Comprehensive Security with Splunk and Cisco
|
|
- Kory Webster
- 8 years ago
- Views:
Transcription
1 Copyright 2014 Splunk Inc. Comprehensive Security with Splunk and Cisco Mario MASSARD Splunk Senior SE
2 Company Company (NASDAQ: SPLK) Founded 2004, first software release in 2006 HQ: San Francisco / Regional HQ: London, Hong Kong Over 1,000 employees, based in 12 countries Annual Revenue: $302.6M (YoY +52%) $10+ billion market valuation Fast Company 2013: Named Splunk #4 Most Innovative Company in the World and #1 Big Data Innovator Leader: Gartner SIEM Magic Quadrant, 2013 Business Model / Products Free download to massive scale On-premises, in the cloud and SaaS 7,000+ Customers Customers in over 90 countries 60 of the Fortune 100 Largest license: 100 Terabytes per day 2
3 Proven at 7,000+ Customers in 90+ Countries Over Half the Fortune 100 Cloud and Online Services Education Energy and Utilities Financial Services and Insurance Government Healthcare Manufacturing Media Retail Technology Telecommunications Travel and Leisure 4
4 Make machine data accessible, usable and valuable to everyone. 5
5 Splunk: The Engine For Machine Data GPS, RFID, Hypervisor, Web Servers, , Messaging, Clickstreams, Mobile, Telephony, IVR, Databases Ad hoc search Monitor and alert Custom dashboards Report and analyze Developer Platform Real-time Machine Data Sensors, Telematics, Storage, Servers, Security devices, Desktops, CDRs Splunk storage Other Big Data stores 6
6 Splunk Key Differentiators Single product, UI, data store Traditional Splunk SIEM Quick deployment & ease-of-use Can easily index any data type and retain all of it Big data architecture enables scale and speed Flexible search and reporting Open platform 7
7 Splunk Delivers Value Across IT and the Business 8
8 Operational Intelligence for IT and Business Users IT Operations Management Industrial Data / Internet of Things Application Management Digital Intelligence Security and Compliance Business Analytics Customer Support Operations Teams System Administrator Application Developers Security Analysts Auditors IT Executives Website/Business Analysts LOB Owners/ Executives 9
9 The Splunk Platform Operational Intelligence Platform Content User and Developer Interfaces Inputs, Apps, Other Content Web Framework SDK REST API Core Functions Core Engine Search Processing Language Indexing Collection
10 A Wealth of Splunk Apps Over 500 apps available on the Splunk apps site XenApp XenDesktop Server, Storage, Network Server Virtualization Operating Systems Infrastructure Applications Mobile Applications Cloud Services Custom Biz Applications Web Framework SDKs REST API Ticketing/Help Desk Other Monitoring
11 A Growing, Global Community of Users 3,000+ unique visitors per week to dev.splunk.com 500+ Apps, 24,000+ questions and 30,000+ Answers Local User Groups and SplunkLive! events Annual Users Conference Oct. 6 Oct. 9 Las Vegas, NV 16
12 Use Machine Data to Monitor Your Cisco Environment
13 Overlay vswitch VLAN Fabric VLAN WAN Overlay Overlay VM VM Overlay VRF Overlay VM VM Overlay VRF DC Fabric Overlay Overlay VM VM Overlay VRF Overlay VM VM Overlay VRF Increasing Complexity in Today s Datacenter
14 Datacenter Landscape Capacity Planning Performance Monitoring Quick Time to Resolution Infrastructure
15 Datacenter Landscape User Experience Availability Utilization Applications Infrastructure
16 Datacenter Landscape User Audit Compliance Security Security Applications Infrastructure
17 Datacenter Landscape Security Applications Infrastructure 22
18 Datacenter Connecting the dots Security Applications Infrastructure 23
19 Splunk: Broad Support for Cisco Infrastructure Splunk App for Enterprise Security 120+ security apps & add-ons Cisco ASA Cisco WSA Cisco Security Suite Cisco ESA Cisco UCS Cisco Advanced Threat Detection NetFlow Cisco IOS Cisco ISE Sourcefire
20 Cisco CSIRT
21 Replacing a Cisco Challenges: SIEM could not meet security needs Very difficult to index non-security or custom app log data Serious scale and speed issues. 10GB/day and searches took > 6 minutes Difficult to customize with reliance on pre-built rules which generated false positives Enter Splunk: Flexible SIEM and empowered team Easy to index any type of machine data from any source Over 60 users doing investigations, RT correlations, reporting, advanced threat detection All the data + flexible searches and reporting = empowered team 900 GB/day and searches take < minute. 7 global data centers with 350TB stored data Estimate Splunk is 25% the cost of a traditional SIEM We moved to Splunk from traditional SIEM as Splunk is designed and engineered for big data use cases. Our previous SIEM was not and simply could not scale to the data volumes we have. Gavin Reid, Leader, Cisco Computer Security Incident Response Team 48
22 The CSIRT Team The Computer Security Incident Response Team (CSIRT) reduces the risk of loss as a result of security incidents for Cisco-owned business. CSIRT regularly engages in proactive threat assessment, mitigation planning, incident trending with analysis, security architecture, incident detection and response. Tier 1 Event Analysis group (Costa Rica) Tier 2 Event Analysis group (Bangalore) Tier 3 Incident Response team (Global)
23 CSIRT Environment 300 locations in 90 countries 400 buildings Labs 100,000+ employees on network malware-related cases opened in a typical week 650,000+ IP Devices on network 130,000 Windows hosts 50,000 Linux hosts 40,000 Routers 2-3 million highly tuned IDS events per day 4.6 billion Netflow records per day
24 Some event sources send their data to a global network of collection servers CSIRT Environment
25 Cisco Uses Splunk Extensively 18 projects worldwide, ~9TB Splunk indexing capacity Key use cases include Proactive security monitoring and forensics (CSIRT) Monitoring & management of 1000s of apps Website Infrastructure monitoring and analysis Transformation from commodity services to high-value, proactive threat prevention We have the data We just can t leverage it without Splunk. - Cisco Director of Technology
26 Next Steps if Interested in Splunk Traditional Splunk SIEM Download Cisco apps at Splunk.com > Community > Apps If new user, try Splunk for free! Download Splunk at Go to Splunk.com > Community > Documentation > Splunk Tutorial In 30 minutes will have imported data, run searches, created reports More information at Splunk.com > Solutions Contact me > 53
27 Copyright 2014 Splunk Inc. Thank You Demo Time!
Copyright 2013 Splunk, Inc. Splunk 6 Overview. Presenter Name, Presenter Title
Copyright 2013 Splunk, Inc. Splunk 6 Overview Presenter Name, Presenter Title Safe Harbor Statement During the course of this presentahon, we may make forward looking statements regarding future events
More informationSplunk Company Overview
Copyright 2015 Splunk Inc. Splunk Company Overview Name Title Safe Harbor Statement During the course of this presentation, we may make forward looking statements regarding future events or the expected
More informationCopyright 2013 Splunk Inc. Introducing Splunk 6
Copyright 2013 Splunk Inc. Introducing Splunk 6 Safe Harbor Statement During the course of this presentation, we may make forward looking statements regarding future events or the expected performance
More informationCisco and Splunk: Under the Hood of Cisco IT
Cisco and Splunk: Under the Hood of Cisco IT Robert Novak, Cisco Big Data Partner CSE George Lancaster, Engineer, Cisco IT September 2015 Agenda Cisco s History with Splunk How Cisco Uses Splunk IT Operations
More informationOperational Intelligence and Learning Analytics
Copyright 2015 Splunk Inc. Operational Intelligence and Learning Analytics David Jones Safe Harbor Statement During the course of this presentation, we may make forward looking statements regarding future
More informationLeveraging Machine Data to Deliver New Insights for Business Analytics
Copyright 2015 Splunk Inc. Leveraging Machine Data to Deliver New Insights for Business Analytics Rahul Deshmukh Director, Solutions Marketing Jason Fedota Regional Sales Manager Safe Harbor Statement
More informationDeveloping a successful Big Data strategy. Using Big Data to improve business outcomes
Developing a successful Big Data strategy Using Big Data to improve business outcomes Splunk Company Overview Copyright 2013 Splunk Inc. Company (NASDAQ: SPLK) Business Model / Products Customers (6000+)
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationSplunk: Using Big Data for Cybersecurity
Next Session Begins at 14:40 Splunk: Using Big Data for Cybersecurity Joe Goldberg Splunk Splunk: Using Big Data for Cybersecurity Joseph Goldberg Splunk Advanced Threats in the Headlines Cyber Criminals
More informationTHE REAL-TIME OPERATIONAL VALUE OF BIG DATA MATT DAVIES SPLUNK @MATTDAVIES_UK
THE REAL-TIME OPERATIONAL VALUE OF BIG DATA MATT DAVIES SPLUNK @MATTDAVIES_UK THANK YOU FOR HAVING ME 2 WHY I LOVE SWEDEN #1 IT WAS HOME I LIVED IN STOCKHOLM FOR 3 MONTHS WHY I LOVE SWEDEN #2 FROZEN HAIR
More informationSplunk Operational Visibility
Copyright 2015 Splunk Inc. Splunk Operational Visibility Matthias Maier Sales Engineer, CISSP Safe Harbor Statement During the course of this presentation, we may make forward looking statements regarding
More informationAll Data is Security Relevant
Copyright 2015 Splunk Inc. All Data is Security Relevant Ryan Kovar Senior Security Strategist Minister of the OODALoopers Safe Harbor Statement During the course of this presentadon, we may make forward
More informationQRadar SIEM and Zscaler Nanolog Streaming Service
QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationHow To Use Cautela Labs Cloud Agile.Com
1 Correlation and analysis of security and network events in one integrated solution Cautela Labs Cloud Agile. Secured. Log Management 1 Log Management A great deal of events cross your network, servers,
More informationHow To Make Data Streaming A Real Time Intelligence
REAL-TIME OPERATIONAL INTELLIGENCE Competitive advantage from unstructured, high-velocity log and machine Big Data 2 SQLstream: Our s-streaming products unlock the value of high-velocity unstructured log
More informationQRadar SIEM 6.3 Datasheet
QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar
More informationOptimizing service assurance for XenServer virtual infrastructures with Xangati
Solutions Brief Optimizing service assurance for XenServer virtual infrastructures with Xangati As IT organizations adopt application, desktop and server virtualization solutions as the primary method
More informationQRadar SIEM and FireEye MPS Integration
QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving
More informationCaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security
CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security 1 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
More informationSplunk and Big Data for Insider Threats
Copyright 2014 Splunk Inc. Splunk and Big Data for Insider Threats Mark Seward Sr. Director, Public Sector Company Company (NASDAQ: SPLK)! Founded 2004, first sohware release in 2006! HQ: San Francisco
More informationCitrix XenDesktop & XenApp
VMware Management Pack for Citrix XenDesktop & XenApp How Blue Medora Complements vrealize VMware provides best-ofbreed management for Virtualization / Cloud vsphere via vrealize Operations How Blue Medora
More informationStephen Miles. Transform IT assets to Drive Business Service Innovation. CA Expo Hong Kong. Vice President - Service Assurance Asia Pacific & Japan
Stephen Miles Vice President - Service Assurance Asia Pacific & Japan CA Expo Hong Kong 21 September, 2012 Transform IT assets to Drive Business Service Innovation The age of innovation has arrived CLOUD
More informationSecret Server Splunk Integration Guide
Secret Server Splunk Integration Guide Table of Contents Meeting Information Security Compliance Mandates: Secret Server and Splunk SIEM Integration and Configuration... 1 The Secret Server Approach to
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationHP and the Intelligent Service Desk (SPM Product Updates) March 6, 2014
Copyright 2014 Vivit Worldwide HP and the Intelligent Service Desk (SPM Product Updates) March 6, 2014 Brought to you by Copyright 2014 Vivit Worldwide Hosted by Laura Walker Vivit Director HP Service
More informationWho is Karsten? Agenda: CTO, Netic A/S Masters, CS from Aalborg University In operations for 25+ years Splunk Deployment Architect
Who is Karsten? CTO, Netic A/S Masters, CS from Aalborg University In operations for 25+ years Splunk Deployment Architect Agenda: Netic Splunk Use Cases in FMK Q&A a NoSQL database with benefits :) Karsten
More informationSTEELCENTRAL APPRESPONSE
STEELCENTRAL APPRESPONSE REAL-TIME APPLICATION PERFORMANCE MONITORING BASED ON ACTUAL END-USER EXPERIENCE BUSINESS CHALLENGE Problems can happen anywhere at the end user device, on the network, or across
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationThe Purview Solution Integration With Splunk
The Purview Solution Integration With Splunk Integrating Application Management and Business Analytics With Other IT Management Systems A SOLUTION WHITE PAPER WHITE PAPER Introduction Purview Integration
More informationThe Next Generation of IT Management. Jason Andrew Vice President, Marketing & Communications
The Next Generation of IT Management Jason Andrew Vice President, Marketing & Communications BMC Has Outperformed the Market Growing Stock Price Over 130 Percent in 5 Years BMC +134% IBM +76% HP +50% NASDAQ
More informationMucho Big Data y La Seguridad para cuándo?
Mucho Big Data y La Seguridad para cuándo? Juan Carlos Vázquez Sales Systems Engineer, LTAM mayo 9, 2013 Agenda Business Drivers Big Security Data GTI Integration SIEM Architecture & Offering Why McAfee
More informationPCI DSS. Get Compliant, Stay Compliant Seminar
PCI DSS Get Compliant, Stay Compliant Seminar ValueSYS Solutions & Services Wael Hosny CEO ValueSYS Wael.hosny@valuesys.net Solutions you Need, with Quality you Deserve Seminar Agenda Time 09:00 10:00
More informationSecureVue Product Brochure
SecureVue unifies next-generation SIEM, security configuration auditing, compliance automation and contextual forensic analysis into a single platform, delivering situational awareness, operational efficiency
More informationIBM QRadar as a Service
Government Efficiency through Innovative Reform IBM QRadar as a Service Service Definition Copyright IBM Corporation 2014 Table of Contents IBM Cloud Overview... 2 IBM/Sentinel PaaS... 2 QRadar... 2 Major
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationOvercoming The Blind Spots in Your Virtualized Data Center
Overcoming The Blind Spots in Your Virtualized Data Center Matt Percival Sales Manager Northern Europe Stand C4 2014 Ixia Inc. Outline Virtualization Overview Network Monitoring Basics Implementing a Monitoring
More informationState of Security Monitoring of Public Cloud
State of Security Monitoring of Public Cloud Shittu O. Shittu Enterprise Security Architect, BP Enterprise Security Architect, trainline.com Director and Principal Consultant, TRAIS Mavens Ltd Highlights
More informationKaseya White Paper Proactive Service Level Monitoring: A Must Have for Advanced MSPs
Kaseya White Paper Proactive Service Level Monitoring: A Must Have for Advanced MSPs Providers of IT services, such as systems integrators, are expanding rapidly into the managed services arena, and becoming
More informationLog Management Solution for IT Big Data
Log Management Solution for IT Big Data 1 IT Big Data Solution A SCALABLE LOG INTELLIGENCE PLATFORM FOR SECURITY, COMPLIANCE, AND IT OPERATIONS More than 1,300 customers across a variety of industries
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationCitrix desktop virtualization and Microsoft System Center 2012: better together
Citrix desktop virtualization and Microsoft System Center 2012: better together 2 Delivery of applications and data to users is an integral part of IT services today. But delivery can t happen without
More informationAirWatch Solution Overview
AirWatch Solution Overview Marenza Altieri-Douglas - AirWatch Massimiliano Moschini Brand Specialist Itway 2014 VMware Inc. All rights reserved. Cloud Computing 2 BYOD 3 Device aziendali? 4 From Client/Server
More informationUNIVERSE. Protect Your. with ArcSight
UNIVERSE Protect Your with ArcSight The ArcSight Enterprise THREAT AND RISK MANAGEMENT PLATFORM SECURE YOUR DATA DEFEAT CYBERCRIME ENFORCE COMPLIANCE How Can You Protect Your Universe? The ArcSight ETRM
More informationCisco Cybersecurity Pocket Guide 2015
Cisco Cybersecurity Pocket Guide 2015 Why Security Security investment: A top priority Security: A critical boardroom topic Why Security? Security Investment: A Top Priority Figure 1 How Enterprises View
More informationaccess convergence management performance security
access convergence management performance security 2010 2009 2008 2007 WINNER 2007 WINNER 2008 WINNER 2009 WINNER 2010 Log Management Solution for IT Big Data 1 IT Big Data Solution A SCALABLE LOG INTELLIGENCE
More informationSimplified Private Cloud Management
BUSINESS PARTNER ClouTor Simplified Private Cloud Management ClouTor ON VSPEX by LOCUZ INTRODUCTION ClouTor on VSPEX for Enterprises provides an integrated software solution for extending your existing
More informationUsing Big Data to Advance Social Missions. Convened by: Title Sponsor: Sponsor:
Using Big Data to Advance Social Missions Convened by: Title Sponsor: Sponsor: Welcome Diane Melley Vice President, Global Citizenship Initiatives IBM 2 #POLBizTrack What is Big Data? Big data relates
More informationBig Data and Security: At the Edge of Prediction
Big Data and Security: At the Edge of Prediction Mark Seward Splunk Inc. Fred Wilmot Splunk Inc. Session ID: Session Classification: SPO2-T17 Intermediate The Way Cyber Adversaries Think Where is the most
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationLog management & SIEM: QRadar Security Intelligence Platform
Log management & SIEM: QRadar Security Intelligence Platform Tibor Bősze Security Architect for CEE+RCIS tibor.boesze@hu.ibm.com The Security Intelligence Leader Who is Q1Labs: Innovative Security Intelligence
More informationAchieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR
Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO
More informationdisect Systems Logging Snort alerts to Syslog and Splunk PRAVEEN DARSHANAM
disect Systems Logging Snort alerts to Syslog and Splunk PRAVEEN DARSHANAM INTRODUCTION Snort is an open source network Intrusion Detection and Prevention Systems (IDS/IPS) developed by Martin Roesch capable
More informationArchitecting Security for the Private Cloud. Todd Thiemann
Architecting Security for the Private Cloud Todd Thiemann Classification 4/9/2010 Copyright 2009 Trend Micro Inc. 1 The Evolving Datacenter Lowering Costs, Increasing Flexibility Public Cloud Private Cloud
More informationState of SIEM Challenges, Myths & technology Landscape 4/21/2013 1
State of SIEM Challenges, Myths & technology Landscape 4/21/2013 1 Introduction What s in a name? SIEM? SEM? SIM? Technology Drivers Challenges & Technology Overview Deciding what s right for you Worst
More informationEnabling Manufacturing Transformation in a Connected World. John Shewchuk Technical Fellow DX
Enabling Manufacturing Transformation in a Connected World John Shewchuk Technical Fellow DX Internet of Things What is the Internet of Things? The network of physical objects that contain embedded technology
More informationBoosting enterprise security with integrated log management
IBM Software Thought Leadership White Paper May 2013 Boosting enterprise security with integrated log management Reduce security risks and improve compliance across diverse IT environments 2 Boosting enterprise
More informationUsing Big Data to Align IT Security with Business Risk Mark Seward, Senior Director, Security and Compliance
Copyright 2013 Splunk, Inc. Using Big Data to Align IT Security with Business Risk Mark Seward, Senior Director, Security and Compliance Legal Notices During the course of this presentation, we may make
More informationSITUATIONAL AWARENESS MITIGATE CYBERTHREATS
Gaining the SITUATIONAL AWARENESS needed to MITIGATE CYBERTHREATS Industry Perspective EXECUTIVE SUMMARY To become more resilient against cyberthreats, agencies must improve visibility and understand events
More informationAternity Virtual Desktop Monitoring. Complete Visibility Ensures Successful VDI Outcomes
Aternity Virtual Desktop Monitoring Complete Visibility Ensures Successful VDI Outcomes Realizing the Benefits of VDI Requires Illuminating Four Performance Blind Spots Without comprehensive visibility
More informationBuilding success in the cloud
Building success in the cloud Citrix customers are recognized in the Gartner Magic Quadrant for Public Cloud Infrastructure-as-a-Service. 2 Cloud computing is the biggest technology disruption in decades
More informationSplunk expands operational intelligence to mobile apps with MINT
Splunk expands operational intelligence to mobile apps with MINT Analyst: Raúl Castañón-Martínez 17 Mar, 2015 Splunk has announced a significant update to its mobile intelligence offering, Splunk MINT,
More informationSAP Predictive Analytics
SAP Predictive Analytics What s the best that COULD happen? Bringing predictive analytics to the end user SAP Forum Belgium September 9, 2015 Waldemar Adams @adamsw SVP & GM Analytics SAP Europe, Middle-East
More informationSecure mobility with Citrix & Cisco
Secure mobility with Citrix & Cisco Enterprise IT resources on tablets and smartphones BYOD & Mobile Networks Damjan Mirtic Citrix South East Europe 1.3 Billion Mobile workers by 2015 Mobile Worker Population
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationComprehensive Monitoring of VMware vsphere ESX & ESXi Environments
Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments Table of Contents Overview...3 Monitoring VMware vsphere ESX & ESXi Virtual Environment...4 Monitoring using Hypervisor Integration...5
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationMaking IT Infrastructure Invisible. Michael Berthiaume Systems Engineer Nutanix VCDX # 84
Making IT Infrastructure Invisible Michael Berthiaume Systems Engineer Nutanix VCDX # 84 2 But First Let s take a trip on the to.. 1989 3 RAID invented at UC Berkeley Let s take a trip on the to.. 1993
More informationHow we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)
How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz) Domain.Local DC Client DomainAdmin Attack Operator Advise Protect Detect Respond
More informationGOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS. Joe Goldberg. Splunk. Session ID: SPO-W09 Session Classification: Intermediate
GOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS Joe Goldberg Splunk Session ID: SPO-W09 Session Classification: Intermediate About Me Joe Goldberg Current: Splunk - Security Evangelist
More informationHow to Choose the Right Security Information and Event Management (SIEM) Solution
How to Choose the Right Security Information and Event Management (SIEM) Solution John Burnham Director, Strategic Communications and Analyst Relations IBM Security Chris Meenan Director, Security Intelligence
More informationCAS8489 Delivering Security as a Service (SIEMaaS) November 2014
CAS8489 Delivering Security as a Service (SIEMaaS) November 2014 Usman Choudhary Senior Director usman@netiq.com Rajeev Khanolkar CEO SecurView Agenda What is Security Monitoring? Definition & concepts
More informationWhite Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com
SDN 101: An Introduction to Software Defined Networking citrix.com Over the last year, the hottest topics in networking have been software defined networking (SDN) and Network ization (NV). There is, however,
More informationSymantec Enterprise Security: Strategy and Roadmap Galin Grozev
Symantec Enterprise Security: Strategy and Roadmap Galin Grozev Senior Technology Consultant Symantec Bulgaria Enterprise Threat Landscape Attackers Moving Faster Digital extortion on the rise Malware
More informationEVERYTHING THAT MATTERS IN ADVANCED ANALYTICS
EVERYTHING THAT MATTERS IN ADVANCED ANALYTICS Marcia Kaufman, Principal Analyst, Hurwitz & Associates Dan Kirsch, Senior Analyst, Hurwitz & Associates Steve Stover, Sr. Director, Product Management, Predixion
More informationGeBng Started with Splunk MINT
Copyright 2015 Splunk Inc. GeBng Started with Splunk MINT Panos Papadopoulos Director, Product Management, Splunk Mobile App Mobile Network Datacenter 2 The Challenges of Delivering Mobile Apps Form Factor,
More informationIntroduction Jim Rowland, Senior System Architect and Project Manager Daly
Introduction Jim Rowland, Senior System Architect and Project Manager Daly Stepping Up to Enterprise Vulnerability Management Keren Cummins, Director, Federal and MidAtlantic Markets ncircle Presentation
More informationCisco Master Security Specialization Practice Areas Summary. June 2015
Cisco Master Security Specialization Practice Areas Summary June 2015 New Master Security Model Prerequisites Advanced Security Architecture Specialization (ASAS) (1) CCIE Security (1) CCNP Security (1)
More informationState of Embedded Analytics Report. Logi Analytics Third Annual Executive Review of Embedded Analytics Trends and Tactics
2015 State of Embedded Analytics Report Logi Analytics Third Annual Executive Review of Embedded Analytics Trends and Tactics Table of Contents 3. Introduction 4. What is Embedded Analytics? 5. Top 10
More informationSplunk for VMware Virtualization. Marco Bizzantino marco.bizzantino@kiratech.it Vmug - 05/10/2011
Splunk for VMware Virtualization Marco Bizzantino marco.bizzantino@kiratech.it Vmug - 05/10/2011 Collect, index, organize, correlate to gain visibility to all IT data Using Splunk you can identify problems,
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationCitrix Lifecycle Management
Citrix Lifecycle Management Comprehensive cloud-based service lifecycle management solution IT administrators are realizing that application deployments are getting more complex and error-prone than ever
More informationDiscover Security That s Highly Intelligent.
Discover Security That s Highly Intelligent. AlienVault delivers everything you need to detect, defend against, & respond to today s threats in minutes. About AlienVault Founded in 2007 and headquartered
More informationLOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE As part of the Tripwire VIA platform, Tripwire Log Center offers out-of-the-box integration with Tripwire Enterprise to offer visibility
More informationCritical Considerations for Managing Data Center Assets
Critical Considerations for Managing Data Center Assets How DCIM Software Can Impact your Data Center Operations DEVICE42 WHITE PAPER April 2015 Making IT Matter Device42, Inc. 760 Chapel Street, New Haven,
More informationSourceFireNext-Generation IPS
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture
More informationStart New Conversations, Open New Doors
@ulander Start New Conversations, Open New Doors Grow Your Business with Cisco Peder Ulander Vice President, Cloud and Managed Services Partner Organization, Cisco August 9, 2015 The World Is Changing
More informationProtect Your Universe with ArcSight
Protect Your Universe with ArcSight The ArcSight SIEM Platform: Prevent Data Theft Enforce Compliance Defeat Cybercrime Before ArcSight, it was difficult to know in realtime what was happening from an
More informationManaged Security Services for Data
A v a y a G l o b a l S e r v i c e s Managed Security Services for Data P r o a c t i v e l y M a n a g i n g Y o u r N e t w o r k S e c u r i t y 2 4 x 7 x 3 6 5 IP Telephony Contact Centers Unified
More informationNetFlow Analytics for Splunk
NetFlow Analytics for Splunk User Manual Version 3.5.1 September, 2015 Copyright 2012-2015 NetFlow Logic Corporation. All rights reserved. Patents Pending. Contents Introduction... 3 Overview... 3 Installation...
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationBarnaby Jeans Sr. Solution Architect Business Critical Applications
Barnaby Jeans Sr. Solution Architect Business Critical Applications Connected, Mobile, Information-Centric World Business Reduction in Complexity via New IT Architectures and Business Models The IT Dilemma
More informationRIVERBED APPRESPONSE
RIVERBED APPRESPONSE REAL-TIME APPLICATION PERFORMANCE MONITORING BASED ON ACTUAL END-USER EXPERIENCE BUSINESS CHALLENGE Problems can happen anywhere at the end user device, on the network, or across application
More informationGood Guys vs. the Bad Guys: Can Big Data Tools Counteract Advanced Threats?
Good Guys vs. the Bad Guys: Can Big Data Tools Counteract Advanced Threats? Will Froning, Information Security Manager, American University of Sharjah Mark Seward, Senior Director, Security and Compliance
More informationMicrosoft Cloud Platform. Kris Vandermeulen Product Manager Datacenter Microsoft 5/2/2015
Microsoft Cloud Platform Kris Vandermeulen Product Manager Datacenter Microsoft 5/2/2015 Things + devices Applications Data Infrastructure Things + devices Applications Data Infrastructure $1.9T $77B $1.6T
More informationIT Operations Management. Intelligent. Integrated. Innovative.
IT Operations Management Intelligent. Integrated. Innovative. Who We Are We are Symphony SUMMIT. We offer intelligent, integrated, and innovative solutions for managing IT operations. Our mantra is to
More informationSoftware defined networking. Your path to an agile hybrid cloud network
Software defined networking Your path to an agile hybrid cloud network Is your enterprise network ready for the latest business and consumer trends? Cloud How easily can your users connect to cloud resources?
More informationTransform the datacenter. Henk Den Baes Technology Advisor Datacenter
Transform the datacenter Henk Den Baes Technology Advisor Datacenter Things + devices Applications Data Infrastructure $1.9T Gartner estimates the total economic value-add from the Internet of Things across
More informationDEMONSTRATING THE ROI FOR SIEM
DEMONSTRATING THE ROI FOR SIEM Tales from the Trenches HP Enterprise Security Business Whitepaper Introduction Security professionals sometimes struggle to demonstrate the return on investment for new
More information