Securing ephi with Effective Database Activity Monitoring. HIMSS Webcast 4/26/2011. p. 1
|
|
- Tabitha Marsh
- 8 years ago
- Views:
Transcription
1 Securing ephi with Effective Database Activity Monitoring HIMSS Webcast 4/26/2011 p. 1
2 Agenda Agenda Database Security Primer Industry Trends What Works Integrated DB Security Product Demonstration Questions & Answers Mac McMillan CEO, CynergisTek Chair, HIMSS Privacy & Security Committee Mel Shakir CTO, NitroSecurity p. 2
3 About CynergisTek Healthcare Industry Focus - Broad base of healthcare clients - Specific partner relationships - Industry participation Dedicated to Thought Leadership - Chair, HIMSS Privacy & Security Committee - Chair, HIMSS Infosec Working Group - HIT Exchange Editorial Board - Industry Advisory Board Memberships Public and Private sector experience - Government, Banking, Technology and Healthcare Sector Experience p. 3
4 About NitroSecurity Real time Security & Compliance - Integrated SIEM & Log Management - Unmatched speed and scale - Unique database & application monitors - Only content aware SIEM - Integrated IDS/IPS family - Certified for defense and critical infrastructure Rapid Growth - Doubled SIEM sales in Over 500 enterprise and government customers Worldwide Sales & Support - Headquarters Portsmouth, New Hampshire, USA p. 4
5 Industry Recognition August, 2010 Ranked #1 January, 2011 Best Log Mgmt p. 5
6 Industry Recognition December, 2009 August, 2010 December, 2010 the best and fastest database in the security industry An analyst s power tool, strong SIEM capabilities in a highly configurable dashboard The fastest database in the business, a truly creative front end, What more could you ask for in a SIEM? p. 6
7 Sample Healthcare Customers p. 7
8 3 Reasons Why Active Monitoring is Necessary Real threats from insider abuse, to loss of data and systems, to persistent malicious attacks with real consequences. Overly complex environments with hundreds of applications, with associated data bases, and separate standalone databases, created and forgotten. Stepped up Regulatory requirements, with very specific accountabilities for access, and increasingly sharpened enforcement mechanisms with accountability that costs. Valerie Morgan-Alston, deputy director for enforcement and regional operations, a new OCR position, said to expect big enforcement actions in the future. p. 8
9 Database Security Primer Data Discovery Vulnerability Assessment (VA) Access Authorization Secure Data in Motion Secure Data at Rest Real-time Monitoring Leakage Prevention p. 9
10 Database Security Challenges Technical Challenges - Data is constantly in motion - Huge volumes of database activity to log - Performance impact not acceptable - Segregation of security duties from DBAs - Change to applications not acceptable - Database agent(s) mgt nightmare - Connection pools hide user identity Who s responsible? - SOC, NOC, DBA?, Application Team? Budgetary Dilemmas - Additional staffing in SOC/NOC - Databases are only a component of overall security p. 10
11 Security Solution Technologies: Deployment Phases Drivers: Security & Compliance Phase I VA, Antivirus, Firewall, IPS/IDS, Access Control Phase II SIEM Deployment (Network Perimeter & Host) Phase III Monitor Databases & Applications Phase IV Prevent Leakage of Sensitive Data (DLP) p. 11
12 Top Database Security Threats Excessive Privilege Abuse Legitimate Privilege Escalation Database Platform Vuln(s) SQL Injection Weak Audit Trail Denial of Service (DoS) Database Comm Protocol Weak Authentication Backup Data Exposure Source GNC Computer News p. 12
13 The Need For Diligence/Awareness OCR has charted a course aimed at promoting compliance, but enforcement ready. HITECH specifically directs that HHS/OCR will conduct compliance audits/investigate major breaches. Incident based investigations climbs to over 250, approximately 25,000 smaller breaches, and countless others not reported. OCR requests 10% increase in budget. HHS levy first fines, Cignet Health hit with $4.3M and Massachusetts General given $1.3M fine and RA. Two sentenced to jail time, several others under indictment. 2011, OCR initiates training for State AGs to enforce HIPAA. p. 13
14 Top Use Cases Privileged user monitoring Database protection Detect fraud & policy violations Top consumers of sensitive data Reduce cost of breach notification reporting p. 14
15 Use Case: Privileged User Monitoring Example 1: Normal Database Access 1. User jsmith accesses the core database server for normal use 2. Normal activity is logged, providing an audit trail 3. Activity is collected for analysis and correlation by NitroView ESM p. 15
16 Use Case: Privileged User Monitoring Example 1: Normal Database Access 1. User jsmith accesses the core database server for normal use 2. Normal activity is logged, providing an audit trail 3. Activity is collected for analysis and correlation by NitroView ESM Real Time Audit Trail of ALL SQL p. 16
17 Use Case: Database Protection Example 2: Brute Force Login 1. User jsmith logs in to core database after multiple failed logins 2. NitroGuard DBM sends an alert a. The event is collected for analysis and correlation by NitroView ESM b. The event is logged for evidentiary purposes and compliance reporting p. 17
18 Use Case: Database Protection Example 2: Brute Force Login 1. User jsmith logs in to core database after multiple failed logins 2. NitroGuard DBM sends an alert a. The event is collected for analysis and correlation by NitroView ESM b. The event is logged for evidentiary purposes and compliance reporting p. 18
19 Use Case: Database Protection Example 2: Brute Force Login 1. User jsmith logs in to core database after multiple failed logins 2. NitroGuard DBM sends an alert a. The event is collected for analysis and correlation by NitroView ESM b. The event is logged for evidentiary purposes and compliance reporting p. 19
20 Use Case: Database Protection - SQL Injection Scenario Example 3: Unusual Amount of Sensitive Data is Accessed 1. Attacker spider the web application 2. Finds a SQL Injection flaw and injects code in the database 3. Waits for legitimate user to access code using browser 4. Browser executes malicious code Web Server p. 20
21 Use Case: Database Protection - SQL Injection Scenario Example 3: Unusual Amount of Sensitive Data is Accessed 1. Attacker spider the web application 2. Finds a SQL Injection flaw and injects code in the database 3. Waits for legitimate user to access code using browser 4. Browser executes malicious code Web Server Attacker spiders the web application p. 21
22 Use Case: Database Protection - SQL Injection Scenario Example 3: Unusual Amount of Sensitive Data is Accessed 1. Attacker spider the web application 2. Finds a SQL Injection flaw and injects code in the database 3. Waits for legitimate user to access code using browser 4. Browser executes malicious code Web Server Attacker spiders the web application Looks for SQL Injection flaws Injects code in the database p. 22
23 Use Case: Database Protection - SQL Injection Scenario Example 3: Unusual Amount of Sensitive Data is Accessed 1. Attacker spider the web application 2. Finds a SQL Injection flaw and injects code in the database 3. Waits for legitimate user to access code using browser 4. Browser executes malicious code Waits for user to access the database Web Server Attacker spiders the web application Looks for SQL Injection flaws Injects code in the database p. 23
24 Use Case: Database Protection - SQL Injection Scenario Example 3: Unusual Amount of Sensitive Data is Accessed 1. Attacker spider the web application 2. Finds a SQL Injection flaw and injects code in the database 3. Waits for legitimate user to access code using browser 4. Browser executes malicious code Waits for user to access the database Browser executes malicious code Web Server Attacker spiders the web application Looks for SQL Injection flaws Injects code in the database p. 24
25 Use Case: Fraud Detection & Policy Violations Example 4: Unusual Amount of Sensitive Data is Accessed 1. User jsmith accesses critical database source 2. NitroGuard DBM detects a result size policy violation for jsmith a. An event is collected for analysis and correlation by NitroView ESM b. The event is logged for evidentiary purposes and compliance reporting p. 25
26 Use Case: Fraud Detection & Policy Violations Example 4: Unusual Amount of Sensitive Data is Accessed 1. User jsmith accesses critical database source 2. NitroGuard DBM detects a result size policy violation for jsmith a. An event is collected for analysis and correlation by NitroView ESM b. The event is logged for evidentiary purposes and compliance reporting p. 26
27 Verizon Data Breach Investigations Report Most widely used attack path Web application, 79% Most widely compromised asset by number of records Database server, 75% Most compromised data type Payment card data, 98% Type of assets misused Database Server, 23% p. 27
28 What Works in DB Monitoring p. 28
29 What Works in DB Monitoring Database Agent(s) p. 29
30 What Works in DB Monitoring Network Appliance p. 30
31 What Works in DB Monitoring Network Appliance Database Agent(s) Database Agent(s) - Performance impact on db server - Harder to deploy & manage - Limited scalability - Inferior audit logs p. 31
32 What Works in DB Monitoring Network Appliance Database Agent(s) Network Appliance Database Agent(s) - Performance impact on db server - Harder to deploy & manage - Limited scalability - Inferior audit logs p. 32
33 Pitfalls with Native DBMS Controls Performance impact on db server Harder to deploy & manage Limited scalability Inferior audit logs Cannot easily segregate database security duties from the DBA Cannot correlate series of events for root cause analysis Cannot discover and prevent database attacks Cannot monitor response/content Cannot track a person using a generic database login Cannot mask sensitive content No integration with SIEM, Log Mgmt, Alerting, Enterprise solutions No secure central logging, reporting and notification p. 33
34 Monitoring Technologies at a Glance Source Gartner SIEM DAM DLP Fraud Detection Application activity Application access Database activity File access DB activity: privileged user System activity: privileged user Network activity: user User activity at this layer is not visible This technology is a primary monitoring method for this layer. User activity at this layer is visible in a broad set of use cases, but other technologies provide deeper monitoring. User activity at this layer is visible, but monitoring is limited to the primary use cases of the technology. p. 34
35 Integrated Database & Application Security p. 35
36 Integrated Database & Application Security DBM agent NitroView DBM Full-session capture of SQL activity, db content use, db server discovery Log DBA console activity p. 36
37 Integrated Database & Application Security DBM agent NitroView DBM Full-session capture of SQL activity, db content use, db server discovery Log DBA console activity p. 37
38 Integrated Database & Application Security Block database exploits and SQL Injection attacks before they reach the network core NitroGuard IPS DBM agent NitroView DBM Full-session capture of SQL activity, db content use, db server discovery Log DBA console activity p. 38
39 Integrated Database & Application Security Monitor all OS security events - users logging in/out, access/change to database config files & backups Block database exploits and SQL Injection attacks before they reach the network core NitroView Receivers NitroGuard IPS DBM agent NitroView DBM Full-session capture of SQL activity, db content use, db server discovery Log DBA console activity p. 39
40 Integrated Database & Application Security Monitor all OS security events - users logging in/out, access/change to database config files & backups Block database exploits and SQL Injection attacks before they reach the network core NitroView Receivers NitroGuard IPS DBM agent NitroView DBM Monitor potential leakage of sensitive database content via , chat, web, P2P NitroView ADM Full-session capture of SQL activity, db content use, db server discovery Log DBA console activity p. 40
41 Integrated Database & Application Security SOC/NOC Compliance DBA s Management Event correlation Incidence response VA integration User activity profiling Central policy & mgt Analysis & forensics Reporting, notification NitroView ESM Monitor all OS security events - users logging in/out, access/change to database config files & backups Block database exploits and SQL Injection attacks before they reach the network core NitroView Receivers NitroGuard IPS DBM agent NitroView DBM Monitor potential leakage of sensitive database content via , chat, web, P2P NitroView ADM Full-session capture of SQL activity, db content use, db server discovery Log DBA console activity p. 41
42 Product Demonstration NitroSecurity: Unifying Information Security page 42
43 Top Use Cases Privileged user monitoring Database protection Detect fraud & policy violations Top consumers of sensitive data Reduce cost of breach notification reporting NitroSecurity: Unifying Information Security page 43
44 NitroSecurity: Unifying Information Security page 44
45 Full Session Detail NitroSecurity: Unifying Information Security page 45
46 NitroSecurity: Unifying Information Security page 46
47 Top Use Cases Privileged user monitoring Database protection Detect fraud & policy violations Top consumers of sensitive data Reduce cost of breach notification reporting NitroSecurity: Unifying Information Security page 47
48 Database Activity & Event Correlation Advanced Visualization, Activity Baselining, Event Analysis & Drill-down p. 48
49 Central Policy Management & Rollout p. 49
50 Top Use Cases Privileged user monitoring Database protection Detect fraud & policy violations Top consumers of sensitive data Reduce cost of breach notification reporting p. 50
51 Discovery of Sensitive Content p. 51
52 p. 52
53 p. 53
54 Correlation Rule Editor Correlation with security events, flows, application logs, identity & VA tools Over 150 devices support out-of-box p. 54
55 User Activity Profiling Commands and objects are accessed by a user and deviation from normal behavior p. 55
56 Top Use Cases Privileged user monitoring Database protection Detect fraud & policy violations Top consumers of sensitive data Reduce cost of breach notification reporting p. 56
57 Discovery of Sensitive Content p. 57
58 Customized Application Views p. 58
59 Top Use Cases Privileged user monitoring Database protection Detect fraud & policy violations Top consumers of sensitive data Reduce cost of breach notification reporting p. 59
60 Pre-defined Database Views and Graphical Reports p. 60
61 Monitoring of Database Config & Backup Files p. 61
62 Auto Discovery of Databases & Easy 1-Step Setup Database Discovery Setup & Configuration - Add DBM Device, Add Database Servers, Add Optional Database Agents p. 62
63 Easy Setup, Deployment & Management p. 63
64 Integrated Agent Management p. 64
65 Database Change Control Management p. 65
66 Application User Tracking Correlating the SQL transaction with another data source Identifying a user-identifier/token in the SQL p. 66
67 Sensitive Data Masking p. 67
68 QUESTIONS VISIT US AT p. 68
NitroView. Content Aware SIEM TM. Unified Security and Compliance Unmatched Speed and Scale. Application Data Monitoring. Database Monitoring
NitroView Unified Security and Compliance Unmatched Speed and Scale Application Data Monitoring Database Monitoring Log Management Content Aware SIEM TM IPS Today s security challenges demand a new approach
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationDatabase Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com
Database Auditing: Best Practices Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com Verizon 2009 Data Breach Investigations Report: 285 million records were compromised
More informationRedefining SIEM to Real Time Security Intelligence
Redefining SIEM to Real Time Security Intelligence David Osborne Security Architect September 18, 2012 Its not paranoia if they really are out to get you Malware Malicious Insiders Exploited Vulnerabilities
More informationNitroView Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), & Receivers
NitroView Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), & Receivers The World's Fastest and Most Scalable SIEM Finally an enterprise-class security information and event management system
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting
More informationSecurity management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.
Security management solutions White paper IBM Tivoli and Consul: Facilitating security audit and March 2007 2 Contents 2 Overview 3 Identify today s challenges in security audit and compliance 3 Discover
More informationDatabase Auditing & Security. Brian Flasck - IBM Louise Joosse - BPSolutions
Database Auditing & Security Brian Flasck - IBM Louise Joosse - BPSolutions Agenda Introduction Drivers for Better DB Security InfoSphere Guardium Solution Summary Netherlands Case Study The need for additional
More informationLogging and Auditing in a Healthcare Environment
Logging and Auditing in a Healthcare Environment Mac McMillan CEO CynergisTek, Inc. OCR/NIST HIPAA Security Rule Conference Safeguarding Health Information: Building Confidence Through HIPAA Security May
More informationALERT LOGIC FOR HIPAA COMPLIANCE
SOLUTION OVERVIEW: ALERT LOGIC FOR HIPAA COMPLIANCE AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE Alert Logic provides organizations with the most advanced and cost-effective means to secure their healthcare
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationThe Need for Real-Time Database Monitoring, Auditing and Intrusion Prevention
Whitepaper The Need for Real-Time Database Monitoring, Auditing and Intrusion Prevention May 2007 Copyright Sentrigo Ltd. 2007, All Rights Reserved The Challenge: Securing the Database Much of the effort
More informationData Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan
WHITE PAPER Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan Introduction to Data Privacy Today, organizations face a heightened threat landscape with data
More informationHow To Secure A Database From A Leaky, Unsecured, And Unpatched Server
InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions Agenda Any questions unresolved? The Guardium Architecture Integration with Existing Infrastructure Summary Any questions
More informationRSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief
RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with
More informationProtect the data that drives our customers business. Data Security. Imperva s mission is simple:
The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent
More informationCopyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Security Inside Out Latest Innovations in Oracle Database 12c Jukka Männistö Database Architect Oracle Nordic Coretech Presales The 1995-2014 Security Landscape Regulatory Landscape HIPAA, SOX (2002),
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationMcAfee Database Security. Dan Sarel, VP Database Security Products
McAfee Database Security Dan Sarel, VP Database Security Products Agenda Databases why are they so frail and why most customers Do very little about it? Databases more about the security problem Introducing
More informationEnabling Security Operations with RSA envision. August, 2009
Enabling Security Operations with RSA envision August, 2009 Agenda What is security operations? How does RSA envision help with security operations? How does RSA envision fit with other EMC products? If
More informationETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001
001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110
More informationReal-Time Database Protection and. Overview. 2010 IBM Corporation
Real-Time Database Protection and Monitoring: IBM InfoSphere Guardium Overview Agenda Business drivers for database security InfoSphere Guardium architecture Common applications The InfoSphere portfolio
More informationCopyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Security Inside-Out with Oracle Database 12c Denise Mallin, CISSP Oracle Enterprise Architect - Security The following is intended to outline our general product direction. It is intended for information
More informationBest Practices for Database Security
Database Security Databases contain a large amount of highly sensitive data, making database protection extremely important. But what about the security challenges that can pose a problem when it comes
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationInformation Technology Policy
Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov
More informationWhite Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere
Protecting Databases from Unauthorized Activities Using Imperva SecureSphere White Paper As the primary repository for the enterprise s most valuable information, the database is perhaps the most sensitive
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationHow to prepare your organization for an OCR HIPAA audit
How to prepare your organization for an OCR HIPAA audit Presented By: Mac McMillan, FHIMSS, CISM CEO, CynergisTek, Inc. Technical Assistance: 978-674-8121 or Amanda.Howell@iatric.com Audio Options: Telephone
More informationObtaining Value from Your Database Activity Monitoring (DAM) Solution
Obtaining Value from Your Database Activity Monitoring (DAM) Solution September 23, 2015 Mike Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer Integrigy Corporation
More informationCopyright 2013, Oracle and/or its affiliates. All rights reserved.
1 Solutions for securing and auditing Oracle database Edgars Ruņģis Technology Consultant Why Are Databases Vulnerable? 80% of IT Security Programs Don t Address Database Security Forrester Research Enterprises
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationSIEM Implementation Approach Discussion. April 2012
SIEM Implementation Approach Discussion April 2012 Agenda What are we trying to solve? Summary Observations from the Security Assessments related to Logging & Monitoring Problem Statement Solution Conceptual
More informationDEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER
DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target
More informationForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)
ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) CONTENT Introduction 2 Overview of Continuous Diagnostics & Mitigation (CDM) 2 CDM Requirements 2 1. Hardware Asset Management 3 2. Software
More informationAchieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR
Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationFive Ways to Use Security Intelligence to Pass Your HIPAA Audit
e-book Five Ways to Use Security Intelligence to Pass Your HIPAA Audit HIPAA audits on the way 2012 is shaping up to be a busy year for auditors. Reports indicate that the Department of Health and Human
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationAvoiding the Top 5 Vulnerability Management Mistakes
WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationIBM Security Intelligence Strategy
IBM Security Intelligence Strategy Delivering Insight with Agility October 17, 2014 Victor Margina Security Solutions Accent Electronic 12013 IBM Corporation We are in an era of continuous breaches Operational
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationSecuring SharePoint 101. Rob Rachwald Imperva
Securing SharePoint 101 Rob Rachwald Imperva Major SharePoint Deployment Types Internal Portal Uses include SharePoint as a file repository Only accessible by internal users Company Intranet External Portal
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationA Database Security Management White Paper: Securing the Information Business Relies On. November 2004
A Database Security Management White Paper: Securing the Information Business Relies On November 2004 IPLocks, Inc. 441-A W. Trimble Road, San Jose, CA 95131 USA A Database Security Management White Paper:
More informationCorreLog: Mature SIEM Solution on Day One Paul Gozaloff, CISSP. Presentation for SC Congress esymposium CorreLog, Inc. Tuesday, August 5, 2014
CorreLog: Mature SIEM Solution on Day One Paul Gozaloff, CISSP Presentation for SC Congress esymposium CorreLog, Inc. Tuesday, August 5, 2014 Agenda 1. About CorreLog 2. Log Management vs. SIEM 3. The
More informationApplication and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium
Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium Organizations need an end-to-end web application and database security solution to protect data, customers, and their businesses.
More informationCopyright 2013, Oracle and/or its affiliates. All rights reserved.
1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
More informationSecurity and Privacy of Electronic Medical Records
White Paper Security and Privacy of Electronic Medical Records McAfee SIEM and FairWarning team up to deliver a unified solution Table of Contents Executive Overview 3 Healthcare Privacy and Security Drivers
More informationHow To Create Situational Awareness
SIEM: The Integralis Difference January, 2013 Avoid the SIEM Pitfalls Get it right the first time Common SIEM challenges Maintaining staffing levels 24/7 Blended skills set, continuous building of rules
More information<COMPANY> PR11 - Log Review Procedure. Document Reference Date 30th September 2014 Document Status. Final Version 3.
PR11 - Log Review Procedure Document Reference PR11 - Log Review Procedure Date 30th September 2014 Document Status Final Version 3.0 Revision History 1.0 12 January 2010 - Initial release. 1.1 14 September
More informationSecurity strategies to stay off the Børsen front page
Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the
More informationProtecting Sensitive Data Reducing Risk with Oracle Database Security
Protecting Sensitive Data Reducing Risk with Oracle Database Security Antonio.Mata.Gomez@oracle.com Information Security Architect Agenda 1 2 Anatomy of an Attack Three Steps to Securing an Oracle Database
More information1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information Proteggere i dati direttamente nel database Una proposta tecnologica Angelo Maria Bosis Sales Consulting Senior Manager
More information8 Steps to Holistic Database Security
Information Management White Paper 8 Steps to Holistic Database Security By Ron Ben Natan, Ph.D., IBM Distinguished Engineer, CTO for Integrated Data Management 2 8 Steps to Holistic Database Security
More informationMcAfee Security Information Event Management (SIEM) Administration Course 101
McAfee Security Information Event Management (SIEM) Administration Course 101 Intel Security Education Services Administration Course The McAfee SIEM Administration course from McAfee Education Services
More informationFISMA / NIST 800-53 REVISION 3 COMPLIANCE
Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationTop Ten Database Security Threats
How to Mitigate the Most Significant Database Vulnerabilities Written by: Amichai Shulman Co-founder, CTO The enterprise database infrastructure is subject to an overwhelming range of threats. This document
More informationAn Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011
An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011 Brian McLean, CISSP Sr Technology Consultant, RSA Changing Threats and More Demanding Regulations External
More informationFeature. Log Management: A Pragmatic Approach to PCI DSS
Feature Prakhar Srivastava is a senior consultant with Infosys Technologies Ltd. and is part of the Infrastructure Transformation Services Group. Srivastava is a solutions-oriented IT professional who
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationApplication Monitoring for SAP
Application Monitoring for SAP Detect Fraud in Real-Time by Monitoring Application User Activities Highlights: Protects SAP data environments from fraud, external or internal attack, privilege abuse and
More informationMucho Big Data y La Seguridad para cuándo?
Mucho Big Data y La Seguridad para cuándo? Juan Carlos Vázquez Sales Systems Engineer, LTAM mayo 9, 2013 Agenda Business Drivers Big Security Data GTI Integration SIEM Architecture & Offering Why McAfee
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationARS v2.0. Solution Brief. ARS v2.0. EventTracker Enterprise v7.x. Publication Date: July 22, 2014
Solution Brief EventTracker Enterprise v7.x Publication Date: July 22, 2014 EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker delivers business critical solutions that
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationMaking Database Security an IT Security Priority
Sponsored by Oracle Making Database Security an IT Security Priority A SANS Whitepaper November 2009 Written by Tanya Baccam Security Strategy Overview Why a Database Security Strategy? Making Databases
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationRealize That Big Security Data Is Not Big Security Nor Big Intelligence
G00245789 Realize That Big Security Data Is Not Big Security Nor Big Intelligence Published: 19 April 2013 Analyst(s): Joseph Feiman Security intelligence's ultimate objective, enterprise protection, is
More informationHayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks
EXTENDING ACCESS WHILE ENHANCING CONTROL FOR YOUR ORGANIZATION S DATA LEVERAGE THE POWER OF F5 AND ORACLE TO DELIVER SECURE ACCESS TO APPLICATIONS AND DATABASES Hayri Tarhan, Sr. Manager, Public Sector
More informationHow To Protect Data From Attack On A Computer System
Information Management White Paper Understanding holistic database security 8 steps to successfully securing enterprise data sources 2 Understanding holistic database security News headlines about the
More informationHIPAA and HITECH Compliance for Cloud Applications
What Is HIPAA? The healthcare industry is rapidly moving towards increasing use of electronic information systems - including public and private cloud services - to provide electronic protected health
More informationScalability in Log Management
Whitepaper Scalability in Log Management Research 010-021609-02 ArcSight, Inc. 5 Results Way, Cupertino, CA 95014, USA www.arcsight.com info@arcsight.com Corporate Headquarters: 1-888-415-ARST EMEA Headquarters:
More informationWeb Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com
Web Application Security Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com Security s Gaping Hole 64% of the 10 million security incidents tracked targeted port 80. Information Week
More informationPCI DSS Reporting WHITEPAPER
WHITEPAPER PCI DSS Reporting CONTENTS Executive Summary 2 Latest Patches not Installed 3 Vulnerability Dashboard 4 Web Application Protection 5 Users Logging into Sensitive Servers 6 Failed Login Attempts
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationTHE FIRST UNIFIED DATABASE SECURITY SOLUTION. Product Overview Security. Auditing. Caching. Masking.
THE FIRST UNIFIED DATABASE SECURITY SOLUTION Product Overview Security. Auditing. Caching. Masking. 2 The First Unified Database Security Solution About the products The GreenSQL family of Unified Database
More informationChecklist for HIPAA/HITECH Compliance Best Practices for Healthcare Information Security
Checklist for HIPAA/HITECH Compliance Best Practices for Healthcare Information Security Ali Pabrai, MSEE, CISSP (ISSMP, ISSAP) For Daily Compliance & Security Tips, Follow ecfirst @ Agenda Review the
More informationMeeting PCI-DSS v1.2.1 Compliance Requirements. By Compliance Research Group
Meeting PCI-DSS v1.2.1 Compliance Requirements By Compliance Research Group Table of Contents Technical Security Controls and PCI DSS Compliance...1 Mapping PCI Requirements to Product Functionality...2
More information10 Reasons Your Existing SIEM Isn t Good Enough
Technical Whitepaper 10 Reasons Your Existing SIEM Isn t Good Enough eiqnetworks, Inc. World Headquarters 31 Nagog Park Acton, MA 01720 978.266.9933 www.eiqnetworks.com TABLE OF CONTENTS SECTION PAGE Introduction......................................................
More information應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊
應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing
More informationSecurity and Privacy of Electronic Medical Records. White Paper
Security and Privacy of Electronic Medical Records White Paper Executive Overview Patient confidentiality is a growing concern for healthcare organizations. Government regulations, electronic health records,
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationHigh End Information Security Services
High End Information Security Services Welcome Trion Logics Security Solutions was established after understanding the market's need for a high end - End to end security integration and consulting company.
More informationThe Comprehensive Guide to PCI Security Standards Compliance
The Comprehensive Guide to PCI Security Standards Compliance Achieving PCI DSS compliance is a process. There are many systems and countless moving parts that all need to come together to keep user payment
More informationAB 1149 Compliance: Data Security Best Practices
AB 1149 Compliance: Data Security Best Practices 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: AB 1149 is a new California
More informationSecurity. Security consulting and Integration: Definition and Deliverables. Introduction
Security Security Introduction Businesses today need to defend themselves against an evolving set of threats, from malicious software to other vulnerabilities introduced by newly converged voice and data
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationLeveraging Privileged Identity Governance to Improve Security Posture
Leveraging Privileged Identity Governance to Improve Security Posture Understanding the Privileged Insider Threat It s no secret that attacks on IT systems and information breaches have increased in both
More informationCorreLog Alignment to PCI Security Standards Compliance
CorreLog Alignment to PCI Security Standards Compliance Achieving PCI DSS compliance is a process. There are many systems and countless moving parts that all need to come together to keep user payment
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationFull-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform
Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Solution Brief Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Finding
More informationAuditing Mission-Critical Databases for Regulatory Compliance
Auditing Mission-Critical Databases for Regulatory Compliance Agenda: It is not theoretical Regulations and database auditing Requirements and best practices Summary Q & A It is not theoretical Database
More informationEffective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Taking your IT security to the next level, you have to consider a paradigm shift. In the past companies mostly
More informationAuditing MySQL for Security and Compliance. Mehlam Shakir CTO RippleTech, Inc.
Auditing MySQL for Security and Compliance Mehlam Shakir CTO RippleTech, Inc. Agenda + Company Background + Database Security: Business Drivers + Product Demonstration 2 Company Background RippleTech:
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More information