All about Threat Central
|
|
- Brook Bond
- 8 years ago
- Views:
Transcription
1 All about Threat Central Ted Ross & Nadav Cohen #HPProtect
2 Forward-looking statements This is a rolling (up to three year) Roadmap and is subject to change without notice. This document contains forward looking statements regarding future operations, product development, product capabilities and availability dates. This information is subject to substantial uncertainties and is subject to change at any time without prior notification. Statements contained in this document concerning these matters only reflect Hewlett Packard's predictions and / or expectations as of the date of this document and actual results and future plans of Hewlett-Packard may differ significantly as a result of, among other things, changes in product strategy resulting from technological, internal corporate, market and other changes. This is not a commitment to deliver any material, code or functionality and should not be relied upon in making purchasing decisions. 3
3 HP confidential information This is a rolling (up to three year) Roadmap and is subject to change without notice. This Roadmap contains HP Confidential Information. If you have a valid Confidential Disclosure Agreement with HP, disclosure of the Roadmap is subject to that CDA. If not, it is subject to the following terms: for a period of 3 years after the date of disclosure, you may use the Roadmap solely for the purpose of evaluating purchase decisions from HP and use a reasonable standard of care to prevent disclosures. You will not disclose the contents of the Roadmap to any third party unless it becomes publically known, rightfully received by you from a third party without duty of confidentiality, or disclosed with HP s prior written approval. 4
4 Agenda Threat Central journey Why HP Threat Central? Offering vision What is Threat Central? Use cases Technical walkthrough Questions 5
5 Threat Central journey Building a high fidelity threat intelligence sharing community for our customers! Automate and correlate crowd-source threat intelligent feeds Innovation Project: 2013 Alpha: 2013 Beta: Today Target GA: Soon! Project out of HP Innovation Initiative Interview and validate use cases with many ArcSight Security Operation Center customers Multiple Iterations of Alpha testing with customers Announced & demo d at Protect2013 Beta testing with HP internal customers ArcSight customers beta testing Threat intelligence partners beta testing Building community with ArcSight customers, ESP customers, partners, security researcher, open source threat intelligence community Please join Protect724 ArcSight product announcement forum for Threat Central product launch updates. Join Threat Central community to advance the cause for cyber threat defense for your company! 6
6 Why HP Threat Central? Crowd-source actionable threat intelligence Industry is still learning how to collaborate effectively Companies spend time combatting the same threat The adversary collaborates in an effective eco-system Feedback regarding existing sharing models: Limited participation not comfortable sharing Data is not actionable lacks context Overly manual not timely Government alone can t fix the problem Can t hire resources fast enough Limited visibility: Need intelligence/data from industry Threat Central Threat Central enables Automated bi-directional sharing Ability to analyze the data Actionable derived results Existing community of advanced security customers Product-agnostic sharing 7
7 Vision An open and automated cloud based platform for high fidelity threat intelligence that enables ArcSight and enterprise customers to consume and share community driven threat intelligence. Threat Central differentiates itself by providing near real-time analyzed, correlate, and actionable threat intelligence to ArcSight customers and members of the Threat Central community. 8
8 Threat Central community HP ESP leads to create an open threat intelligence sharing community! ArcSight customers Threat intelligence partners HP Security Research ESP customers Threat intelligenc e community 9
9 Customer benefits Actionable intelligence Confidence Feedback Anonymous sharing Community 10
10 What is Threat Central?
11 Threat Central HP Security Research SIEM, STIX & Portal Private community Privacyenhanced TC forum Sector community Threat Central Threat DB Partners feeds Open source SIEM STIX SIEM Global community STIX SIEM Portal SIEM 12
12 Automated action influenced by context Collect Normalize Analyze/correlate Distribute/ACT Actionable intel TC community Open source ESM Connector, STIX, TAXII, CSV, etc. IP address \ Domain File hash Signature URL Contextual intel Compare & Correlate IP address match? Domain match? \ File Hash match? Signature match? TC Portal ArcSight ESM Feeds STIX, TAXII, CSV, etc Actor \ Campaign Tools Techniques URL match? CHANGE SCORE HP TippingPoint HP Security Research Procedures 13
13 Threat Central use cases
14 Use case: Automated actions Brute force login Invalid login Attacker Invalid login IPS Key assets 15
15 Use case: Automated actions Current approach Invalid login Company A Attacker Invalid login IPS Invalid login Company B Attacker Invalid login IPS Invalid login Company C Attacker Invalid login IPS 16
16 Use case: Automated actions New approach Attacker Invalid login Invalid login IPS Company A SCORE 1 Threat Central SCORE 13 9 Attacker Invalid login Invalid login IPS Company B SCORE 1 Company D If score > 5, push IP to IPS Invalid login Company C SCORE 1 SCORE 9 Attacker Invalid login IPS HP TippingPoint 17
17 Use case: Proactive block lists recon Current approach Recon source IPS Source X Key assets Attack source(s) 18
18 Use case: Proactive block lists recon With Threat Central Threat Central Recon source IPS Recon IP Attack IPs Source X Key assets Attack IP List Attack source(s) 19
19 Use case: Leveraging the community Zero day Company A New event Malware variant Company B New event MALWARE ZERO BAD DAY IP Threat Central Malicious IP address Company C New event 20
20 Threat Central walkthrough
21 Screenshot tour Create case Distribute Collaborate Get results Mitigate In the following example we will see how TC can be used to Query about an incident Distribute indicator information to communities Collaborate with security experts Get derived intelligence directly into SIEM Mitigate risks 22
22 Create a case This is a rolling (up to 3 year) roadmap and is subject to change without notice CaptnProton runs into suspicious behavior with LGCScanner.exe 23 All product views are illustrations and might not represent actual product screens
23 Distribute indicators This is a rolling (up to 3 year) roadmap and is subject to change without notice CaptnProton submits the case. Indicators are now extracted and sent to community members 24 All product views are illustrations and might not represent actual product screens
24 This is a rolling (up to 3 year) roadmap and is subject to change without notice Distribute indicators (2) ESM customers benefit from direct integration and targeted intelligence 25 All product views are illustrations and might not represent actual product screens
25 Collaborate with experts HP Security Researcher enhances indicators with contextual information This is a rolling (up to 3 year) roadmap and is subject to change without notice 26 All product views are illustrations and might not represent actual product screens
26 Get results This is a rolling (up to 3 year) roadmap and is subject to change without notice By the end of the process, CaptnProton s case is filled out with relevant and contextual information 27 All product views are illustrations and might not represent actual product screens
27 Mitigate This is a rolling (up to 3 year) roadmap and is subject to change without notice Easily quarantine bad IPs/domains using ESM and TippingPoint SMS 28 All product views are illustrations and might not represent actual product screens
28 For more information Attend these sessions TB3169, Correlating advanced threat information feeds Visit these demos Threat Central Demo Booth 307 After the event Web: Blog: hp.com/go/hpsrblog Whitepaper: Your feedback is important to us. Please take a few minutes to complete the session survey. 29
29 Questions?
30 Please give me your feedback Session TB3013 Speakers Ted Ross & Nadav Cohen Please fill out a survey. Hand it to the door monitor on your way out. Thank you for providing your feedback, which helps us enhance content for future events. 31
31 Thank you
32
The Third Rail: New Stakeholders Tackle Security Threats and Solutions
SESSION ID: CXO-R03 The Third Rail: New Stakeholders Tackle Security Threats and Solutions Ted Ross Director, Threat Intelligence HP Security Research @tedross Agenda My brief background An example of
More informationFind the intruders using correlation and context Ofer Shezaf
Find the intruders using correlation and context Ofer Shezaf Agenda The changing threat landscape What can you do to find intruders? Best practices for timely detection and mitigation HP ArcSight 2 Find
More informationSession 3: IT Infrastructure Security Track ThreatExchange Winning through collaboration. Tomas Sander HP Labs
Session 3: IT Infrastructure Security Track ThreatExchange Winning through collaboration Tomas Sander HP Labs Forward Looking Statements Rolling roadmap up to three years and is subject to change without
More informationCaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security
CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security 1 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
More informationBusiness white paper. Missioncritical. defense. Creating a coordinated response to application security attacks
Business white paper Missioncritical defense Creating a coordinated response to application security attacks Table of contents 3 Your business is under persistent attack 4 Respond to those attacks seamlessly
More information應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊
應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing
More informationРешения HP по информационной безопасности
Решения HP по информационной безопасности Евгений Нечитайло ynechyta@hp.com Mobile: +380 67 464 0218 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationHP ENTERPRISE SECURITY. Protecting the Instant-On Enterprise
HP ENTERPRISE SECURITY Protecting the Instant-On Enterprise HP SECURITY INTELLIGENCE AND RISK MANAGEMENT PLATFORM Advanced Protection Against Advanced Threats 360 Security Monitoring to Detect Incidents
More informationWhite Paper: Leveraging Web Intelligence to Enhance Cyber Security
White Paper: Leveraging Web Intelligence to Enhance Cyber Security October 2013 Inside: New context on Web Intelligence The need for external data in enterprise context Making better use of web intelligence
More informationYou ll learn about our roadmap across the Symantec email and gateway security offerings.
#SymVisionEmea In this session you will hear how Symantec continues to focus our comprehensive security expertise, global intelligence and portfolio on giving organizations proactive, targeted attack protection
More informationSymantec Cyber Security Services: DeepSight Intelligence
Symantec Cyber Security Services: DeepSight Intelligence Actionable intelligence to get ahead of emerging threats Overview: Security Intelligence Companies face a rapidly evolving threat environment with
More informationAchieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR
Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO
More informationHP ESP 2013 Solution Roadmap
HP ESP 2013 Solution Roadmap C. K. Lin ( 林 傳 凱 ) Senior Channel Solution Manager, North Asia ck.lin@hp.com March 8, 2013 資 安 要 聞 議 程 HP ESP 簡 介 HP ESP 解 決 方 案 HP ESP 2013 Solution Roadmap Q&A HP ESP 簡
More informationFROM INBOX TO ACTION EMAIL AND THREAT INTELLIGENCE:
WHITE PAPER EMAIL AND THREAT INTELLIGENCE: FROM INBOX TO ACTION There is danger in your email box. You know it, and so does everyone else. The term phishing is now part of our daily lexicon, and even if
More informationThe Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Ted Gruenloh Director of Operations Sentinel IPS * Agenda! Review of the current Network Security
More informationAfter the Attack: RSA's Security Operations Transformed
After the Attack: RSA's Security Operations Transformed Ben Smith, CISSP RSA Field CTO (East), Security Portfolio Senior Member, ISSA Northern Virginia 1 The Environment ~ 2,000 security devices ~55M security
More informationRedefining SIEM to Real Time Security Intelligence
Redefining SIEM to Real Time Security Intelligence David Osborne Security Architect September 18, 2012 Its not paranoia if they really are out to get you Malware Malicious Insiders Exploited Vulnerabilities
More informationJUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM
JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM May 2015 Nguyễn Tiến Đức ASEAN Security Specialist Agenda Modern Malware: State of the Industry Dynamic Threat Intelligence on the Firewall
More informationBig Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data
Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data Patrick Gardner VP Engineering Sourabh Satish Distinguished Engineer Symantec Vision 2014 - Big Data
More informationEight Essential Elements for Effective Threat Intelligence Management May 2015
INTRODUCTION The most disruptive change to the IT security industry was ignited February 18, 2013 when a breach response company published the first research that pinned responsibility for Advanced Persistent
More informationSeparating Signal from Noise: Taking Threat Intelligence to the Next Level
SESSION ID: SPO2-T09 Separating Signal from Noise: Taking Threat Intelligence to the Next Level Doron Shiloach X-Force Product Manager IBM @doronshiloach Agenda Threat Intelligence Overview Current Challenges
More informationHIGH-RISK USER MONITORING
HIGH-RISK USER MONITORING Using ArcSight IdentityView to Combat Insider Threats HP Enterprise Security Business Whitepaper Overview Security professionals once defended their networks against bots and
More informationThe Evolution of Application Monitoring
The Evolution of Application Monitoring Narayan Makaram, CISSP, Director, Solutions Marketing, HP Enterprise Security Business Unit, May 18 th, 2012 Rise of the cyber threat Enterprises and Governments
More informationHunting for the Undefined Threat: Advanced Analytics & Visualization
SESSION ID: ANF-W04 Hunting for the Undefined Threat: Advanced Analytics & Visualization Joshua Stevens Enterprise Security Architect Hewlett-Packard Cyber Security Technology Office Defining the Hunt
More informationThe Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Dave Plzak Security Evangelist Sentinel IPS davep@econet.com * Agenda Review of the current Network
More information81% of participants believe the government should share more threat intelligence with the private sector.
Threat Intelligence Sharing & the Government s Role in It Results of a Survey at InfoSec 2015 Section 1 1.1 Executive summary The last few years has seen a rise in awareness regarding security breaches
More informationAnatomy of Cyber Threats, Vulnerabilities, and Attacks
Anatomy of Cyber Threats, Vulnerabilities, and Attacks ACTIONABLE THREAT INTELLIGENCE FROM ONTOLOGY-BASED ANALYTICS 1 Anatomy of Cyber Threats, Vulnerabilities, and Attacks Copyright 2015 Recorded Future,
More informationMachine-to-Machine Exchange of Cyber Threat Information: a Key to Mature Cyber Defense
Machine-to-Machine Exchange of Cyber Threat Information: a Key to Mature Cyber Defense By: Daniel Harkness, Chris Strasburg, and Scott Pinkerton The Challenge The Internet is an integral part of daily
More informationKnow your security in mission critical environments Petr Hněvkovský, Senior Security Consultant, HP Enterprise Security Products
Know your security in mission critical environments Petr Hněvkovský, Senior Security Consultant, HP Enterprise Security Products Threat landscape Riskier Enterprises + Advanced Attackers = More Attacks
More informationSecurity Business Intelligence Big Data for Faster Detection/Response
Security Business Intelligence Big Data for Faster Detection/Response SESSION ID: STU-R02B Stacy Purcell Security Architect Intel/IT Legal Notices This presentation is for informational purposes only.
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationPractical examples of Big Data, security analytics and visualization
Practical examples of Big Data, security analytics and visualization Jeff McGee, Data Scientist Josh Stevens, Enterprise Security Architect Objective Identify problems in Security that could be solved
More informationPalo Alto Networks. October 6
Palo Alto Networks October 6 Agenda Malware Trends by the numbers Protect Locally Share Globally Delivery methods 21.5% ~14% OF MALWARE HAS BEEN DELIVERED OVER APPS OTHER THAN WEB AND EMAIL IN 2015 8.2%
More informationSR B17. The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner
SR B17 The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner Director - Engineering, Global Intelligence Network Symantec Intelligence Group Agenda 1 2 3 5 Symantec Intelligence
More informationEnterprise Security and Risk Management
Enterprise Security and Risk Management Growth, innovation, efficiency depend on security HP protects what matters Banking Manufacturing Public Sector $9 trillion USD per day 1000+ Business processes 13
More informationChanging the Enterprise Security Landscape
Changing the Enterprise Security Landscape Petr Hněvkovský Presales Consultant, ArcSight EMEA HP Enterprise Security Products 2012 Hewlett-Packard Development Company, L.P. The information contained herein
More informationContemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited
Contemporary Web Application Attacks Ivan Pang Senior Consultant Edvance Limited Agenda How Web Application Attack impact to your business? What are the common attacks? What is Web Application Firewall
More informationA New Security Dimension: Industry Experience Using Open Standards to Accelerate Threat Response
A New Security Dimension: Industry Experience Using Open Standards to Accelerate Threat Response Jason Corbin VP Product Management and Strategy IBM Security Cyber Threat Intelligence Refresher Payload
More informationThreat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations
Threat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations September 2015 Copyright 2015 Deloitte Development LLC. All rights reserved. This presentation
More informationThings To Do After You ve Been Hacked
Problem: You ve been hacked! Now what? Solution: Proactive, automated incident response from inside the network Things To Do After You ve Been Hacked Tube web share It only takes one click to compromise
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationSecurity Operation Centre 5th generation
Security Operation Centre 5th generation transition Cezary Prokopowicz Regional Manager SEE HP Enterprise Security Products 2 3 4 5 Challenges you are facing 1 Nature and motivation of attacks (Fame to
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationWhat s New in Security Analytics 10.4. Be the Hunter.. Not the Hunted
What s New in Security Analytics 10.4 Be the Hunter.. Not the Hunted Attackers Are Outpacing Detection Attacker Capabilities Time To Discovery Source: VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 2 TRANSFORM
More informationOperational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel
Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel @Ben_Smith Ben Smith, CISSP Field CTO (US East), Security Portfolio A Security Maturity Path CONTROLS COMPLIANCE IT RISK BUSINESS
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationThreat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research
Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research 2 3 6 7 9 9 Issue 1 Welcome From the Gartner Files Definition:
More informationThreat Intelligence Buyer s Guide
Threat Intelligence Buyer s Guide SANS CTI Summit, 10 February 2014 Rick Holland @rickhholland Principal Analyst Last year 2014 Forrester Research, Inc. Reproduction Prohibited 2 This year, Arnold s back!!
More informationUnified Security Management and Open Threat Exchange
13/09/2014 Unified Security Management and Open Threat Exchange RICHARD KIRK SENIOR VICE PRESIDENT 11 SEPTEMBER 2014 Agenda! A quick intro to AlienVault Unified Security Management (USM)! Overview of the
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationSEIZE THE DATA. 2015 SEIZE THE DATA. 2015
1 Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. BIG DATA CONFERENCE 2015 Boston August 10-13 Predicting and reducing deforestation
More informationLeading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA
Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture
More informationUsing SIEM for Real- Time Threat Detection
Using SIEM for Real- Time Threat Detection Presentation to ISSA Baltimore See and secure what matters Joe Magee CTO and Co-Founder March, 27 2013 About us Vigilant helps clients build and operate dynamic,
More informationHow To Manage Threat Intelligence On A Microsoft Microsoft Iphone Or Ipad Or Ipa Device
Product Brochure ThreatStream Optic ThreatStream Threat Intelligence Platform Imagine being able to make sense of all the threat information that s flowing through your security controls and coming from
More informationClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014
1 ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014 About the Presenters Ms. Irene Selia, Product Manager, ClearSkies SecaaS SIEM Contact: iselia@odysseyconsultants.com,
More informationHigh-Risk User Monitoring
Whitepaper High-Risk User Monitoring Using ArcSight IdentityView to Combat Insider Threats Research 037-081910-02 ArcSight, Inc. 5 Results Way, Cupertino, CA 95014, USA www.arcsight.com info@arcsight.com
More informationHP NonStop Server Security and HP ArcSight SIEM
HP NonStop Customer Technical Talk HP NonStop Server Security and HP ArcSight SIEM 04/12/2012 HP NonStop Karen Copeland HP Enterprise Security Morgan DeRodeff XYPRO Barry Forbes NonStop Enterprise Division
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationLog Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security
Foreword p. xvii Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security Information to Management p. 5 Example of an
More informationIMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY MONITORING
IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY How runtime application security monitoring helps enterprises make smarter decisions on remediation 2 ABSTRACT Enterprises today
More informationSikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking
Sikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking Agenda BYOD challenges A solution for BYOD Network Protector SDN matched with industry leading service How it works In summary BYOD challenges
More informationManaged Security Services
NEAT EVALUATION FOR UNISYS: Managed Security Services Market Segment: Overall This document presents Unisys with the NelsonHall NEAT vendor evaluation for Managed Security Services (MSS) for the Overall
More informationHP ArcSight User Behavior Analytics
Insider Threat HP ArcSight User Behavior Analytics Application Misuse Sensitive Data Access Hakan Durgut ArcSight Specialist Nordics/Baltics 1 The insider threat challenge IT Security focus in on the external
More informationIBM Security X-Force Threat Intelligence
IBM Security X-Force Threat Intelligence Use dynamic IBM X-Force data with IBM Security QRadar to detect the latest Internet threats Highlights Automatically feed IBM X-Force data into IBM QRadar Security
More informationHow Shared Security Intelligence Can Better Stop Targeted Attacks
How Shared Security Intelligence Can Better Stop Targeted Attacks SESSION ID: SPO3-T07 Piero DePaoli Senior Director Global Product Marketing Symantec Corporation Targeted Attacks are an Increasing Issue
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationUnstructured Threat Intelligence Processing using NLP
Accenture Technology Labs Elvis Hovor @kofibaron Shimon Modi @shimonmodi Shaan Mulchandani @alabama_shaan Unstructured Threat Intelligence Processing using NLP Enhancing Cyber Security Operations by Automating
More information(S2.3) Security Spotlight: How cyber criminals can steal millions in seconds and how to fight back. Johannesburg
(S2.3) Security Spotlight: How cyber criminals can steal millions in seconds and how to fight back Johannesburg Bharat Mistry Security Chief Technologist HP Enterprise Security Tweet using #HPWorldZA Johannesburg
More informationThreat Intelligence Platforms: The New Essential Enterprise Software
Gitomer-1 Threat Intelligence Platforms: The New Essential Enterprise Software Due to the ever-increasing volume of cyber attacks and regulatory pressures, there is a need for a new type of enterprise
More informationSecurity Operations Metrics Definitions for Management and Operations Teams
Whitepaper Security Operations Metrics Definitions for Management and Operations Teams Measuring Performance across Business Imperatives, Operational Goals, Analytical Processes and SIEM Technologies Research
More informationA Primer on Cyber Threat Intelligence
A Primer on Cyber Threat Intelligence AS ADVERTISED 2 BUZZWORD BINGO! 3 TODAY S CYBER SECURITY CHALLENGES CISOs finding it difficult to define security ROI to executives Short shelf life for CISOs Vastly
More informationSPEAR PHISHING AN ENTRY POINT FOR APTS
SPEAR PHISHING AN ENTRY POINT FOR APTS threattracksecurity.com 2015 ThreatTrack, Inc. All rights reserved worldwide. INTRODUCTION A number of industry and vendor studies support the fact that spear phishing
More informationDebunking the Myths: An Essential Guide to Software-Defined Networking April 17, 2013
Copyright 2013 Vivit Worldwide Debunking the Myths: An Essential Guide to Software-Defined Networking April 17, 2013 Brought to you by Vivit Cloud Builders Special Interest Group (SIG) Jim Murphy Cloud
More informationSymantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape
WHITE PAPER: SYMANTEC GLOBAL INTELLIGENCE NETWORK 2.0.... ARCHITECTURE.................................... Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Who
More informationDealing with Big Data in Cyber Intelligence
Dealing with Big Data in Cyber Intelligence Greg Day Security CTO, EMEA, Symantec Session ID: HT-303 Session Classification: General Interest What will I take away from this session? What is driving big
More informationCUTTING THROUGH THE HYPE: WHAT IS TRUE NEXT GENERATION SECURITY?
CUTTING THROUGH THE HYPE: WHAT IS TRUE NEXT GENERATION SECURITY? Jennifer Ellard HP Session ID: SPO-W01B Session Classification: General Interest Agenda What is hype? What we hear from you? Separating
More informationAdaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW. Jürgen Seitz Systems Engineering Manager
Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW Jürgen Seitz Systems Engineering Manager Evolution of Network Security Next-Gen Firewall Application Visibility and Control User-based
More informationAPPLICATION PROGRAMMING INTERFACE
DATA SHEET Advanced Threat Protection INTRODUCTION Customers can use Seculert s Application Programming Interface (API) to integrate their existing security devices and applications with Seculert. With
More informationThreat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products
Threat Intelligence: The More You Know the Less Damage They Can Do Charles Kolodgy Research VP, Security Products IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 Agenda Evolving Threat Environment
More informationThreat Intelligence for Dummies. Karen Scarfone Scarfone Cybersecurity
Threat Intelligence for Dummies Karen Scarfone Scarfone Cybersecurity 1 Source Material Threat Intelligence for Dummies ebook Co-authored with Steve Piper of CyberEdge Group Published by Wiley Sponsored
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationADVANCED KILL CHAIN DISRUPTION. Enabling deception networks
ADVANCED KILL CHAIN DISRUPTION Enabling deception networks Enabling Deception Networks Agenda Introduction Overview of Active Defense Process Orchestration in Active Defense Introducing Deception Networks
More informationCloud and Critical Infrastructures how Cloud services are factored in from a risk perspective
Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective Reaching the Cloud era in the EU Riga 16 June 2015 Jonathan Sage Government and Regulatory Affairs Cyber Security
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationCyber intelligence in an online world
Cyber intelligence in an online world James Hanlon CISM, CISSP, CMI Cyber Strategy & GTM, EMEA Cyber intelligence in an online world SYMANTEC VISION SYMPOSIUM 2014 2 Software and data powers the world
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationTHE BLIND SPOT IN THREAT INTELLIGENCE THE BLIND SPOT IN THREAT INTELLIGENCE
THE BLIND SPOT IN THREAT INTELLIGENCE THE BLIND SPOT IN THREAT INTELLIGENCE How application threat intelligence can make existing enterprise security infrastructures smarter THE BLIND SPOT IN THREAT INTELLIGENCE
More informationEnd-to-End Application Security from the Cloud
Datasheet Website Security End-to-End Application Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed
More informationA Funny Thing Happened On The Way To OASIS: From Specifications to Standards
A Funny Thing Happened On The Way To OASIS: From Specifications to Standards Richard Struse Chief Advanced Technology Officer, NCCIC US Department of Disclaimer This presentation is intended for informational
More informationAutomate the Hunt. Rapid IOC Detection and Remediation WHITE PAPER WP-ATH-032015
Rapid IOC Detection and Remediation WP-ATH-032015 EXECUTIVE SUMMARY In the escalating war that is cyber crime, attackers keep upping their game. Their tools and techniques are both faster and stealthier
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationIntelligence Driven Security
Intelligence Driven Security RSA Advanced Cyber Defense Workshop Shane Harsch Senior Solutions Principal, RSA 1 Agenda Approach & Activities Operations Intelligence Infrastructure Reporting & Top Findings
More informationFrom the Bottom to the Top: The Evolution of Application Monitoring
From the Bottom to the Top: The Evolution of Application Monitoring Narayan Makaram, CISSP Director, Security Solutions HP/Enterprise Security Business Unit Session ID: SP01-202 Session 2012 Classification:
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved.
ESG Brief Webroot Delivers Enterprise-Class Threat Intelligence to Security Technology Providers and Large Organizations Date: September 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore,
More informationUS-CERT Year in Review. United States Computer Emergency Readiness Team
US-CERT Year in Review United States Computer Emergency Readiness Team CY 2012 US-CERT Year in Review United States Computer Emergency Readiness Team CY 2012 What s Inside Welcome 1 Vison, Mission, Goals
More informationRethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council
Rethinking Information Security for Advanced Threats CEB Information Risk Leadership Council Advanced threats differ from conventional security threats along many dimensions, making them much more difficult
More information