Member Security Architect for DB2 LUW James Pickel Senior Technical Staff Member Security Architect for DB2
More informationBest Approaches to Database Auditing: Strengths and Weaknesses. henry.parnell@lumigent.com
Best Approaches to Database Auditing: Strengths and Weaknesses henry.parnell@lumigent.com Agenda Why are audit records of Database Operations required in some cases? And why is collecting them difficult?
More informationGuardium Change Auditing System (CAS)
Guardium Change Auditing System (CAS) Highlights. Tracks all changes that can affect the security of database environments outside the scope of the database engine Complements Guardium's Database Activity
More informationWhite paper September 2009. Realizing business value with mainframe security management
White paper September 2009 Realizing business value with mainframe security management Page 2 Contents 2 Executive summary 2 Meeting today s security challenges 3 Addressing risks in the mainframe environment
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationProtecting Sensitive Data Reducing Risk with Oracle Database Security
Protecting Sensitive Data Reducing Risk with Oracle Database Security Antonio.Mata.Gomez@oracle.com Information Security Architect Agenda 1 2 Anatomy of an Attack Three Steps to Securing an Oracle Database
More informationStay ahead of insiderthreats with predictive,intelligent security
Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent
More informationAn Oracle White Paper January 2011. Oracle Database Firewall
An Oracle White Paper January 2011 Oracle Database Firewall Introduction... 1 Oracle Database Firewall Overview... 2 Oracle Database Firewall... 2 White List for Positive Security Enforcement... 3 Black
More informationSarbanes-Oxley Compliance for Cloud Applications
Sarbanes-Oxley Compliance for Cloud Applications What Is Sarbanes-Oxley? Sarbanes-Oxley Act (SOX) aims to protect investors and the general public from accounting errors and fraudulent practices. For this
More informationEffective Use of Security Event Correlation
Effective Use of Security Event Correlation Mark G. Clancy Chief Information Security Officer The Depository Trust & Clearing Corporation DTCC Non-Confidential (White) About DTCC DTCC provides custody
More informationSIEM Optimization 101. ReliaQuest E-Book Fully Integrated and Optimized IT Security
SIEM Optimization 101 ReliaQuest E-Book Fully Integrated and Optimized IT Security Introduction SIEM solutions are effective security measures that mitigate security breaches and increase the awareness
More informationTrustedX - PKI Authentication. Whitepaper
TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationStrengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
More informationLOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE As part of the Tripwire VIA platform, Tripwire Log Center offers out-of-the-box integration with Tripwire Enterprise to offer visibility
More informationMark Wilson markw@rsmpartners.com Session Details: The Introduction
Everything you wanted to know about mainframe security, pen testing and vulnerability scanning.. But were too afraid to ask! Mark Wilson markw@rsmpartners.com Session Details: The Introduction Agenda Introduction
More informationBuilding Effective Dashboard Views Using OMEGAMON and the Tivoli Enterprise Portal
1 IBM Software Group Tivoli Software Building Effective Dashboard Views Using OMEGAMON and the Tivoli Enterprise Portal Ed Woods IBM Corporation 2011 IBM Corporation IBM s Integrated Service Management
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationData Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
More informationMonitor and Manage Your MicroStrategy BI Environment Using Enterprise Manager and Health Center
Monitor and Manage Your MicroStrategy BI Environment Using Enterprise Manager and Health Center Presented by: Dennis Liao Sales Engineer Zach Rea Sales Engineer January 27 th, 2015 Session 4 This Session
More informationBest practices and use cases for consistent, enterprise-wide SIEM security policy management
Best practices and use cases for consistent, enterprise-wide SIEM security policy management Bhavika Kothari, QA Lead Victor Lee, Product Manager, CISSP Agenda Introduction Best practices Management tool
More informationAMPLIFYING SECURITY INTELLIGENCE
AMPLIFYING SECURITY INTELLIGENCE WITH BIG DATA AND ADVANCED ANALYTICS Chris Meenan Senior Product Manager, Security Intelligence 1 IBM Security Systems Welcome to a Not So Friendly Cyber World Biggest
More informationIdentity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities
Identity and Access Management Integration with PowerBroker Providing Complete Visibility and Auditing of Identities Table of Contents Executive Summary... 3 Identity and Access Management... 4 BeyondTrust
More information