Patching, AlerFng, BYOD and More: Managing Security in the Enterprise with Splunk Enterprise

Size: px
Start display at page:

Download "Patching, AlerFng, BYOD and More: Managing Security in the Enterprise with Splunk Enterprise"

Transcription

1 Copyright 2013 Splunk Inc. Patching, AlerFng, BYOD and More: Managing Security in the Enterprise with Splunk Enterprise Marquis Montgomery, CISSP, SSCP, GSEC Senior Security Architect, CedarCrestone #splunkconf

2 Meet CedarCrestone, Inc. Industry- focused consulfng, technical, and managed services for the deployment, management, and opfmizafon of applicafons and technology! Founded in 1981; based in Atlanta, Georgia! ERP ConsulFng & Managed Services Provider Specialists in ê Oracle ApplicaFons ConsulFng ê Strategy and AnalyFcs Services ê Hosted & Remote Managed Services ê ImplementaFon & Technical SoluFons with a focus on EBS, PeopleSoX, Business Intelligence, Workday By the numbers ê Host 700 different PeopleSoX environments / mulfple versions ê HosFng over 700 Oracle database instances ê servers / network devices ê 53 hosted customers 2

3 Meet Marquis! Senior Security Architect and Interim Manager, Managed Services Security! 8 years coding experience! Primary responsibilifes include Engineering enterprise technical security controls Chief Splunker AutomaFon / Web App Development (Ruby on Rails) Incident Response Lead 3

4 Agenda! Life before Splunk! BYOD and the Patching Problem! IntegraFng Splunk Enterprise with the CMDB! Firewall and IDP IP Address IdenFficaFon! Key Takeaways! Q&A 4

5 Life Before Splunk

6 Life Before Splunk! Previously had a tradi0onal SIEM many bugs, lost a lot of logs other issues were: Gejng the right data out (retrieval) was painful Example: SIEM provided canned reports ê Data points, but no context Last hour 50 failed logins, Yes, but?? ê Canned reports don t answer the quesfons: So what? Is this bad or good? Who s doing this? Why is this happening? How does this compare to X months ago?! No way to collect PeopleSoA log data while suppor0ng mul0ple versions! Significant product bugs and QA issues 6

7 Life Before Splunk Splunk Enterprise solved all of these issues for us, and brought along some compelling new ways to work with our data 7

8 BYOD and the Patching Problem

9 BYOD and the Patching Problem! CedarCrestone has always been a Bring Your Own Device environment (20+ years, and counfng)! CedarCrestone is entrusted with sensifve informafon in many business applicafons and databases owned by its clients! One major tenant of good informafon security is proper OS and applicafon patching (SANS Top 20 Controls)! How do we ensure employee- owned machines are properly patched, even when they are at home or on a client site? 9

10 BYOD and the Patching Problem! A brief explanafon of Secunia PSI (www.secunia.com)! A brief explanafon of Secunia CSI (www.secunia.com)! Custom Development (Ruby and Rails)! Splunk DB Connect 10

11 BYOD and the Patching Problem! We had to get creafve with Secunia PSI, some custom development, and Splunk Enterprise to solve this problem 11

12 BYOD and the Patching Problem Metric Risk What we look for % Employees Patched Unpatched Machines Secunia Score % Employees Encrypted Data Loss OS Sejngs % Employees With AV Malicious Code Installed Programs % Employees Without DLP Data Loss Installed Programs! Reported to business units and execufves monthly 12

13 Let s Explore some Data DEMO 13

14 IntegraFng Splunk with the CMDB

15 IntegraFng Splunk With the CMDB! Most Enterprises have a CMDB or an asset management database to help organize IT assets like servers, applicafons and network devices! The CedarCrestone security team referenced this type of informafon regularly when invesfgafng events in Splunk! Wouldn t it be nice if Splunk Enterprise showed us all the relevant info from asset management and CMDB automa&cally? 15

16 How to IntegraFng With the CMDB! Use Splunk DB Connect to explore your CMDB/Asset Database and develop SQL that returns the info you care about! Create a saved search that runs on an interval, and pipe the results of your DB Connect search to the outputlookup command to generate a constantly updated lookup table! Create an automafc lookup that runs your lookup table against the data you are exploring, and enjoy details from the CMDB as fields in your search if they exist 16

17 Let s Explore some Data DEMO 17

18 Firewall and IDP IP Address IdenFficaFon

19 Firewall and IDP IP Address IdenFficaFon! Problem: When exploring firewall and IDP data in Splunk, you have to deal with idenffying a mountain of IP addresses on your own! SoluFon: Use Splunk DB Connect and lookup tables to generate your own up to date list of IP addresses and descripfons! Enjoy having your Splunk events automafcally tagged with fields from your asset database as you invesfgate, correlate, and explore your data 19

20 Let s Explore some Data DEMO 20

21 Key Takeaways

22 Key Takeaways! Splunk Enterprise ships with many useful and interesfng ways to explore, correlate, analyze and report on your data! Take advantage of some of the useful search knowledge tools like DB Connect and lookup tables to enhance the convenience of exploring data in Splunk! Think outside of the box and get creafve Splunk Enterprise has the power and flexibility to allow you to do what you need to 22

23 What s Next! ValidaFon of PC encrypfon sejngs (custom agent reporfng to Splunk)! Merging asset, patching, and vulnerability management systems for trend analysis and outliers! Tracking user acceptance of our custom Security Portal 23

24 Copyright 2013 Splunk Inc. Thank You! Marquis Montgomery, CISSP, SSCP, GSEC Senior Security Architect,

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

Obtaining Value from Your Database Activity Monitoring (DAM) Solution Obtaining Value from Your Database Activity Monitoring (DAM) Solution September 23, 2015 Mike Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer Integrigy Corporation

More information

OWASP OWASP. The OWASP Foundation http://www.owasp.org. Selected vulnerabilities in web management consoles of network devices

OWASP OWASP. The OWASP Foundation http://www.owasp.org. Selected vulnerabilities in web management consoles of network devices OWASP Selected vulnerabilities in web management consoles of network devices OWASP 23.11.2011 Michał Sajdak, Securitum Copyright The OWASP Foundation Permission is granted to copy, distribute and/or modify

More information

ArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young

ArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction

More information

IBM QRadar Security Intelligence April 2013

IBM QRadar Security Intelligence April 2013 IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence

More information

Complete Patch Management

Complete Patch Management Complete Patch Management Complete - Flexible Unique In- Depth Secunia CSI 7 Corporate Software Inspector Take control of the vulnerability threat and optimize your IT security investments. The Secunia

More information

Good Guys vs. the Bad Guys: Can Big Data Tools Counteract Advanced Threats?

Good Guys vs. the Bad Guys: Can Big Data Tools Counteract Advanced Threats? Good Guys vs. the Bad Guys: Can Big Data Tools Counteract Advanced Threats? Will Froning, Information Security Manager, American University of Sharjah Mark Seward, Senior Director, Security and Compliance

More information

Unified Threat Management, Managed Security, and the Cloud Services Model

Unified Threat Management, Managed Security, and the Cloud Services Model Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical

More information

Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet

Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet March 8, 2012 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development

More information

Security Information & Event Management (SIEM)

Security Information & Event Management (SIEM) Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting

More information

Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals

Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals November 13, 2014 Michael Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer

More information

Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM

Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM TODAY S AGENDA Describe the need for SIEM Explore different options available for SIEM Demonstrate a few Use Cases Cover some caveats

More information

INCIDENT RESPONSE CHECKLIST

INCIDENT RESPONSE CHECKLIST INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged

More information

ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps

ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps Agenda Security Enablement Concepts for BYOD & SaaS Cloud Apps! Intro and background! BYOD

More information

Guide to Auditing and Logging in the Oracle E-Business Suite

Guide to Auditing and Logging in the Oracle E-Business Suite Guide to Auditing and Logging in the Oracle E-Business Suite February 13, 2014 Stephen Kost Chief Technology Officer Integrigy Corporation Mike Miller Chief Security Officer Integrigy Corporation Phil

More information

Real World Big Data Architecture - Splunk, Hadoop, RDBMS

Real World Big Data Architecture - Splunk, Hadoop, RDBMS Copyright 2015 Splunk Inc. Real World Big Data Architecture - Splunk, Hadoop, RDBMS Raanan Dagan, Big Data Specialist, Splunk Disclaimer During the course of this presentagon, we may make forward looking

More information

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable

More information

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec

Introduction. Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec Introduction Jason Lawrence, MSISA, CISSP, CISA Manager, EY Advanced Security Center Atlanta, Georgia jason.lawrence@ey.com Twitter: @ethical_infosec More than 20 years of experience in cybersecurity specializing

More information

Critical Security Controls

Critical Security Controls Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security

More information

A Love Affair: Cyber Security, Big-data and Risk

A Love Affair: Cyber Security, Big-data and Risk A Love Affair: Cyber Security, Big-data and Risk Mark Seward, Senior Director Security and Compliance, Splunk Inc. Professional Techniques - Session 31 Security what s at stake On average, organizations

More information

Deploying the Splunk App for Microso> Exchange

Deploying the Splunk App for Microso> Exchange Copyright 2014 Splunk Inc. Deploying the Splunk App for Microso> Exchange Jeff Bernt SDET Disclaimer During the course of this presentahon, we may make forward- looking statements regarding future events

More information

Shifting Roles for Security in the Virtualized Data Center: Who Owns What?

Shifting Roles for Security in the Virtualized Data Center: Who Owns What? Shifting Roles for Security in the Virtualized Data Center: Who Owns What? SESSION ID: CSV-T07 Rob Randell, CISSP Director Systems Engineering Principal Security Architect VMware / NSBU Malcolm Rieke Director

More information

Credit Cards and Oracle: How to Comply with PCI DSS. Stephen Kost Integrigy Corporation Session #600

Credit Cards and Oracle: How to Comply with PCI DSS. Stephen Kost Integrigy Corporation Session #600 Credit Cards and Oracle: How to Comply with PCI DSS Stephen Kost Integrigy Corporation Session #600 Background Speaker Stephen Kost CTO and Founder 16 years working with Oracle 12 years focused on Oracle

More information

The Trusted Front Door to the Cloud

The Trusted Front Door to the Cloud The Trusted Front Door to the Cloud Jeff Burstein Director, Product Management, User Authentication 1 The Great Commoditization of IT has Begun Economic Drivers Pay as you go (or else) CAPEX to OPEX Simplification

More information

Symantec Client Management Suite 8.0

Symantec Client Management Suite 8.0 IT Flexibility. User Freedom. Data Sheet: Endpoint Management Overview of Symantec Client Management Suite Symantec Client Management Suite automates time-consuming and redundant tasks for deploying, managing,

More information

Securing Healthcare Data on Mobile Devices

Securing Healthcare Data on Mobile Devices Securing Healthcare Data on Mobile Devices Michelle Cook, Healthcare Mobility Specialist Keith Glynn, CISSP, Sr. Technical Solutions Engineer October 31, 2013 Poll Question #1 Has your organization deployed

More information

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current

More information

Secunia Corporate Software Inspector (Secunia CSI) ver.5.0

Secunia Corporate Software Inspector (Secunia CSI) ver.5.0 TECHNOLOGY AUDIT Secunia Corporate Software Inspector (Secunia CSI) ver.5.0 Secunia Reference Code: OI00070-107 Publication Date: December 2011 Author: Andy Kellett SUMMARY Catalyst Organizations need

More information

RFI Template for Enterprise MDM Solutions

RFI Template for Enterprise MDM Solutions RFI Template for Enterprise MDM Solutions 2012 Zenprise, Inc. 1 About This RFI Template A secure mobile device management solution is an integral part of any effective enterprise mobility program. Mobile

More information

DIR Contract Number DIR-TSO-2621 Appendix C Pricing Index

DIR Contract Number DIR-TSO-2621 Appendix C Pricing Index DIR Contract Number DIR-TSO-2621 Appendix C Index CenturyLink Technology s offers Tier 3 Cloud services: Public Cloud, Private Cloud and Hybrid Cloud provided over our Tier One network. We own and operate

More information

Oracle Database Security Myths

Oracle Database Security Myths Oracle Database Security Myths December 13, 2012 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation About Integrigy ERP Applications

More information

#ITtrends #ITTRENDS SYMANTEC VISION 2012 1

#ITtrends #ITTRENDS SYMANTEC VISION 2012 1 #ITtrends 1 Strategies for Security and Management in a Mobile and Virtual World Anil Chakravarthy Senior Vice President, Enterprise Security Group 2 MASSIVE INCREASE IN SOPHISTICATED ATTACKS 403 million

More information

Windows Server 2003 End of Support. What does it mean? What are my options?

Windows Server 2003 End of Support. What does it mean? What are my options? Windows Server 2003 End of Support What does it mean? What are my options? Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock) is looming No more patches from

More information

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability

More information

Security Best Practices for Microsoft Azure Applications

Security Best Practices for Microsoft Azure Applications Security Best Practices for Microsoft Azure Applications Varun Sharma Principal Security Engineer, Information Security & Risk Management (ISRM), Microsoft IT Service Lines Application Security Infrastructure

More information

Microsoft Private Cloud

Microsoft Private Cloud Microsoft Private Cloud Lorenz Wolf, Solution Specialist Datacenter, Microsoft SoftwareOne @ Au Premier Zürich - 22.03.2011 What is PRIVATE CLOUD Private Public Public Cloud Private Cloud shared resources.

More information

Goals. Understanding security testing

Goals. Understanding security testing Getting The Most Value From Your Next Network Penetration Test Jerald Dawkins, Ph.D. True Digital Security p. o. b o x 3 5 6 2 3 t u l s a, O K 7 4 1 5 3 p. 8 6 6. 4 3 0. 2 5 9 5 f. 8 7 7. 7 2 0. 4 0 3

More information

Securing Oracle E-Business Suite in the Cloud

Securing Oracle E-Business Suite in the Cloud Securing Oracle E-Business Suite in the Cloud November 18, 2015 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation Agenda The

More information

Measurable Improvements in E-Business Suite Application Management with OEM 12c

Measurable Improvements in E-Business Suite Application Management with OEM 12c Measurable Improvements in E-Business Suite Application Management with OEM 12c January 29, 2014 Copyright 2014. Apps Associates LLC. 1 Welcome Julian Troake Marketing Director Apps Associates LLC Copyright

More information

Find the needle in the security haystack

Find the needle in the security haystack Find the needle in the security haystack Gunnar Kristian Kopperud Principal Presales Consultant Security & Endpoint Management Technology Day Oslo 1 Find the needle in the security haystack Manually deep

More information

Cyber Exploits: Improving Defenses Against Penetration Attempts

Cyber Exploits: Improving Defenses Against Penetration Attempts Cyber Exploits: Improving Defenses Against Penetration Attempts Mark Burnette, CPA, CISA, CISSP, CISM, CGEIT, CRISC, QSA LBMC Security & Risk Services Today s Agenda Planning a Cyber Defense Strategy How

More information

7 Things All CFOs Should Know About Cyber Security

7 Things All CFOs Should Know About Cyber Security Insero & Company s Accounting & Finance Education Series Presents 7 Things All CFOs Should Know About Cyber Security September 23, 2014 Michael Montagliano Chief Technologist, IV4. Inc. CERTIFIED PUBLIC

More information

Eoin Thornton Senior Security Architect Zinopy Security Ltd.

Eoin Thornton Senior Security Architect Zinopy Security Ltd. RSA envision: Transform your Security Operations A Technical overview & demo of RSA envision The Information Log Management Platform for Security and Compliance Success Eoin Thornton Senior Security Architect

More information

Concierge SIEM Reporting Overview

Concierge SIEM Reporting Overview Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts

More information

Important Facts. Small & Medium size businesses report an average of 50 hours lost productivity per employee per year due to IT related problems.

Important Facts. Small & Medium size businesses report an average of 50 hours lost productivity per employee per year due to IT related problems. Your information systems are at the heart of your businesses daily operation. System down time costs businesses a significant amount of money each year. Most problems that cause down time can be prevented

More information

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011 Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011 Agenda Evolving Threats Operating System Application User Generated Content JPL s Application Security Program Securing

More information

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release

More information

Big Data and Security: At the Edge of Prediction

Big Data and Security: At the Edge of Prediction Big Data and Security: At the Edge of Prediction Mark Seward Splunk Inc. Fred Wilmot Splunk Inc. Session ID: Session Classification: SPO2-T17 Intermediate The Way Cyber Adversaries Think Where is the most

More information

Security Operations Metrics Definitions for Management and Operations Teams

Security Operations Metrics Definitions for Management and Operations Teams Whitepaper Security Operations Metrics Definitions for Management and Operations Teams Measuring Performance across Business Imperatives, Operational Goals, Analytical Processes and SIEM Technologies Research

More information

System Services. Engagent System Services 2.06

System Services. Engagent System Services 2.06 System Services Engagent System Services 2.06 Overview Engagent System Services constitutes the central module in Engagent Software s product strategy. It is the glue both on an application level and on

More information

Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan

Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan The Truth about Data Loss Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan RSA Data Loss Prevention Data Breaches Overview RSA DLP Solution Five Critical Factors

More information

Splunk: Using Big Data for Cybersecurity

Splunk: Using Big Data for Cybersecurity Next Session Begins at 14:40 Splunk: Using Big Data for Cybersecurity Joe Goldberg Splunk Splunk: Using Big Data for Cybersecurity Joseph Goldberg Splunk Advanced Threats in the Headlines Cyber Criminals

More information

Vulnerability Intelligence & 3 rd party patch management

Vulnerability Intelligence & 3 rd party patch management Vulnerability Intelligence & 3 rd party patch management Presented By: William Hamilton Melby Company Overview Brief Secunia facts Established: 2002 HQ: Copenhagen, Denmark Regional office: Minneapolis,

More information

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks Business white paper Missioncritical defense Creating a coordinated response to application security attacks Table of contents 3 Your business is under persistent attack 4 Respond to those attacks seamlessly

More information

Enabling Security Operations with RSA envision. August, 2009

Enabling Security Operations with RSA envision. August, 2009 Enabling Security Operations with RSA envision August, 2009 Agenda What is security operations? How does RSA envision help with security operations? How does RSA envision fit with other EMC products? If

More information

Solution Requirements and Process Flow

Solution Requirements and Process Flow CHAPTER 2 Scope The Cisco Virtual Expert Management solution is a powerful, flexible communication solution that addresses a variety of technical, business, and associated service preferences. Deployment

More information

Virtual Patching: a Compelling Cost Savings Strategy

Virtual Patching: a Compelling Cost Savings Strategy Virtual Patching: a Compelling Cost Savings Strategy An Ogren Group Special Report November 2010 Executive Summary IT patch processes are at a critical crossroads. Exploits appear in the wild only a day

More information

GoToAssist Integration White Paper

GoToAssist Integration White Paper White paper Integration White Paper Integration Services offer a variety of methods to integrate Citrix, the industry-leading remote-support solution, into an existing infrastructure quickly and easily.

More information

ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014

ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014 1 ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014 About the Presenters Ms. Irene Selia, Product Manager, ClearSkies SecaaS SIEM Contact: iselia@odysseyconsultants.com,

More information

Rashmi Knowles Chief Security Architect EMEA

Rashmi Knowles Chief Security Architect EMEA Rashmi Knowles Chief Security Architect EMEA AGENDA Transformation of IT New cyber-security challenges Intelligence Driven Security Security Analytics Q&A 2 ENTERPRISE DATA CENTER ADVANCED SECURITY A UNIQUE

More information

QRadar SIEM and Zscaler Nanolog Streaming Service

QRadar SIEM and Zscaler Nanolog Streaming Service QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets

More information

Automated Patching. Paul Asadoorian IT Security Specialist Brown University

Automated Patching. Paul Asadoorian IT Security Specialist Brown University Automated Patching Paul Asadoorian IT Security Specialist Brown University Outline Automated Patching Introduction Tools from Microsoft Microsoft SUS Microsoft SMS Others HFNetCheck Pro (Shavlik) Novell

More information

5 Steps to Advanced Threat Protection

5 Steps to Advanced Threat Protection 5 Steps to Advanced Threat Protection Agenda Endpoint Protection Gap Profile of Advanced Threats Consensus Audit Guidelines 5 Steps to Advanced Threat Protection Resources 20 Years of Chasing Malicious

More information

Technology Solutions for NERC CIP Compliance June 25, 2015

Technology Solutions for NERC CIP Compliance June 25, 2015 Technology Solutions for NERC CIP Compliance June 25, 2015 2 Encari s Focus is providing NERC CIP Compliance Products and Services for Generation and Transmission Utilities, Municipalities and Cooperatives

More information

Andreas Mertz (Founder/Man. Dir. it-cube SYSTEMS, CISSP) 360 SAP Security

Andreas Mertz (Founder/Man. Dir. it-cube SYSTEMS, CISSP) 360 SAP Security Andreas Mertz (Founder/Man. Dir. it-cube SYSTEMS, CISSP) 360 SAP Security Agenda Motivation SAP Threat Vectors / SAP Hack Solution Approach the 360 of agilesi Threat Detection Secenarios / SIEM use cases

More information

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Credit Cards and Oracle E-Business Suite Security and PCI Compliance Issues

Credit Cards and Oracle E-Business Suite Security and PCI Compliance Issues Credit Cards and Oracle E-Business Suite Security and PCI Compliance Issues August 16, 2012 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy

More information

Quarantine Network for Specialised Equipment.

Quarantine Network for Specialised Equipment. Quarantine Network for Specialised Equipment. Using Remote Desktop to get data in and out of the quarantine network V1.2 It is now possible to connect through a gateway or terminal server to PCs connected

More information

How to Grow and Transform your Security Program into the Cloud

How to Grow and Transform your Security Program into the Cloud How to Grow and Transform your Security Program into the Cloud Wolfgang Kandek Qualys, Inc. Session ID: SPO-207 Session Classification: Intermediate Agenda Introduction Fundamentals of Vulnerability Management

More information

Oracle E-Business Suite APPS, SYSADMIN, and oracle Securing Generic Privileged Accounts. Stephen Kost Chief Technology Officer Integrigy Corporation

Oracle E-Business Suite APPS, SYSADMIN, and oracle Securing Generic Privileged Accounts. Stephen Kost Chief Technology Officer Integrigy Corporation Oracle E-Business Suite APPS, SYSADMIN, and oracle Securing Generic Privileged Accounts May 15, 2014 Mike Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer Integrigy

More information

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide IBM Security QRadar Vulnerability Manager Version 7.2.1 User Guide Note Before using this information and the product that it supports, read the information in Notices on page 61. Copyright IBM Corporation

More information

Installation Guide. Tech Excel January 2009

Installation Guide. Tech Excel January 2009 Installation Guide Tech Excel January 2009 Copyright 1998-2009 TechExcel, Inc. All Rights Reserved. TechExcel, Inc., TechExcel, ServiceWise, AssetWise, FormWise, KnowledgeWise, ProjectPlan, DownloadPlus,

More information

Critical Controls for Cyber Security. www.infogistic.com

Critical Controls for Cyber Security. www.infogistic.com Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability

More information

Current Vacancies. UK & South Africa. This document contains both Permanent & Contract roles.

Current Vacancies. UK & South Africa. This document contains both Permanent & Contract roles. Current Vacancies UK & South Africa This document contains both Permanent & Contract roles. To apply for any of the roles please email your CV and covering letter: Email: resourcing@ecs.co.uk Or call our

More information

Security Solution Architecture for VDI

Security Solution Architecture for VDI Solution Architecture for VDI A reference implementation of VMware BENEFITS Validated solution architecture provides unprecedented end-to-end security dashboard for virtual desktop infrastructure (VDI)

More information

Defending against Cyber Attacks

Defending against Cyber Attacks 2015 AMC Privacy & Security Conference Defending against Cyber Attacks MICHAEL DOCKERY CHRIS BEAL PAUL HOWELL Security & Privacy Track June 24, 2015 In the News 2015 MCNC General Use v1.0 Healthcare Data

More information

Advanced Threat Protection Framework: What it is, why it s important and what to do with it

Advanced Threat Protection Framework: What it is, why it s important and what to do with it Advanced Threat Protection Framework: What it is, why it s important and what to do with it Doug Manger, Senior Security Engineer dmanger@fortinet.com 1 Copyright 2013 Fortinet Inc. All rights reserved.

More information

PCI DSS. Get Compliant, Stay Compliant Seminar

PCI DSS. Get Compliant, Stay Compliant Seminar PCI DSS Get Compliant, Stay Compliant Seminar ValueSYS Solutions & Services Wael Hosny CEO ValueSYS Wael.hosny@valuesys.net Solutions you Need, with Quality you Deserve Seminar Agenda Time 09:00 10:00

More information

Accelerate Patching. the Enterprise. Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate

Accelerate Patching. the Enterprise. Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate Accelerate Patching Progress Title of in Presentation the Enterprise the Enterprise Wolfgang Kandek Qualys, Inc. Session ID: STAR-301 Session Classification: Intermediate Insert presenter logo here on

More information

Frequently Asked Questions. Secure Log Manager. Last Update: 6/25/01. 6303 Barfield Road Atlanta, GA 30328 Tel: 404.236.2600 Fax: 404.236.

Frequently Asked Questions. Secure Log Manager. Last Update: 6/25/01. 6303 Barfield Road Atlanta, GA 30328 Tel: 404.236.2600 Fax: 404.236. Frequently Asked Questions Secure Log Manager Last Update: 6/25/01 6303 Barfield Road Atlanta, GA 30328 Tel: 404.236.2600 Fax: 404.236.2626 1. What is Secure Log Manager? Secure Log Manager (SLM) is designed

More information

Mobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall

Mobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall Mobile security and your EMR Presented by: Shawn Tester & Allen Cornwall Date: October 14, 2011 Overview General Security Challenges & best practices Mobile EMR interfaces - EMR Access - Today & Future

More information

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research

More information

Trust but Verify: Best Practices for Monitoring Privileged Users

Trust but Verify: Best Practices for Monitoring Privileged Users Trust but Verify: Best Practices for Monitoring Privileged Users Olaf Stullich, Product Manager (olaf.stullich@oracle.com) Arun Theebaprakasam, Development Manager Chirag Andani, Vice President, Identity

More information

Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF

Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Businesses around the world have adopted the information security standard ISO 27002 as part of their overall risk

More information

A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER

A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER 1 Agenda Audits Articles/Examples Classify Your Data IT Control

More information

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks EXTENDING ACCESS WHILE ENHANCING CONTROL FOR YOUR ORGANIZATION S DATA LEVERAGE THE POWER OF F5 AND ORACLE TO DELIVER SECURE ACCESS TO APPLICATIONS AND DATABASES Hayri Tarhan, Sr. Manager, Public Sector

More information

How to protect sensitive data, challenges & risks

<Insert Picture Here> How to protect sensitive data, challenges & risks How to protect sensitive data, challenges & risks Lars Klumpes CISSP Security Strategy Consultant EMEA Disclaimer The following is intended to outline our general product direction.

More information

Incident Response Using Splunk for State and Local Governments

Incident Response Using Splunk for State and Local Governments Copyright 2013 Splunk Inc. Incident Response Using Splunk for State and Local Governments Bert Hayes Solu=ons Engineer bert@splunk.com #splunkconf Legal No=ces During the course of this presenta=on, we

More information

Symantec Protection Center Enterprise 3.0. Release Notes

Symantec Protection Center Enterprise 3.0. Release Notes Symantec Protection Center Enterprise 3.0 Release Notes Symantec Protection Center Enterprise 3.0 Release Notes The software described in this book is furnished under a license agreement and may be used

More information

Virtualization Impact on Compliance and Audit

Virtualization Impact on Compliance and Audit 2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance

More information

The Time has come for A Single View of IT. Sridhar Iyengar March 2011

The Time has come for A Single View of IT. Sridhar Iyengar March 2011 The Time has come for A Single View of IT Sridhar Iyengar March 2011 ManageEngine Portfolio Network Servers & Applications Desktop ServiceDesk Windows Infrastructure Event Log & Compliance Security Network

More information

Auditing emerging cyber threats and IT controls

Auditing emerging cyber threats and IT controls Auditing emerging cyber threats and IT controls Robert Baldi Director of IT Audit, ACI Worldwide Warren Fish Manager of IT Audit, ACI Worldwide Competency The trouble with competence is that it is always

More information

Unprecedented Malware Growth

Unprecedented Malware Growth McAfee epolicy Orchestrator 4.5 Best Practices Sumeet Gohri Mid-Atlantic Sales Engineer McAfee User Group meeting organized by MEEC Agenda 9:30 am 9:45 am Welcome 9:45 am - 11:00 am epo 11:00 am 11:15

More information

Why Cisco for Cloud? IT Service Delivery, Orchestration and Automation

Why Cisco for Cloud? IT Service Delivery, Orchestration and Automation Why Cisco for Cloud? IT Service Delivery, Orchestration and Automation Sascha Merg Technical Lead for Data Center Sales, Cisco Central Europe samerg@cisco.com June 2014 Agenda What is ITaaS and why should

More information

Innovation through Outsourcing

Innovation through Outsourcing Innovation through Outsourcing Timothy Gehrig timothy.gehrig@cedarcrestone.com David Moore david.moore@cedarcrestone.com Agenda Expectations CedarCrestone Introduction Market Direction Outsourcing Solutions

More information

Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium

Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium Organizations need an end-to-end web application and database security solution to protect data, customers, and their businesses.

More information

Analytics: The Future of Security

Analytics: The Future of Security Analytics: The Future of Security Yong Qiao, Vice President of Software Engineering & Chief Security Architect, MicroStrategy Agenda Introduction: Security Analytics Usher Analytics What is Usher Analytics?

More information

Service Orchestration

Service Orchestration June 2015 Service Orchestration Infos and Use Cases Falko Dautel Robert Thullner Agenda + Overview + Use Cases & Demos VM Provisioning with ServiceNow Employee Onboarding + Summary + Questions & Answers

More information

Complete Patch Management

Complete Patch Management Complete Management Targeted, Reliable and Cost-efficient In- Depth CSI Corporate Software Inspector Empower your IT-Operations and Security Teams with the most reliable Vulnerability & Management solution

More information