Belgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve
|
|
- Cuthbert Kennedy
- 8 years ago
- Views:
Transcription
1 Belgacom Security Convention Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve
2 Belgacom Security Convention The new, continuous security model Hans De Raeve Product Manager Belgacom Sean Newman Product Manager Sourcefire 10/17/2013 Slide 2
3 Agenda The Core elements of ICT Security The new, continuous security model The perfect blend Sourcefire within the continuous security model Q&A Slide 3
4 Attackers, Focused on YOUR Data! Hacktivists Organised crime Nation States 25% of attacks targeted at a specific individual or company Verizon Data Breach report 2013
5 Why? The Underground Economy is Booming The Underground Embraces the Cloud Business Model Exploit-as-a-Service, Malware-as-a-Service, Botnet as a Service, Source : McAfee Threat report Q4 2012
6 Today s Reality Today s Reality: 621 breaches in % stemmed from external agents 52% utilized some form of hacking 40% incorporated malware 78% of attacks not highly difficult 1 in 5 attributed to Cyber Espionage 2013 Verizon Data Breach Investigation Report All were smart, all had security. All were compromised.
7 Confidentiality Integrity Availability New Security model The goal of ICT Security ICT Security Focus Shift Slide 7
8 Customer Feedback Feedback Approval End User ROC * Event Management Operations Analyst Security Analyst Management New Service Call Identification & Logging Categorization & Prioritization Investigation & Diagnosis Solve on this Level? Yes Resolution & Recovery Closure Service Call Closed No Record Escalation End User Agrees? Yes No SDK 1st Line Agent 1st Line Support Engineer 2nd Line Support Engineer Customer Care Officer Threshold Exceeded Configuration Issue Problem Candidate Change Request Monitoring & Escalation CMDB Maintain Configuration Management Problem Management Change Management Confidentiality Integrity Availability New Security Model The Core Elements of any organisation ICT Security Your People Focus Shift Remote Operations Center * Your Processes Your Technologies Slide 8
9 Customer Feedback Feedback Approval End User ROC * Event Management Operations Analyst Security Analyst Management New Service Call Identification & Logging Categorization & Prioritization Investigation & Diagnosis Solve on this Level? Yes Resolution & Recovery Closure Service Call Closed No Record Escalation End User Agrees? Yes No SDK 1st Line Agent 1st Line Support Engineer 2nd Line Support Engineer Customer Care Officer Threshold Exceeded Configuration Issue Problem Candidate Change Request Monitoring & Escalation CMDB Maintain Configuration Management Problem Management Change Management Confidentiality Before Integrity During Availability After New Security Model The Core Elements of any organisation Security ICT Security Threats Your People Remote Operations Center * Your Processes Your Technologies Prevent & Reduce Detect & Reduce React Detect Impact & Remediate Slide 9
10 The Core Elements of ICT Security People People are NOT your most important asset.
11 The Core Elements of ICT Security People People are NOT your most important asset. The right people are!
12 The Core Elements of ICT Security People They are difficult to find and hard to keep Treat them well Training Challenging work environment Salary Bonus Job Rotation Career path
13 Sensitivity : "Unrestricted", "Internal Use Only" or "Confidential" 10/17/2013 Slide 13
14 The Core Elements of ICT Security People & There Roles Security Threats Before During After Business Analysts IT Architects Sec. Officers CIO HR Process managers Policy managers Engineering End users Prevent & Reduce IT Engineering Sec. Analysts Service Desk End users Detect & Reduce React Forensics Specialists Sec. Engineering CxO End users Business Analysts PR Detect Impact & Remediate
15 Customer Feedback Feedback Approval End User ROC * Event Management Operations Analyst Security Analyst Management New Service Call Identification & Logging Categorization & Prioritization Investigation & Diagnosis Solve on this Level? Yes Resolution & Recovery Closure Service Call Closed No Record Escalation End User Agrees? Yes No SDK 1st Line Agent 1st Line Support Engineer 2nd Line Support Engineer Customer Care Officer Threshold Exceeded Configuration Issue Problem Candidate Change Request Monitoring & Escalation CMDB Maintain Configuration Management Problem Management Change Management Confidentiality Before Integrity During Availability After The Core Elements of ICT Security Security Cyber Security Threats Remote Operations Center * Prevent & Reduce Detect & Reduce React Detect Impact & Remediate Slide 15
16 The Core Elements of ICT Security Processes Security Threats Before During After ISO Focus IT Governance on IT Service IT Management ITILv3 IT Service Continuity Management IT Management = good shepherding of assets & resources (operational BS Focus on Business Continuity Management level) ISO 27k Focus on Information Security Risk IT Management Governance = good Operations shepherding + vision and Problem leadership Man. Risk Assessment (strategic BCM and tactical level) Man. BCM Man. BCM Awareness Communication Policies Training Prevent & Reduce Detect & Reduce React Detect Impact & Remediate
17 The Core Elements of ICT Security Processes at Belgacom
18 Customer Feedback Feedback Approval End User ROC * Event Management Operations Analyst Security Analyst Management New Service Call Identification & Logging Categorization & Prioritization Investigation & Diagnosis Solve on this Level? Yes Resolution & Recovery Closure Service Call Closed No Record Escalation End User Agrees? Yes No SDK 1st Line Agent 1st Line Support Engineer 2nd Line Support Engineer Customer Care Officer Threshold Exceeded Configuration Issue Problem Candidate Change Request Monitoring & Escalation CMDB Maintain Configuration Management Problem Management Change Management Confidentiality Before Integrity During Availability After The Core Elements of ICT Security Security Cyber Security Threats Remote Operations Center * Prevent & Reduce Detect & Reduce React Detect Impact & Remediate Slide 18
19 The Core Elements of ICT Security Technologies FW/VPN AV Block or Allow PKI IDS / IPS UTM It matches the pattern NAC No key, no access Application Control Self Defending Network No false positives, no false negatives. Fix the Firewall
20 The Core Elements of ICT Security Technologies
21 Security Technologies at Belgacom ICT Security
22 The Core Elements of ICT Security Technologies Security Threats Before During After Patch management Firewall DLP VAM Proxy NAC DNSSEC SSL IAM (N) (H) IPS AVAS DDOS NBA Botnet Detect (N) (H) IPS SIEM Forensics Full Packet Capturing Anti-Phishing & Brand Protection Prevent & Reduce Detect & Reduce React Detect Impact & Remediate
23 Customer Feedback Feedback Approval End User ROC * Event Management Operations Analyst Security Analyst Management New Service Call Identification & Logging Categorization & Prioritization Investigation & Diagnosis Solve on this Level? Yes Resolution & Recovery Closure Service Call Closed No Record Escalation End User Agrees? Yes No SDK 1st Line Agent 1st Line Support Engineer 2nd Line Support Engineer Customer Care Officer Threshold Exceeded Configuration Issue Problem Candidate Change Request Monitoring & Escalation CMDB Maintain Configuration Management Problem Management Change Management Security Threats Before During After Business Analysts, IT Architects Sec. Officers, CIO, HR Process mgr., Policy mgr., Engineering, End users IT Engineering Sec. Analysts Service Desk End users Forensics Specialists Sec. Engineering CxO, End users Business Analysts, PR Remote Operations Center * Risk Management Risk Assessment BCM, Awareness Policies, Training 80% 20% Operations BCM Management Problem Man. Man. BCM Communication Patch man, FW, DLP VAM, Proxy, NAC DNSSEC SSL IAM Prevent & Reduce (N) (H) IPS AVAS DDOS NBA Botnet Detect Detect & Reduce React (N) (H) IPS SIEM Forensics Full Packet Capturing Anti-Phishing & Brand Protection Detect Impact & Remediate
24 Sensitivity : "Unrestricted", "Internal Use Only" or "Confidential" 10/17/2013 Slide 24
25 Sensitivity : "Unrestricted", "Internal Use Only" or "Confidential" 10/17/ Slide 25
26
27 Belgacom Flashlight Sensitivity : "Unrestricted", "Internal Use Only" or "Confidential" 10/17/2013 Slide 27
28 Combine The Core Elements of ICT Security Flashlight Managed Security Services
29 Flashlight Supported Technologies DNS/DHCP IPS/IDS FW/UTM N.Forensics WAF SSL Sec. Remote Access Sec. Internet Access Strong Auth. AVAS Server OS Web Proxy AVAS DDOS WLAN Contr. 17/10/2013 Slide 29 Confidential - Belgacom
30 Flashlight Service Portfolio Confidential - Belgacom 17/10/2013 Slide 30
31 Flashlight Remote Operation Centre (ROC) International Customer base +60 customers +400 milion Sec. Event Day ROC Build to Nato Specs mgd devices Security Analysts Confidential - Belgacom 24/7 17/10/2013 Slide 31 17/10/2013 Slide 31
32 ICT (Security) Solutions Automatic Syslog, SNMP, Flow, CEF, Log Management Reporting Dashboard Manual Content Rules Topology info Normalisation Correlation Security Analysts Analysis and Forensics Confidential - Belgacom 17/10/2013 Slide 32 Security
33 Belgacom Flashlight The Value of Managed Security Services Cost Saving: No big investments -> OPEX You can benefit from High-end shared and specialised Tools, People and Processes You can count on highly skilled and certified security specialists 70+ Customer oriented security experts 24/7 redundant ROC Trusted advisor, supporting multiple vendors and technologies Centralised visibility and control. Benefit from trends we detect over multiple customers Tools Processes People 17/10/2013
34 Customer Feedback Feedback Approval End User ROC * Event Management Operations Analyst Security Analyst Management New Service Call Identification & Logging Categorization & Prioritization Investigation & Diagnosis Solve on this Level? Yes Resolution & Recovery Closure Service Call Closed No Record Escalation End User Agrees? Yes No SDK 1st Line Agent 1st Line Support Engineer 2nd Line Support Engineer Customer Care Officer Threshold Exceeded Configuration Issue Problem Candidate Change Request Monitoring & Escalation CMDB Maintain Configuration Management Problem Management Change Management Security Threats Before During After Business Analysts, IT Architects Sec. Officers, CIO, HR Process mgr., Policy mgr., Engineering, End users IT Engineering Sec. Analysts Service Desk End users Forensics Specialists Sec. Engineering CxO, End users Business Analysts, PR Remote Operations Center * Risk Management Risk Assessment BCM, Awareness Policies, Training Operations BCM Management Problem Man. Man. BCM Communication Patch man, FW, DLP VAM, Proxy, NAC DNSSEC SSL IAM Prevent & Reduce (N) (H) IPS AVAS DDOS NBA Botnet Detect Detect & Reduce React (N) (H) IPS SIEM Forensics Full Packet Capturing Anti-Phishing & Brand Protection Detect Impact & Remediate
35 A New Model for Security A T T A C K C O N T I N U U M BEFORE DURING AFTER See it, Control it Intelligent & Context Aware Retrospective Security Network Endpoint Mobile Virtual Point-in-Time Continuous 35
36 Before Pre-Emptive Security Discover everything - continuously Harden assets most at risk Implement Access Policy to reduce attack surface Threats Devices Applications Network Vulnerabilities OS Users Information Superiority Files 36
37 During Intelligent Security Identify and Block known malware Detect and Prevent conventional hacking In the Network and at the End Point Contextual Intelligence 37
38 After Retrospective Security Sees Everything Never Forgets Turns Back Time Track all network activity Track all file, process and application activity Big data analysis to correlate weak signals for Indicators of Compromise Scope, Contain and Remediate threats Turn back the clock on advanced malware 38
39 Sourcefire Agile Security Solutions Management Center APPLIANCES VIRTUAL APPLICATION & ACCESS CONTROL NEXT- GENERATION INTRUSION PREVENTION ADVANCED MALWARE PROTECTION COLLECTIVE SECURITY INTELLIGENCE CONTEXTUAL AWARENESS HOSTS VIRTUAL MOBILE APPLIANCES VIRTUAL 39
40 Independent Validation Leadership* Class leader in detection Class leader in performance Class leader in vulnerability coverage Completely evasion free Ratings* 99% detection & protection 34 Gbps inspected throughput 60M concurrent connections $15 TCO / protected Mbps "For the past five years, Sourcefire has consistently achieved excellent results in security effectiveness based on our real-world evaluations of exploit evasions, threat block rate and protection capabilities. Vikram Phatak, CTO NSS Labs, Inc. it is Sourcefire s dedication to understanding, detecting, and blocking the most advanced threats facing enterprise networks that enables these products to stand out amongst the competition. Frost & Sullivan.** Leading Threat Prevention Best-in-Class Performance Advanced Malware Protection Scalable FirePOWER platform Flexibile NGIPS/App/Access Ctrl * NSS Labs, Network IPS Product Analysis Sourcefire 3D8260 v4.10, April 2012 ** Frost & Sullivan 2013 Global Intrusion Prevention Systems Product Leadership Award May
41 FireSIGHT is built into all Sourcefire next-generation security solutions delivering the network intelligence and context you need to respond to changing conditions and threats.
42 FireSIGHT Sees Everything Categories Examples Sourcefire FireSIGHT Typical IPS Threats Attacks, Anomalies Users AD, LDAP, POP3 Web Applications Facebook Chat, Ebay Application Protocols HTTP, SMTP, SSH File Transfers PDF, Office, EXE, JAR Malware Conficker, Flame Command & Control Servers C&C Security Intelligence Client Applications Firefox, IE6, BitTorrent Network Servers Apache 2.3.1, IIS4 Operating Systems Windows, Linux Routers & Switches Cisco, Nortel, Wireless Mobile Devices iphone, Android, Jail Printers HP, Xerox, Canon Sensitive Data Credit Cards, SSNs, Custom VoIP Phones Avaya, Polycom Virtual Machines VMware, Xen, RHEV Typical NGFW
43 FireSIGHT Contextual Awareness Improves Security and Saves Money IT Insight Spot rogue hosts, traffic anomalies, policy violations, and more Impact Assessment Threat correlation reduces actionable events by up to 99% Automated Tuning Adjust IPS policies automatically based on network change User Identification Associate users with security and compliance events 43
44 FireSIGHT Context Explorer All application traffic Risky applications Who is sending the most data? Where is data coming from/going to? Which file types? What does User traffic look like over time?
45 FireSIGHT Awareness Who is at the host OS & version Identified What other systems / IPs did user have, when? Server applications and version Client Applications Client Version Web Application
46 Reduce Risk Through Granular Control Control access for applications, users and devices Employees may view Facebook, but only Marketing may post to it No one may use peer-to-peer file sharing apps 2,000+ apps, devices, and more! 46
47 Web URL Filtering Block non-business-related sites by category Based on user and user group Block access to know bad site 47
48 Sourcefire Advanced Malware Protection with Retrospective Security Comprehensive Monitoring Continuous Analysis Big Data Analytics Integrated Response Control & Remediation Collective Security Intelligence 48
49 File Trajectory Which systems are affected? File introducing threat Rate of Propagation Point of entry root cause Time of entry how long? Retrospective action Trajectory acts as a flight recorder 49
50 Device Trajectory Is it infected and how? Trajectory acts as a flight recorder 50
51 Device Flow Correlation Is there a connection to a known bad location? Associate applications with network connections Detect weak signals in application network traffic Link files to known bad sites Link sites to known bad files Cloud scalability for advanced analysis and detection Network Tracking Custom Blacklists Cloud Intelligence Dropper Detection Multiple ways to stop threats and eliminate root causes 51
52 Indicators of Compromise Spotlight high-risk systems Automated compromise analysis & determination Prioritized list of compromised devices Drill down for quick root cause analysis and remediation 52
53 Assume you will be Compromised Sourcefire s New Continuous Security Model A T T A C K C O N T I N U U M BEFORE DURING AFTER See it, Control it Intelligent & Context Aware Retrospective Security Network Endpoint Mobile Virtual Point-in-Time Continuous 53
54 World s Leading Security Team #1 Market Share in Network Security & Data Center Security Leader in Magic Quadrants for IPS, Security, Web Security, NAC, & SSL VPN NSS Labs Security Value Map Leadership for NGIPS & NGFW World-class security research team & threat data Open source projects: Snort, ClamAV, Razorback 54
55 Industry Analysts Weigh in The deal will allow Sourcefire to leverage Cisco's deep market penetration and expand its technology footprint. In return, Cisco has obtained technology that helps bolster not only its network security offering, but also its credentials in the wider antimalware space. 451 Group "Cisco/Sourcefire: A Potential Game Changer for Cisco and the Cybersecurity Industry. ESG Cisco will reap advanced threat prevention technology within FireAMP and obtain well-respected security research talent from Sourcefire's VRT. FireAMP will give Cisco malware- detection technology that could enable it to develop an advanced threat platform, helping malware mitigation teams fight complex threats. Gartner 55
56 Sean Newman Hans De Raeve Sensitivity : "Unrestricted", "Internal Use Only" or "Confidential" 10/17/2013 Slide 56
57 Thank you Do not forget the evaluation form and the contest! The winners will be designated at on the Belgacom booth. Win tickets for Belgium-Wales or a free hacking training
SourceFireNext-Generation IPS
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationCisco and Sourcefire. AGILE SECURITY : Security for the Real World. Stefano Volpi
Cisco and Sourcefire AGILE SECURITY : Security for the Real World Stefano Volpi SOURCEfire Worldwide John Chambers statement Security is the TOP issue for Cisco and many of the CIO s in the industry. We
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationThreat-Centric Security Solutions. György Ács Security Consulting Systems Engineer 3 rd November 2015
Threat-Centric Security Solutions György Ács Security Consulting Systems Engineer 3 rd November 2015 The Problem is Threats About Angler Exploit Kit http://www.networkworld.com/article/2989827/security/cisco-disrupts-60m-ransomware-biz.html
More informationSourcefire Next-Generation IPS
Sourcefire Next-Generation IPS Key NGIPS Capabilities Snort IPS detection engine Network intelligence Impact assessment User identification Automated policy tuning Network behavior analysis Packet-level
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More informationDeploying Next Generation Firewall with ASA and Firepower services
Deploying Next Generation Firewall with ASA and Firepower services Dragan Novaković Security Consulting Systems Engineer March 2015. Threat Landscape Demands more than Application Control 60% of data is
More informationProtection Against Advanced Persistent Threats
Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are
More informationStallion SIA Seminar 2.12.2015 PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager
Stallion SIA Seminar 2.12.2015 PREVENTION FIRST Introducing the Enterprise Security Platform Sami Walle Regional Sales Manager CYBER THREATS ARE GETTING MORE ADVANCED Advanced Persistent Threat Uses a
More informationSourcefire Next-Generation IPS
Sourcefire Next-Generation IPS Sourcefire Next-Generation IPS sets a new standard for advanced threat protection, integrating real-time contextual awareness, intelligent security automation, and unprecedented
More informationHow To Protect Your Network From A Threat From A Rogue Host Or A Rogue Server From A Hacker (For A Fee)
Next-Generation Intrusion Detection & Prevention Manuel Minzoni, Brand Manager ITWAY VAD Today s Reality Begin the transformation to context-aware and adaptive security infrastructure now as you replace
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationNetwork Security Solution. Arktos Lam
Network Security Solution Arktos Lam Dell Software Group(DSG) 2 Confidential Trend Dell Software addresses key trends Cloud Big data Mobility Security Management Security 3 Software We deliver security
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationCisco Cybersecurity Pocket Guide 2015
Cisco Cybersecurity Pocket Guide 2015 Why Security Security investment: A top priority Security: A critical boardroom topic Why Security? Security Investment: A Top Priority Figure 1 How Enterprises View
More informationCisco ASA with FirePOWER Services. October 2014
Cisco ASA with FirePOWER Services October 2014 What We Are Announcing September 16, 2014 Industry s First Threat-Focused NGFW Proven Cisco ASA firewalling + Industry leading NGIPS and AMP Cisco ASA with
More informationComstor Security Initiative. Comstor Security Initiative
Comstor Comstor Work in partnership with Comstor and Cisco to unlock the potential of Cyber security Cyber security is projected to be a $170 billion market by 2020. There are 10 billion connected sensors
More informationCONTINUOUS MONITORING THE MISSING PIECE TO SECURITY OPERATION (SOC) TODAY
CONTINUOUS MONITORING THE MISSING PIECE TO SECURITY OPERATION (SOC) TODAY MATTHIAS YEO Chief Technology Officer - APAC CISSP, CISA, CISM, PMP 1 OVER REACTING VS UNDER REACTING Reason for the world today
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationHow Attackers are Targeting Your Mobile Devices. Wade Williamson
How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best
More informationQRadar SIEM and Zscaler Nanolog Streaming Service
QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting
More informationNetwork as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats
Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats Dragan Novaković Consulting Systems Engineer Security November 2015. New Networks Mean New Security Challenges
More informationNext Generation Enterprise Network Security Platform
Next Generation Enterprise Network Security Platform November 2014 Lyndon Clough - Territory Sales Manager Derran Guinan Systems Engineer Agenda The Palo Alto Networks story Today s Threat Landscape The
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More information2012 North American Enterprise Firewalls Market Penetration Leadership Award
2012 2012 North American Enterprise Firewalls Market Penetration Leadership Award 2012 Frost & Sullivan 1 We Accelerate Growth Market Penetration Leadership Award Enterprise Firewalls North America, 2012
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More informationBelgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve
Belgacom Security Convention Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve Belgacom Security Convention Cloud and Security Bart Callens Product Manager ICT Security 10/17/2013 Slide 2 Agenda 13:30
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationQRadar SIEM and FireEye MPS Integration
QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving
More informationBEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR
BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR The IndustrializaBon of Hacking SophisEcated AFacks, Complex Landscape Hacking Becomes an Industry Phishing, Low
More informationSmarter Security for Smarter Local Government. Craig Sargent, Solutions Specialist
Smarter Security for Smarter Local Government Craig Sargent, Solutions Specialist SUMMARY 1 Trustwave and SpiderLabs 2 Penetration Testing 3 Web Application Firewall (WAF) 4 Security Information & Event
More informationFortinet Advanced Threat Protection- Part 3
Fortinet Advanced Threat Protection- Part 3 Upgrading Your Endpoint Security to Meet Advanced Threats Copyright Fortinet Inc. All rights reserved. Agenda Brief Recap on Breaches and the Need for Advanced
More informationРешения HP по информационной безопасности
Решения HP по информационной безопасности Евгений Нечитайло ynechyta@hp.com Mobile: +380 67 464 0218 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationBridging the gap between COTS tool alerting and raw data analysis
Article Bridging the gap between COTS tool alerting and raw data analysis An article on how the use of metadata in cybersecurity solutions raises the situational awareness of network activity, leading
More informationCisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi 13-10-2015
#TIGcyberSec Cisco Security: Moving to Security Everywhere Stefano Volpi 13-10-2015 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco is All In with Security I expect security
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationEnabling Security Operations with RSA envision. August, 2009
Enabling Security Operations with RSA envision August, 2009 Agenda What is security operations? How does RSA envision help with security operations? How does RSA envision fit with other EMC products? If
More informationHP NonStop Server Security and HP ArcSight SIEM
HP NonStop Customer Technical Talk HP NonStop Server Security and HP ArcSight SIEM 04/12/2012 HP NonStop Karen Copeland HP Enterprise Security Morgan DeRodeff XYPRO Barry Forbes NonStop Enterprise Division
More informationCisco ASA und FirePOWER Services
Cisco ASA und FirePOWER Services 1 Die Abwehr von Bedrohungen ist ein Prozess Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall/VPN Applikations-Kontrolle
More informationEnhancing Your Network Security
Enhancing Your Network Security Rainer Singer SE Manager Central Europe October 2013 Infoblox Overview & Business Update Founded in 1999 Headquartered in Santa Clara, CA with global operations in 25 countries
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationMcAfee Network Security Platform Services solutions for Managed Service Providers (MSPs)
McAfee Network Security Platform Services solutions for Managed Service Providers (MSPs) McAfee Network Security Platform is uniquely intelligent and purpose-built to offer unmatched protection, performance,
More informationCLOUD GUARD UNIFIED ENTERPRISE
Unified Security Anywhere CLOUD SECURITY CLOUD GUARD UNIFIED ENTERPRISE CLOUD SECURITY UNIFIED CLOUD SECURITY Cloudy with a 90% Chance of Attacks How secure is your cloud computing environment? If you
More informationPaul Cochran - Account Manager. Chris Czerwinski System Engineer
Paul Cochran - Account Manager Chris Czerwinski System Engineer Next-Generation NAC Fast and easy deployment No infrastructure changes or network upgrades No need for endpoint agents 802.1X is optional
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationHow Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail
How Fail Today s Networks And Why Will Prevail Why your current firewall may be jeopardizing your security, and how you can counter today s threats, manage web 2.0 apps and enforce acceptable-use policies.
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationAdaptive IPS Security in a changing world. Dave Venman Security Engineer, UK & Ireland
Adaptive IPS Security in a changing world Dave Venman Security Engineer, UK & Ireland 2 Who Is Sourcefire? Mission: To help customers manage increasing risks and regulations by providing the most effective,
More informationUnified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice Introduction There are numerous statistics published by security vendors, Government
More informationRisk-based security buyer s guide:
Risk-based security buyer s guide: Addressing Enterprise-class threats on an sme-class budget Executive Summary Every day we read about new breaches. They are so frequent, and the volume of records breached
More informationProduct Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET
Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET ELITE S NEXT GENERATION MANAGED SECURITY SERVICES Security risks to business information systems are expanding at a rapid rate; often,
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationSymantec Enterprise Firewalls. From the Internet Thomas Jerry Scott
Symantec Enterprise Firewalls From the Internet Thomas Symantec Firewalls Symantec offers a whole line of firewalls The Symantec Enterprise Firewall, which emerged from the older RAPTOR product We are
More informationIntelligent Cybersecurity for the Real World. Cisco Cybersecurity Pocket Guide
Intelligent Cybersecurity for the Real World Cisco Cybersecurity Pocket Guide EMEA 2015 Content What an Opportunity! Security Investment is a Top Priority Why Cisco? Cisco is the Leading Security Company
More informationAdvanced Threats: The New World Order
Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC
More informationIntelligence Driven Security
Intelligence Driven Security RSA Advanced Cyber Defense Workshop Shane Harsch Senior Solutions Principal, RSA 1 Agenda Approach & Activities Operations Intelligence Infrastructure Reporting & Top Findings
More informationCisco RSA Announcement Update
Cisco RSA Announcement Update May 7, 2009 Presented by: WWT and Cisco Agenda Cisco RSA Conference Announcements Collaborate with Confidence Overview Cisco s Security Technology Differentiation Review of
More informationThreat-Centric Security for Service Providers
Threat-Centric Security for Service Providers Enabling Open & Programmable Networks Sam Rastogi, Service Provider Security Product Marketing, Security Business Group Bill Mabon, Network Security Product
More informationHigh Performance NGFW Extended
High Performance NGFW Extended Enrique Millán Country Manager Colombia emillan@fortinet.com 1 Copyright 2013 Fortinet Inc. All rights reserved. D I S C L A I M E R This document contains confidential material
More informationIT Security Strategy and Priorities. Stefan Lager CTO Services stefan.lager@addpro.se
IT Security Strategy and Priorities Stefan Lager CTO Services stefan.lager@addpro.se Cyberthreat update Why would anyone want to hack me? I am not a bank! Security Incidents with Confirmed Data Loss Source:
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationOn and off premises technologies Which is best for you?
On and off premises technologies Which is best for you? We don t mind what you buy, as long as it is YELLOW! Warren Sealey and Paul-Christian Garpe On Premises or in the cloud? 1 Agenda Why Symantec? Email
More informationSecurity Coordination with IF-MAP
Security Coordination with IF-MAP Matt Webster, Lumeta 28 Sept 2010 Copyright 2010 Trusted Computing Group Agenda Threat Landscape and Federal Networks Recap of TNC Explanation of IF-MAP What is IF-MAP?
More informationNetwork that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE
Network that Know Rasmus Andersen Lead Security Sales Specialist North & RESE Email Gateway vendor CERT AV vendor Law enforcement Web Security Vendor Network security appliance vendor IT Department App
More informationHow To Manage Sourcefire From A Command Console
Sourcefire TM Sourcefire Capabilities Store up to 100,000,000 security & host events, including packet data Centralized policy & sensor management Centralized audit logging of configuration & security
More informationUnderstanding the Security Vendor Landscape Using the Cyber Defense Matrix
SESSION ID: PDIL-W02F Understanding the Security Vendor Landscape Using the Cyber Defense Matrix Sounil Yu sounil@gmail.com @sounilyu Disclaimers The views, opinions, and positions expressed in this presentation
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationHow To Create Situational Awareness
SIEM: The Integralis Difference January, 2013 Avoid the SIEM Pitfalls Get it right the first time Common SIEM challenges Maintaining staffing levels 24/7 Blended skills set, continuous building of rules
More informationNext-Generation Firewalls: Critical to SMB Network Security
Next-Generation Firewalls: Critical to SMB Network Security Next-Generation Firewalls provide dramatic improvements in protection versus traditional firewalls, particularly in dealing with today s more
More information聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問
聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 主 講 人 : 廖 國 宏 Jerry Liao 職 稱 : 技 術 顧 問 Each attack instance can be slightly different 攻 擊 模 式 有 些 微 的 不 同 Domains are rotated in days, even hours 攻 擊 主 機 位 置
More informationThe Need for Intelligent Network Security: Adapting IPS for today s Threats
The Need for Intelligent Network Security: Adapting IPS for today s Threats James Tucker Security Engineer Sourcefire Nordics A Bit of History It started with passive IDS. Burglar alarm for the network
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationFROM PRODUCT TO PLATFORM
FROM PRODUCT TO PLATFORM DATA EQUIPMENT 2016 Mikkel Bossen Agenda Today s Challenges Data Growth, SSL encryption, Application Growth & SaaS What s hiding in under the surface? Legacy Security is that really
More information1 2013 Infoblox Inc. All Rights Reserved. Securing the critical service - DNS
1 2013 Infoblox Inc. All Rights Reserved. Securing the critical service - DNS Dominic Stahl Systems Engineer Central Europe 11.3.2014 Agenda Preface Advanced DNS Protection DDOS DNS Firewall dynamic Blacklisting
More informationRAVEN, Network Security and Health for the Enterprise
RAVEN, Network Security and Health for the Enterprise The Promia RAVEN is a hardened Security Information and Event Management (SIEM) solution further providing network health, and interactive visualizations
More informationFive Steps For Securing The Data Center: Why Traditional Security May Not Work
White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center
More informationAssuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices
The Payment Card Industry (PCI) Data Security Standard (DSS) provides an actionable framework for developing a robust payment card data security process. The Payment Application Data Security Standard
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationAchieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR
Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO
More informationSecurity Services. 30 years of experience in IT business
Security Services 30 years of experience in IT business Table of Contents 1 Security Audit services!...!3 1.1 Audit of processes!...!3 1.1.1 Information security audit...3 1.1.2 Internal audit support...3
More informationAdvanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA
Advanced SOC Design Next Generation Security Operations Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA 1 ! Why/How security investments need to shift! Key functions of a Security Operations
More informationCaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security
CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security 1 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
More informationCompany Profile. 1344 S Flores #205 San Antonio, TX 78204 210-694-2797 www.thomasontech.com
Company Profile 1344 S Flores #205 San Antonio, TX 78204 210-694-2797 www.thomasontech.com Trusted Security Advisor For Industrial Control Systems Thomason Technologies provides world-class security solutions
More information