Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

Similar documents
Building Resilience in the Age of Cyber Warfare. Antonio Forzieri EMEA Cyber Security Practice Lead

Enterprise Security: Markets, Strategy, Roadmap, Go to Market

Unified Security, ATP and more

Facing Up to the Threats of Cyber A6acks in a 5G World

Investor Presentation

INFORMATION PROTECTION

Future Threat Landscape - How will technology evolve and what does it mean for cyber security?

Integrating MSS, SEP and NGFW to catch targeted APTs

Securing Office 365 with Symantec

Cyber intelligence in an online world

#ITtrends #ITTRENDS SYMANTEC VISION

REVOLUTIONIZING ADVANCED THREAT PROTECTION

SYMANTEC DATA CENTER SECURITY: SERVER ADVANCED 6.5

Symantec Advanced Threat Protection: Network

IBM QRadar Security Intelligence April 2013

Better Together: Microsoft Office 365 & Symantec Office 365

You ll learn about our roadmap across the Symantec and gateway security offerings.

End to End Security do Endpoint ao Datacenter

Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

SYMANTEC DATA CENTER SECURITY: MONITORING EDITION 6.5

Cisco Advanced Malware Protection for Endpoints

Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization

The Benefits of an Integrated Approach to Security in the Cloud

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Safeguarding the cloud with IBM Dynamic Cloud Security

Symantec Managed Security Services The Power To Protect

On and off premises technologies Which is best for you?

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Symantec Endpoint Protection

Splunk Company Overview

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Combating a new generation of cybercriminal with in-depth security monitoring

The Symantec Approach to Defeating Advanced Threats

The webinar will begin shortly

IBM Security IBM Corporation IBM Corporation

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond

Unified Security. Stephen Trilling Senior Vice President of Product Management, Symantec

Securing OS Legacy Systems Alexander Rau

Protecting against cyber threats and security breaches

A Modern Framework for Network Security in Government

Advanced Threats: The New World Order

Advanced Threat Protection with Dell SecureWorks Security Services

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

How To Build Security By Silo

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

Cisco Advanced Malware Protection

Payment Card Industry Data Security Standard

Managed Security Services for Data

McAfee Server Security

Securing the endpoint and your data

AppGuard. Defeats Malware

Risk and threats everywhere, all the time

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Cisco Advanced Malware Protection for Endpoints

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

overview Enterprise Security Solutions

STRATEGIC ADVANTAGE: CONSULTING & ISIGHT INTELLIGENCE

Increase insight. Reduce risk. Feel confident.

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

Chief Security Strategist Symantec Public Sector

OVERVIEW. Enterprise Security Solutions

Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Understanding the Security Vendor Landscape Using the Cyber Defense Matrix

Stop advanced targeted attacks, identify high risk users and control Insider Threats

How To Buy Nitro Security

Find the needle in the security haystack

Redefining Endpoint Security: Symantec Endpoint Protection Russ Jensen

Cyber security - the business critical issues facing organisations

Symantec Cyber Security Services: DeepSight Intelligence

TRITON APX. Websense TRITON APX

Breaking the Cyber Attack Lifecycle

Strategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP

Security.cloud Configuring DLP on to your flow and applying security to your hosted deployment

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Symantec Consulting Services

Big Data in Action: Behind the Scenes at Symantec with the World s Largest Threat Intelligence Data

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Endpoint Threat Detection without the Pain

Analyzing HTTP/HTTPS Traffic Logs

Comprehensive real-time protection against Advanced Threats and data theft

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Intelligence Driven Security

Security of Cloud Computing for the Power Grid

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

How to Choose the Right Security Information and Event Management (SIEM) Solution

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA

While you are waiting for our webinar to begin, you might be interested in the downloads on the Attachment tab:

Rashmi Knowles Chief Security Architect EMEA

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Vulnerability Management

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

McAfee Security Architectures for the Public Sector

Transcription:

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev Senior Technology Consultant Symantec Bulgaria

Enterprise Threat Landscape Attackers Moving Faster Digital extortion on the rise Malware gets smarter 5 of 6 large companies attacked 317M new malware created 1M new threats daily 60% of attacks targeted SMEs 113% increase in ransomware 45X more devices held hostage 28% of malware was Virtual Machine Aware Zero-Day Threats Many Sectors Under Attack 24 24 all-time high Top 5 unpatched for 295 days Healthcare + 37% Retail +11% Education +10% Government +8% Financial +6% Source: Symantec Internet Security Threat Report 2015 2

Key Trends Reshaping the Enterprise Security Market RESURGENCE OF ENDPOINT Rapid shift to mobile and IoT DISAPPEARING PERIMETER Decreasi gly rele a t ith fuzzy peri eter RAPID CLOUD ADOPTION Enterprise data and applications moving to cloud SERVICES Security as a Service; box fatigue CYBERSECURITY Governments and regulators playing ever larger role 3

Symantec Enterprise Security STRONG FRANCHISES Endpoint Security #1 share; AAA rating nine quarters in a row Data Protection #1 DLP share; 100% of Fortune 100 Email Security #1 share; 100% uptime with <0.0003% FPs 5 years in a row Trust Services #1 share 6B certificate lookups/day Authentication & Authorization 13B validations every day 100% uptime last 5 years Managed Security Services 12 Yrs Gartner MQ leader 30B logs analyzed/day 4

Symantec Enterprise Security UNIQUE VISIBILITY 175M endpoints 57M attack sensors in 157 countries 182M web attacks blocked last year 3.7T rows of telemetry 100 Billion more/month 30% of world s enterprise email traffic scanned/day 1.8 Billion web requests 9 threat response centers 500+ rapid security response team 5

Symantec Enterprise Security PRODUCT STRATEGY Users Data Apps Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Threat Protection Information Protection ENDPOINTS DATA CENTER GATEWAYS DATA IDENTITIES Cloud Advanced Threat Protection Across All Control Points Built-In Forensics and Remediation Within Each Control Point Integrated Protection of Server Workloads: On-Premise, Virtual, and Cloud Cloud-based Management for Endpoints, Datacenter, and Gateways Integrated Data and Identity Protection Cloud Security Broker for Cloud and Mobile Apps User and Behavioral Analytics Cloud-based Encryption and Key Management Gateways Endpoints Unified Security Analytics Platform Data Center Log and Telemetry Collection Integrated Threat and Behavioral Analysis Unified Incident Management and Customer Hub Inline Integrations for Closed-loop Actionable Intelligence Regional and Industry Benchmarking 6

THREAT PROTECTION Cyber Security Services Threat Protection Information Protection ENDPOINTS DATA CENTER GATEWAYS DATA IDENTITIES Unified Security Analytics Platform 7

Threat Protection Requirements FULL THREAT LIFE-CYCLE PREDICT Proactive risk analysis Harden and isolate systems PREVENT Predict attacks Divert attackers Baseline systems Remediate/ Make change Advanced Threat Protection Prevent issues Detect issues Design/ Model change Confirm and prioritize risk RESPOND Investigate/ Forensics Contain issues DETECT Source: Gartner 8

Symantec Threat Protection STRATEGY Advanced Threat Protection Across Control Points Endpoints Built-in Forensics and Remediation Within Each Control Point Integrated Protection of Server Workloads across On-Premise, Virtual, and Cloud Cloud-based Management for Endpoints, Datacenter, and Gateways Advanced Threat Protection Network/ Gateways Data Center 9

SYMANTEC ADVANCED THREAT PROTECTION ATP: Network ATP: Email ATP: Endpoint New advanced threat detection and response capabilities unifying security across the network, endpoint, and email helping organizations achieve better protection and drive down security operations costs NEW TECHNOLOGY Better Detection of advanced and targeted attacks with Cynic Faster Response by reducing alerts and prioritizing the most significant threats with Synapse Lower OpEx with agentless integration and correlation across network, endpoint, and email Symantec Cy ic New cloud based sandbox analysis Combines execution with global threat intelligence and behavioral analysis y a tec y apse New correlation across network, endpoint, & email, Agentless integration Provides prioritization for incident responders

Symantec Threat Protection SUMMARY OF KEY CAPABILITIES Advanced Threat Protection Next Gen Forensics and Remediation Server Workload Protection Single platform Cloud-based payload detonation Cross-control point correlation and incident prioritization Closed-loop remediation Unified incident management Granular flight recorder Fine-grained remediation policies Known and unknown exploit detection Common management console with centralized activity logs Closed-loop remediation No new agent (easy upgrade) Integrated protection across on premise, virtualized, and cloud-based workloads Consistent application of lockdown, app control, and lockdown policies Common Management/orchestration as workloads move to and from cloud Support for VMWare (NSX/ESX) and Amazon, Azure, and OpenStack Cloud-based management with single extendable agent technology, self-service BYOD provisioning, and native encryption & key management 11

INFORMATION PROTECTION Cyber Security Services Threat Protection Information Protection ENDPOINTS DATA CENTER GATEWAYS DATA IDENTITIES Unified Security Analytics Platform 12

Information Protection Requirements CLOUD AND MOBILE FOCUS USERS ARE MOVING With the advent of mobile and BYOD devices, more users are accessing and consuming information when outside the firewalls Historically data was created and consumed on premise; most users would create and consume this data from inside firewalls With more data in cloud and more mobile users, information protection across cloud and mobile, combined with behavioral analytics, is a critical imperative With more applications and workloads migrating to public clouds, more and more data is created and consumed on cloud DATA AND APPS ARE MOVING 13

Symantec Information Protection STRATEGY Extend Data and Identity protection regardless of where data resides: On Premise, On Mobile, In the Cloud Common SSO and Access Management regardless of where applications reside: On Premise, On Mobile, In the Cloud Integrated user and behavioral analytics to detect and prevent insider and outsider (APT) threats Identities Cloud Security Broker Data Access 14

Symantec Information Protection SUMMARY OF KEY CAPABILITIES Cloud Security Broker Data and identity protection between mobile and cloud, with no perimeter Highly contextual protection by connecting user, device, location, and data loss prevention policies Cloud-based SSO with biometric authorization Scan and remediation of data already in cloud apps User and Behavioral Analytics Integrated analytics to track and profile behaviors and data flow Prioritized incident management Pre-built threat models and big-data analytics to quickly flag and detect incidents Industry and global intel correlation to detect coordinated attacks 15

CYBER SECURITY PROTECTION Cyber Security Services Threat Protection Information Protection ENDPOINTS DATA CENTER GATEWAYS DATA IDENTITIES Unified Security Analytics Platform 16

Symantec Cyber Security Services STRATEGY Expanded services Incident Response and Forensics services Security Simulation Services for security preparedness and overall health checks Scale up of existing and new services with core tech Big Data-based streaming & batch analytics High speed ingestion of large and ever growing log data EXISTING SECURITY SERVICE NEED Monitor Threats & Campaigns Track & Analyze Key Events & Trends SYMANTEC OFFERING Security Monitoring Service Adversary Threat Intelligence Service Expanded global footprint Expansion of number of SOCs globally to address demand as well as regulatory requirements NEW Respond to Breaches Quickly & Effectively Assess Security Readiness Under Different Scenarios Incident Response and Forensics Service Security Simulation Service 17

Symantec Cyber Security Services SUMMARY OF KEY CAPABILITIES Security Monitoring Services IR and Simulation Services Threat Intelligence Services Key technology IP for log collection, analytics, and incident investigation Tailored to customer maturity/industry High-touch 24x7 service model Integration with next gen security infrastructure to detect advanced threats Global team with extensive experience in forensics investigation Emergency/Retained/Managed options Integrated with SOCs to provide end to end service Realistic live fire training missions delivered as a SaaS solution Global Intelligence Network Early warning Portal Adversary threat intelligence Integrated IoCs from internal and external feeds Global team of 500+ threat and intel experts with unique knowledge of attack actors; Supported by Cloud-based Big Data analytics infrastructure 18

UNIFIED SECURITY ANALYTICS Cyber Security Services Threat Protection Information Protection ENDPOINTS DATA CENTER GATEWAYS DATA IDENTITIES Unified Security Analytics Platform 19

Security Platforms Market FOCUS SHIFTING TO ANALYTICS ATTACKS ARE INCREASINGLY SOPHISTICATED Micro-targeted New techniques and zero day attacks Stealthy to remain undetected EXISTING TECHNOLOGY CAN T KEEP UP ANALYST FATIGUE IS RAMPANT Reactive methods Insufficient data to find subtle trends and patterns Isolated approaches without broader context Too many alerts and false positives Slow and manual detection, forensics, and remediation RISE OF SECURITY BIG DATA ANALYTICS Big data, analytics, and machine learning techniques needed to address these challenges 20

External Resources 2015 Internet Security Threat Report http://www.symantec.com/security_response/publications/threatreport.jsp Advanced Threat Protection http://www.symantec.com/advanced-threat-protection/ Data Loss Prevention http://www.symantec.com/data-loss-prevention/ Encryption http://www.symantec.com/encryption/ Data Center Security http://www.symantec.com/data-center-security/ Copyright 2014 Symantec Corporation 21

Thank you! Galin Grozev galin_grozev@symantec.com +359 878 441131. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 22

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information