Dr. Anton Chuvakin @ Security Warrior Consulting



Similar documents
Security Chasm! Dr. Anton Chuvakin

BIO Safety - Tips For Maintaining Good Compliance

Information & Asset Protection with SIEM and DLP

Ecom Infotech. Page 1 of 6

Enterprise Security Solutions

Log Management Solution for IT Big Data

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

QRadar SIEM 6.3 Datasheet

How To Manage Log Management

access convergence management performance security

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

NEC Managed Security Services

ISE Northeast Executive Forum and Awards

Think like an MBA not a CISSP

The Impact of HIPAA and HITECH

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

How To Improve Your Business

An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011

Analyzing Logs For Security Information Event Management

Welcome to Modulo Risk Manager Next Generation. Solutions for GRC

Report Book: Retina Network Security Scanner Unlimited

Security Information Lifecycle

Vendor Questions and Answers

Current IBAT Endorsed Services

Tech Brief. Choosing the Right Log Management Product. By Michael Pastore

An Introduction to RSA envision The Information Log Management Platform for Security and Compliance Success. September, 2009

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers

Log management & SIEM: QRadar Security Intelligence Platform

IBM Security QRadar SIEM Product Overview

How to Define SIEM Strategy, Management and Success in the Enterprise

Scalability in Log Management

whitepaper Ten Essential Steps for Achieving Continuous Compliance: A Complete Strategy for Compliance

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers

Overview of Topics Covered

Enhancing NASA Cyber Security Awareness From the C-Suite to the End-User

IT Governance, Risk, and Compliance Survey, 2014

IBM Global Technology Services Preemptive security products and services

Analyzing Logs For Security Information Event Management

Caretower s SIEM Managed Security Services

NetIQ FISMA Compliance & Risk Management Solutions

E-Guide Log management best practices: Six tips for success

Detect & Investigate Threats. OVERVIEW

Security in the Cloud: Embracing the Technology While Minimizing Risk. For Conference Purposes Only

Analyzing Logs For Security Information Event Management Whitepaper

Harmonizing Your Compliance and Security Objectives. Bonnie A. Goins Adjunct Professor, Illinois Institute of Technology

Big Data, Big Risk, Big Rewards. Hussein Syed

Auditing Data Access Without Bringing Your Database To Its Knees

Auditing Mission-Critical Databases for Regulatory Compliance

Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals

Security Information and

5 TIPS FOR MAXIMIZING THE VALUE OF YOUR SECURITY ASSESSMENT

DEVELOPING A CYBERSECURITY POLICY ARCHITECTURE

5 Steps to Implement & Maintain PCI DSS Compliance.

HP and netforensics Security Information Management solutions. Business blueprint

Payment Card Industry (PCI) Data Security Standard (DSS) Motorola PCI Security Assessment

Discover & Investigate Advanced Threats. OVERVIEW

How RSA has helped EMC to secure its Virtual Infrastructure

How to Painlessly Audit Your Firewalls

ITSM Governance In the world of cloud computing

Firewall Change Management

Juniper Security Threat Response Manager (STRM) Mikko Kuljukka COMPUTERLINKS Oy

Governance, Risk, and Compliance (GRC) White Paper

Cloud models and compliance requirements which is right for you?

Building A Framework-based Compliance Program. Richard E. Mackey, Jr. Vice President, SystemExperts Corp. dick.mackey@systemexperts.

IT Security & Compliance. On Time. On Budget. On Demand.

CORE Insight Enterprise

Achieving Security through Compliance

Dynamic Data Center Compliance with Tripwire and Microsoft

CorreLog: Mature SIEM Solution on Day One Paul Gozaloff, CISSP. Presentation for SC Congress esymposium CorreLog, Inc. Tuesday, August 5, 2014

Lot 1 Service Specification MANAGED SECURITY SERVICES

Secret Server Splunk Integration Guide

Vendor Risk Management Financial Organizations

What We Do. security. outsourcing. policy and program. application. security. training & awareness. security solutions

Analyzing Logs For Security Information Event Management Whitepaper

Continuous Network Monitoring

Log Management How to Develop the Right Strategy for Business and Compliance. Log Management

PCI Self-Assessment: PCI DSS 3.0

Marketing Automation RFP and Planning Guide

Cloud Computing and the Regulatory Compliance Labyrinth

Boosting enterprise security with integrated log management

PRIVILEGED USERS AND DATA BREACHES: A MATCH MADE IN HEAVEN?

Securing Government Clouds Preparing for the Rainy Days

SECURITY. Risk & Compliance Services

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

Supporting New Data Sources in SIEM Solutions: Key Challenges and How to Deal with Them

Symantec Consulting Services

IT ASSET MANAGEMENT Securing Assets for the Financial Services Sector

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview

SecureVue Product Brochure

PCI Compliance for Cloud Applications

Governance Simplified

CONCEPTS IN CYBER SECURITY

Privilege Gone Wild: The State of Privileged Account Management in 2015

3 rd InfoCom Security, Athens, 10 Arpil 2013

10 Step PCI Certification Process for Merchants and Service Providers

ENCRYPTION KEY MANAGEMENT SIMPLIFIED A BEGINNER S GUIDE TO ENCRYPTION KEY MANAGEMENT

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

Secure360. Measuring the Maturity of your Information Security Program Impossible? Presented by: Mark Carney, VP of Strategic Services

Privileged Identity Management for the HP Ecosystem

Transcription:

Dr. Anton Chuvakin @ Consulting Services Summary Updated: February 2010 Introduction provides strategic consulting services focused on Security Information and Event Management (SIEM) and log management strategy and implementation, security product positioning and security content development. Various options such as time and materials (with initial estimates), fixed price (with defined deliverable) or staff augmentation (fixed number of hours per week) are available. Technology Vendor Services This section of the services menu applies to security vendors and security services providers. The focus is on security and compliance strategy for product planning, development and marketing as well as on research and content development. Product management and strategy o Review security product compliance strategy, PCI DSS strategy and optimize them for the market o Perform market assessment and analysis, competitive analysis, product strategy (build/ buy/ partner); prepare Market Requirements Documents (MRDs) o Help develop and refine security product marketing and positioning messages, focused on compliance and new threats o Augment internal Product Management staff for strategic security and compliance projects, use case analysis, product definition, Product Requirement Documents (PRD) development o Work with product management to help define and prioritize product features based on market feedback and compliance requirements. Research and content development o Lead content development for whitepapers, thought leadership documents, research papers and other messaging documents, related to security and regulatory compliance o Review security and compliance marketing materials, site contents and other public- or partner-facing materials o Create correlation rules, reports as well as policies and procedures and other operational content to make SIEM and log management products more useful to your customers

o Map regulatory compliance controls such as PCI DSS (key focus!), HIPAA, NERC, FISMA, NIST, ISO, ITIL to security product features and document the use of the product in support of the mandates o Develop compliance content such as reports, correlation rules, queries and other relevant compliance content for security product. Events and webinars o Prepare and conduct thought leadership webinars, seminars and other events on PCI DSS, log management, SIEM and other security topics. Training o Prepare and conduct customized training on log management, log review processes, logging best practices, PCI DSS for customers and partners o Develop advanced training on effective operation and tuning of SIEM and log management tools to complement basic training.

End-user Organization Services This section of services menu applies to end-user organizations. The main theme is related to planning and implementing logging and log management for security and compliance. Log management and Security Information and Event Management (SIEM) product selection how to pick the right SIEM and logging product? o Develop log management or SIEM product selection criteria o Identify key use cases aligning log management and SIEM tools with business, compliance and security requirements o Prepare RFP documents for SIEM, SEM, SIM or log management o Assist with analyzing RFP responses from SIEM and log management vendors o Evaluate and test log management and SIEM products together with internal IT security team o Advise on final product selection Logging and log management policy how to develop the right logging policy? What to log? o Develop logging policies and processes, log review procedures, workflows and periodic tasks as well as help architect those to solve organization problems o Interpret regulations and create specific and actionable logging system settings, processes and log review procedures (example: what to log for PCI DSS?) o Plan and implement log management architecture to support your business cases; develop specific components such as log data collection, filtering, aggregation, retention, log source configuration as well as reporting, review and validation o Customize industry best practices related to logging and log review to fit your environment, help link these practices to business services and regulations o Help integrate logging tools and processes into IT and business operations SIEM and log management product operation optimization how to get more value out of the tools available? o Clarify security, compliance and operational requirements o Tune and customize SIEM and log management tools based on requirements Content development how to create SIEM content useful for you? o Develop of correlation rules, reports and other content to make your SIEM and log management product more useful to you and more applicable to your risk profile and compliance needs

o Create and refine policies, procedures and operational practices for logging and log management to satisfy requirements of PCI DSS, HIPAA, NERC, GLBA, FISMA, ISO, COBIT, ITIL and other regulations Training how to get your engineers to use the tools best? o Provide the customized training on the tools and practices of log management for compliance, IT operations, or security needs o Develop training on effective operation and tuning of SIEM and log management tools to complement basic vendor training. Incident response artifact analysis o Analyze logs and other evidence collected during security incident response

Recently Completed Projects Development of PCI DSS-focused application logging strategy, log review policies and procedures and daily operation tasks (excerpt from Statement of Work) Security vendor strategy assessment, focused on compliance, competitive strengths and weaknesses and new strategy ideas (excerpt from SoW) Comprehensive whitepaper on SIEM and log management architecture (excerpt from SoW) Complete definition of a log analysis product, from market assessment to product requirements (excerpt from SoW) Development of comprehensive training program on SIEM and log management, use cases, compliance (excerpt from SoW) Security market segment assessment, opportunity discovery and strategy tips for security vendor (excerpt from SoW) Thought leadership webinars for key security vendors (example) Why and Dr. Anton Chuvakin for SIEM and Log Management? Many years of experience at leading SIEM and Log Management vendors in strategic and technical roles, developing the products, defining their roadmap and strategy and helping key clients SANS Institute called Anton "probably the number one authority on system logging in the world" (SANS Institute, 2008) Experience developing training on log management for SANS Institute. Working with strategic Fortune 500 clients as IANS Institute faculty. Recent consulting client said: "We hired Anton to help us operationalize our infant log management practice and he went beyond the call of duty. Anton is a great professional with foresight and a keen interest in what his client is after. He has a talent in bringing people together and forcing them to go beyond just being compliant and move towards the goal of being security." Invited speaker on SIEM and Log Management at leading industry events Author of dozens of papers on SIEM, correlation, data analysis and log management An author of the upcoming book on practical security log management.

Contact Information Dr. Anton Chuvakin Email: anton@chuvakin.org Phone: 510-771-7106 Skype: anton.chuvakin Twitter: @anton_chuvakin Site: http://www.chuvakin.org Blog: http://www.securitywarrior.org LinkedIn: http://www.linkedin.com/in/chuvakin

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information