Intelligence-Driven Security



Similar documents
SECURITY MEETS BIG DATA. Achieve Effectiveness And Efficiency. Copyright 2012 EMC Corporation. All rights reserved.

The session is about to commence. Please switch your phone to silent!

Security Analytics for Smart Grid

Auditing Big Data for Privacy, Security and Compliance

Rashmi Knowles Chief Security Architect EMEA

Advanced Threats: The New World Order

Best Practices to Improve Breach Readiness

Security and Privacy

EMC Greenplum Driving the Future of Data Warehousing and Analytics. Tools and Technologies for Big Data

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA

After the Attack. The Transformation of EMC Security Operations

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Integrating a Big Data Platform into Government:

Getting Ahead of Advanced Threats

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Hunting for the Undefined Threat: Advanced Analytics & Visualization

A COMPLETE APPROACH TO SECURITY

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

How To Make Data Streaming A Real Time Intelligence

Securing the Big Data Ecosystem

VIEWPOINT. High Performance Analytics. Industry Context and Trends

The Next Generation Security Operations Center

IBM QRadar Security Intelligence April 2013

State of Security Monitoring of Public Cloud

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

This Symposium brought to you by

The Future of the Advanced SOC

Extend your analytic capabilities with SAP Predictive Analysis

IBM Security QRadar Risk Manager

What s New in Security Analytics Be the Hunter.. Not the Hunted

Analytics: The Future of Security

Big Data Are You Ready? Jorge Plascencia Solution Architect Manager

BIG DATA. Shaun McLagan General Manager, RSA Australia and New Zealand CHANGING THE REALM OF POSSIBILITY IN SECURITY

IBM Security QRadar Risk Manager

Extreme Networks Security Analytics G2 Risk Manager

Stay ahead of insiderthreats with predictive,intelligent security

BREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT

IBM Security IBM Corporation IBM Corporation

Big Data and Data Science: Behind the Buzz Words

locuz.com Big Data Services

Third Platform Apps & EMC: Redefining IT & Helping Our Customers Lead The Way. Name

The Potential of Big Data in the Cloud. Juan Madera Technology Consultant

Splunk Company Overview

The Big Data Paradigm Shift. Insight Through Automation

Data Refinery with Big Data Aspects

Transforming the Telecoms Business using Big Data and Analytics

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

Architecting for Big Data Analytics and Beyond: A New Framework for Business Intelligence and Data Warehousing

How Big Is Big Data Adoption? Survey Results. Survey Results Big Data Company Strategy... 6

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Detect & Investigate Threats. OVERVIEW

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

Big Data Use Cases Update

Data Lake In Action: Real-time, Closed Looped Analytics On Hadoop

Unlocking the Intelligence in. Big Data. Ron Kasabian General Manager Big Data Solutions Intel Corporation

Attack Intelligence: Why It Matters

Big Data Analytics Best Practices

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

SQL + NOSQL + NEWSQL + REALTIME FOR INVESTMENT BANKS

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

The Future of Data Management

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

THE EVOLUTION OF SIEM

Data Science and Big Data: Below the Surface and Implications for Governance

Palo Alto Networks and Splunk: Combining Next-generation Solutions to Defeat Advanced Threats

PDF PREVIEW EMERGING TECHNOLOGIES. Applying Technologies for Social Media Data Analysis

BYOzzzz: Focusing on the Unsolved Challenges of Mobility, An Industry Perspective

CHANGING THE SECURITY MONITORING STATUS QUO Solving SIEM problems with RSA Security Analytics

Build Your Competitive Edge in Big Data with Cisco. Rick Speyer Senior Global Marketing Manager Big Data Cisco Systems 6/25/2015

Endpoint Threat Detection without the Pain

The Emergence of Security Business Intelligence: Risk

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

Advanced Big Data Analytics with R and Hadoop

Big Data and Analytics in Government

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

Safeguarding the cloud with IBM Dynamic Cloud Security

Cyber Situational Awareness for Enterprise Security

FRAUD & SECURITY INTELLIGENCE

Tips and Techniques on how to better Monitor, Manage and Optimize your MicroStrategy System High ROI DW and BI Solutions

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

AGENDA. What is BIG DATA? What is Hadoop? Why Microsoft? The Microsoft BIG DATA story. Our BIG DATA Roadmap. Hadoop PDW

Cutting Through The Hype: What You Need To Know About Big Data

Transcription:

Intelligence-Driven Security Using Big Data Analytics to Detect the Unknown Adversary Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com Blogs.rsa.com/author/griffin @RobtWesGrifffn 1

A Transformation in IT Virtual Data Centers, Cloud Compute and BYOD Traditional Data Center Modern Data Center Dedicated, Vertical Gaps and Stacks Dynamic Pools Of Compute & Storage 2

A Transformation in Attackers Unsophisticated Sophisticated Financial Financial Amateur Organized Social Regional Global Fundamental Fundamental Opposed Destabilizing 3

A Transformation in Attack Vectors 1 STEALTHY LOW AND SLOW 2 TARGETED SPECIFIC OBJECTIVE 3 INTERACTIVE HUMAN INVOLVEMENT Attack Pivot and Hide Cover Intrusion Dwell Time Response Time Prevention Identification Response A Reduce Dwell B Speed Response 4

Can You Respond Fast Enough? 85% 60% breaches take weeks or more to discover risk reduced when breach response under 2 hours Source: Verizon 2012 Data Breach Investigations Report, NYT 5

Current Approaches are Insufficient Policy Admin Policy Enforcement Policy Decision Policy Enforcement User Node n Policy Enforcement 6

How do you find the Critical Incidents? Proprietary and Confidential To Silver Tail Systems 7

Fighting Advanced Threats With Big Data Analysis Visibility Speed Intelligence Find target height (H), width (W), position (P), from level (L), at time (T) with changed P to P, P, P over T1, T2, T3 8

Structured + Unstructured Data = Big Telemetry, Location-Based, etc. Structured in Relational Databases Managed, Unmanaged & Unstructured Internet of Things Non-Enterprise 9

IN 2000 THE WORLD GENERATED TWO EXABYTES OF NEW INFORMATION EVERY DAY Sources: How Much Information? Peter Lyman and Hal Varian, UC Berkeley,. 2011 IDC Digital Universe Study. 10

FBI THE LEADING EDGE OF BIG DATA: THEN AND NOW 11

Wikipedia THE LEADING EDGE OF BIG DATA: THEN AND NOW 12

Big Data Analytics: Not a New Idea Used Already in Many Industries Risk Assessment Price Optimization Monte Carlo Regression Product Recommendation Finance Retail Online Casino Travel Insurance 13

Global Flight Analysis 60,000 Aircraft Routes Sensors On Each Gas Turbine Engine = 1Tb/day http://www.spatialanalysis.ca/2011/global-connectivity-mapping-out-flight-routes/ http://www.computerweekly.com/news/2240176248/ge-uses-big-data-to-power-machine-services-business 14

New Wave of Big Data Technologies Hadoop Hive Machine Learning Vertica MapReduce SciPy Mahout Behavior Analysis Business Esper MATLAB Sentiment Analysis kdb Revolution R Predictive Models Greenplum AMPL Network Analysis ETL Netezza SPSS Visualization Objectives ECL Teradata SAS Simulation Data Analytics Insights 15

Expanding Use Cases and New Norms 16

The Promise of Big Data Analytics Focus Now on People, Data Flow and Transactions Traditional People Data Center Data Flow Transactions Challenges Modern Data Center ID and Authenticity Complex Relationships New and Different Layers Opportunities with Data Velocity Variety Volume Vulnerability Big Big Dedicated, Vertical Gaps and Stacks Dynamic Pools Of Compute & Storage 17

VLC DDoS Analysis 30 Gbps 200 Downloads/sec 400 Requests/sec http://www.geek.com/apps/this-is-what-a-ddos-attack-looks-like-1552975/ 18

Security Product Evolution Response Speed After Near Real Single Well- Defined Events Platform IDS Data Scope Normalize d Raw SIEM Security Analytics Closely Related Events Isolated Events Correlated 19

Security Analytics Platform Big Data Analytics Governance Data Alert & Report Compliance Apps Systems Store Investigate & Analyze Visualize Incident Management Network Respond Remediation Public & Private Threat Intelligence 20

Applying Security Analytics Focus Now on People, Data Flow and Transactions People Analysis Engine Data Flow Transactions Device Profile Fraud Network User Behavior Profile 21

Adaptive & Risk-Based Authentication Step Up Authentication Analysis Engine High Risk Two-Factor Out Of Band User Action Challenge Q s Proceed As Normal Device Profile Fraud Network User Behavior Profile 22

23

Thank You 24

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information