STRATEGIC ADVANTAGE: CONSULTING & ISIGHT INTELLIGENCE
|
|
- Lorraine Butler
- 8 years ago
- Views:
Transcription
1 ANALYST DAY STRATEGIC ADVANTAGE: CONSULTING & ISIGHT INTELLIGENCE TRAVIS REESE, PRESIDENT, MANDIANT CONSULTING AND ISIGHT INTELLIGENCE COPYRIGHT 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
2 INTELLIGENCE- LED SECURITY: THREAT INTELLIGENCE AND EXPERISE: DIFFERENTIATE OUR SOLUTIONS AND REPRESENT A SUSTAINABLE STRATEGIC ADVANTAGE DRIVE STRATEGIC CUSTOMER RELATIONSHIPS AND PRODUCT PULL-THROUGH SCALABLE THROUGH OUR TECHNOLOGY AND AUTOMATION
3 GLOBAL NATION STATE GRADE INTELLIGENCE
4 INTELLIGENCE DRIVES EVERYTHING
5 TRIPLE THREAT ECOSYSTEM FIREEYE GLOBAL THREAT MANAGEMENT PLATFORM
6 THE MOST COMPREHENSIVE INTELLIGENCE IN THE WORLD MACHINE INTELLIGENCE + HUMAN INTELLIGENCE = ACTIONABLE INTELLIGENCE
7 Threat Intelligence Video
8 FIREEYE THREAT INTELLIGENCE ENGINE ACQUIRE APPLY INCIDENT RESPONSE Over 100,000 incident response hours /year Hundreds of subject matter experts across 16 countries SENSORS 11 million sensors around the world Deployed across 60 countries 24x7x365 visibility through 6 worldwide SOCs ADVERSARY INTELLIGENCE 300+ experts, 18 countries, 29 languages EXPERTS across security, analytics, and geo-political domains 115+ MILLION node graph-based analytics engine 340 MILLION correlation relationships defined 212 PETABYTES sensor traffic analyzed each month 45 BILLION URLS analyzed each month ANTICIPATE Stay a step ahead of the attacker DETECT Identify threats that other solutions miss RESPOND Answer key questions and prioritize threats SHARE Collaborate to drive community defenses ANALYZE
9 INTELLIGENCE PORTFOLIO FIREEYE PRODUCTS & AS-A-SERVICE OFFERINGS FIREEYE FORWARD DEPLOYED ANALYST INTELLIGENCE PORTAL FIREEYE CLOUD ENDPOINT ORCHESTRATION (INTEGRATE 3 RD PARTY PRODUCTS) ADVANCE THREAT INTELLIGENCE DYNAMIC THREAT INTELLIGENCE VERTICALIZED THREAT INTELLIGENCE NETWORK INTELLIGNCE MANDIANT SERVICES (+NEW INTEL LED) PORTAL VERTICAL PARTNER PORTALS
10 INTELLIGENCE PORTFOLIO TACTICAL: Detect & Prevent DTI Best-of-breed detection with MVX codification of attacker intent isight s intelligence network extends visibility into new attacker motivations across 16,000 threat actors. CONTEXTUAL: Analyze & Respond ATI Alert context for FireEye alerts enhanced with derivative intelligence from isight IOCs STRATEGIC Assess & Prepare ATI+ Foundational strategic intelligence through the FIC portal 24/7/465 critical alert and detection efficacy monitoring ThreatScape APIs ThreatScape APIs Enhance existing security infrastructure with IOCs derived from earlier visibility into threats via over-the-horizon visibility Context for the alerts across the infrastructure; enhanced with FireEye s victim-based context from incident responders and deployed sensors Mandiant Response Combined FireEye and isight intelligence will inform incident response engagements Customer reports informed through isight threat intelligence ThreatScape MySIGHT Subscription Deep dive on specific motivations that present a higher level of risk to an organization Consultative intelligence engagements (e.g. client inquiries, engagement manager)
11 FURTHER EXTENDING THE PORTFOLIO VISIBILITY ACROSS THE ATTACK LIFECYCLE MAGNIFY CONTEXT AND ATTRIBUTION TO ACCELERATE RISK REDUCTION EXPAND PATHWAYS TO OPERATIONALIZE THREAT INTELLIGENCE ENHANCE FAAS & INCIDENT RESPONSE CAPABILITIES
12 NOT ALL THREAT DATA IS CREATED EQUAL COMMODITY FEEDS: RAW DATA Misses the threats that matter Becomes part of the problem The race to free THREAT INTELLIGENCE Curated data sources create highfidelity, precise alerts Right-sizes problem with context and attribution required to prioritize response
13 IMPACT OF THREAT INTELLIGENCE 1. Be Proactive 2. Shrink the Problem 3. Improve Prioritization 4. Enhance Executive Communications 5. Connect Security With Business Strategic Planning Assumption: By 2018, 60% of large enterprises globally will utilize commercial threat intelligence services to help inform their security strategies. Rob McMillan & Khushbu Pratap Market Guide for Security Threat Intelligence Services
14 MANDIANT PORTFOLIO AM I AT RISK? AM I PREPARED? Red Teaming and Penetration Testing Security Program Assessment Response Readiness Assessment ICS Security Assessment Compromise Assessment AM I COMPROMISED? I AM BREACHED! Incident Response PREPARE FOR FUTURE EVENTS Cyber Defense Center Development SOC/CIRT transformation Education Deployment & Integration
15 WHY SERVICES TRUSTED ADVISOR / STRATEGIC PARTNER INTELLIGENCE FROM THE FRONT LINES PRODUCT PULL THROUGH
16 HOW WE SCALE
17 SHRINK THE PROBLEM ATTACK SURFACE ATTACK ALERTS VICTIMS SIDE CORRELATED EVENTS INCIDENT INDICATORS NOISE TO SIGNAL INTELLIGENCE FROM isight VERIFIED THREAT INDICATORS PRE-PROCESSED ANALYSIS NEW OBSERVATION THREAT SOURCES
18 INTELLIGENCE AT THE CORE
19 GIVING THE ADVANTAGE BACK TO THE DEFENDERS
20 ANALYST DAY 2016 FIREEYE TECHNOLOGY & PRODUCT ROADMAP GRADY SUMMERS CHIEF TECHNOLOGY OFFICER COPYRIGHT 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
21 TECHNOLOGY UPDATE MVX Line Rate Intelligent Capture MVX Core POWER OF THE PLATFORM EVOLVING MVX PRODUCT INNOVATION
22 THIS IS NOT A PLATFORM 22 COPYRIGHT 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
23 FIREEYE PLATFORM 23 COPYRIGHT 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
24 ALERT TO FIX IN MINUTES ALERTS INDICATORS AND TTPs DTI HIGH FIDELITY ALERTS MVX / Analytics AUTOMATE WITH INVOTAS THREAT INTELLIGENCE CONTEXT isight & Mandiant FIX
25 PLATFORM CYCLE 1. Immediately block callbacks with FireEye NX 5. Analyst (in-house or FaaS) briefly reviews case summary, approves Invotas to initiate remediation process 2. Send data to FireEye TAP for indexing and correlation EX Alert 3. Open incident in Invotas Results sent to Invotas 4. Request HX triage package from potentially impacted computers Invotas workflow 1. Search TAP for prior evidence (or ArcSight/Qradar/Splunk) 2. Send suspect attachment to VirusTotal and Symantec for corroboration 3. Query DomainTools for reverse DNS and historical registration information 4. Review HX triage packages to verify extent of compromise 5. Determination: high severity alert that needs escalation 6. Block C2 using Blue Coat proxy 7. Update Cisco Sourcefire IDS with new signatures 8. Send sample to Symantec for AV updates 9. Add isight summary of threat actor to case and forward to Level 3 analyst
26 FIREYE PRODUCT & TECHNOLOGY HIGHLIGHTS MVX Re-Architecture Product Segmentation Endpoint Protection Orchestration Cloud FireEye as a Service 26 COPYRIGHT 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
27 NOT ALL DETECTION IS THE SAME
28 MVX ENGINE MVX Purpose-Built for Security Hardened Hypervisor Finds known/ unknown cyber-attacks in real time across all attack vectors Line Rate Intelligent Capture MVX Core (Detonation) Multi-flow Multi-vector Reduce False Negatives Reduce False Positives Scalable Extensible 28
29 FIREEYE PLATFORM ADVANTAGES MVX Thousands of Permutations (files, OS, browser, apps) Multi-Flow Analysis Multi-Vector Analysis Correlation of Information Bi-directional Cloud Sharing Time to Protection 29
30 FIREEYE PLATFORM ADVANTAGES MVX Thousands of Permutations (files, OS, browser, apps) Multi-Flow Analysis Multi-Vector Analysis Correlation of Information Bi-directional Cloud Sharing Time to Protection 30
31 FIREEYE PLATFORM ADVANTAGES MVX Web File Mobile Thousands of Permutations (files, OS, browser, apps) Multi-Flow Analysis Multi-Vector Analysis Correlation of Information Bi-directional Cloud Sharing Time to Protection 31
32 FIREEYE PLATFORM ADVANTAGES MVX Web File CMS Cross-enterprise Mobile Thousands of Permutations (files, OS, browser, apps) Multi-Flow Analysis Multi-Vector Analysis Crosscorrelated Intelligence Bi-directional Cloud Sharing Time to Protection 32
33 FIREEYE PLATFORM ADVANTAGES MVX Web Dynamic Threat Intelligence Cloud File CMS Cross-enterprise Mobile Thousands of Permutations (files, OS, browser, apps) Multi-Flow Analysis Multi-Vector Analysis Cross-correlated Intelligence Bi-directional Cloud Sharing Time to Protection 33
34 FIREEYE PLATFORM ADVANTAGES Web MVX Dynamic Threat Intelligence Cloud Real Time Private Scalable Cross-Enterprise File CMS Cross-enterprise Mobile Thousands of Permutations (files, OS, browser, apps) Multi-Flow Analysis Multi-Vector Analysis Cross-correlated Intelligence Bi-directional Cloud Sharing Time to Protection 34
35 FIREEYE PLATFORM ADVANTAGES Web MVX Dynamic Threat Intelligence Cloud Real Time Private Scalable Cross-Enterprise File CMS Cross-enterprise Mobile Thousands of Permutations (files, OS, browser, apps) Multi-Flow Analysis Multi-Vector Analysis Crosscorrelated Intelligence Bi-directional Cloud Sharing Time to Protection 35
36 TRUE POSITIVES: ACCURACY MATTERS 99% 37% 36% 37% 29% 26% 4% Cisco Trend Micro Palo Alto Networks AhnLab Check Point Intel Security 20 COPYRIGHT 2016 FIREEYE, INC. ALL RIGHTS RESERVED
37 FALSE POSITIVES: CHASE AND WASTE On average, an organization wastes $1.3 million annually on unreliable alerts 2/3 of the time spent by security staff responding to malware attacks is wasted because of faulty intelligence." Ponemon, The Cost of Malware Containment, January x 4.3x 8.9x 23.9x 74.8x 246x Cisco AhnLab Check Point Palo Alto Networks Trend Micro Intel Security 21 COPYRIGHT 2016 FIREEYE, INC. ALL RIGHTS RESERVED
38 MVX RE- ARCHITECTURE Q4 15 Q3 16 Q4 16 Q1 17 MVX 2.0 Re-architect MVX 2.0 Distributed MVX 2.0 Hybrid/ Subscription MVX 2.0 Pure Cloud MVX Line Rate Intelligent Analysis Hardware & Virtual Hardware & Virtual MVX Core Line Rate Intelligent Analysis MVX Core MVX Core MVX Core FireEye Data Center FireEye Data Center MVX Core Customer Data Center 38 COPYRIGHT 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
39 NETWORK SECURITY SOLUTIONS FOR ALL ORGANIZATIONS AFFORDABLE ADVANCED THREAT PROTECTION COMPREHENSIVE ADVANCED THREAT PROTECTION Network Security Essentials Network Security Power MVX IPS + Riskware DTI MVX IPS IPS + Riskware MTP TAP ATI Network Security Essentials High detection efficacy Simple inline deployment Low TCO Expanded visibility Workflow integration Alert context Multi-vector correlation Orchestration / integration Cloud analytics
40 ENDPOINT ROADMAP 1H H H 2016 DETECT & PREVENT DTI-based detection NX Integration IoC validation (any source) Internationalization Exploit Detection FIPS/CC compliance ANALYZE & RESPOND Endpoint forensics One-click containment Internationalization Enterprise Search 2H 2016 Exploit Prevention Mac (OSX) support Q4 15 Enterprise Search 1H 16 Exploit Detection 2H 16 Exploit Prevention
41 ORCHESTRATION: A FORCE MULTIPLIER STREAMLINE REPEATABLE TASKS ELIMINATE SWIVEL CHAIR INVESTIGATIONS Automate repeatable tasks of a limited security staff Remove friction from managing hundreds of point solutions HUNTING VALIDATION ACCELERATE RESPONSE CREATE TIME FOR HIGHER ORDER TASKS Reduce risk by minimizing the risk exposure window and persistence of an attack Increase efficiency and performance of security staff to do more with less
42 INTELLIGENT SECURITY ORCHESTRATION AND AUTOMATION 1H 16 2H 16 Invotas On the FireEye Platform Orchestrating FireEye platform + isight Multi-vendor platform Integration Playbook Mandiant processes 42
43 FIREEYE FOR THE CLOUD THREAT PROTECTION Threat Protection Anti-Virus / Anti Spam Advanced Threat Detection Contextual Intelligence 43
44 FIREEYE FOR THE CLOUD: THREAT ANALYTICS PLATFORM Amazon Cloudtrail Threat Analytics Platform Advanced Detection Indicators Rules Analytics 44
45 FIREEYE AS A SERVICE 45
46 FireEye as a Service Video
47 FIREEYE AS A SERVICE SEGMENTATION PRODUCTS ALERTS SERVICES DETECT INVESTIGATE FaaS Today NX EX HX ETP PX HX APT ONLY CONTINUOUS MONITORING (ATI+) CONTINUOUS PROTECTION CONTINUOUS VIGILANCE FaaS vnext NX EX HX ETP PX HX +TAP APT ONLY OR HIGH PRIORITY ALERTS ACROSS ALL PRODUCTS (VIA FIREEYE TAP) CONTINUOUS MONITORING (ATI+) CONTINUOUS PROTECTION CONTINUOUS VIGILANCE FaaS Essentials NO PRODUCT VULNERABILITY REPORTING & CALLBACKS REMOTE MONITORING
48 IT' S TIME TO REIMAGINE SECURITY
49 LUNCH BREAK
Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research
Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research 2 3 6 7 9 9 Issue 1 Welcome From the Gartner Files Definition:
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationPalo Alto Networks. October 6
Palo Alto Networks October 6 Agenda Malware Trends by the numbers Protect Locally Share Globally Delivery methods 21.5% ~14% OF MALWARE HAS BEEN DELIVERED OVER APPS OTHER THAN WEB AND EMAIL IN 2015 8.2%
More informationWHITE PAPER: THREAT INTELLIGENCE RANKING
WHITE PAPER: THREAT INTELLIGENCE RANKING SEPTEMBER 2015 2 HOW WELL DO YOU KNOW YOUR THREAT DATA? HOW THREAT INTELLIGENCE FEED MODELING CAN SAVE MONEY AND PREVENT BREACHES Who are the bad guys? What makes
More informationSplunk: Using Big Data for Cybersecurity
Next Session Begins at 14:40 Splunk: Using Big Data for Cybersecurity Joe Goldberg Splunk Splunk: Using Big Data for Cybersecurity Joseph Goldberg Splunk Advanced Threats in the Headlines Cyber Criminals
More informationSOLUTION BRIEF. Next Generation APT Defense for Healthcare
SOLUTION BRIEF Next Generation APT Defense for Healthcare Overview Next Generation APT Defense for Healthcare Healthcare records with patients personally identifiable information (PII) combined with their
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationEight Essential Elements for Effective Threat Intelligence Management May 2015
INTRODUCTION The most disruptive change to the IT security industry was ignited February 18, 2013 when a breach response company published the first research that pinned responsibility for Advanced Persistent
More informationWhite Paper. Advantage FireEye. Debunking the Myth of Sandbox Security
White Paper Advantage FireEye Debunking the Myth of Sandbox Security White Paper Contents The Myth of Sandbox Security 3 Commercial sandbox evasion 3 Lack of multi-flow analysis and exploit detection 3
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationSecuring Your Business with DNS Servers That Protect Themselves
Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More informationProtection Against Advanced Persistent Threats
Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are
More informationThe Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud
The Advanced Attack Challenge Creating a Government Private Threat Intelligence Cloud The Advanced Attack Challenge One of the most prominent and advanced threats to government networks is advanced delivery
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More informationOperational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel
Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel @Ben_Smith Ben Smith, CISSP Field CTO (US East), Security Portfolio A Security Maturity Path CONTROLS COMPLIANCE IT RISK BUSINESS
More informationSymantec Enterprise Security: Strategy and Roadmap Galin Grozev
Symantec Enterprise Security: Strategy and Roadmap Galin Grozev Senior Technology Consultant Symantec Bulgaria Enterprise Threat Landscape Attackers Moving Faster Digital extortion on the rise Malware
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationApplying machine learning techniques to achieve resilient, accurate, high-speed malware detection
White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationComprehensive Advanced Threat Defense
1 Comprehensive Advanced Threat Defense June 2014 PAGE 1 PAGE 1 1 INTRODUCTION The hot topic in the information security industry these days is Advanced Threat Defense (ATD). There are many definitions,
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationFuture Threat Landscape - How will technology evolve and what does it mean for cyber security?
James Hanlon CISSP, CISM Security Strategist Office of the CTO EMEA Future Threat Landscape - How will technology evolve and what does it mean for cyber security? Think > What does the future of technology
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationSymantec Cyber Security Services: DeepSight Intelligence
Symantec Cyber Security Services: DeepSight Intelligence Actionable intelligence to get ahead of emerging threats Overview: Security Intelligence Companies face a rapidly evolving threat environment with
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to
More informationAddressing the blind spots in your security strategy. BT, Venafi & Blue Coat
Addressing the blind spots in your security strategy BT, Venafi & Blue Coat Agenda Welcome & Introductions Phil Rodrigues, Director of Security Architecture, Asia Pacific, BT A blueprint for the perfect
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationAfter the Attack: RSA's Security Operations Transformed
After the Attack: RSA's Security Operations Transformed Ben Smith, CISSP RSA Field CTO (East), Security Portfolio Senior Member, ISSA Northern Virginia 1 The Environment ~ 2,000 security devices ~55M security
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationAccenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationSeparating Signal from Noise: Taking Threat Intelligence to the Next Level
SESSION ID: SPO2-T09 Separating Signal from Noise: Taking Threat Intelligence to the Next Level Doron Shiloach X-Force Product Manager IBM @doronshiloach Agenda Threat Intelligence Overview Current Challenges
More informationHow To Build Security By Silo
Leading The World Into Connected Security Building Security By Silo Technology Acquisition Process Has Delivered Security Chaos Endpoint Protection Firewall Gateway Security Network IPS Compliance Data
More informationSecurity Analytics for Smart Grid
Security Analytics for Smart Grid Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com blogs.rsa.com/author/griffin @RobtWesGriffin 1 No Shortage of Hard
More informationFind the needle in the security haystack
Find the needle in the security haystack Gunnar Kristian Kopperud Principal Presales Consultant Security & Endpoint Management Technology Day Oslo 1 Find the needle in the security haystack Manually deep
More informationGETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"
GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA" A Roadmap for "Big Data" in Security Analytics ESSENTIALS This paper examines: Escalating complexity of the security management environment, from threats
More informationNiara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning
Niara Security Analytics Automatically detect attacks on the inside using machine learning Automatically detect attacks on the inside Supercharge analysts capabilities Enhance existing security investments
More informationHow we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)
How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz) Domain.Local DC Client DomainAdmin Attack Operator Advise Protect Detect Respond
More informationJUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM
JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM May 2015 Nguyễn Tiến Đức ASEAN Security Specialist Agenda Modern Malware: State of the Industry Dynamic Threat Intelligence on the Firewall
More informationNext Generation Security Strategies. Marc Sarrias Regional Sales Manager msarrias@paloaltonetworks.com
Next Generation Security Strategies Marc Sarrias Regional Sales Manager msarrias@paloaltonetworks.com IT Ever-Evolving Challenges & Constraints Support IT Initiatives Minimize Business Risks from Cybersecurity
More informationEndpoint Threat Detection without the Pain
WHITEPAPER Endpoint Threat Detection without the Pain Contents Motivated Adversaries, Too Many Alerts, Not Enough Actionable Information: Incident Response is Getting Harder... 1 A New Solution, with a
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationSecuring Your Business with DNS Servers That Protect Themselves
Product Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More information100 Hamilton Avenue Palo Alto, California 94301 PALANTIR CYBER. An End-to-End Cyber Intelligence Platform
100 Hamilton Avenue Palo Alto, California 94301 PALANTIR CYBER An End-to-End Cyber Intelligence Platform Palantir Cyber: An End-to-End Cyber Intelligence Platform 2 TABLE OF CONTENTS 3 4 6 14 Introduction
More informationyou us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services
MSSP you us are a Managed Security Service Provider looking to offer Advanced Malware Protection Services Lastline is the only company with 10+ years of academic research focused on detecting advanced
More informationThreat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products
Threat Intelligence: The More You Know the Less Damage They Can Do Charles Kolodgy Research VP, Security Products IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 Agenda Evolving Threat Environment
More information應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊
應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing
More informationLeading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA
Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture
More informationREMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION
REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION The modern data centre has ever-increasing demands for throughput and performance, and the security infrastructure required to protect and segment the network
More informationSR B17. The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner
SR B17 The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner Director - Engineering, Global Intelligence Network Symantec Intelligence Group Agenda 1 2 3 5 Symantec Intelligence
More informationYou ll learn about our roadmap across the Symantec email and gateway security offerings.
#SymVisionEmea In this session you will hear how Symantec continues to focus our comprehensive security expertise, global intelligence and portfolio on giving organizations proactive, targeted attack protection
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationWinning the Cyber Security Small-Medium Business Opportunity. Steve Pataky VP, WW Channels & Alliances
Winning the Cyber Security Small-Medium Business Opportunity Steve Pataky VP, WW Channels & Alliances Current State of Cyber Security Innovation Creates Perfect Platform of Evil Cyber Threats More Advanced
More informationFROM PRODUCT TO PLATFORM
FROM PRODUCT TO PLATFORM DATA EQUIPMENT 2016 Mikkel Bossen Agenda Today s Challenges Data Growth, SSL encryption, Application Growth & SaaS What s hiding in under the surface? Legacy Security is that really
More informationUsing SIEM for Real- Time Threat Detection
Using SIEM for Real- Time Threat Detection Presentation to ISSA Baltimore See and secure what matters Joe Magee CTO and Co-Founder March, 27 2013 About us Vigilant helps clients build and operate dynamic,
More informationRSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst
ESG Lab Review RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst Abstract: This ESG Lab review documents
More informationSourceFireNext-Generation IPS
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture
More informationZak Khan Director, Advanced Cyber Defence
Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts
More informationA Primer on Cyber Threat Intelligence
A Primer on Cyber Threat Intelligence AS ADVERTISED 2 BUZZWORD BINGO! 3 TODAY S CYBER SECURITY CHALLENGES CISOs finding it difficult to define security ROI to executives Short shelf life for CISOs Vastly
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationBreaking the Cyber Attack Lifecycle
Breaking the Cyber Attack Lifecycle Palo Alto Networks: Reinventing Enterprise Operations and Defense March 2015 Palo Alto Networks 4301 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com
More informationNiara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined
Niara Security Intelligence Threat Discovery and Incident Investigation Reimagined Niara enables Compromised user discovery Malicious insider discovery Threat hunting Incident investigation Overview In
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationCompany Profile. 1344 S Flores #205 San Antonio, TX 78204 210-694-2797 www.thomasontech.com
Company Profile 1344 S Flores #205 San Antonio, TX 78204 210-694-2797 www.thomasontech.com Trusted Security Advisor For Industrial Control Systems Thomason Technologies provides world-class security solutions
More informationSpeed Up Incident Response with Actionable Forensic Analytics
WHITEPAPER DATA SHEET Speed Up Incident Response with Actionable Forensic Analytics Close the Gap between Threat Detection and Effective Response with Continuous Monitoring January 15, 2015 Table of Contents
More informationRETHINKING CYBER SECURITY
RETHINKING CYBER SECURITY CHANGING THE BUSINESS CONVERSATION INTRODUCTION Advanced Persistent Threats (APTs) and advanced malware have been plaguing IT professionals for over a decade. During that time,
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More informationAdvanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA
Advanced SOC Design Next Generation Security Operations Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA 1 ! Why/How security investments need to shift! Key functions of a Security Operations
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationAccenture Cyber Security Transformation. October 2015
Accenture Cyber Security Transformation October 2015 Today s Presenter Antti Ropponen, Nordic Cyber Defense Domain Lead Accenture Nordics Antti is a leading consultant in Accenture's security consulting
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationRETHINKING CYBER SECURITY
RETHINKING CYBER SECURITY Introduction Advanced Persistent Threats (APTs) and advanced malware have been plaguing IT professionals for over a decade. During that time, the traditional cyber security vendor
More informationFive Steps For Securing The Data Center: Why Traditional Security May Not Work
White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center
More informationSophisticated Indicators for the Modern Threat Landscape: An Introduction to OpenIOC
WHITE PAPER Sophisticated Indicators for the Modern Threat Landscape: An Introduction to OpenIOC www.openioc.org OpenIOC 1 Table of Contents Introduction... 3 IOCs & OpenIOC... 4 IOC Functionality... 5
More informationAppGuard. Defeats Malware
AppGuard Defeats Malware and phishing attacks, drive-by-downloads, zero-day attacks, watering hole attacks, weaponized documents, ransomware, and other undetectable advanced threats by preventing exploits
More informationTrustwave blocks Web-borne malware - guaranteed, or your money back
Trustwave blocks Web-borne malware - guaranteed, or your money back Analyst: Adrian Sanabria 16 Jul, 2014 Today, Trustwave makes a bold announcement a zero malware guarantee. The anti-malware market has
More informationWhatWorks in Detecting and Blocking Advanced Threats:
WhatWorks in Detecting and Blocking Advanced Threats: A Real Case Study at a Large Research Organization with WhatWorks is a user-to-user program in which security managers who have implemented effective
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationMcAfee Server Security
Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or
More informationPalo Alto Networks and Splunk: Combining Next-generation Solutions to Defeat Advanced Threats
Palo Alto Networks and Splunk: Combining Next-generation Solutions to Defeat Advanced Threats Executive Summary Palo Alto Networks strategic partnership with Splunk brings the power of our next generation
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationA New Approach to Assessing Advanced Threat Solutions
A New Approach to Assessing Advanced Threat Solutions December 4, 2014 A New Approach to Assessing Advanced Threat Solutions How Well Does Your Advanced Threat Solution Work? The cyber threats facing enterprises
More informationCybersecurity: An Innovative Approach to Advanced Persistent Threats
Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used
More informationCYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationORGANIZADOR: APOIANTE PRINCIPAL:
ORGANIZADOR: APOIANTE PRINCIPAL: Miguel Gomes 912412885 luismiguel_gomes@symantec.com Alliances Portugal, Africa, Brasil Coverage One of the biggest CSP worlwide Tec. Inovator Strong Cloud Bet and investment
More informationAdvanced Threats: The New World Order
Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More informationCyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats
Cyber4sight TM Threat Intelligence Services Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Preparing for Advanced Cyber Threats Cyber attacks are evolving faster than organizations
More informationIBM Security re-defines enterprise endpoint protection against advanced malware
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
More information