IBM Security Framework
|
|
- Kristian Bridges
- 8 years ago
- Views:
Transcription
1 IBM Security Framework Intelligence, Integration and Expertise Sadu Bajekal, Senior Technical Staff Member Principal Security Architect IBM Security Systems January 28, IBM Corporation
2 Agenda Introduction: The evolving threat landscape A new approach to security is needed How the IBM Security Framework is positioned to help 2
3 M O T I V A T I O N IBM Security Systems Motivations and sophistication are rapidly evolving National Security, Economic Espionage Nation-state actors, APTs Stuxnet, Aurora, APT-1 Notoriety, Activism, Defamation Hacktivists Lulzsec, Anonymous Monetary Gain Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Nuisance, Curiosity Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red S O P H I S T I C A T I O N 3
4 Evolving threats and increasing payoffs INTERNAL EXTERNAL PAYOFFS 4
5 X-Force Research: Attackers are taking advantage of the human factor 5 Source: IBM X-Force Research 2013 Trend and Risk Report
6 IT Security is a board room discussion CEO CFO/COO CIO CHRO CMO Loss of market share and reputation Legal exposure Audit failure Fines and criminal charges Financial loss Loss of data confidentiality, integrity and/or availability Violation of employee privacy Loss of customer trust Loss of brand reputation Increasingly, companies are appointing CROs and CISOs with a direct line to the Audit Committee 6 Source: Discussions with more than 13,000 C-suite executives as part of the IBM C-suite Study Series
7 IBM Corporation
8 Security challenges are a complex, four-dimensional puzzle People Employees Consultants Attackers Partners Outsourcers Customers Suppliers Data Structured Unstructured At rest In motion Applications Systems Applications Web Applications Web 2.0 Mobile Applications Infrastructure Datacenters PCs Laptops Mobile Cloud Non-traditional that requires a new approach 9
9 Thinking differently about security Then Now People Administration Insight Data Basiccontrol Laserfocused Applications Bolt-on Built-in Infrastructure Thicker walls Smarter defenses Collect and Analyze Everything 10
10 Customers have a growing need to identify and protect against threats by building insights from broader data sets Traditional Security Operations and Technology Logs Events Alerts Configuration information System audit trails Identity context New Considerations Collection, Storage and Processing Collection and integration Size and speed Enrichment and correlation Big Data Analytics Network flows and anomalies External threat intelligence feeds Web page text and social activity Full packet and DNS captures Business process data Customer transactions Analytics and Workflow Visualization Unstructured analysis Learning and prediction Customization Sharing and export 11
11 Reaching security maturity Security Intelligence Predictive Analytics, Big Data Workbench, Flow Analytics SIEM and Vulnerability Management Log Management Advanced Fraud Protection People Data Applications Infrastructure Optimized Identity governance Fine-grained entitlements Privileged user management Data governance Encryption key management Fraud detection Hybrid scanning and correlation Multi-faceted network protection Anomaly detection Hardened systems Proficient User provisioning Access management Strong authentication Data masking / redaction Database activity monitoring Data loss prevention Web application protection Source code scanning Virtualization security Asset management Endpoint / network security management Basic Directory management Encryption Database access control Application scanning Perimeter security Host security Anti-virus
12 IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework Intelligence Integration Expertise 13
13 IBM Security: Market-changing milestones Mainframe and Server Security Access Management 1976 Network Intrusion Prevention SOA Management and Security Identity 2005 Management 2002 Resource Access Control Facility (RACF) is created, eliminating the need for each application to imbed security 1999 Dascom is acquired for access management capabilities Access360 is acquired for identity management capabilities MetaMerge is acquired for directory integration capabilities Compliance Management DataPower is acquired for SOA management and security capabilities 2006 Internet Security Systems, Inc. is acquired for security research and network protection capabilities Database Monitoring 2007 Watchfire is acquired for security and compliance capabilities Application Security Consul is acquired for risk management capabilities Princeton Softech is acquired for data management capabilities 2008 Security Analytics Encentuate is acquired for enterprise single-sign-on capabilities 2009 Ounce Labs is acquired for application security capabilities Guardium is acquired for enterprise database monitoring and protection capabilities Security Intelligence 2010 Advanced Fraud Protection Big Fix is acquired for endpoint security management capabilities NISC is acquired for information and analytics management capabilities 2011 Q1 Labs is acquired for security intelligence capabilities IBM Security Investment 6,000+ IBM Security experts worldwide 3,000+ IBM security patents 4,000+ IBM managed security services clients worldwide IBM Security labs worldwide 2013 Intent to acquire Trusteer for mobile and application security, counter-fraud and malware detection IBM Security Systems division is created 14
14 IBM offers a comprehensive portfolio of security products IBM Security Systems Portfolio Security Intelligence and Analytics QRadar Log Manager QRadar SIEM QRadar Risk Manager QRadar Vulnerability Manager Advanced Fraud Protection Trusteer Rapport Trusteer Pinpoint Malware Detection Trusteer Pinpoint ATO Detection Trusteer Mobile Risk Engine People Data Applications Network Infrastructure Endpoint Identity Management Guardium Data Security and Compliance AppScan Source Network Intrusion Prevention Trusteer Apex Access Management Guardium DB Vulnerability Management AppScan Dynamic Next Generation Network Protection Mobile and Endpoint Management Privileged Identity Manager Guardium / Optim Data Masking DataPower Web Security Gateway SiteProtector Threat Management Virtualization and Server Security Federated Access and SSO Key Lifecycle Manager Security Policy Manager Network Anomaly Detection Mainframe Security IBM X-Force Research 15
15 Increase security, collapse silos, and reduce complexity Integrated Intelligence. Integrated Research. Integrated Protection. Consolidate and correlate siloed information from hundreds of sources Stay ahead of the changing threat landscape Link security and vulnerability information across domains JK
16 Intelligent Security for the Cloud Security Intelligence Provide visibility, auditability and control for the cloud Identity Protection Administer, secure, and extend identity and access to and from the cloud Data and Application Protection Secure enterprise databases Build, test and maintain secure cloud applications Threat Protection Prevent advanced threats with layered protection and analytics 17
17 Securing the Mobile Enterprise Device Management Security for endpoint device and data Network, Data, and Access Security Achieve visibility and adaptive security policies Application Layer Security Develop and test applications 18
18 Driving Compliance with Enhanced Visibility and Controls Security Intelligence Activity Monitoring, Anomaly Detection, Reporting Preventing insider threat Monitoring Data and PII concerns Managing end users and Privacy concerns Accessing Applications on a need-to-know basis 19 IBM Confidential
19 Security Intelligence: Integrating across IT silos Security Intelligence and Analytics Security devices Servers and mainframes Network and virtual activity Data activity Application activity Configuration information Vulnerabilities and threats Correlation Logs/events Flows IP reputation Geographic location Activity baselining and anomaly detection User activity Database activity Application activity Network activity Offense identification Credibility Severity Relevance True offense Suspected incidents Users and identities Extensive data sources Deep intelligence + = Exceptionally accurate and actionable insight 20 Key Themes Increased Data Sources Data from 450+ security collectors and Integration with X-Force intelligence and other external feeds to use in analysis for determining relevant vulnerabilities and potential threats Integrated Vulnerability Management Comprehensive understanding of the configuration and exposure of systems in the environment, enabling contextual analysis to determine vulnerabilities against particular threats Enhanced Identity Context V13-03 Integrated understanding of users, their roles, level of privilege, geographical location and their typical behaviors to enable enterprises to identify abnormal activity that might indicate insider threat
20 Integration: A unified architecture delivered in a single console Designed from scratch to deliver massive log management scale without any compromise on SIEM Intelligence Log Management NextGen SIEM Activity Monitoring Risk Management Vulnerability Management Network Forensics 21
21 Identity and Access Management: Helping to extend secure user access across the enterprise People 22 Key Themes Standardized IAM and Compliance Management Expand IAM vertically to provide identity and access intelligence to the business; Integrate horizontally to enforce user access to data, app, and infrastructure Secure Cloud, Mobile, Social Interaction Enhance context-based access control for cloud, mobile and SaaS access, as well as integration with proofing, validation and authentication solutions Insider Threat and IAM Governance Continue to develop Privileged Identity Management (PIM) capabilities and enhanced Identity and Role management
22 Announcing: Threat-Aware Identity and Access Management New capabilities to help organizations secure enterprise identity as a new perimeter Safeguard mobile, cloud and social interactions Validate who is who when users connect from outside the enterprise Enforce proactive access policies on cloud, social and mobile collaboration channels Prevent insider threat and identity fraud Manage shared access inside the enterprise Defend applications and access against targeted web attacks and vulnerabilities Deliver intelligent identity and access assurance Enable identity management for the line of business Enhance user activity monitoring and security intelligence across security domains Simplify identity silos and cloud integrations Provide visibility into all available identities within the enterprise Unify Universe of Identities for security management 23
23 Helping achieve secure transactions and graded trust Safeguard mobile, cloud and social interactions Eliminate use of passwords to secure mobile application access Implement Risk Based access posture for BYOD Validate Customer Identity interacting via Mobile and Social channels Enforce Identity context for Mobile, SaaS and Cloud access Eliminate use of passwords to secure mobile app access ISAM for Mobile 24
24 Prevent insider breaches caused by privileged identity misuse Prevent insider threat and identity fraud Audit privileged user activity and sensitive data access Address compliance, regulatory and privacy requirements Secure user access and content against targeted attacks Integrated security intelligence Session Recording Credential Vault Administrative ID Target Systems 25
25 Security Solutions i n t e g r a t e i n t e g r a t e IT & Business Process IBM Security Systems Data Security: Helping to secure structured, unstructured, online and offline data across the enterprise Data Governance, Security Intelligence, Analytics Audit, Reporting, and Monitoring Protect data in any form, anywhere, from internal or external threats Streamline regulation compliance process Data at Rest Protection & Encryption Policy-based Access and Entitlements Data Discovery and Classification Enforcement Data in Motion Network Loss Prevention Data in Use Endpoint Loss Prevention Reduce operational costs around data protection Stored (Databases, File Servers, Big Data, Data Warehouses, Application Servers, Cloud/Virtual..) over Network (SQL, HTTP, SSH, FTP, ,. ) at Endpoint (workstations, laptops, mobile, ) Key Themes 26 Expand to new platforms Expand beyond supporting databases to all relevant data sources, including data warehouses, file shares, file systems, enterprise content managers, and Big Data (Hadoop, NoSQL, in-memory DB), wherever data is stored Introduce new data protection capabilities Complement discovery, classification, monitoring, auditing, and blocking with though leadership capabilities like cloud encryption/tokenization, dynamic data masking, and fraud detection Lead on scalability and lower TCO Continue to improve on solution deployability with improvements to scalability, performance, simplification, automation, serviceability, and ease of use
26 InfoSphere Guardium integration with QRadar opens up new opportunities Security Devices In-depth data activity monitoring and security insights from InfoSphere Guardium Servers & Hosts Network & Virtual Activity Event Correlation Databases Data warehouses Big Data environments File shares Database Activity Activity Application Activity Configuration Info Activity Baselining & Anomaly Detection Offense Identification Applications Vulnerability Info User Activity Vulnerability Information Extensive Data Sources Deep Intelligence + = Exceptionally Accurate and Actionable Insight Send security alerts from Guardium to QRadar Send audit reports from Guardium to QRadar to enhance analytics Send database vulnerability assessment status from Guardium to QRadar NEW 28
27 IBM Security Systems Application Security: Helping to protect against the threat of attacks and data breaches Audience Development teams Software Development Lifecycle CODING BUILD QA Penetration Testers SECURITY PRODUCTION Dynamic analysis (black box) Static analysis (white box) Scanning Techniques Programming Languages Applications Governance and Collaboration Security teams Applications Web Applications Web Services Mobile Applications Purchased Applications Test policies, test templates and access control Dashboards, detailed reports and trending Manage regulatory requirements such as PCI, GLBA and HIPAA (40+ out-of-the-box compliance reports) Integrated Build Systems improve scan efficiencies Defect Tracking Systems track remediation IDEs remediation assistance Security Intelligence raise threat level Key Themes Coverage for Mobile applications and new threats Simplified interface and accelerated ROI Security Intelligence Integration Continue to identify and reduce risk by expanding scanning capabilities to new platforms such as mobile, as well as introducing next generation dynamic analysis scanning and glass box testing New capabilities to improve customer time to value and consumability with out-of-the-box scanning, static analysis templates and ease of use features Automatically adjust threat levels based on knowledge of application vulnerabilities by integrating and analyzing scan results with SiteProtector and the QRadar Security Intelligence Platform 29
28 IBM Security Systems Infrastructure Protection: Network Security Intelligence Platform Threat Intelligence and Research Advanced Threat Platform Log Manager Vulnerability Data Intrusion Prevention Network Activity Monitor SIEM Malicious Websites Content and Data Security Infrastructure Risk Manager Malware Information Web Application Protection Network Anomaly Detection Vulnerability Manager IP Reputation Application Control Future Future Future IBM Network Security Key Themes Advanced Threat Protection Platform Expanded X-Force Threat Intelligence Security Intelligence Integration Helps to prevent sophisticated threats and detect abnormal network behavior by using an extensible set of network security capabilities in conjunction with real-time threat information and Security Intelligence Increased coverage of world-wide threat intelligence harvested by X-Force and the consumption of this data to make smarter and more accurate security decisions Tight integration between the Advanced Threat Protection Platform and QRadar Security Intelligence platform to provide unique and meaningful ways to detect, investigate and remediate threats 30
29 X-Force Threat Intelligence: The IBM Differentiator Advanced Security and Threat Research The mission of X-Force is to: Monitor and evaluate the rapidly changing threat landscape Research new attack techniques and develop protection for tomorrow s security challenges Educate our customers and the general public URL/Web Filtering Anti-Spam IP Reputation Web Application Control Provides access to one of the world s largest URL filter databases containing more than 20 billion evaluated Web pages and images Detect spam using known signatures, discover new spam types automatically, 99.9% accurate, near 0% overblocking Categorize malicious websites via their IP address into different threat segments, including malware hosts, spam sources, and anonymous proxies Identifying and providing actions for application traffic, both web-based, such as Gmail, and client based, such as Skype 31 IBM Confidential
30 IBM Security Systems Infrastructure Protection: Endpoint Infrastructure Provides in-depth security across your network, servers, virtual servers, mainframes and endpoints Key Themes Security for Mobile Devices Expansion of Security Content Provide security for and manage traditional endpoints alongside mobile devices such as Apple ios, Google Android, Symbian, and Microsoft Windows Phone - using a single platform Continued expansion of security configuration and vulnerability content to increase coverage for applications, operating systems, and industry best practices 32 Security Intelligence Integration Improved usage of analytics - providing valuable insights to meet compliance and IT security objectives, as well as further integration with SiteProtector and the QRadar Security Intelligence Platform
31 IBM Security: Helping clients optimize IT security Integrated Portfolio Managed and Professional Services Extensive Partner Ecosystem IBM Research 33
32 Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. 34
33 Disclaimer Please Note: IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. 35
34 Customer successes across domains Security Intelligence and Analytics Improve overall security and compliance Global office products supplier achieved greater visibility to potential security threats and PCI compliance with $0 cost increase Advanced Fraud Protection Protect against financial fraud and advanced security threats Banking clients reduced online banking fraud to near zero while complying with regulatory compliance mandates for layered security People Manage user access securely and cost-effectively Major South American bank health reduced the number of help desk calls by 30%, resulting in annual savings of $450,000+ Data Ensure privacy and integrity of data Major global bank saved $1.5 USD / year on storage costs and reduced compliance costs by $20M USD Applications Automate security testing on web-based applications Client added 225 new applications per year to handle US$1 quadrillion in securities transactions per year Infrastructure Proactively alert, simplify monitoring and management Client monitored all devices and networks across all sites with zero false positives without blocking revenue-based traffic 36
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada The Traditional Approach is Changing. Security is no longer controlled and enforced through the
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationMobile, Cloud, Advanced Threats: A Unified Approach to Security
Mobile, Cloud, Advanced Threats: A Unified Approach to Security David Druker, Ph.D. Senior Security Solution Architect IBM 1 Business Security for Business 2 Common Business Functions Manufacturing or
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationIBM & Security Gov. Point Of Views
IBM & Security Gov. Point Of Views Santiago Cavanna Cavanna@Ar.IBM.com @scavanna Point of View: Info Security situation How Government can Protect Itself from Cyber Attacks According to a GovLoop survey,
More informationAhead of the threat with Security Intelligence
Ahead of the threat with Security Intelligence PITB Information Security Conference 2013 Zoaib Nafar Brand Technical Sales Lead 2012 IBM Corporation 1 The world is becoming more digitized and interconnected,
More informationStrengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
More informationIBM Security Intelligence Strategy
IBM Security Intelligence Strategy Delivering Insight with Agility October 17, 2014 Victor Margina Security Solutions Accent Electronic 12013 IBM Corporation We are in an era of continuous breaches Operational
More informationSecurity Intelligence
IBM Security Security Intelligence Security for a New Era of Computing Erno Doorenspleet Consulting Security Executive 1 PARADIGM SHIFT in crime Sophistication is INCREASING Attacks are More Targeted Attackers
More informationSafeguarding the cloud with IBM Dynamic Cloud Security
Safeguarding the cloud with IBM Dynamic Cloud Security Maintain visibility and control with proven security solutions for public, private and hybrid clouds Highlights Extend enterprise-class security from
More informationThe Current State of Cyber Security
The Current State of Cyber Security Bob Kalka, Vice President, IBM Security PARADIGM SHIFT in crime ORGANIZED COLLABORATIVE AUTOMATED 2 Cyber criminals use BUSINESS INTELLIGENCE 3 NOBODY IS IMMUNE 2012
More informationHow to Choose the Right Security Information and Event Management (SIEM) Solution
How to Choose the Right Security Information and Event Management (SIEM) Solution John Burnham Director, Strategic Communications and Analyst Relations IBM Security Chris Meenan Director, Security Intelligence
More informationThe webinar will begin shortly
The webinar will begin shortly An Introduction to Security Intelligence Presented by IBM Security Chris Ross Senior Security Specialist, IBM Security Agenda The Security Landscape An Introduction to Security
More informationSecurity strategies to stay off the Børsen front page
Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the
More informationSecuring the Cloud infrastructure with IBM Dynamic Cloud Security
Securing the Cloud infrastructure with IBM Dynamic Cloud Security Ngo Duy Hiep Security Brand Manager Cell phone: +84 912216753 Email: hiepnd@vn.ibm.com 12015 IBM Corporation Cloud is rapidly transforming
More informationCloud Security. Vaughan Harper IBM Security Architect
Cloud Security Vaughan Harper IBM Security Architect A new security reality is here Sophisticated attackers break through conventional safeguards every day Cloud, mobile, social and big data drive unprecedented
More informationData Security: Fight Insider Threats & Protect Your Sensitive Data
Data Security: Fight Insider Threats & Protect Your Sensitive Data Marco Ercolani Agenda Data is challenging to secure A look at security incidents Cost of a Data Breach Data Governance and Security Understand
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationUnder the Hood of the IBM Threat Protection System
Under the Hood of the System The Nuts and Bolts of the Dynamic Attack Chain 1 Balazs Csendes IBM Security Intelligence Leader, CEE balazs.csendes@cz.ibm.com 1 You are an... IT Security Manager at a retailer
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationIBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
More informationand Security in the Era of Cloud
Re-imagine i Enterprise Mobility and Security in the Era of Cloud Brendan Hannigan General Manager, IBM Security Systems Leverage Cloud as a growth engine for business Exploit Mobile to build customer
More informationIBM SECURITY QRADAR INCIDENT FORENSICS
IBM SECURITY QRADAR INCIDENT FORENSICS DELIVERING CLARITY TO CYBER SECURITY INVESTIGATIONS Gyenese Péter Channel Sales Leader, CEE IBM Security Systems 12014 IBM Corporation Harsh realities for many enterprise
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Visualize current and potential network traffic patterns
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Collect network security device configuration data to
More informationAddressing Security for Hybrid Cloud
Addressing Security for Hybrid Cloud Sreekanth Iyer Executive IT Architect IBM Cloud (CTO Office) Email : sreek.iyer@in.ibm.com Twitter: @sreek Blog: http://ibm.co/sreek July 18, 2015 Cloud is rapidly
More informationIBM Security X-Force Threat Intelligence
IBM Security X-Force Threat Intelligence Use dynamic IBM X-Force data with IBM Security QRadar to detect the latest Internet threats Highlights Automatically feed IBM X-Force data into IBM QRadar Security
More informationBreaking down silos of protection: An integrated approach to managing application security
IBM Software Thought Leadership White Paper October 2013 Breaking down silos of protection: An integrated approach to managing application security Protect your enterprise from the growing volume and velocity
More informationEffectively Using Security Intelligence to Detect Threats and Exceed Compliance
Effectively Using Security Intelligence to Detect Threats and Exceed Compliance Chris Poulin Security Strategist, IBM Reboot Conference 2012 1 Security Threats Affect the Business Business Brand image
More informationIBM Security QRadar SIEM Product Overview
IBM Security QRadar SIEM Product Overview Alex Kioni IBM Security Systems Technical Consultant 1 2012 IBM Corporation The importance of integrated, all source analysis cannot be overstated. Without it,
More informationLeverage security intelligence for retail organizations
Leverage security intelligence for retail organizations Embrace mobile consumers, protect payment and personal data, deliver a secure shopping experience Highlights Reach the connected consumer without
More informationSecurity Intelligence Solutions
Security Intelligence Solutions Know what is going on inside your enterprise with QRadar Joseph Skocich, WW Sales Integration Executive Q1 Labs, an IBM Company June 2012 jskocich@us.ibm.com What is Security
More informationSecurity of Cloud Computing for the Power Grid
ANNUAL INDUSTRY WORKSHOP NOVEMBER 12-13, 2014 Security of Cloud Computing for the Power Grid Industry Panel November 12, 2014 UNIVERSITY OF ILLINOIS DARTMOUTH COLLEGE UC DAVIS WASHINGTON STATE UNIVERSITY
More informationPowering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel World Archit Lohokare Global Product Manager IBM Security Systems 1 2012 IBM Corporation IBM Security Systems division is one of the largest
More informationThe Benefits of an Integrated Approach to Security in the Cloud
The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The
More informationSecurity management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.
Security management solutions White paper IBM Tivoli and Consul: Facilitating security audit and March 2007 2 Contents 2 Overview 3 Identify today s challenges in security audit and compliance 3 Discover
More informationBoosting enterprise security with integrated log management
IBM Software Thought Leadership White Paper May 2013 Boosting enterprise security with integrated log management Reduce security risks and improve compliance across diverse IT environments 2 Boosting enterprise
More informationSafeguarding the cloud with IBM Security solutions
Safeguarding the cloud with IBM Security solutions Maintain visibility and control with proven solutions for public, private and hybrid clouds Highlights Address cloud concerns with enterprise-class solutions
More informationSecuring and protecting the organization s most sensitive data
Securing and protecting the organization s most sensitive data A comprehensive solution using IBM InfoSphere Guardium Data Activity Monitoring and InfoSphere Guardium Data Encryption to provide layered
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationBigData Analytics per la sicurezza delle Infrastrutture Critiche
BigData Analytics per la sicurezza delle Infrastrutture Critiche Vincenzo Conti IBM Security Sales Consultant Energy and utility organizations are at the forefront of attacks Utilities are among the most
More informationRisk-based solutions for managing application security
IBM Software Thought Leadership White Paper September 2013 Risk-based solutions for managing application security Protect the enterprise from the growing volume and velocity of threats with integrated
More informationIBM Security Briefing: Differentiators & Maturity Model
IBM Security Briefing: Differentiators & Maturity Model Hamilton, Bermuda February 11, 2015 Norman John, MBA IBM Security Sales Executive Ontario & Caribbean norm.john@ca.ibm.com @norm_john 1 2014 IBM
More informationAMPLIFYING SECURITY INTELLIGENCE
AMPLIFYING SECURITY INTELLIGENCE WITH BIG DATA AND ADVANCED ANALYTICS Chris Meenan Senior Product Manager, Security Intelligence 1 IBM Security Systems Welcome to a Not So Friendly Cyber World Biggest
More informationIBM Security Intrusion Prevention Solutions
IBM Security Intrusion Prevention Solutions Sarah Cucuz sarah.cucuz@spyders.ca IBM Software Solution Brief IBM Security intrusion prevention solutions In-depth protection for networks, servers, endpoints
More informationQRadar SIEM and FireEye MPS Integration
QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving
More informationCan We Become Resilient to Cyber Attacks?
Can We Become Resilient to Cyber Attacks? Nick Coleman, Global Head Cyber Security Intelligence Services December 2014 Can we become resilient National Security, Economic Espionage Nation-state actors,
More informationBeyond passwords: Protect the mobile enterprise with smarter security solutions
IBM Software Thought Leadership White Paper September 2013 Beyond passwords: Protect the mobile enterprise with smarter security solutions Prevent fraud and improve the user experience with an adaptive
More informationIBM Security Privileged Identity Manager helps prevent insider threats
IBM Security Privileged Identity Manager helps prevent insider threats Securely provision, manage, automate and track privileged access to critical enterprise resources Highlights Centrally manage privileged
More informationSecuring the mobile enterprise with IBM Security solutions
Securing the mobile enterprise with IBM Security solutions Gain visibility and control with proven security for mobile initiatives in the enterprise Highlights Address the full spectrum of mobile risks
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationIBM Smarter Cities Cybersecurity Update
IBM Smarter Cities Cybersecurity Update October 2012 Kent Blossom, Vice President, IBM Security Solutions kblossom@us.ibm.com 1 Discussion Topics IBM Security Systems Evolving Client Priorities & Approaches
More informationApplying IBM Security solutions to the NIST Cybersecurity Framework
IBM Software Thought Leadership White Paper August 2014 Applying IBM Security solutions to the NIST Cybersecurity Framework Help avoid gaps in security and compliance coverage as threats and business requirements
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Protecting your business value from
More informationIBM Security re-defines enterprise endpoint protection against advanced malware
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationService management White paper. Manage access control effectively across the enterprise with IBM solutions.
Service management White paper Manage access control effectively across the enterprise with IBM solutions. July 2008 2 Contents 2 Overview 2 Understand today s requirements for developing effective access
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationStay ahead of insiderthreats with predictive,intelligent security
Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent
More informationQRadar SIEM and Zscaler Nanolog Streaming Service
QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets
More informationHow To Protect Data From Attack On A Computer System
Information Management White Paper Understanding holistic database security 8 steps to successfully securing enterprise data sources 2 Understanding holistic database security News headlines about the
More informationIBM Security QRadar QFlow Collector appliances for security intelligence
IBM Software January 2013 IBM Security QRadar QFlow Collector appliances for security intelligence Advanced solutions for the analysis of network flow data 2 IBM Security QRadar QFlow Collector appliances
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationMobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing
Driving Productivity Without Compromising Protection Brian Duckering Mobile Trend Marketing Mobile Device Explosion Paves Way for BYOD 39% 69% 340% 2,170% 2010 177M corp PCs 2015 246M corp PCs 2010 173
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Facilitate policy-based expertise and
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationExtending security intelligence with big data solutions
IBM Software Thought Leadership White Paper January 2013 Extending security intelligence with big data solutions Leverage big data technologies to uncover actionable insights into modern, advanced data
More informationIBM QRadar as a Service
Government Efficiency through Innovative Reform IBM QRadar as a Service Service Definition Copyright IBM Corporation 2014 Table of Contents IBM Cloud Overview... 2 IBM/Sentinel PaaS... 2 QRadar... 2 Major
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationIBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems
IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems Proactively address regulatory compliance requirements and protect sensitive data in real time Highlights Monitor and audit data activity
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationThe Value of QRadar QFlow and QRadar VFlow for Security Intelligence
BROCHURE The Value of QRadar QFlow and QRadar VFlow for Security Intelligence As the security threats facing organizations have grown exponentially, the need for greater visibility into network activity
More informationProvide access control with innovative solutions from IBM.
Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business
More informationProtect the data that drives our customers business. Data Security. Imperva s mission is simple:
The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationIBM Software Four steps to a proactive big data security and privacy strategy
Four steps to a proactive big data security and privacy strategy Elevate data security to the boardroom agenda Contents 2 Introduction You ve probably heard the saying Data is the new oil. Just as raw
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationRagy Magdy Regional Channel Manager MEA IBM Security Systems
Ragy Magdy Regional Channel Manager MEA IBM Security Systems 1 Started my career in Security in 2003 by Joining ISS 2005 was named the ISS Regional Manager for the Middle East 2006 ISS was acquired by
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationIBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Many enterprise organizations claim that they already
More informationSecurity management solutions White paper. Extend business reach with a robust security infrastructure.
Security management solutions White paper Extend business reach with a robust security infrastructure. July 2007 2 Contents 2 Overview 3 Adapt to today s security landscape 4 Drive value from end-to-end
More informationReducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More information8 Steps to Holistic Database Security
Information Management White Paper 8 Steps to Holistic Database Security By Ron Ben Natan, Ph.D., IBM Distinguished Engineer, CTO for Integrated Data Management 2 8 Steps to Holistic Database Security
More informationStaying Ahead of the Cyber Security Game. Nigel Tan ASEAN Technical Leader IBM Security
Staying Ahead of the Cyber Security Game Nigel Tan ASEAN Technical Leader IBM Security PARADIGM SHIFT in crime ORGANIZED COLLABORATIVE AUTOMATED Cyber Criminals Use BUSINESS INTELLIGENCE NOBODY IS IMMUNE
More informationWhite paper September 2009. Realizing business value with mainframe security management
White paper September 2009 Realizing business value with mainframe security management Page 2 Contents 2 Executive summary 2 Meeting today s security challenges 3 Addressing risks in the mainframe environment
More informationIBM QRadar Security Intelligence Platform appliances
IBM QRadar Security Intelligence Platform Comprehensive, state-of-the-art solutions providing next-generation security intelligence Highlights Get integrated log management, security information and event
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationKeynote: Cyber Intelligence and Cyber Security Overview
3/08/205 Keynote: Cyber and Cyber Security Overview David Waxman Executive Architect EIA Bob Stasio EIA for Cyber Security Product Manager Ralph Klaassen Senior Architect EIA 3/08/205 Important Disclaimer
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationIBM MOBILE SECURITY SOLUTIONS - Identity and Access Management Focus
IBM MOBILE SECURITY SOLUTIONS - Identity and Access Focus May 2012 Executive Overview Mobile devices are pervasive in our daily lives and increasingly coming to work Bring Your Own Device (BYOD) IBM is
More informationIBM Rational AppScan: enhancing Web application security and regulatory compliance.
Strategic protection for Web applications To support your business objectives IBM Rational AppScan: enhancing Web application security and regulatory compliance. Are untested Web applications putting your
More informationIBM X-Force 2012 Cyber Security Threat Landscape
IBM X-Force 2012 Cyber Security Threat Landscape Johan Celis X-Force R&D Spokesperson Security Channel Sales Leader BeNeLux 1 Mission IBM Security Systems To protect our customers from security threats
More information